Sujet Précédent Sujet Suivant

Des page internet qui s'ouvre toute seul

Résolu/Fermé
christ - 16 juin 2008 à 11:33
 christ - 17 juin 2008 à 16:00
Bonjour,
Voila je fait appel a vous car j'ai un probleme avec mon ordinateur portable.Lorsque je vais sur internet j'ai des page qui s'ouvre toute seul est j'ai du mal a les fermé parfois 10 en 1munite c'est trés embetant aidez moi svp.j'ai fait un rapport hijack:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:22:37, on 16/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\PasenDommagement\mc.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\AdVantage\AdVantage.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer.com/worldwide/selection.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://portail.free.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: (no name) - Software - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: {7fee8488-747a-c82a-4ad4-eeb1fa87cc44} - {44cc78af-1bee-4da4-a28c-a7478848eef7} - C:\WINDOWS\system32\tmp9.tmp.dll
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9a81d644-8342-4970-9c03-ff610142385b} - (no file)
O2 - BHO: (no name) - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - (no file)
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Fichiers communs\PasenDommagement\mc.exe" dm=http://pasendommagement.com; ad=http://pasendommagement.com
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [AdVantage] "C:\Program Files\AdVantage\AdVantage.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540001} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: c:\windows\system32\geedeec.dll
O20 - Winlogon Notify: dfrr40 - dfrr40.dll (file missing)
O20 - Winlogon Notify: imesng6 - imesng6.dll (file missing)
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\qwerty12.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
A voir également:

78 réponses

Précédent
Réponse 61 / 78
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
16 juin 2008 à 22:45
oui je sais on n a pas eu de rapport mais bon, tant qu ils sont supprimés c est le principal..

Christ on continue ?!
0
^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 3 275
17 juin 2008 à 07:33
Nettoie smitfraud -- stp

0
Réponse 62 / 78
christ
17 juin 2008 à 12:31
ou on peut continuer avec tous vos message de dire sa c'est bon sa non lol je sais plus.BOn je doi faire quoi maintenant svp?
0
Réponse 63 / 78
christ
17 juin 2008 à 12:54
voila le rapport:
ComboFix 08-06-16.2 - Christine 2008-06-17 12:41:52.1 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.541 [GMT 2:00]
Endroit: C:\Documents and Settings\Christine\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\salesmonitor
C:\Documents and Settings\Christine\Application Data\inst.exe
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\plugin1.dat
C:\WINDOWS\system32\tmp9.tmp.dll
D:\Autorun.inf

.
((((((((((((((((((((((((((((( Fichiers créés 2008-05-17 to 2008-06-17 ))))))))))))))))))))))))))))))))))))
.

2008-06-16 17:38 . 2008-06-16 17:38 96 --a------ C:\WINDOWS\wininit.ini
2008-06-16 17:34 . 2008-06-16 17:34 <REP> d-------- C:\Program Files\CCleaner
2008-06-16 15:59 . 2008-06-16 15:59 <REP> d-------- C:\Documents and Settings\Christine\Application Data\Grisoft
2008-06-16 15:58 . 2008-06-16 15:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-06-16 15:58 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-06-16 15:16 . 2008-06-16 15:16 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-06-16 15:16 . 2008-06-16 15:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-16 14:58 . 2008-06-16 14:58 <REP> d-------- C:\Program Files\Lavasoft
2008-06-16 14:58 . 2008-06-16 14:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-06-16 13:35 . 2008-06-16 13:35 <REP> d-------- C:\Program Files\RogueRemover FREE
2008-06-16 13:30 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-06-16 13:30 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-06-16 13:30 . 2008-05-29 09:35 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-06-16 13:30 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-06-16 13:30 . 2008-06-15 15:28 81,920 --a------ C:\WINDOWS\system32\IEDFix.C.exe
2008-06-16 13:30 . 2008-05-23 18:21 81,920 --a------ C:\WINDOWS\system32\404Fix.exe
2008-06-16 13:30 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-06-16 13:30 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-06-16 13:30 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-06-16 13:30 . 2008-06-16 14:01 1,546 --a------ C:\WINDOWS\system32\tmp.reg
2008-06-16 13:00 . 2008-06-16 13:00 35,777,993 --a------ C:\upload_moi_ACER-2D06449020.tar.gz
2008-06-16 12:02 . 2008-06-16 12:02 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-16 12:02 . 2008-06-16 12:02 <REP> d-------- C:\Documents and Settings\Christine\Application Data\Malwarebytes
2008-06-16 12:02 . 2008-06-16 12:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-16 12:02 . 2008-06-10 19:02 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-16 12:02 . 2008-06-10 19:02 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-16 11:42 . 2008-06-16 11:42 <REP> d-------- C:\Program Files\Navilog1
2008-06-16 11:22 . 2008-06-16 11:22 <REP> d-------- C:\Program Files\Trend Micro
2008-06-16 10:17 . 2008-06-16 10:17 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-06-11 07:45 . 2008-04-14 17:52 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 07:45 . 2008-04-14 17:52 272,768 --------- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-08 17:18 . 2008-06-08 17:18 149 --a------ C:\WINDOWS\easyc.ini
2008-06-06 15:40 . 2008-06-06 15:40 74 --a------ C:\WINDOWS\Pool3DWin.ini
2008-06-04 11:49 . 2008-06-04 11:49 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-06-02 18:10 . 2008-06-02 18:10 <REP> d-------- C:\Documents and Settings\Christine\Application Data\Oberon Games
2008-06-02 18:07 . 2008-06-02 18:07 <REP> d-------- C:\Program Files\Turbo Subs
2008-05-24 19:01 . 2008-05-24 19:01 <REP> d-------- C:\Documents and Settings\Christine\Application Data\Groove Games
2008-05-22 13:24 . 2008-05-22 13:24 <REP> d-------- C:\Program Files\Chocolatier
2008-05-17 20:11 . 2008-05-17 20:11 <REP> d-------- C:\Program Files\uTorrent
2008-05-17 20:11 . 2008-05-17 20:11 <REP> d-------- C:\Documents and Settings\Christine\Application Data\uTorrent

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-16 19:06 544 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-06-16 19:06 32 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-06-16 19:06 32 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-06-16 19:06 1,124 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-05-29 18:18 88,774 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2008-05-28 15:23 96,966 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2008-05-28 15:23 112,144 ----a-w C:\WINDOWS\system32\drivers\kl1.sys
2008-05-16 09:58 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-05-15 12:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\MonteCristo
2008-05-14 15:50 --------- d-----w C:\Program Files\Téléchargeur de City Life 2008
2008-05-11 12:34 --------- d-----w C:\Documents and Settings\Christine\Application Data\VeniceMysteryData
2008-05-10 18:02 --------- d-----w C:\Documents and Settings\Christine\Application Data\EleFun Games
2008-05-09 17:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\JollyBear
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\RMCast.sys
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
2008-05-02 06:31 18,048 ----a-w C:\WINDOWS\system32\drivers\lirsgt.sys
2008-05-02 06:31 165,376 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys
2008-04-29 09:20 15,648 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2008-04-29 09:19 15,648 ----a-w C:\WINDOWS\system32\drivers\Awrtrd.sys
2008-04-29 09:19 12,960 ----a-w C:\WINDOWS\system32\drivers\Awrtpd.sys
2008-04-24 11:54 --------- d-----w C:\Program Files\Smart Projects
2008-04-24 11:11 --------- d-----w C:\Documents and Settings\Christine\Application Data\Généatique2007
2008-04-24 11:05 --------- d-----w C:\Program Files\Protectis
2008-04-24 11:05 --------- d-----w C:\Program Files\Geneatique2007
2008-04-23 13:46 --------- d-----w C:\Documents and Settings\Christine\Application Data\ImgBurn
2008-04-23 13:34 --------- d-----w C:\Program Files\ImgBurn
2008-04-23 10:46 --------- d-----w C:\Program Files\Burger Island
2008-04-22 09:32 --------- d-----w C:\Program Files\DNA
2008-04-22 09:32 --------- d-----w C:\Documents and Settings\Christine\Application Data\DNA
2008-04-17 10:47 18,432 ----a-w C:\WINDOWS\system32\dllcache\iedw.exe
2008-04-14 10:17 47,360 ----a-w C:\Documents and Settings\Christine\Application Data\pcouffin.sys
2008-04-13 14:11 0 ----a-w C:\Program Files\temp01
2008-04-06 17:49 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\dllcache\msjint40.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys
2007-05-03 19:35 12,550,328 ----a-w C:\Program Files\Install_NeoDivXSuite.exe
2006-12-10 13:27 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2006-07-18 12:41 1,019,094 --sha-r C:\Program Files\serial.tde
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2007-10-14 18:09 103712]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-05-08 11:19 289088]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingB5639"="command /c del C:\Program Files\AdVantage\TR.dll_old" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" []
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-12-21 00:02 53248]
"ePower_DMC"="C:\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-03-30 18:47 421888]
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-03-31 16:11 598016]
"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-04-28 16:43 401408]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-11-19 13:30 282624]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 05:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dfrr40]
dfrr40.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\imesng6]
imesng6.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\geedeec.dll
"LoadAppInit_DLLs"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"msacm.mkdmp3enc"= C:\PROGRA~1\Acer\ACERAR~1\Kernel\Burner\MKDMP3Enc.ACM
"vidc.xvid"= xvid.dll
"vidc.yv12"= yv12vfw.dll
"VIDC.SP54"= SP5X_32.DLL
"msacm.fraunhoferacm"= l3codecp.acm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acer Empowering Technology.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acer Empowering Technology.lnk
backup=C:\WINDOWS\pss\Acer Empowering Technology.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
--a------ 2006-03-31 16:39 204800 C:\Acer\Empowering Technology\ePresentation\ePresentation.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
--a------ 2005-05-03 03:43 69632 C:\WINDOWS\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
--a------ 2006-01-02 17:41 45056 C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
--a------ 2006-03-15 22:12 579584 C:\Acer\Empowering Technology\ePower\Boot.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2004-08-05 05:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]
C:\Program Files\eMule\emule.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Heart Readme]
C:\DOCUME~1\CHRIST~1\APPLIC~1\2CORNM~1\Surf Grid.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\I downloaded pirated Software from P2P ]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ImageItEncrypt]
--a------ 2005-12-30 14:02 40960 C:\WINDOWS\system32\ImageItEncrypt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
--a------ 2004-08-05 05:00 208952 C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kcznmyc]
c:\windows\system32\kcznmyc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-01-19 12:55 5674352 C:\Program Files\MSN Messenger\MsnMsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
--a------ 2004-08-05 05:00 59392 C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
--a------ 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
--a------ 2005-05-11 17:15 45056 C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando]
C:\Program Files\Pando Networks\Pando\Pando.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
--------- 2006-03-23 00:12 151552 C:\Program Files\Acer\Acer Arcade\PCMService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
--a------ 2004-08-05 05:00 455168 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
--a------ 2004-08-05 05:00 455168 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
C:\Program Files\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2006-11-19 13:30 282624 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
--a------ 2006-03-14 02:01 16010752 C:\WINDOWS\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza]
C:\Program Files\Shareaza\Shareaza.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\startkey]
C:\WINDOWS\system32\server.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2006-03-02 22:07 761946 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemOptimizer]
C:\WINDOWS\vtttqn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB Storage Toolbox]
--a------ 2005-09-14 20:44 65536 C:\Program Files\USB Disk Win98 Driver\Res.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINSOS VERIFY]
C:\Program Files\Winsos\WINSOS.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"=
"C:\\Program Files\\NetMeeting\\conf.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"D:\\GBA\\System\\Iwo.exe"=
"C:\\Program Files\\Lphant\\eLePhantClient.exe"=

R2 NMSAccessU;NMSAccessU;C:\Program Files\CDBurnerXP\NMSAccessU.exe [2007-10-12 08:34]
R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2004-08-05 05:00]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 14:58]
S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2007-01-24 17:15]
S3 gel90xne;gel90xne;C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\gel90xne.sys []
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-03-12 15:40]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 05:00]
S3 w200bus;Sony Ericsson W200 driver (WDM);C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 10:42]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c4b82ee9-4292-11db-a2ac-806d6172696f}]
\Shell\AutoRun\command - D:\setupSNK.exe

*Newly Created Service* - AVGASCLN
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-06-17 10:00:02 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-17 12:46:15
Windows 5.1.2600 Service Pack 2 FAT NTAPI

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-06-17 12:47:56
ComboFix-quarantined-files.txt 2008-06-17 10:47:52

Pre-Run: 1,991,655,424 octets libres
Post-Run: 2,076,033,024 octets libres

267 --- E O F --- 2008-06-11 19:40:11
0
Réponse 64 / 78
Utilisateur anonyme
17 juin 2008 à 12:56
ok

refais un scan hijackthis et post le rapport stp
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 65 / 78
christ
17 juin 2008 à 12:58
voila hijack:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:58:19, on 17/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-point-de-croix.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: (no name) - Software - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {44cc78af-1bee-4da4-a28c-a7478848eef7} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9a81d644-8342-4970-9c03-ff610142385b} - (no file)
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB5639] command /c del "C:\Program Files\AdVantage\TR.dll_old"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540001} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: c:\windows\system32\geedeec.dll
O20 - Winlogon Notify: dfrr40 - dfrr40.dll (file missing)
O20 - Winlogon Notify: imesng6 - imesng6.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
0
Réponse 66 / 78
Utilisateur anonyme
17 juin 2008 à 13:12
Copie le texte ci-dessous :



File::
C:\WINDOWS\wininit.ini
C:\WINDOWS\system32\VCCLSID.exe
C:\WINDOWS\system32\SrchSTS.exe
C:\WINDOWS\system32\VACFix.exe
C:\WINDOWS\system32\IEDFix.exe
C:\WINDOWS\system32\IEDFix.C.exe
C:\WINDOWS\system32\404Fix.exe
C:\WINDOWS\system32\Process.exe
C:\WINDOWS\system32\dumphive.exe
C:\WINDOWS\system32\WS2Fix.exe
C:\WINDOWS\system32\tmp.reg
C:\upload_moi_ACER-2D06449020.tar.gz
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\AdVantage\TR.dll_old
C:\WINDOWS\system32\lsdelete.exe
c:\windows\system32\geedeec.dll
C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\gel90xne.sys
C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

Folder::
C:\Program Files\Navilog1
C:\Program Files\Macrogaming\SweetIM
C:\Program Files\Fichiers communs\BOONTY Shared

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SweetIM"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingB5639"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=-








Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

http://sd-1.archive-host.com/membres/up/1366464061/CFScript.gif

Cela va relancer Combofix,

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de rédémarrage, poste quand même les rapports.


0
Réponse 67 / 78
christ
17 juin 2008 à 13:40
voila le rapport de combofix:
ComboFix 08-06-16.2 - Christine 2008-06-17 13:19:41.2 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.475 [GMT 2:00]
Endroit: C:\Documents and Settings\Christine\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Christine\Bureau\CFScript.txt
* Création d'un nouveau point de restauration
* Resident AV is active


[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

FILE ::
C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\gel90xne.sys
C:\Program Files\AdVantage\TR.dll_old
C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\upload_moi_ACER-2D06449020.tar.gz
C:\WINDOWS\system32\404Fix.exe
C:\WINDOWS\system32\dumphive.exe
c:\windows\system32\geedeec.dll
C:\WINDOWS\system32\IEDFix.C.exe
C:\WINDOWS\system32\IEDFix.exe
C:\WINDOWS\system32\lsdelete.exe
C:\WINDOWS\system32\Process.exe
C:\WINDOWS\system32\SrchSTS.exe
C:\WINDOWS\system32\tmp.reg
C:\WINDOWS\system32\VACFix.exe
C:\WINDOWS\system32\VCCLSID.exe
C:\WINDOWS\system32\WS2Fix.exe
C:\WINDOWS\wininit.ini
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Fichiers communs\BOONTY Shared
C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
C:\Program Files\Macrogaming\SweetIM
C:\Program Files\Macrogaming\SweetIM\conf\adapter.xml
C:\Program Files\Macrogaming\SweetIM\conf\autoupdate.xml
C:\Program Files\Macrogaming\SweetIM\conf\logger.xml
C:\Program Files\Macrogaming\SweetIM\conf\messages.xml
C:\Program Files\Macrogaming\SweetIM\conf\sweetim.xml
C:\Program Files\Macrogaming\SweetIM\conf\sweetimapp.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\christinetranain@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\christinetranain@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\felicia.tranain@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\felicia.tranain@hotmail.fr\lastuse_DisplayPictures.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\felicia.tranain@hotmail.fr\lastuse_SpecialFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\felicia.tranain@hotmail.fr\lastuse_Winks.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\felicia.tranain@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\kevintranain@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\kevintranain@hotmail.fr\lastuse_SoundFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\kevintranain@hotmail.fr\lastuse_SpecialFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\kevintranain@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\main_user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\romuald.tranain@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\romuald.tranain@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100B2.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00100E8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001084C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010856.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010857.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010859.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001085E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010868.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001088D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010890.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010896.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010897.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0010898.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]001089B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108AA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108AB.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108BA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108CD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00108D1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020075.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00200C0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020114.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020144.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020148.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020177.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0020189.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00201B1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]003005F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0040024.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]004002B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]004003E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]004005F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00400C0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0050004.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0050005.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0050007.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0060073.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]006007D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]006007E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]006009E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600A7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600AD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600B1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600B6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600BC.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600C3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600C7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600CD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600D1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600DA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600DD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600E7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]00600E8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]0080010.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]10108A7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]1050001.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\[u]0[/u]1050002.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\cache_indx.dat
C:\Program Files\Macrogaming\SweetIM\default.xml
C:\Program Files\Macrogaming\SweetIM\mgAdaptersProxy.dll
C:\Program Files\Macrogaming\SweetIM\mgAIMAuto.dll
C:\Program Files\Macrogaming\SweetIM\mgAIMMessengerAdapter.dll
C:\Program Files\Macrogaming\SweetIM\mgArchive.dll
C:\Program Files\Macrogaming\SweetIM\mgcommon.dll
C:\Program Files\Macrogaming\SweetIM\mgcommunication.dll
C:\Program Files\Macrogaming\SweetIM\mgconfig.dll
C:\Program Files\Macrogaming\SweetIM\mgFlashPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mghooking.dll
C:\Program Files\Macrogaming\SweetIM\mgIEPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mglogger.dll
C:\Program Files\Macrogaming\SweetIM\mgMediaPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mgMsnAuto.dll
C:\Program Files\Macrogaming\SweetIM\mgMsnMessengerAdapter.dll
C:\Program Files\Macrogaming\SweetIM\mgSweetIM.dll
C:\Program Files\Macrogaming\SweetIM\mgUpdateSupport.dll
C:\Program Files\Macrogaming\SweetIM\mgxml_wrapper.dll
C:\Program Files\Macrogaming\SweetIM\mgYahooAuto.dll
C:\Program Files\Macrogaming\SweetIM\mgYahooMessengerAdapter.dll
C:\Program Files\Macrogaming\SweetIM\msvcp71.dll
C:\Program Files\Macrogaming\SweetIM\msvcr71.dll
C:\Program Files\Macrogaming\SweetIM\resources\images\AudibleButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\DisplayPicturesButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\EmoticonButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\NudgeButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\SoundFxButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\WinksButton.png
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Navilog1
C:\Program Files\Navilog1\Backupnavi\jgdjqi_nav.dat
C:\Program Files\Navilog1\Backupnavi\jgdjqi_navps.dat
C:\Program Files\Navilog1\catchme.exe
C:\Program Files\Navilog1\GetPaths.exe
C:\Program Files\Navilog1\gnc.exe
C:\Program Files\Navilog1\navilog1.bat
C:\Program Files\Navilog1\navreb.bat
C:\Program Files\Navilog1\oem2ansi.exe
C:\Program Files\Navilog1\Process.exe
C:\Program Files\Navilog1\reboot.exe
C:\Program Files\Navilog1\reg.exe
C:\Program Files\Navilog1\regnavi.reg
C:\Program Files\Navilog1\Safebackup\backup_registry.dat
C:\Program Files\Navilog1\Safebackup\HKCU_Run.reg
C:\Program Files\Navilog1\Safebackup\HKLM_Arpcache.reg
C:\Program Files\Navilog1\Safebackup\HKLM_Run.reg
C:\Program Files\Navilog1\Safebackup\HKLM_Startupreg.reg
C:\Program Files\Navilog1\Safebackup\HKLM_Uninstall.reg
C:\Program Files\Navilog1\traite.bat
C:\Program Files\Navilog1\traite2.bat
C:\Program Files\Navilog1\traite3.bat
C:\Program Files\Navilog1\unins000.dat
C:\Program Files\Navilog1\unins000.exe
C:\upload_moi_ACER-2D06449020.tar.gz
C:\WINDOWS\system32\404Fix.exe
C:\WINDOWS\system32\dumphive.exe
C:\WINDOWS\system32\IEDFix.C.exe
C:\WINDOWS\system32\IEDFix.exe
C:\WINDOWS\system32\lsdelete.exe
C:\WINDOWS\system32\Process.exe
C:\WINDOWS\system32\SrchSTS.exe
C:\WINDOWS\system32\tmp.reg
C:\WINDOWS\system32\VACFix.exe
C:\WINDOWS\system32\VCCLSID.exe
C:\WINDOWS\system32\WS2Fix.exe
C:\WINDOWS\wininit.ini

.
((((((((((((((((((((((((((((( Fichiers créés 2008-05-17 to 2008-06-17 ))))))))))))))))))))))))))))))))))))
.

2008-06-16 17:34 . 2008-06-16 17:34 <REP> d-------- C:\Program Files\CCleaner
2008-06-16 15:59 . 2008-06-16 15:59 <REP> d-------- C:\Documents and Settings\Christine\Application Data\Grisoft
2008-06-16 15:58 . 2008-06-16 15:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-06-16 15:58 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-06-16 15:16 . 2008-06-16 15:16 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-06-16 15:16 . 2008-06-16 15:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-16 14:58 . 2008-06-16 14:58 <REP> d-------- C:\Program Files\Lavasoft
2008-06-16 14:58 . 2008-06-16 14:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-06-16 13:35 . 2008-06-16 13:35 <REP> d-------- C:\Program Files\RogueRemover FREE
2008-06-16 12:02 . 2008-06-16 12:02 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-16 12:02 . 2008-06-16 12:02 <REP> d-------- C:\Documents and Settings\Christine\Application Data\Malwarebytes
2008-06-16 12:02 . 2008-06-16 12:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-16 12:02 . 2008-06-10 19:02 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-16 12:02 . 2008-06-10 19:02 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-16 11:22 . 2008-06-16 11:22 <REP> d-------- C:\Program Files\Trend Micro
2008-06-16 10:17 . 2008-06-16 10:17 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-06-11 07:45 . 2008-04-14 17:52 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 07:45 . 2008-04-14 17:52 272,768 --------- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-08 17:18 . 2008-06-08 17:18 149 --a------ C:\WINDOWS\easyc.ini
2008-06-06 15:40 . 2008-06-06 15:40 74 --a------ C:\WINDOWS\Pool3DWin.ini
2008-06-04 11:49 . 2008-06-04 11:49 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-06-02 18:10 . 2008-06-02 18:10 <REP> d-------- C:\Documents and Settings\Christine\Application Data\Oberon Games
2008-06-02 18:07 . 2008-06-02 18:07 <REP> d-------- C:\Program Files\Turbo Subs
2008-05-24 19:01 . 2008-05-24 19:01 <REP> d-------- C:\Documents and Settings\Christine\Application Data\Groove Games
2008-05-22 13:24 . 2008-05-22 13:24 <REP> d-------- C:\Program Files\Chocolatier
2008-05-17 20:11 . 2008-05-17 20:11 <REP> d-------- C:\Program Files\uTorrent
2008-05-17 20:11 . 2008-05-17 20:11 <REP> d-------- C:\Documents and Settings\Christine\Application Data\uTorrent

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-16 19:06 544 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-06-16 19:06 32 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-06-16 19:06 32 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-06-16 19:06 1,124 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-05-29 18:18 88,774 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2008-05-28 15:23 96,966 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2008-05-28 15:23 112,144 ----a-w C:\WINDOWS\system32\drivers\kl1.sys
2008-05-15 12:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\MonteCristo
2008-05-14 15:50 --------- d-----w C:\Program Files\Téléchargeur de City Life 2008
2008-05-11 12:34 --------- d-----w C:\Documents and Settings\Christine\Application Data\VeniceMysteryData
2008-05-10 18:02 --------- d-----w C:\Documents and Settings\Christine\Application Data\EleFun Games
2008-05-09 17:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\JollyBear
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\RMCast.sys
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
2008-05-02 06:31 18,048 ----a-w C:\WINDOWS\system32\drivers\lirsgt.sys
2008-05-02 06:31 165,376 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys
2008-04-29 09:20 15,648 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2008-04-29 09:19 15,648 ----a-w C:\WINDOWS\system32\drivers\Awrtrd.sys
2008-04-29 09:19 12,960 ----a-w C:\WINDOWS\system32\drivers\Awrtpd.sys
2008-04-24 11:54 --------- d-----w C:\Program Files\Smart Projects
2008-04-24 11:11 --------- d-----w C:\Documents and Settings\Christine\Application Data\Généatique2007
2008-04-24 11:05 --------- d-----w C:\Program Files\Protectis
2008-04-24 11:05 --------- d-----w C:\Program Files\Geneatique2007
2008-04-23 13:46 --------- d-----w C:\Documents and Settings\Christine\Application Data\ImgBurn
2008-04-23 13:34 --------- d-----w C:\Program Files\ImgBurn
2008-04-23 10:46 --------- d-----w C:\Program Files\Burger Island
2008-04-22 09:32 --------- d-----w C:\Program Files\DNA
2008-04-22 09:32 --------- d-----w C:\Documents and Settings\Christine\Application Data\DNA
2008-04-17 10:47 18,432 ----a-w C:\WINDOWS\system32\dllcache\iedw.exe
2008-04-14 10:17 47,360 ----a-w C:\Documents and Settings\Christine\Application Data\pcouffin.sys
2008-04-13 14:11 0 ----a-w C:\Program Files\temp01
2008-04-06 17:49 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\dllcache\msjint40.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys
2007-05-03 19:35 12,550,328 ----a-w C:\Program Files\Install_NeoDivXSuite.exe
2006-12-10 13:27 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2006-07-18 12:41 1,019,094 --sha-r C:\Program Files\serial.tde
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-05-08 11:19 289088]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" []
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-12-21 00:02 53248]
"ePower_DMC"="C:\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-03-30 18:47 421888]
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-03-31 16:11 598016]
"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-04-28 16:43 401408]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-11-19 13:30 282624]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 05:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dfrr40]
dfrr40.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\imesng6]
imesng6.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"msacm.mkdmp3enc"= C:\PROGRA~1\Acer\ACERAR~1\Kernel\Burner\MKDMP3Enc.ACM
"vidc.xvid"= xvid.dll
"vidc.yv12"= yv12vfw.dll
"VIDC.SP54"= SP5X_32.DLL
"msacm.fraunhoferacm"= l3codecp.acm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acer Empowering Technology.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acer Empowering Technology.lnk
backup=C:\WINDOWS\pss\Acer Empowering Technology.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
--a------ 2006-03-31 16:39 204800 C:\Acer\Empowering Technology\ePresentation\ePresentation.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
--a------ 2005-05-03 03:43 69632 C:\WINDOWS\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
--a------ 2006-01-02 17:41 45056 C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
--a------ 2006-03-15 22:12 579584 C:\Acer\Empowering Technology\ePower\Boot.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2004-08-05 05:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]
C:\Program Files\eMule\emule.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Heart Readme]
C:\DOCUME~1\CHRIST~1\APPLIC~1\2CORNM~1\Surf Grid.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\I downloaded pirated Software from P2P ]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ImageItEncrypt]
--a------ 2005-12-30 14:02 40960 C:\WINDOWS\system32\ImageItEncrypt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
--a------ 2004-08-05 05:00 208952 C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kcznmyc]
c:\windows\system32\kcznmyc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-01-19 12:55 5674352 C:\Program Files\MSN Messenger\MsnMsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
--a------ 2004-08-05 05:00 59392 C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
--a------ 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
--a------ 2005-05-11 17:15 45056 C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando]
C:\Program Files\Pando Networks\Pando\Pando.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
--------- 2006-03-23 00:12 151552 C:\Program Files\Acer\Acer Arcade\PCMService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
--a------ 2004-08-05 05:00 455168 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
--a------ 2004-08-05 05:00 455168 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
C:\Program Files\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2006-11-19 13:30 282624 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
--a------ 2006-03-14 02:01 16010752 C:\WINDOWS\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza]
C:\Program Files\Shareaza\Shareaza.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\startkey]
C:\WINDOWS\system32\server.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2006-03-02 22:07 761946 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemOptimizer]
C:\WINDOWS\vtttqn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB Storage Toolbox]
--a------ 2005-09-14 20:44 65536 C:\Program Files\USB Disk Win98 Driver\Res.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINSOS VERIFY]
C:\Program Files\Winsos\WINSOS.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"=
"C:\\Program Files\\NetMeeting\\conf.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"D:\\GBA\\System\\Iwo.exe"=
"C:\\Program Files\\Lphant\\eLePhantClient.exe"=

R2 NMSAccessU;NMSAccessU;C:\Program Files\CDBurnerXP\NMSAccessU.exe [2007-10-12 08:34]
R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2004-08-05 05:00]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 14:58]
S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" []
S3 gel90xne;gel90xne;C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\gel90xne.sys []
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-03-12 15:40]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 05:00]
S3 w200bus;Sony Ericsson W200 driver (WDM);C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 10:42]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

*Newly Created Service* - AVGASCLN
*Newly Created Service* - CATCHME
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-06-17 11:00:02 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-17 13:31:14
Windows 5.1.2600 Service Pack 2 FAT NTAPI

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-06-17 13:33:17
ComboFix-quarantined-files.txt 2008-06-17 11:33:12
ComboFix2.txt 2008-06-17 10:48:04

Pre-Run: 1,960,116,224 octets libres
Post-Run: 1,920,958,464 octets libres

409 --- E O F --- 2008-06-11 19:40:11





et celui de hijack:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:40:06, on 17/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-point-de-croix.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: (no name) - Software - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {44cc78af-1bee-4da4-a28c-a7478848eef7} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9a81d644-8342-4970-9c03-ff610142385b} - (no file)
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540001} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - Winlogon Notify: dfrr40 - dfrr40.dll (file missing)
O20 - Winlogon Notify: imesng6 - imesng6.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
0
Réponse 68 / 78
christ
17 juin 2008 à 14:30
voila j'ai fait les mise a jour.Pour dire mon pc va beaucoup mieux,plus de page internet qui s'ouvre et mon pc a l'air d'allé un peu plus vite voila le rapport de hijack:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:28:04, on 17/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-point-de-croix.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
0
Réponse 69 / 78
Utilisateur anonyme
17 juin 2008 à 14:33
oui une derniere manip :

Copie le texte ci-dessous :



File::
C:\Program Files\serial.tde

Folder::
C:\Program Files\temp01
C:\Program Files\serial.tde
C:\Program Files\Macrogaming

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=-

Driver::
gel90xne
BOONTY games





Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

http://sd-1.archive-host.com/membres/up/1366464061/CFScript.gif

Cela va relancer Combofix,

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de rédémarrage, poste quand même les rapports.



0
Réponse 70 / 78
christ
17 juin 2008 à 15:02
voila c'est fait le rapport de combofix:
ComboFix 08-06-16.2 - Christine 2008-06-17 14:37:56.3 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.491 [GMT 2:00]
Endroit: C:\Documents and Settings\Christine\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Christine\Bureau\CFScript.txt
* Création d'un nouveau point de restauration
* Resident AV is active


[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

FILE ::
C:\Program Files\serial.tde
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Macrogaming
C:\Program Files\Macrogaming\SweetIMBarForIE\affid.dat
C:\Program Files\Macrogaming\SweetIMBarForIE\basis.xml
C:\Program Files\Macrogaming\SweetIMBarForIE\Bookmarks_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Cache\cd2005c66fba47ff715ecc444d3bc1fb.xml
C:\Program Files\Macrogaming\SweetIMBarForIE\Email_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Games_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Greetingcards_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Mobile_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Music_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\News_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Shoping_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\SmileySmile.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\SmileyWink.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\sweetimicons.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.crc
C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.xml
C:\Program Files\Macrogaming\SweetIMBarForIE\version.txt
C:\Program Files\serial.tde
C:\Program Files\serial.tde\
C:\Program Files\temp01\

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Legacy_GEL90XNE
-------\Service_Boonty Games
-------\Service_gel90xne


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-17 to 2008-06-17 ))))))))))))))))))))))))))))))))))))
.

2008-06-17 14:16 . 2008-06-17 14:17 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-06-17 14:10 . 2008-03-01 14:58 63,488 --------- C:\WINDOWS\system32\dllcache\icardie.dll
2008-06-16 17:34 . 2008-06-16 17:34 <REP> d-------- C:\Program Files\CCleaner
2008-06-16 15:59 . 2008-06-16 15:59 <REP> d-------- C:\Documents and Settings\Christine\Application Data\Grisoft
2008-06-16 15:58 . 2008-06-16 15:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-06-16 15:58 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-06-16 15:16 . 2008-06-16 15:16 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-06-16 15:16 . 2008-06-16 15:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-16 14:58 . 2008-06-16 14:58 <REP> d-------- C:\Program Files\Lavasoft
2008-06-16 14:58 . 2008-06-16 14:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-06-16 13:35 . 2008-06-16 13:35 <REP> d-------- C:\Program Files\RogueRemover FREE
2008-06-16 12:02 . 2008-06-16 12:02 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-16 12:02 . 2008-06-16 12:02 <REP> d-------- C:\Documents and Settings\Christine\Application Data\Malwarebytes
2008-06-16 12:02 . 2008-06-16 12:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-16 12:02 . 2008-06-10 19:02 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-16 12:02 . 2008-06-10 19:02 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-16 11:22 . 2008-06-16 11:22 <REP> d-------- C:\Program Files\Trend Micro
2008-06-16 10:17 . 2008-06-16 10:17 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-06-11 07:45 . 2008-04-14 17:52 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 07:45 . 2008-04-14 17:52 272,768 --------- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-08 17:18 . 2008-06-08 17:18 149 --a------ C:\WINDOWS\easyc.ini
2008-06-06 15:40 . 2008-06-06 15:40 74 --a------ C:\WINDOWS\Pool3DWin.ini
2008-06-04 11:49 . 2008-06-04 11:49 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-06-02 18:10 . 2008-06-02 18:10 <REP> d-------- C:\Documents and Settings\Christine\Application Data\Oberon Games
2008-06-02 18:07 . 2008-06-02 18:07 <REP> d-------- C:\Program Files\Turbo Subs
2008-05-24 19:01 . 2008-05-24 19:01 <REP> d-------- C:\Documents and Settings\Christine\Application Data\Groove Games
2008-05-22 13:24 . 2008-05-22 13:24 <REP> d-------- C:\Program Files\Chocolatier
2008-05-17 20:11 . 2008-05-17 20:11 <REP> d-------- C:\Program Files\uTorrent
2008-05-17 20:11 . 2008-05-17 20:11 <REP> d-------- C:\Documents and Settings\Christine\Application Data\uTorrent

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-17 12:50 544 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-06-17 12:50 32 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-06-17 12:50 32 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-06-17 12:50 1,124 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-05-29 18:18 88,774 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2008-05-28 15:23 96,966 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2008-05-28 15:23 112,144 ----a-w C:\WINDOWS\system32\drivers\kl1.sys
2008-05-15 12:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\MonteCristo
2008-05-14 15:50 --------- d-----w C:\Program Files\Téléchargeur de City Life 2008
2008-05-11 12:34 --------- d-----w C:\Documents and Settings\Christine\Application Data\VeniceMysteryData
2008-05-10 18:02 --------- d-----w C:\Documents and Settings\Christine\Application Data\EleFun Games
2008-05-09 17:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\JollyBear
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\RMCast.sys
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
2008-05-02 06:31 18,048 ----a-w C:\WINDOWS\system32\drivers\lirsgt.sys
2008-05-02 06:31 165,376 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys
2008-04-29 09:20 15,648 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2008-04-29 09:19 15,648 ----a-w C:\WINDOWS\system32\drivers\Awrtrd.sys
2008-04-29 09:19 12,960 ----a-w C:\WINDOWS\system32\drivers\Awrtpd.sys
2008-04-24 11:54 --------- d-----w C:\Program Files\Smart Projects
2008-04-24 11:11 --------- d-----w C:\Documents and Settings\Christine\Application Data\Généatique2007
2008-04-24 11:05 --------- d-----w C:\Program Files\Protectis
2008-04-24 11:05 --------- d-----w C:\Program Files\Geneatique2007
2008-04-23 13:46 --------- d-----w C:\Documents and Settings\Christine\Application Data\ImgBurn
2008-04-23 13:34 --------- d-----w C:\Program Files\ImgBurn
2008-04-23 10:46 --------- d-----w C:\Program Files\Burger Island
2008-04-22 09:32 --------- d-----w C:\Program Files\DNA
2008-04-22 09:32 --------- d-----w C:\Documents and Settings\Christine\Application Data\DNA
2008-04-21 06:57 474,624 ----a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
2008-04-21 06:57 152,064 ----a-w C:\WINDOWS\system32\dllcache\cdfview.dll
2008-04-21 06:57 1,499,648 ----a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
2008-04-21 06:57 1,056,768 ----a-w C:\WINDOWS\system32\dllcache\danim.dll
2008-04-21 06:57 1,024,512 ----a-w C:\WINDOWS\system32\dllcache\browseui.dll
2008-04-14 10:17 47,360 ----a-w C:\Documents and Settings\Christine\Application Data\pcouffin.sys
2008-04-13 14:11 0 ----a-w C:\Program Files\temp01
2008-04-06 17:49 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\dllcache\msjint40.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys
2007-05-03 19:35 12,550,328 ----a-w C:\Program Files\Install_NeoDivXSuite.exe
2006-12-10 13:27 774,144 ----a-w C:\Program Files\RngInterstitial.dll
.

((((((((((((((((((((((((((((( snapshot@2008-06-17_12.47.16,43 )))))))))))))))))))))))))))))))))))))))))
.
- 2005-10-12 22:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB915865\spmsg.dll
+ 2005-10-12 23:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB915865\spmsg.dll
- 2005-10-12 22:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB915865\spuninst.exe
+ 2005-10-12 23:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB915865\spuninst.exe
- 2005-10-12 22:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB915865\update\spcustom.dll
+ 2005-10-12 23:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB915865\update\spcustom.dll
- 2005-10-12 22:12:28 716,000 ------w C:\WINDOWS\$hf_mig$\KB915865\update\update.exe
+ 2005-10-12 23:12:28 716,000 ------w C:\WINDOWS\$hf_mig$\KB915865\update\update.exe
- 2005-10-12 22:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB915865\update\updspapi.dll
+ 2005-10-12 23:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB915865\update\updspapi.dll
- 2008-06-17 05:36:26 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-17 12:51:30 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2005-10-20 18:02:28 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2004-08-05 03:00:00 61,440 ------w C:\WINDOWS\ie7\admparse.dll
+ 2004-08-05 05:00:00 101,888 ------w C:\WINDOWS\ie7\advpack.dll
+ 2004-08-05 03:00:00 35,328 ------w C:\WINDOWS\ie7\corpol.dll
+ 2006-06-02 18:32:20 33,792 ------w C:\WINDOWS\ie7\custsat.dll
+ 2008-04-21 06:57:18 357,888 ------w C:\WINDOWS\ie7\dxtmsft.dll
+ 2008-04-21 06:57:18 205,312 ------w C:\WINDOWS\ie7\dxtrans.dll
+ 2008-04-21 06:57:18 55,808 ------w C:\WINDOWS\ie7\extmgr.dll
+ 2004-08-05 03:00:00 38,912 ------w C:\WINDOWS\ie7\hmmapi.dll
+ 2004-08-05 03:00:00 34,304 ------w C:\WINDOWS\ie7\ie4uinit.exe
+ 2004-08-05 03:00:00 139,264 ------w C:\WINDOWS\ie7\ieakeng.dll
+ 2004-08-05 03:00:00 221,696 ------w C:\WINDOWS\ie7\ieaksie.dll
+ 2004-08-05 03:00:00 245,760 ------w C:\WINDOWS\ie7\ieakui.dll
+ 2004-08-05 03:00:00 323,584 ------w C:\WINDOWS\ie7\iedkcs32.dll
+ 2008-04-17 10:47:00 18,432 ------w C:\WINDOWS\ie7\iedw.exe
+ 2004-08-05 03:00:00 81,920 ------w C:\WINDOWS\ie7\ieencode.dll
+ 2008-04-21 06:57:18 251,904 ------w C:\WINDOWS\ie7\iepeers.dll
+ 2004-08-05 03:00:00 49,152 ------w C:\WINDOWS\ie7\iernonce.dll
+ 2004-08-05 03:00:00 63,488 ------w C:\WINDOWS\ie7\iesetup.dll
+ 2004-08-05 03:00:00 93,184 ------w C:\WINDOWS\ie7\iexplore.exe
+ 2004-08-05 03:00:00 35,840 ------w C:\WINDOWS\ie7\imgutil.dll
+ 2008-04-21 06:57:18 96,768 ------w C:\WINDOWS\ie7\inseng.dll
+ 2007-12-18 14:41:58 450,560 ------w C:\WINDOWS\ie7\jscript.dll
+ 2008-04-21 06:57:18 16,384 ------w C:\WINDOWS\ie7\jsproxy.dll
+ 2004-08-05 03:00:00 22,528 ------w C:\WINDOWS\ie7\licmgr10.dll
+ 2004-08-05 03:00:00 29,184 ------w C:\WINDOWS\ie7\mshta.exe
+ 2008-04-21 06:57:22 3,087,872 ------w C:\WINDOWS\ie7\mshtml.dll
+ 2008-04-21 06:57:22 449,024 ------w C:\WINDOWS\ie7\mshtmled.dll
+ 2004-08-05 03:00:00 57,344 ------w C:\WINDOWS\ie7\mshtmler.dll
+ 2004-08-05 03:00:00 146,432 ------w C:\WINDOWS\ie7\msls31.dll
+ 2008-04-21 06:57:24 146,432 ------w C:\WINDOWS\ie7\msrating.dll
+ 2008-04-21 06:57:24 532,480 ------w C:\WINDOWS\ie7\mstime.dll
+ 2004-08-05 03:00:00 97,280 ------w C:\WINDOWS\ie7\occache.dll
+ 2008-04-21 06:57:24 39,424 ------w C:\WINDOWS\ie7\pngfilt.dll
+ 2007-09-26 16:34:42 33,472 ------w C:\WINDOWS\ie7\spuninst\iecustom.dll
+ 2007-09-26 16:32:30 66,048 ----a-w C:\WINDOWS\ie7\spuninst\ieResetIcons.exe
+ 2006-09-06 15:43:28 216,800 ------w C:\WINDOWS\ie7\spuninst\spuninst.exe
+ 2006-09-06 15:43:30 394,976 ------w C:\WINDOWS\ie7\spuninst\updspapi.dll
+ 2004-08-05 05:00:00 37,888 ------w C:\WINDOWS\ie7\url.dll
+ 2008-04-21 06:57:26 620,544 ------w C:\WINDOWS\ie7\urlmon.dll
+ 2007-12-18 14:42:00 417,792 ------w C:\WINDOWS\ie7\vbscript.dll
+ 2007-06-26 13:56:54 851,968 ------w C:\WINDOWS\ie7\vgx.dll
+ 2004-08-05 03:00:00 281,600 ------w C:\WINDOWS\ie7\webcheck.dll
+ 2008-04-21 06:57:28 670,720 ------w C:\WINDOWS\ie7\wininet.dll
+ 2007-08-13 16:39:00 123,904 ------w C:\WINDOWS\ie7updates\KB944533-IE7\advpack.dll
+ 2007-08-13 16:35:46 346,624 ------w C:\WINDOWS\ie7updates\KB944533-IE7\dxtmsft.dll
+ 2007-08-13 16:35:38 214,528 ------w C:\WINDOWS\ie7updates\KB944533-IE7\dxtrans.dll
+ 2007-08-13 16:54:10 131,584 ------w C:\WINDOWS\ie7updates\KB944533-IE7\extmgr.dll
+ 2007-08-13 16:36:26 61,952 ------w C:\WINDOWS\ie7updates\KB944533-IE7\icardie.dll
+ 2007-08-13 16:39:06 54,784 ------w C:\WINDOWS\ie7updates\KB944533-IE7\ie4uinit.exe
+ 2007-08-13 16:39:26 152,064 ------w C:\WINDOWS\ie7updates\KB944533-IE7\ieakeng.dll
+ 2007-08-13 16:39:54 229,376 ------w C:\WINDOWS\ie7updates\KB944533-IE7\ieaksie.dll
+ 2007-08-13 15:56:54 161,792 ------w C:\WINDOWS\ie7updates\KB944533-IE7\ieakui.dll
+ 2007-02-12 14:10:12 2,451,312 ------w C:\WINDOWS\ie7updates\KB944533-IE7\ieapfltr.dat
+ 2007-07-11 10:27:48 383,488 ------w C:\WINDOWS\ie7updates\KB944533-IE7\ieapfltr.dll
+ 2007-08-13 16:39:50 382,976 ------w C:\WINDOWS\ie7updates\KB944533-IE7\iedkcs32.dll
+ 2007-08-13 16:54:10 6,049,280 ------w C:\WINDOWS\ie7updates\KB944533-IE7\ieframe.dll
+ 2007-08-13 16:39:10 43,008 ------w C:\WINDOWS\ie7updates\KB944533-IE7\iernonce.dll
+ 2007-08-13 16:34:04 266,752 ------w C:\WINDOWS\ie7updates\KB944533-IE7\iertutil.dll
+ 2007-08-13 16:39:10 13,312 ------w C:\WINDOWS\ie7updates\KB944533-IE7\ieudinit.exe
+ 2007-08-13 16:43:56 622,080 ------w C:\WINDOWS\ie7updates\KB944533-IE7\iexplore.exe
+ 2007-08-13 16:54:10 27,136 ------w C:\WINDOWS\ie7updates\KB944533-IE7\jsproxy.dll
+ 2007-08-13 16:54:10 458,752 ------w C:\WINDOWS\ie7updates\KB944533-IE7\msfeeds.dll
+ 2007-08-13 16:54:10 50,688 ------w C:\WINDOWS\ie7updates\KB944533-IE7\msfeedsbs.dll
+ 2007-08-13 16:54:12 3,578,368 ------w C:\WINDOWS\ie7updates\KB944533-IE7\mshtml.dll
+ 2007-08-13 16:54:10 475,648 ------w C:\WINDOWS\ie7updates\KB944533-IE7\mshtmled.dll
+ 2007-08-13 16:44:26 192,000 ------w C:\WINDOWS\ie7updates\KB944533-IE7\msrating.dll
+ 2007-08-13 16:54:10 670,720 ------w C:\WINDOWS\ie7updates\KB944533-IE7\mstime.dll
+ 2007-08-13 16:44:06 101,376 ------w C:\WINDOWS\ie7updates\KB944533-IE7\occache.dll
+ 2007-08-13 16:36:12 44,544 ------w C:\WINDOWS\ie7updates\KB944533-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 ------w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 ------w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\updspapi.dll
+ 2007-08-13 16:44:30 105,984 ------w C:\WINDOWS\ie7updates\KB944533-IE7\url.dll
+ 2007-08-13 16:54:10 1,162,240 ------w C:\WINDOWS\ie7updates\KB944533-IE7\urlmon.dll
+ 2007-08-13 16:54:10 231,424 ------w C:\WINDOWS\ie7updates\KB944533-IE7\webcheck.dll
+ 2007-08-13 16:54:10 818,688 ------w C:\WINDOWS\ie7updates\KB944533-IE7\wininet.dll
+ 2007-12-07 02:08:32 124,928 ------w C:\WINDOWS\ie7updates\KB947864-IE7\advpack.dll
+ 2007-12-07 02:08:32 124,928 ------w C:\WINDOWS\ie7updates\KB947864-IE7\advpack.dll.000
+ 2007-12-19 22:53:24 347,136 ------w C:\WINDOWS\ie7updates\KB947864-IE7\dxtmsft.dll
+ 2007-12-07 02:08:32 214,528 ------w C:\WINDOWS\ie7updates\KB947864-IE7\dxtrans.dll
+ 2007-12-07 02:08:32 133,120 ------w C:\WINDOWS\ie7updates\KB947864-IE7\extmgr.dll
+ 2007-12-07 02:08:32 63,488 ------w C:\WINDOWS\ie7updates\KB947864-IE7\icardie.dll
+ 2007-12-07 02:08:32 63,488 ------w C:\WINDOWS\ie7updates\KB947864-IE7\icardie.dll.000
+ 2007-12-06 11:02:32 70,656 ------w C:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe
+ 2007-12-07 02:08:32 153,088 ------w C:\WINDOWS\ie7updates\KB947864-IE7\ieakeng.dll
+ 2007-12-07 02:08:32 230,400 ------w C:\WINDOWS\ie7updates\KB947864-IE7\ieaksie.dll
+ 2007-12-06 04:59:52 161,792 ------w C:\WINDOWS\ie7updates\KB947864-IE7\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ------w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dat
+ 2007-12-07 02:08:32 383,488 ------w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dll
+ 2007-12-07 02:08:32 383,488 ------w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dll.000
+ 2007-12-07 02:08:32 384,512 ------w C:\WINDOWS\ie7updates\KB947864-IE7\iedkcs32.dll
+ 2007-12-07 02:08:34 6,066,176 ------w C:\WINDOWS\ie7updates\KB947864-IE7\ieframe.dll
+ 2007-12-07 02:08:34 6,066,176 ------w C:\WINDOWS\ie7updates\KB947864-IE7\ieframe.dll.000
+ 2007-12-07 02:08:34 44,544 ------w C:\WINDOWS\ie7updates\KB947864-IE7\iernonce.dll
+ 2007-12-07 02:08:34 267,776 ------w C:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll
+ 2007-12-07 02:08:34 267,776 ------w C:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll.000
+ 2007-12-06 11:00:58 13,824 ------w C:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe
+ 2007-12-06 11:03:16 625,664 ------w C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe
+ 2007-12-07 02:08:34 27,648 ------w C:\WINDOWS\ie7updates\KB947864-IE7\jsproxy.dll
+ 2007-12-07 02:08:34 27,648 ------w C:\WINDOWS\ie7updates\KB947864-IE7\jsproxy.dll.000
+ 2007-12-07 02:08:34 459,264 ------w C:\WINDOWS\ie7updates\KB947864-IE7\msfeeds.dll
+ 2007-12-07 02:08:34 459,264 ------w C:\WINDOWS\ie7updates\KB947864-IE7\msfeeds.dll.000
+ 2007-12-07 02:08:34 52,224 ------w C:\WINDOWS\ie7updates\KB947864-IE7\msfeedsbs.dll
+ 2007-12-07 02:08:34 52,224 ------w C:\WINDOWS\ie7updates\KB947864-IE7\msfeedsbs.dll.000
+ 2007-12-08 08:38:36 3,592,192 ------w C:\WINDOWS\ie7updates\KB947864-IE7\mshtml.dll
+ 2007-12-08 08:38:36 3,592,192 ------w C:\WINDOWS\ie7updates\KB947864-IE7\mshtml.dll.000
+ 2007-12-07 02:08:34 478,208 ------w C:\WINDOWS\ie7updates\KB947864-IE7\mshtmled.dll
+ 2007-12-07 02:08:34 193,024 ------w C:\WINDOWS\ie7updates\KB947864-IE7\msrating.dll
+ 2007-12-07 02:08:34 671,232 ------w C:\WINDOWS\ie7updates\KB947864-IE7\mstime.dll
+ 2007-12-07 02:08:34 102,912 ------w C:\WINDOWS\ie7updates\KB947864-IE7\occache.dll
+ 2008-01-11 05:36:56 44,544 ------w C:\WINDOWS\ie7updates\KB947864-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 ------w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 ------w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\updspapi.dll
+ 2007-12-07 02:08:34 105,984 ------w C:\WINDOWS\ie7updates\KB947864-IE7\url.dll
+ 2007-12-07 02:08:34 105,984 ------w C:\WINDOWS\ie7updates\KB947864-IE7\url.dll.000
+ 2007-12-07 02:08:34 1,159,680 ------w C:\WINDOWS\ie7updates\KB947864-IE7\urlmon.dll
+ 2007-12-07 02:08:34 1,159,680 ------w C:\WINDOWS\ie7updates\KB947864-IE7\urlmon.dll.000
+ 2007-12-07 02:08:34 233,472 ------w C:\WINDOWS\ie7updates\KB947864-IE7\webcheck.dll
+ 2007-12-07 02:08:34 233,472 ------w C:\WINDOWS\ie7updates\KB947864-IE7\webcheck.dll.000
+ 2007-12-07 02:08:34 824,832 ------w C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll
+ 2007-12-07 02:08:34 824,832 ------w C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll.000
+ 2008-06-17 12:10:56 295,606 ----a-r C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A81200000003}\SC_Reader.exe
- 2004-08-05 03:00:00 61,440 ----a-w C:\WINDOWS\system32\admparse.dll
+ 2007-08-13 16:39:20 71,680 ----a-w C:\WINDOWS\system32\admparse.dll
- 2004-08-05 05:00:00 101,888 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-03-01 12:58:06 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2004-08-05 03:00:00 61,440 ----a-w C:\WINDOWS\system32\dllcache\admparse.dll
+ 2007-08-13 16:39:20 71,680 ----a-w C:\WINDOWS\system32\dllcache\admparse.dll
- 2004-08-05 05:00:00 101,888 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-03-01 12:58:06 124,928 ------w C:\WINDOWS\system32\dllcache\advpack.dll
- 2006-06-02 18:32:20 33,792 ----a-w C:\WINDOWS\system32\dllcache\custsat.dll
+ 2007-08-13 16:54:10 33,792 ----a-w C:\WINDOWS\system32\dllcache\custsat.dll
- 2008-04-21 06:57:18 357,888 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-03-01 12:58:06 347,136 ------w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2008-04-21 06:57:18 205,312 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-03-01 12:58:06 214,528 ------w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2008-04-21 06:57:18 55,808 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-03-01 12:58:06 133,120 ------w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2004-08-05 03:00:00 38,912 ----a-w C:\WINDOWS\system32\dllcache\hmmapi.dll
+ 2007-08-13 16:18:02 60,416 ----a-w C:\WINDOWS\system32\dllcache\hmmapi.dll
- 2004-08-05 03:00:00 34,304 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-02-29 08:56:42 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2004-08-05 03:00:00 139,264 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-03-01 12:58:06 153,088 ------w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2004-08-05 03:00:00 221,696 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-03-01 12:58:06 230,400 ------w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2004-08-05 03:00:00 245,760 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-02-15 05:44:26 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2007-04-25 07:39:00 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-03-01 12:58:08 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2004-08-05 03:00:00 323,584 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-03-01 12:58:08 384,512 ------w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2008-04-17 10:47:00 18,432 ----a-w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2007-08-13 16:44:02 69,120 ----a-w C:\WINDOWS\system32\dllcache\iedw.exe
- 2004-08-05 03:00:00 81,920 ----a-w C:\WINDOWS\system32\dllcache\ieencode.dll
+ 2007-08-13 16:45:18 78,336 ----a-w C:\WINDOWS\system32\dllcache\ieencode.dll
- 2007-04-25 07:39:24 6,058,496 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-03-01 12:58:08 6,066,176 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2008-04-21 06:57:18 251,904 ----a-w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2007-08-13 16:54:10 191,488 ----a-w C:\WINDOWS\system32\dllcache\iepeers.dll
- 2004-08-05 03:00:00 49,152 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-03-01 12:58:08 44,544 ------w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2007-04-25 07:39:26 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-03-01 12:58:08 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2004-08-05 03:00:00 63,488 ----a-w C:\WINDOWS\system32\dllcache\iesetup.dll
+ 2007-08-13 16:39:12 55,296 ----a-w C:\WINDOWS\system32\dllcache\iesetup.dll
- 2007-04-24 14:26:20 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2008-02-22 10:00:52 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2004-08-05 03:00:00 93,184 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2008-02-29 08:57:06 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2004-08-05 03:00:00 35,840 ----a-w C:\WINDOWS\system32\dllcache\imgutil.dll
+ 2007-08-13 16:36:06 36,352 ----a-w C:\WINDOWS\system32\dllcache\imgutil.dll
- 2008-04-21 06:57:18 96,768 ----a-w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2007-08-13 16:39:02 92,672 ----a-w C:\WINDOWS\system32\dllcache\inseng.dll
- 2007-12-18 14:41:58 450,560 ----a-w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2007-08-13 16:38:04 491,520 ----a-w C:\WINDOWS\system32\dllcache\jscript.dll
- 2008-04-21 06:57:18 16,384 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-03-01 12:58:08 27,648 ------w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2004-08-05 03:00:00 22,528 ----a-w C:\WINDOWS\system32\dllcache\licmgr10.dll
+ 2007-08-13 16:44:18 40,960 ----a-w C:\WINDOWS\system32\dllcache\licmgr10.dll
- 2007-04-25 07:39:36 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-03-01 12:58:08 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2007-04-25 07:39:36 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-03-01 12:58:08 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2004-08-05 03:00:00 29,184 ----a-w C:\WINDOWS\system32\dllcache\mshta.exe
+ 2007-08-13 16:32:30 45,568 ----a-w C:\WINDOWS\system32\dllcache\mshta.exe
- 2008-04-21 06:57:22 3,087,872 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-03-01 16:28:10 3,591,680 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2008-04-21 06:57:22 449,024 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-03-01 12:58:10 478,208 ------w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2004-08-05 03:00:00 57,344 ----a-w C:\WINDOWS\system32\dllcache\mshtmler.dll
+ 2007-08-13 16:01:12 48,128 ----a-w C:\WINDOWS\system32\dllcache\mshtmler.dll
- 2004-08-05 03:00:00 146,432 ----a-w C:\WINDOWS\system32\dllcache\msls31.dll
+ 2007-08-13 16:54:10 156,160 ----a-w C:\WINDOWS\system32\dllcache\msls31.dll
- 2008-04-21 06:57:24 146,432 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-03-01 12:58:10 193,024 ------w C:\WINDOWS\system32\dllcache\msrating.dll
- 2008-04-21 06:57:24 532,480 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-03-01 12:58:10 671,232 ------w C:\WINDOWS\system32\dllcache\mstime.dll
- 2004-08-05 03:00:00 97,280 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-03-01 12:58:10 102,912 ------w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-04-21 06:57:24 39,424 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-03-01 12:58:10 44,544 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2004-08-05 05:00:00 37,888 ----a-w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-03-01 12:58:10 105,984 ------w C:\WINDOWS\system32\dllcache\url.dll
- 2008-04-21 06:57:26 620,544 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-03-01 12:58:10 1,159,680 ------w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2007-12-18 14:42:00 417,792 ----a-w C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2007-08-13 16:54:10 413,696 ----a-w C:\WINDOWS\system32\dllcache\vbscript.dll
- 2007-06-26 13:56:54 851,968 ----a-w C:\WINDOWS\system32\dllcache\vgx.dll
+ 2007-08-13 16:54:10 765,952 ----a-w C:\WINDOWS\system32\dllcache\VGX.dll
- 2004-08-05 03:00:00 281,600 ----a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-03-01 12:58:12 233,472 ------w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2008-04-21 06:57:28 670,720 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-03-01 12:58:12 826,368 ------w C:\WINDOWS\system32\dllcache\wininet.dll
- 2008-04-21 06:57:18 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-03-01 12:58:06 347,136 ------w C:\WINDOWS\system32\dxtmsft.dll
- 2008-04-21 06:57:18 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-03-01 12:58:06 214,528 ------w C:\WINDOWS\system32\dxtrans.dll
- 2008-04-21 06:57:18 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-03-01 12:58:06 133,120 ------w C:\WINDOWS\system32\extmgr.dll
+ 2008-03-01 12:58:06 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2004-08-05 03:00:00 34,304 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-02-29 08:56:42 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
- 2004-08-05 03:00:00 139,264 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2008-03-01 12:58:06 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
- 2004-08-05 03:00:00 221,696 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2008-03-01 12:58:06 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
- 2004-08-05 03:00:00 245,760 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2008-02-15 05:44:26 161,792 ------w C:\WINDOWS\system32\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\system32\ieapfltr.dat
+ 2008-03-01 12:58:08 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2004-08-05 03:00:00 323,584 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-03-01 12:58:08 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
- 2004-08-05 03:00:00 81,920 ----a-w C:\WINDOWS\system32\ieencode.dll
+ 2007-08-13 16:45:18 78,336 ----a-w C:\WINDOWS\system32\ieencode.dll
+ 2008-03-01 12:58:08 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2008-04-21 06:57:18 251,904 ----a-w C:\WINDOWS\system32\iepeers.dll
+ 2007-08-13 16:54:10 191,488 ----a-w C:\WINDOWS\system32\iepeers.dll
- 2004-08-05 03:00:00 49,152 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2008-03-01 12:58:08 44,544 ------w C:\WINDOWS\system32\iernonce.dll
+ 2008-03-01 12:58:08 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2004-08-05 03:00:00 63,488 ----a-w C:\WINDOWS\system32\iesetup.dll
+ 2007-08-13 16:39:12 55,296 ----a-w C:\WINDOWS\system32\iesetup.dll
- 2007-04-24 14:26:20 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-02-22 10:00:52 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2007-08-13 16:54:10 180,736 ------w C:\WINDOWS\system32\ieui.dll
- 2004-08-05 03:00:00 35,840 ----a-w C:\WINDOWS\system32\imgutil.dll
+ 2007-08-13 16:36:06 36,352 ----a-w C:\WINDOWS\system32\imgutil.dll
- 2008-04-21 06:57:18 96,768 ----a-w C:\WINDOWS\system32\inseng.dll
+ 2007-08-13 16:39:02 92,672 ----a-w C:\WINDOWS\system32\inseng.dll
- 2007-12-18 14:41:58 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2007-08-13 16:38:04 491,520 ----a-w C:\WINDOWS\system32\jscript.dll
- 2008-04-21 06:57:18 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-03-01 12:58:08 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
- 2004-08-05 03:00:00 22,528 ----a-w C:\WINDOWS\system32\licmgr10.dll
+ 2007-08-13 16:44:18 40,960 ----a-w C:\WINDOWS\system32\licmgr10.dll
+ 2008-03-01 12:58:08 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-03-01 12:58:08 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2007-08-13 16:36:40 12,288 ------w C:\WINDOWS\system32\msfeedssync.exe
- 2004-08-05 03:00:00 29,184 ----a-w C:\WINDOWS\system32\mshta.exe
+ 2007-08-13 16:32:30 45,568 ----a-w C:\WINDOWS\system32\mshta.exe
- 2008-04-21 06:57:22 3,087,872 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-03-01 16:28:10 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-04-21 06:57:22 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-03-01 12:58:10 478,208 ------w C:\WINDOWS\system32\mshtmled.dll
- 2004-08-05 03:00:00 57,344 ----a-w C:\WINDOWS\system32\mshtmler.dll
+ 2007-08-13 16:01:12 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll
- 2004-08-05 03:00:00 146,432 ----a-w C:\WINDOWS\system32\msls31.dll
+ 2007-08-13 16:54:10 156,160 ----a-w C:\WINDOWS\system32\msls31.dll
- 2008-04-21 06:57:24 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-03-01 12:58:10 193,024 ------w C:\WINDOWS\system32\msrating.dll
- 2008-04-21 06:57:24 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-03-01 12:58:10 671,232 ------w C:\WINDOWS\system32\mstime.dll
- 2004-08-05 03:00:00 97,280 ----a-w C:\WINDOWS\system32\occache.dll
+ 2008-03-01 12:58:10 102,912 ------w C:\WINDOWS\system32\occache.dll
- 2008-04-21 06:57:24 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-03-01 12:58:10 44,544 ------w C:\WINDOWS\system32\pngfilt.dll
- 2004-08-05 05:00:00 37,888 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-03-01 12:58:10 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2008-04-21 06:57:26 620,544 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-03-01 12:58:10 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2007-12-18 14:42:00 417,792 ----a-w C:\WINDOWS\system32\vbscript.dll
+ 2007-08-13 16:54:10 413,696 ----a-w C:\WINDOWS\system32\vbscript.dll
- 2004-08-05 03:00:00 281,600 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-03-01 12:58:12 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2007-08-13 16:45:16 206,336 ------w C:\WINDOWS\system32\WinFXDocObj.exe
- 2008-04-21 06:57:28 670,720 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-03-01 12:58:12 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-06-17 12:51:48 16,384 ----a-w C:\WINDOWS\Temp\Perflib_Perfdata_34c.dat
+ 2008-06-17 12:52:44 16,384 ----a-w C:\WINDOWS\Temp\Perflib_Perfdata_c2c.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-05-08 11:19 289088]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-06-17 14:06 171448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" []
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-12-21 00:02 53248]
"ePower_DMC"="C:\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-03-30 18:47 421888]
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-03-31 16:11 598016]
"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-04-28 16:43 401408]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-11-19 13:30 282624]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2007-05-19 22:36 218640]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"msacm.mkdmp3enc"= C:\PROGRA~1\Acer\ACERAR~1\Kernel\Burner\MKDMP3Enc.ACM
"vidc.xvid"= xvid.dll
"vidc.yv12"= yv12vfw.dll
"VIDC.SP54"= SP5X_32.DLL
"msacm.fraunhoferacm"= l3codecp.acm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acer Empowering Technology.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acer Empowering Technology.lnk
backup=C:\WINDOWS\pss\Acer Empowering Technology.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
--a------ 2006-03-31 16:39 204800 C:\Acer\Empowering Technology\ePresentation\ePresentation.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
--a------ 2005-05-03 03:43 69632 C:\WINDOWS\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
--a------ 2006-01-02 17:41 45056 C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
--a------ 2006-03-15 22:12 579584 C:\Acer\Empowering Technology\ePower\Boot.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2004-08-05 05:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]
C:\Program Files\eMule\emule.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Heart Readme]
C:\DOCUME~1\CHRIST~1\APPLIC~1\2CORNM~1\Surf Grid.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\I downloaded pirated Software from P2P ]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ImageItEncrypt]
--a------ 2005-12-30 14:02 40960 C:\WINDOWS\system32\ImageItEncrypt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
--a------ 2004-08-05 05:00 208952 C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kcznmyc]
c:\windows\system32\kcznmyc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-01-19 12:55 5674352 C:\Program Files\MSN Messenger\MsnMsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
--a------ 2004-08-05 05:00 59392 C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
--a------ 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
--a------ 2005-05-11 17:15 45056 C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando]
C:\Program Files\Pando Networks\Pando\Pando.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
--------- 2006-03-23 00:12 151552 C:\Program Files\Acer\Acer Arcade\PCMService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
--a------ 2004-08-05 05:00 455168 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
--a------ 2004-08-05 05:00 455168 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
C:\Program Files\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2006-11-19 13:30 282624 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
--a------ 2006-03-14 02:01 16010752 C:\WINDOWS\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza]
C:\Program Files\Shareaza\Shareaza.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\startkey]
C:\WINDOWS\system32\server.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2008-06-17 14:06 171448 C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2006-03-02 22:07 761946 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemOptimizer]
C:\WINDOWS\vtttqn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB Storage Toolbox]
--a------ 2005-09-14 20:44 65536 C:\Program Files\USB Disk Win98 Driver\Res.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINSOS VERIFY]
C:\Program Files\Winsos\WINSOS.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"=
"C:\\Program Files\\NetMeeting\\conf.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"D:\\GBA\\System\\Iwo.exe"=
"C:\\Program Files\\Lphant\\eLePhantClient.exe"=

R2 NMSAccessU;NMSAccessU;C:\Program Files\CDBurnerXP\NMSAccessU.exe [2007-10-12 08:34]
R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2004-08-05 05:00]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 14:58]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-03-12 15:40]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 05:00]
S3 w200bus;Sony Ericsson W200 driver (WDM);C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 10:42]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-06-17 12:51:42 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-17 14:52:14
Windows 5.1.2600 Service Pack 2 FAT NTAPI

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
C:\PROGRAM FILES\LAVASOFT\AD-AWARE\AAWSERVICE.EXE
C:\ACER\EMPOWERING TECHNOLOGY\EPERFORMANCE\MEMCHECK.EXE
C:\PROGRAM FILES\GRISOFT\AVG ANTI-SPYWARE 7.5\GUARD.EXE
C:\PROGRAM FILES\ACER\ACER ARCADE\KERNEL\TV\CLCAPSVC.EXE
C:\PROGRAM FILES\ACER\ACER ARCADE\KERNEL\CLML_NTSERVICE\CLMLSERVER.EXE
C:\PROGRAM FILES\ACER\ACER ARCADE\KERNEL\CLML_NTSERVICE\CLMLSERVICE.EXE
C:\PROGRAM FILES\CYBERLINK\SHARED FILES\RICHVIDEO.EXE
C:\PROGRAM FILES\ALCOHOL SOFT\ALCOHOL 120\STARWIND\STARWINDSERVICEAE.EXE
C:\PROGRAM FILES\LAUNCH MANAGER\LMANAGER.EXE
C:\PROGRAM FILES\ACER\ACER ARCADE\KERNEL\TV\CLSCHED.EXE
C:\WINDOWS\SYSTEM32\WBEM\UNSECAPP.EXE
C:\WINDOWS\system32\imapi.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-06-17 15:00:02 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-17 12:59:48
ComboFix3.txt 2008-06-17 10:48:04
ComboFix2.txt 2008-06-17 11:33:22

Pre-Run: 718,815,232 octets libres
Post-Run: 897,466,368 octets libres

597 --- E O F --- 2008-06-11 19:40:11


et le nouveau de hijack:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:02:11, on 17/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-point-de-croix.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
0
Réponse 71 / 78
Utilisateur anonyme
17 juin 2008 à 15:11
réouvre hijackthis
fais scan only
coche ces lignes :

O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -

tu les coches et tu clic sur fix checked

ensuite :


-> Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo):

https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

-> L´installer.

-> Une fois installé et lancé :

Dans la colonne de gauche, click sur :

->"registre" :

Coches toutes les cases sous"l´integrité du registre", puis click en bas sur "chercher des erreurs" une fois terminé, clic sur "reparer les erreurs", tu auras un message pour sauvegarder ta base de registre, tu click "oui" puis tu recommence jusqu'à ce qu'il ne trouve plus rien.

ps : les sauvegardes que tu auras faites, pourront etre supprimées ulterieurement si tout va bien.

->"nettoyeur"

quitte ton navigateur avant de le lancer, dans les propriétés du nettoyeur de l´onglet "windows" et "applications"décoche la derniere case (Avancé si elle est cochée) puis click sur "lancer le nettoyage" qunand il aura terminé le scan click en bas a droite sur "lancer le nettoyage" et accepte par oui.

-> Tutoriel en image :

https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php

-> Pour ceux qui voudraient aller plus loin en compagnie de jesses (fonctions avancés) :

http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm

ensuite :

telecharge et instal regcleaner:

http://www.01net.com/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/4894.html

tutorial :

https://forums.cnetfrance.fr

http://www.softastuces.com/tuto/maint/regcleaner/

ensuite :

* pour supprimer les outils/fix utilisés :

Télécharge ToolsCleaner sur ton bureau.
-->
http://pagesperso-orange.fr/AceRothstein/ToolsCleaner2.exe
http://a-rothstein.changelog.fr/TC/ToolsCleaner2.exe

# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).



tu n as pas de parefeu :

pare-feu gratuits


télécharger la version gratuite de Zone alarm
https://www.pcastuces.com/logitheque/zonealarm.htm
TUTO
http://securite-facile.ovh.org/zonealarm.php
http://forum.telecharger.01net.com/forum/
désactivé les parties filtrage web et antivirus de ZA ! C'est important

ou

télécharger la version gratuite de Kerio
Kerio (parefeu)
https://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html
TUTO
https://kerio.probb.fr/
SITE de Kerio
https://kerio.probb.fr/

ou

ComodoFirewallPro 2.4 téléchargement
http://www.personalfirewall.comodo.com/
Tuto pour la 2.4
https://infomars.fr/forum/index.php?s=908072e48ff7cf0359366440cb26c93f&showtopic=389
Tuto pour la 2.4
http://www.nordicnature.net/tutorials/comodo/cf24wiz.htm
Attention la 3.0 est en anglais uniquement et est plus difficile a paramétrer
Tuto pour la 3.0
https://infomars.fr/forum/index.php?showtopic=1225

ou

OnlineArmor :
téléchargement:https://www.commentcamarche.net/telecharger/ 34055356 online armor personal firewall

tutoriels:https://forum.pcastuces.com/sujet.asp?f=25&s=35606
:https://www.malekal.com/tutorial-online-armor-free/
0
Réponse 72 / 78
christ
17 juin 2008 à 15:42
voila j'ai suprimé les ligne avec hijack,fait un coup de ccleaner,de regcleaner et toolscleaner dont voila le rapport et j'ai installer kerio
-->- Recherche:

C:\Qoobox: trouvé !
C:\Documents and Settings\All Users\Bureau\Navilog1.lnk: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: trouvé !
C:\Documents and Settings\Christine\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Christine\Bureau\Clean.zip: trouvé !
C:\Documents and Settings\Christine\Bureau\Navilog1.exe: trouvé !
C:\Documents and Settings\Christine\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\Christine\Bureau\SmitFraudFix.exe: trouvé !
C:\Documents and Settings\Christine\Bureau\SmitFraudfix: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\QooBox\Quarantine\C\Program Files\Navilog1: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Bureau\Navilog1.lnk: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: supprimé !
C:\Documents and Settings\Christine\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Christine\Bureau\Clean.zip: supprimé !
C:\Documents and Settings\Christine\Bureau\Navilog1.exe: supprimé !
C:\Documents and Settings\Christine\Bureau\ComboFix.exe: supprimé !
C:\Documents and Settings\Christine\Bureau\SmitFraudFix.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Qoobox: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: supprimé !
C:\Documents and Settings\Christine\Bureau\SmitFraudfix: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !

Corbeille vidée!
Fichiers temporaires nettoyés !
0
Réponse 73 / 78
Utilisateur anonyme
17 juin 2008 à 15:44
parfais

tout est clean je pense que de ton coté tout va bien peux tu confirmer
0
Réponse 74 / 78
christ
17 juin 2008 à 15:46
oué tous est nikel plus de page internet qui embéte le monde et tout tous va bien donc c'est fini?
0
Réponse 75 / 78
Utilisateur anonyme
17 juin 2008 à 15:47
Oui c fini ciao et bon surf !!
0
Réponse 76 / 78
christ
17 juin 2008 à 15:50
ouf je te remercie vraiment pour ton aide et pour le temp que tu ma consacré c'est vraiment simpa de ta part encore un grand merci et bonne continuation merci.
0
Réponse 77 / 78
Utilisateur anonyme
17 juin 2008 à 15:52
de rien pas de soucis et sorry pour la gene occasionné auparavant ....

0
Réponse 78 / 78
christ
17 juin 2008 à 16:00
pas de probleme, merci et bonne continuation sans des gens comme toi en serait bien embété merci ciao
0

Discussions similaires

35 GO à l'étranger
Laurence -
Laurence -

2 réponses
Quel est l'équivalent 40 GO d'internet en heures ?
mha29 -
Sylvie -

5 réponses