theot-é

j'ai fait ce qui était marqué, j'ai ouvert le fichier config avec bloc note et j'ai changé les chiffres qu'il y avait dedans. Je ne comprenais pas car je n'avais pas tous les élements qui été marqués, ceux là je ne les ai pas rajouté ! (puis je le faire ?) Sinon ça à l'air de franchement mieux marcher, je vois mes fps (enfin je sais combien je fais...) Merci pour tes informations Pang !

Re, C'est encore moi, juste un petit renseignement. quand on arrive à : Pour optimiser Counter-Strike en lui même nous allons ouvrir le fichier config.cfg avec Notepad (Bloc-Notes) qui se situe à la racine du dossier X:\SIERRA\HalfLife\cstrike. Commençons : les fichiers qui sont décrits juste après en gras, il suffit de les copier dans le fichier config.cfg ? Mais avec note pad je ne comprends pas bien!

OUAH, ça m'a l'air compliqué tout ça ! Je ne sais pas si je comprends tout ça très bien ! Je vais le lire plusieurs avant pour bien comprendre. Merci de ta réponse en tous les cas tu m'as bien renseigné sur ma connexion que je pensais basse ! C'est peut etre bête mais c'est vrai. Je vois tout ça et te dis quoi, mais il me faudra un peu de temps... MerKi encore

merci falkra, Je n'ai pas oublié j'ai bien réactivé l'UAC. Merci encore pour l'ordi il marche nickel... Moi qui avait pensé le formater ça aurait vraiment été du n'importe quoi hein ? Comme quoi, il y a des professionnels .... et d'autres pas (comme moi)

Merci de me répondre je suis en ethernet mais je ne sais pas si c'est vraiment bien réglé (quand je me mets sur le petit ordinateur en bas ça me marque réseau local et internet, c'est bon ?) Par contre ma connexion est assez basse, c'est pourquoi je me dis qu'il doit y avoir un problème. J'ai une connexion à 2 mega chez orange. ma vitesse de connexion est de : 3765 Kbit/s c'est bon ? Sinon choisir un ping acceptable on le voit où?

Bonjour, je ne sais pas si je dois poser ce problème ici Mais j'ai un problème quand je joue à counter strike je me fais kicker parce que mon ping est trop élevé. Que dois je faire pour le faire baisser SVP MERCI

ok je te remercie beaucoup, tu me sauves la vie et mes nerfs surtout ! je te rencontrerai sans doute un jour...

ok c'est bon.

OK c'est bon ça marche parfaitement !

Tiens c'est bizarre je ne peux pas créer de raccourci en passant par le bureau comme tu me le demandes ! bah attends je me suis trompée !

Pour la croix rouge, je viens de remarquer que ça ne le fait que lorsque je fais démarrer, internet.. Par contre si je passe par le bureau non ! Il n'y a pas de croix rouge et ça fonctionne.

OK c'est bon ! J'ai éliminé les fichiers demandés..

Bonjour, Bien dormi ? Un petit café et je te mets le message d'hier soir ! La fameuse croix rouge... Je ne peux pas faire de copier coller. PS : Bon anniverssaire pour le 9 mars..... [Window Title] Windows Internet Explorer [Content] '::{2559A1F4-21D7-11D4-BDAF-00C04F60B9F0}' est introuvable. Vérifiez que le chemin d'accès ou l'adresse Internet sont corrects. [OK]

Merci encore et bonne nuit ! Ok pour demain et la croix rouge. Tu es franchement sympa de te donner tout ce mal ! A demain alors...

pour la croix rouge c'est : internet (des chiffres) est introuvable, verifiez le chemin d'accès....

juste encore une petite question ? Ce que nous venons de faire : Est ce cela qui faisait que mon fils ne pouvait plus jouer en réseau sur counter strike ? Je sais que ce n'est pas là que je dois poser la question mais puisque je t'ai et que tu es très efficace Ce qui faisait ramer mon ordi, je les ai chopé comment ? Puis après je te souhaite bonne nuit, tu as commencé à me répondre à 9H du matin, je pense que tu dois être fatigué. Merci encore de ton aide précieuse c'est vraiment super sympa !

pour norton, c'est la Détection des logiciels espion et l'antivirus. je ne m'y connais pas beaucoup, c'est pourquoi j'en ai télécharger plein dont avast. Donc je garde Norton, windows defender OK et Spybot ?

pour la croix rouge c'est :internet (des chiffres) est introuvable, verifiez le chemin d'accès....

Euh, oui il y a encore quelque chose Quand je lance internet il me met un message d'erreur avec une croix rouge mais se lance quand meme. Je n'ai plus les onglets intempestifs. L'ordinateur ne rame plus ! OUF Tu es mon sauveur Sinon, pour conclure, je garde windows defender spybot comme simple scanneur et avast, c'est ça ?

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:14:26, on 18/03/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16609) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\USB Disk Win98 Driver\Res.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Valve\Steam\Steam.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\Windows\ehome\ehmsas.exe C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\conime.exe C:\Program Files\MSN Messenger\livecall.exe C:\Windows\Explorer.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Users\valérie\Desktop\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [uSB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [steam] "C:\Program Files\Valve\Steam\Steam.exe" -silent O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Empowering Technology Launcher.lnk = ? O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_12.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 10727 bytes

Voici le deuxième rapport combofix ComboFix 08-03-17.1 - valérie 2008-03-18 22:59:22.2 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1027 [GMT 1:00] Endroit: C:\Users\valérie\Desktop\ComboFix.exe Command switches used :: C:\Users\valÚrie\Desktop\CFScript - Raccourci.lnk * Création d'un nouveau point de restauration . ((((((((((((((((((((((((((((( Fichiers créés 2008-02-18 to 2008-03-18 )))))))))))))))))))))))))))))))))))) . Pas de nouveau fichier créé dans cet espace de temps . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-19 02:07 --------- d-----w C:\Users\valérie\AppData\Roaming\DAEMON Tools 2008-03-19 02:07 --------- d-----w C:\ProgramData\Spybot - Search & Destroy 2008-03-19 02:07 --------- d-----w C:\Program Files\USB Disk Win98 Driver 2008-03-19 02:07 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-03-19 02:07 --------- d-----w C:\Program Files\Norton Security Scan 2008-03-19 02:07 --------- d-----w C:\Program Files\MSN Messenger 2008-03-19 02:07 --------- d-----w C:\Program Files\Google 2008-03-19 02:07 --------- d-----w C:\Program Files\Common Files\Steam 2008-03-19 02:07 --------- d-----w C:\Program Files\Common Files\LightScribe 2008-03-18 22:04 3,145,728 --sha-w C:\Users\valérie\ntuser.dat 2008-03-18 22:04 3,145,728 --sha-w C:\Users\valérie\ntuser.dat 2008-03-18 18:02 --------- d-----w C:\Program Files\Launch Manager 2008-03-18 17:23 --------- d-----w C:\ProgramData\Google Updater 2008-03-18 05:35 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2008-03-17 18:25 --------- d-----w C:\Program Files\Panda Security 2008-03-17 18:21 --------- d-----w C:\ProgramData\Symantec 2008-03-15 21:10 --------- d-----w C:\Program Files\SpeedRam2 2008-03-15 19:21 --------- d-----w C:\Program Files\OrangeHSS 2008-03-15 19:05 --------- d-----w C:\Program Files\Common Files\France Telecom 2008-03-15 19:01 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-03-15 19:01 --------- d-----w C:\Program Files\SAGEM 2008-03-15 08:32 --------- d-----w C:\Users\valérie\AppData\Roaming\Grisoft 2008-03-15 08:31 --------- d-----w C:\ProgramData\Grisoft 2008-03-14 12:01 --------- d-----w C:\Program Files\SC 2008-03-12 20:47 --------- d-----w C:\Program Files\Panicware 2008-03-12 20:28 --------- d---a-w C:\ProgramData\TEMP 2008-03-12 17:16 --------- d-----w C:\Program Files\Alwil Software 2008-03-12 16:37 --------- d-----w C:\Program Files\ATI 2008-03-12 13:19 --------- d-----w C:\Program Files\Windows Mail 2008-03-12 12:07 --------- d-----w C:\ProgramData\ATI 2008-03-12 11:52 --------- d-----w C:\Program Files\ATI Technologies 2008-03-12 09:00 --------- d-----w C:\ProgramData\Avira 2008-03-12 09:00 --------- d-----w C:\Program Files\Avira 2008-03-08 16:42 --------- d-----w C:\Users\valérie\AppData\Roaming\OpenOffice.org2 2008-03-08 11:24 --------- d-s---w C:\Users\valérie\AppData\Roaming\Microsoft 2008-03-08 11:10 --------- d-----w C:\Program Files\Valve 2008-03-05 12:46 --------- d-----w C:\Program Files\directx 2008-03-04 21:52 --------- d-----w C:\Program Files\EA GAMES 2008-03-03 20:46 716,272 ----a-w C:\Windows\system32\drivers\sptd.sys 2008-02-27 19:51 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys 2008-02-27 19:51 107,832 ----a-w C:\Windows\System32\PnkBstrB.exe 2008-02-27 12:59 22,328 ----a-w C:\Users\valérie\AppData\Roaming\PnkBstrK.sys 2008-02-27 12:58 674,600 ----a-w C:\Windows\System32\pbsvc.exe 2008-02-27 12:58 66,872 ----a-w C:\Windows\System32\PnkBstrA.exe 2008-02-26 18:35 107,888 ----a-w C:\Windows\System32\CmdLineExt.dll 2008-02-26 18:35 --------- d--h--r C:\Users\valérie\AppData\Roaming\SecuROM 2008-02-26 18:26 --------- d-----w C:\Program Files\GameSpy 2008-02-21 12:05 31,232 ----a-w C:\Windows\System32\trzDAF9.tmp 2008-02-13 12:34 194,560 ----a-w C:\Windows\System32\WebClnt.dll 2008-02-13 12:34 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys 2008-02-13 12:23 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys 2008-02-13 12:23 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe 2008-02-13 12:23 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe 2008-02-13 12:23 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys 2008-02-13 12:23 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys 2008-02-13 12:23 15,928 ----a-w C:\Windows\system32\drivers\pciide.sys 2008-02-13 12:23 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys 2008-02-13 12:21 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys 2008-02-13 12:21 24,064 ----a-w C:\Windows\System32\netcfg.exe 2008-02-13 12:21 22,016 ----a-w C:\Windows\System32\netiougc.exe 2008-02-13 12:21 216,632 ----a-w C:\Windows\system32\drivers\netio.sys 2008-02-13 12:21 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll 2008-02-13 12:20 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll 2008-02-13 12:20 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll 2008-02-13 12:20 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll 2008-02-13 12:20 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll 2008-02-13 12:20 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll 2008-02-13 12:20 1,686,528 ----a-w C:\Windows\System32\gameux.dll 2008-02-13 12:08 824,832 ----a-w C:\Windows\System32\wininet.dll 2008-02-13 12:08 56,320 ----a-w C:\Windows\System32\iesetup.dll 2008-02-13 12:08 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll 2008-02-13 12:08 26,624 ----a-w C:\Windows\System32\ieUnatt.exe 2008-02-02 12:17 --------- d-----w C:\Program Files\Windows Live Safety Center 2008-01-27 18:17 --------- d-----w C:\Users\valérie\AppData\Roaming\CyberLink 2008-01-27 18:17 --------- d-----w C:\ProgramData\CyberLink 2008-01-23 19:34 --------- d-----w C:\Program Files\Uniblue 2008-01-22 21:39 3,482,112 ----a-w C:\Windows\system32\drivers\atikmdag.sys 2008-01-22 20:40 368,640 ----a-w C:\Windows\System32\ATIDEMGX.dll 2008-01-22 20:40 274,432 ----a-w C:\Windows\System32\atipdlxx.dll 2008-01-22 20:40 237,568 ----a-w C:\Windows\System32\Oemdspif.dll 2008-01-22 20:40 159,744 ----a-w C:\Windows\System32\atitmmxx.dll 2008-01-22 20:39 43,520 ----a-w C:\Windows\System32\ati2edxx.dll 2008-01-22 20:39 245,760 ----a-w C:\Windows\System32\Ati2evxx.dll 2008-01-22 20:38 643,072 ----a-w C:\Windows\System32\Ati2evxx.exe 2008-01-22 20:26 3,031,552 ----a-w C:\Windows\System32\atiumdag.dll 2008-01-22 20:25 9,781,248 ----a-w C:\Windows\System32\atioglxx.dll 2008-01-22 20:13 3,936,256 ----a-w C:\Windows\System32\atiumdva.dll 2008-01-22 20:02 47,104 ----a-w C:\Windows\System32\amdpcom32.dll 2008-01-22 19:51 49,152 ----a-w C:\Windows\system32\drivers\ati2erec.dll 2008-01-10 05:50 1,244,672 ----a-w C:\Windows\System32\mcmde.dll 2008-01-09 12:01 11,776 ----a-w C:\Windows\System32\sbunattend.exe 2007-12-18 12:27 44,924 ----a-w C:\Users\valérie\ffdshow.reg 2007-12-18 12:27 44,924 ----a-w C:\Users\valérie\ffdshow.reg 2007-08-29 13:14 174 --sha-w C:\Program Files\desktop.ini . ((((((((((((((((((((((((((((( snapshot@2008-03-18_22.18.50.89 ))))))))))))))))))))))))))))))))))))))))) . - 2008-03-18 20:23:20 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat + 2008-03-18 21:22:03 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat + 2008-03-18 21:22:03 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat.LOG1 - 2008-03-18 21:07:02 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat + 2008-03-18 21:11:44 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat - 2008-03-18 20:14:53 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat + 2008-03-18 21:20:48 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat - 2008-03-18 21:07:02 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat + 2008-03-18 21:11:37 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat - 2008-03-18 21:06:47 278,528 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-03-18 21:51:53 278,528 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2008-03-18 21:06:47 360,448 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-03-18 21:51:53 360,448 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-03-18 21:06:47 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-03-18 21:51:53 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2008-03-18 20:15:00 107,614 ----a-w C:\Windows\System32\perfc009.dat + 2008-03-18 21:17:00 107,614 ----a-w C:\Windows\System32\perfc009.dat - 2008-03-18 20:15:00 122,020 ----a-w C:\Windows\System32\perfc00C.dat + 2008-03-18 21:17:00 122,020 ----a-w C:\Windows\System32\perfc00C.dat - 2008-03-18 20:15:00 618,470 ----a-w C:\Windows\System32\perfh009.dat + 2008-03-18 21:17:00 618,470 ----a-w C:\Windows\System32\perfh009.dat - 2008-03-18 20:15:00 700,222 ----a-w C:\Windows\System32\perfh00C.dat + 2008-03-18 21:17:01 700,222 ----a-w C:\Windows\System32\perfh00C.dat - 2008-03-18 20:12:22 9,808 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3553214446-3599369004-1934773952-1000_UserData.bin + 2008-03-18 21:12:49 9,934 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3553214446-3599369004-1934773952-1000_UserData.bin - 2008-03-18 20:12:21 70,894 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2008-03-18 21:12:43 71,018 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "????r"="" [] "?????????"="" [] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55 5674352] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-23 08:44 68856] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440] "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2004-11-22 08:18 307200] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560] "Steam"="C:\Program Files\Valve\Steam\Steam.exe" [2008-03-15 14:12 1266936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-06-22 18:26 1006264] "RtHDVCpl"="RtHDVCpl.exe" [2006-11-20 07:13 4018176 C:\Windows\RtHDVCpl.exe] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 04:00 815104] "WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 20:48 57344] "LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-11-15 07:02 614400] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648] "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 09:22 517768] "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-07-28 08:22 1836544] "USB Storage Toolbox"="C:\Program Files\USB Disk Win98 Driver\Res.EXE" [2005-09-14 19:44 65536] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00 132496] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06 29696] Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2006-12-05 22:36:42 528384] Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-06-23 08:44:40 124912] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "TCP Query User{0B09415F-800E-40E4-8C87-9A6D622113F8}C:\\program files\\msn messenger\\msnmsgr.exe"= UDP:C:\program files\msn messenger\msnmsgr.exe:Messenger "UDP Query User{9FEF4D41-E038-4058-9AB5-46AE003F3EF0}C:\\program files\\msn messenger\\msnmsgr.exe"= TCP:C:\program files\msn messenger\msnmsgr.exe:Messenger "TCP Query User{A9307707-A9F5-4128-926F-76A3F3A8E074}C:\\program files\\msn messenger\\livecall.exe"= UDP:C:\program files\msn messenger\livecall.exe:Windows Live Call "UDP Query User{9986FC8E-697F-4CF0-8792-60C7F64C277F}C:\\program files\\msn messenger\\livecall.exe"= TCP:C:\program files\msn messenger\livecall.exe:Windows Live Call "{4D72D3BA-AA02-479B-B5DB-D5A2DC5C59C8}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire "{1442CFCC-7D91-4271-A920-32512341CBFA}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire "{5A544D88-966D-41DF-B8D7-D82EB86BA501}"= UDP:C:\Program Files\Internet Explorer\iexplore.exe:Internet Explorer "{193DE59D-B853-4420-851F-321FE476F727}"= TCP:C:\Program Files\Internet Explorer\iexplore.exe:Internet Explorer "{F38DB6A3-1565-47F8-81A1-5179A6D5B1D2}"= UDP:C:\Program Files\eMule\emule.exe:eMule "{0EB32ECF-80C4-45AC-9779-63799817BDD7}"= TCP:C:\Program Files\eMule\emule.exe:eMule "TCP Query User{72C8BA92-8668-4FF9-8C75-48EC022D4967}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex17.531\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= UDP:C:\users\valérie\appdata\local\temp\rar$ex17.531\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe "UDP Query User{93AA364F-63F2-4B9B-A209-183E90DAE832}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex17.531\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= TCP:C:\users\valérie\appdata\local\temp\rar$ex17.531\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe "TCP Query User{D288C505-BCD6-454F-8A5B-E947B9EE4D9F}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex22.390\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= UDP:C:\users\valérie\appdata\local\temp\rar$ex22.390\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe "UDP Query User{EBFA0995-4A65-4CD6-8A9A-9D2923A20373}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex22.390\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= TCP:C:\users\valérie\appdata\local\temp\rar$ex22.390\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe "TCP Query User{34AC4AE6-76E3-4A47-9189-A75D8F48402D}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex29.094\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= UDP:C:\users\valérie\appdata\local\temp\rar$ex29.094\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe "UDP Query User{0B4F3247-6950-4545-A463-F697C3FC2581}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex29.094\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= TCP:C:\users\valérie\appdata\local\temp\rar$ex29.094\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe "TCP Query User{557E0DFB-7810-4E16-A452-3055E0952A25}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex10.219\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= UDP:C:\users\valérie\appdata\local\temp\rar$ex10.219\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe "UDP Query User{267B729A-CADC-46D8-AE5A-AFD16F9ECAD3}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex10.219\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= TCP:C:\users\valérie\appdata\local\temp\rar$ex10.219\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe "TCP Query User{411B283F-3E1D-4DBC-8BA0-1C7C8FD0415A}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex14.406\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= UDP:C:\users\valérie\appdata\local\temp\rar$ex14.406\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe "UDP Query User{8DB66593-E448-42A3-BAA4-9D41118DB31B}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex14.406\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= TCP:C:\users\valérie\appdata\local\temp\rar$ex14.406\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe "TCP Query User{BD9A9D92-4B67-4199-9FCB-F354B802A823}C:\\program files\\gamespy\\comrade\\comrade.exe"= UDP:C:\program files\gamespy\comrade\comrade.exe:Comrade "UDP Query User{4FACFC1C-CE7D-4FDA-9009-32F3758FB4AB}C:\\program files\\gamespy\\comrade\\comrade.exe"= TCP:C:\program files\gamespy\comrade\comrade.exe:Comrade "{4B9FB7FB-B6D8-4786-AA87-24FC93D67669}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA "{BD10FFDE-F49F-49DD-A1C6-629ECF37B0FC}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA "{2A6E0F86-0F67-45FA-82BE-EDC7DFD4E3C6}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB "{A8B3E104-0CBB-4FF5-B319-D5FD9D16A21E}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB "TCP Query User{F153FFDB-F17F-4F21-9DE8-B586DC42516C}C:\\program files\\the all-seeing eye\\eye.exe"= UDP:C:\program files\the all-seeing eye\eye.exe:Yahoo! All-Seeing Eye "UDP Query User{30CCDD93-AEC3-42D7-982A-03888E55A29A}C:\\program files\\the all-seeing eye\\eye.exe"= TCP:C:\program files\the all-seeing eye\eye.exe:Yahoo! All-Seeing Eye "TCP Query User{4B1B923D-5188-46CC-86ED-C3DC1ED882AC}C:\\windows\\system32\\dplaysvr.exe"= UDP:C:\windows\system32\dplaysvr.exe:Application d'assistance Microsoft DirectPlay "UDP Query User{68A83DB9-77F6-458D-BE4E-40C617AAC338}C:\\windows\\system32\\dplaysvr.exe"= TCP:C:\windows\system32\dplaysvr.exe:Application d'assistance Microsoft DirectPlay "TCP Query User{7A8E3E65-0A3A-4348-B1EF-CDCE15A3B471}C:\\program files\\commandos ii\\comm2.exe"= UDP:C:\program files\commandos ii\comm2.exe:comm2 "UDP Query User{00F1F9F1-86E8-4791-95F7-5857A25B59CD}C:\\program files\\commandos ii\\comm2.exe"= TCP:C:\program files\commandos ii\comm2.exe:comm2 "TCP Query User{BC372235-5D3C-4C88-8B7C-EC71C110BFC4}C:\\program files\\valve\\steam\\steamapps\\theot62\\counter-strike\\hl.exe"= UDP:C:\program files\valve\steam\steamapps\theot62\counter-strike\hl.exe:Half-Life Launcher "UDP Query User{5B692514-EE89-4C67-B764-D662AB026778}C:\\program files\\valve\\steam\\steamapps\\theot62\\counter-strike\\hl.exe"= TCP:C:\program files\valve\steam\steamapps\theot62\counter-strike\hl.exe:Half-Life Launcher "{392F9AEA-2FAB-4CC4-B5DD-69DB9BB24BEC}"= UDP:C:\Program Files\Valve\Steam\Steam.exe:Steam "{F0C82633-7E23-456F-AC09-7F366167CEF7}"= TCP:C:\Program Files\Valve\Steam\Steam.exe:Steam "TCP Query User{AB42AE40-12FF-4E8A-A268-EBFC36A08AFF}C:\\program files\\valve\\steam\\steamapps\\theot62\\condition zero deleted scenes\\hl.exe"= UDP:C:\program files\valve\steam\steamapps\theot62\condition zero deleted scenes\hl.exe:Half-Life Launcher "UDP Query User{C78D3DCD-8E71-4FC5-8FD0-2DF48EE70CE9}C:\\program files\\valve\\steam\\steamapps\\theot62\\condition zero deleted scenes\\hl.exe"= TCP:C:\program files\valve\steam\steamapps\theot62\condition zero deleted scenes\hl.exe:Half-Life Launcher [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic| R0 AtiPcie;ATI PCI Express (3GIO) Filter;C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 16:22] R0 SI3112r;ATI-4379 Serial ATA Controller;C:\Windows\system32\DRIVERS\SI3112r.sys [2007-02-01 23:50] R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2007-12-04 15:52] R2 eNet Service;eNet Service;C:\Acer\Empowering Technology\eNet\eNet Service.exe [2006-11-20 20:43] R2 eSettingsService;eSettings Service;C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2006-11-12 23:13] R2 MobilityService;MobilityService;C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 12:57] R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-04 10:39] R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-01-22 22:39] R3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-03-11 18:14] S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2007-08-31 16:46] S3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRIVERS\athr.sys [2006-11-10 07:38] S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-01-22 22:39] S3 StMp3Rec;Pilote de périphérique de la restauration de lecteur;C:\Windows\system32\Drivers\StMp3Rec.sys [2007-02-15 15:14] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1bd35b60-e9ae-11dc-9685-0016d4a90a0a}] \shell\AutoRun\command - J:\Autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8fe8cc08-20c8-11dc-b1c0-806e6f6e6963}] \shell\AutoRun\command - E:\installation_livebox.exe . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-02-15 14:33:29 C:\Windows\Tasks\Norton Security Scan.job" - C:\Program Files\Norton Security Scan\Nss.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-18 23:04:32 Windows 6.0.6000 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-03-18 23:07:59 ComboFix-quarantined-files.txt 2008-03-18 22:07:54 ComboFix2.txt 2008-03-18 21:20:47 . 2008-03-14 05:00:33 --- E O F ---

Vous êtes parti ?

Désolée mais c'était long, voici le rapport combofix ComboFix 08-03-17.1 - valérie 2008-03-18 21:58:15.1 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1206 [GMT 1:00] Endroit: C:\Users\valérie\Desktop\ComboFix.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Users\valérie\AppData\Local\kwbxco.dat C:\Users\valérie\AppData\Local\kwbxco.exe C:\Users\valérie\AppData\Local\kwbxco_nav.dat C:\Users\valérie\AppData\Local\kwbxco_navps.dat C:\Windows\system32\drmgs.sys C:\Windows\system32\Indt2.sys C:\Windows\system32\nvs2.inf C:\Windows\system32\routing.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_perfmons -------\Service_Routing ((((((((((((((((((((((((((((( Fichiers créés 2008-02-18 to 2008-03-18 )))))))))))))))))))))))))))))))))))) . Pas de nouveau fichier créé dans cet espace de temps . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-19 02:07 --------- d-----w C:\ProgramData\Spybot - Search & Destroy 2008-03-19 02:07 --------- d-----w C:\Program Files\USB Disk Win98 Driver 2008-03-19 02:07 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-03-19 02:07 --------- d-----w C:\Program Files\Norton Security Scan 2008-03-19 02:07 --------- d-----w C:\Program Files\MSN Messenger 2008-03-19 02:07 --------- d-----w C:\Program Files\Google 2008-03-19 02:07 --------- d-----w C:\Program Files\Common Files\Steam 2008-03-19 02:07 --------- d-----w C:\Program Files\Common Files\LightScribe 2008-03-18 18:02 --------- d-----w C:\Program Files\Launch Manager 2008-03-18 17:23 --------- d-----w C:\ProgramData\Google Updater 2008-03-18 05:35 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2008-03-17 18:25 --------- d-----w C:\Program Files\Panda Security 2008-03-17 18:21 --------- d-----w C:\ProgramData\Symantec 2008-03-15 21:10 --------- d-----w C:\Program Files\SpeedRam2 2008-03-15 19:21 --------- d-----w C:\Program Files\OrangeHSS 2008-03-15 19:05 --------- d-----w C:\Program Files\Common Files\France Telecom 2008-03-15 19:01 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-03-15 19:01 --------- d-----w C:\Program Files\SAGEM 2008-03-15 08:31 --------- d-----w C:\ProgramData\Grisoft 2008-03-14 12:01 --------- d-----w C:\Program Files\SC 2008-03-12 20:47 --------- d-----w C:\Program Files\Panicware 2008-03-12 20:28 --------- d---a-w C:\ProgramData\TEMP 2008-03-12 17:16 --------- d-----w C:\Program Files\Alwil Software 2008-03-12 16:37 --------- d-----w C:\Program Files\ATI 2008-03-12 13:19 --------- d-----w C:\Program Files\Windows Mail 2008-03-12 12:07 --------- d-----w C:\ProgramData\ATI 2008-03-12 11:52 --------- d-----w C:\Program Files\ATI Technologies 2008-03-12 09:00 --------- d-----w C:\ProgramData\Avira 2008-03-12 09:00 --------- d-----w C:\Program Files\Avira 2008-03-08 11:10 --------- d-----w C:\Program Files\Valve 2008-03-05 12:46 --------- d-----w C:\Program Files\directx 2008-03-04 21:52 --------- d-----w C:\Program Files\EA GAMES 2008-03-03 20:46 716,272 ----a-w C:\Windows\system32\drivers\sptd.sys 2008-02-27 19:51 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys 2008-02-27 19:51 107,832 ----a-w C:\Windows\System32\PnkBstrB.exe 2008-02-27 12:58 674,600 ----a-w C:\Windows\System32\pbsvc.exe 2008-02-27 12:58 66,872 ----a-w C:\Windows\System32\PnkBstrA.exe 2008-02-26 18:35 107,888 ----a-w C:\Windows\System32\CmdLineExt.dll 2008-02-26 18:26 --------- d-----w C:\Program Files\GameSpy 2008-02-21 12:05 31,232 ----a-w C:\Windows\System32\trzDAF9.tmp 2008-02-13 12:34 194,560 ----a-w C:\Windows\System32\WebClnt.dll 2008-02-13 12:34 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys 2008-02-13 12:23 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys 2008-02-13 12:23 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe 2008-02-13 12:23 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe 2008-02-13 12:23 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys 2008-02-13 12:23 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys 2008-02-13 12:23 15,928 ----a-w C:\Windows\system32\drivers\pciide.sys 2008-02-13 12:23 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys 2008-02-13 12:21 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys 2008-02-13 12:21 24,064 ----a-w C:\Windows\System32\netcfg.exe 2008-02-13 12:21 22,016 ----a-w C:\Windows\System32\netiougc.exe 2008-02-13 12:21 216,632 ----a-w C:\Windows\system32\drivers\netio.sys 2008-02-13 12:21 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll 2008-02-13 12:20 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll 2008-02-13 12:20 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll 2008-02-13 12:20 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll 2008-02-13 12:20 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll 2008-02-13 12:20 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll 2008-02-13 12:20 1,686,528 ----a-w C:\Windows\System32\gameux.dll 2008-02-13 12:08 824,832 ----a-w C:\Windows\System32\wininet.dll 2008-02-13 12:08 56,320 ----a-w C:\Windows\System32\iesetup.dll 2008-02-13 12:08 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll 2008-02-13 12:08 26,624 ----a-w C:\Windows\System32\ieUnatt.exe 2008-02-02 12:17 --------- d-----w C:\Program Files\Windows Live Safety Center 2008-01-27 18:17 --------- d-----w C:\ProgramData\CyberLink 2008-01-23 19:34 --------- d-----w C:\Program Files\Uniblue 2008-01-22 21:39 3,482,112 ----a-w C:\Windows\system32\drivers\atikmdag.sys 2008-01-22 20:40 368,640 ----a-w C:\Windows\System32\ATIDEMGX.dll 2008-01-22 20:40 274,432 ----a-w C:\Windows\System32\atipdlxx.dll 2008-01-22 20:40 237,568 ----a-w C:\Windows\System32\Oemdspif.dll 2008-01-22 20:40 159,744 ----a-w C:\Windows\System32\atitmmxx.dll 2008-01-22 20:39 43,520 ----a-w C:\Windows\System32\ati2edxx.dll 2008-01-22 20:39 245,760 ----a-w C:\Windows\System32\Ati2evxx.dll 2008-01-22 20:38 643,072 ----a-w C:\Windows\System32\Ati2evxx.exe 2008-01-22 20:26 3,031,552 ----a-w C:\Windows\System32\atiumdag.dll 2008-01-22 20:25 9,781,248 ----a-w C:\Windows\System32\atioglxx.dll 2008-01-22 20:13 3,936,256 ----a-w C:\Windows\System32\atiumdva.dll 2008-01-22 20:02 47,104 ----a-w C:\Windows\System32\amdpcom32.dll 2008-01-22 19:51 49,152 ----a-w C:\Windows\system32\drivers\ati2erec.dll 2008-01-10 05:50 1,244,672 ----a-w C:\Windows\System32\mcmde.dll 2008-01-09 12:01 11,776 ----a-w C:\Windows\System32\sbunattend.exe 2007-08-29 13:14 174 --sha-w C:\Program Files\desktop.ini . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "????r"="" [] "?????????"="" [] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55 5674352] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-23 08:44 68856] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440] "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2004-11-22 08:18 307200] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560] "Steam"="C:\Program Files\Valve\Steam\Steam.exe" [2008-03-15 14:12 1266936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-06-22 18:26 1006264] "RtHDVCpl"="RtHDVCpl.exe" [2006-11-20 07:13 4018176 C:\Windows\RtHDVCpl.exe] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 04:00 815104] "WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 20:48 57344] "LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-11-15 07:02 614400] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648] "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 09:22 517768] "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-07-28 08:22 1836544] "USB Storage Toolbox"="C:\Program Files\USB Disk Win98 Driver\Res.EXE" [2005-09-14 19:44 65536] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00 132496] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06 29696] Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2006-12-05 22:36:42 528384] Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-06-23 08:44:40 124912] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "TCP Query User{0B09415F-800E-40E4-8C87-9A6D622113F8}C:\\program files\\msn messenger\\msnmsgr.exe"= UDP:C:\program files\msn messenger\msnmsgr.exe:Messenger "UDP Query User{9FEF4D41-E038-4058-9AB5-46AE003F3EF0}C:\\program files\\msn messenger\\msnmsgr.exe"= TCP:C:\program files\msn messenger\msnmsgr.exe:Messenger "TCP Query User{A9307707-A9F5-4128-926F-76A3F3A8E074}C:\\program files\\msn messenger\\livecall.exe"= UDP:C:\program files\msn messenger\livecall.exe:Windows Live Call "UDP Query User{9986FC8E-697F-4CF0-8792-60C7F64C277F}C:\\program files\\msn messenger\\livecall.exe"= TCP:C:\program files\msn messenger\livecall.exe:Windows Live Call "{4D72D3BA-AA02-479B-B5DB-D5A2DC5C59C8}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire "{1442CFCC-7D91-4271-A920-32512341CBFA}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire "{5A544D88-966D-41DF-B8D7-D82EB86BA501}"= UDP:C:\Program Files\Internet Explorer\iexplore.exe:Internet Explorer "{193DE59D-B853-4420-851F-321FE476F727}"= TCP:C:\Program Files\Internet Explorer\iexplore.exe:Internet Explorer "{F38DB6A3-1565-47F8-81A1-5179A6D5B1D2}"= UDP:C:\Program Files\eMule\emule.exe:eMule "{0EB32ECF-80C4-45AC-9779-63799817BDD7}"= TCP:C:\Program Files\eMule\emule.exe:eMule "TCP Query User{72C8BA92-8668-4FF9-8C75-48EC022D4967}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex17.531\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= UDP:C:\users\valérie\appdata\local\temp\rar$ex17.531\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe "UDP Query User{93AA364F-63F2-4B9B-A209-183E90DAE832}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex17.531\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= TCP:C:\users\valérie\appdata\local\temp\rar$ex17.531\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe "TCP Query User{D288C505-BCD6-454F-8A5B-E947B9EE4D9F}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex22.390\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= UDP:C:\users\valérie\appdata\local\temp\rar$ex22.390\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe "UDP Query User{EBFA0995-4A65-4CD6-8A9A-9D2923A20373}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex22.390\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= TCP:C:\users\valérie\appdata\local\temp\rar$ex22.390\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe "TCP Query User{34AC4AE6-76E3-4A47-9189-A75D8F48402D}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex29.094\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= UDP:C:\users\valérie\appdata\local\temp\rar$ex29.094\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe "UDP Query User{0B4F3247-6950-4545-A463-F697C3FC2581}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex29.094\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= TCP:C:\users\valérie\appdata\local\temp\rar$ex29.094\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe "TCP Query User{557E0DFB-7810-4E16-A452-3055E0952A25}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex10.219\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= UDP:C:\users\valérie\appdata\local\temp\rar$ex10.219\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe "UDP Query User{267B729A-CADC-46D8-AE5A-AFD16F9ECAD3}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex10.219\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= TCP:C:\users\valérie\appdata\local\temp\rar$ex10.219\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe "TCP Query User{411B283F-3E1D-4DBC-8BA0-1C7C8FD0415A}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex14.406\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= UDP:C:\users\valérie\appdata\local\temp\rar$ex14.406\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe "UDP Query User{8DB66593-E448-42A3-BAA4-9D41118DB31B}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex14.406\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= TCP:C:\users\valérie\appdata\local\temp\rar$ex14.406\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe "TCP Query User{BD9A9D92-4B67-4199-9FCB-F354B802A823}C:\\program files\\gamespy\\comrade\\comrade.exe"= UDP:C:\program files\gamespy\comrade\comrade.exe:Comrade "UDP Query User{4FACFC1C-CE7D-4FDA-9009-32F3758FB4AB}C:\\program files\\gamespy\\comrade\\comrade.exe"= TCP:C:\program files\gamespy\comrade\comrade.exe:Comrade "{4B9FB7FB-B6D8-4786-AA87-24FC93D67669}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA "{BD10FFDE-F49F-49DD-A1C6-629ECF37B0FC}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA "{2A6E0F86-0F67-45FA-82BE-EDC7DFD4E3C6}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB "{A8B3E104-0CBB-4FF5-B319-D5FD9D16A21E}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB "TCP Query User{F153FFDB-F17F-4F21-9DE8-B586DC42516C}C:\\program files\\the all-seeing eye\\eye.exe"= UDP:C:\program files\the all-seeing eye\eye.exe:Yahoo! All-Seeing Eye "UDP Query User{30CCDD93-AEC3-42D7-982A-03888E55A29A}C:\\program files\\the all-seeing eye\\eye.exe"= TCP:C:\program files\the all-seeing eye\eye.exe:Yahoo! All-Seeing Eye "TCP Query User{4B1B923D-5188-46CC-86ED-C3DC1ED882AC}C:\\windows\\system32\\dplaysvr.exe"= UDP:C:\windows\system32\dplaysvr.exe:Application d'assistance Microsoft DirectPlay "UDP Query User{68A83DB9-77F6-458D-BE4E-40C617AAC338}C:\\windows\\system32\\dplaysvr.exe"= TCP:C:\windows\system32\dplaysvr.exe:Application d'assistance Microsoft DirectPlay "TCP Query User{7A8E3E65-0A3A-4348-B1EF-CDCE15A3B471}C:\\program files\\commandos ii\\comm2.exe"= UDP:C:\program files\commandos ii\comm2.exe:comm2 "UDP Query User{00F1F9F1-86E8-4791-95F7-5857A25B59CD}C:\\program files\\commandos ii\\comm2.exe"= TCP:C:\program files\commandos ii\comm2.exe:comm2 "TCP Query User{BC372235-5D3C-4C88-8B7C-EC71C110BFC4}C:\\program files\\valve\\steam\\steamapps\\theot62\\counter-strike\\hl.exe"= UDP:C:\program files\valve\steam\steamapps\theot62\counter-strike\hl.exe:Half-Life Launcher "UDP Query User{5B692514-EE89-4C67-B764-D662AB026778}C:\\program files\\valve\\steam\\steamapps\\theot62\\counter-strike\\hl.exe"= TCP:C:\program files\valve\steam\steamapps\theot62\counter-strike\hl.exe:Half-Life Launcher "{392F9AEA-2FAB-4CC4-B5DD-69DB9BB24BEC}"= UDP:C:\Program Files\Valve\Steam\Steam.exe:Steam "{F0C82633-7E23-456F-AC09-7F366167CEF7}"= TCP:C:\Program Files\Valve\Steam\Steam.exe:Steam "TCP Query User{AB42AE40-12FF-4E8A-A268-EBFC36A08AFF}C:\\program files\\valve\\steam\\steamapps\\theot62\\condition zero deleted scenes\\hl.exe"= UDP:C:\program files\valve\steam\steamapps\theot62\condition zero deleted scenes\hl.exe:Half-Life Launcher "UDP Query User{C78D3DCD-8E71-4FC5-8FD0-2DF48EE70CE9}C:\\program files\\valve\\steam\\steamapps\\theot62\\condition zero deleted scenes\\hl.exe"= TCP:C:\program files\valve\steam\steamapps\theot62\condition zero deleted scenes\hl.exe:Half-Life Launcher [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic| R0 AtiPcie;ATI PCI Express (3GIO) Filter;C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 16:22] R0 SI3112r;ATI-4379 Serial ATA Controller;C:\Windows\system32\DRIVERS\SI3112r.sys [2007-02-01 23:50] R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2007-12-04 15:52] R2 eNet Service;eNet Service;C:\Acer\Empowering Technology\eNet\eNet Service.exe [2006-11-20 20:43] R2 eSettingsService;eSettings Service;C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2006-11-12 23:13] R2 MobilityService;MobilityService;C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 12:57] R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-04 10:39] R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-01-22 22:39] R3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-03-11 18:14] S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2007-08-31 16:46] S3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRIVERS\athr.sys [2006-11-10 07:38] S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-01-22 22:39] S3 StMp3Rec;Pilote de périphérique de la restauration de lecteur;C:\Windows\system32\Drivers\StMp3Rec.sys [2007-02-15 15:14] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1bd35b60-e9ae-11dc-9685-0016d4a90a0a}] \shell\AutoRun\command - J:\Autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8fe8cc08-20c8-11dc-b1c0-806e6f6e6963}] \shell\AutoRun\command - E:\installation_livebox.exe . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-02-15 14:33:29 C:\Windows\Tasks\Norton Security Scan.job" - C:\Program Files\Norton Security Scan\Nss.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-18 22:08:51 Windows 6.0.6000 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Windows\system32\Ati2evxx.exe C:\Windows\system32\Ati2evxx.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Windows\system32\PnkBstrA.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\PnkBstrB.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\MSN Messenger\livecall.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\conime.exe . ************************************************************************** . Temps d'accomplissement: 2008-03-18 22:20:46 - machine was rebooted [val‚rie] ComboFix-quarantined-files.txt 2008-03-18 21:20:40 . 2008-03-14 05:00:33 --- E O F ---

Merci pour le temps que tu m'accordes ! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:37:47, on 18/03/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16609) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\USB Disk Win98 Driver\Res.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Windows\ehome\ehtray.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Valve\Steam\Steam.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE C:\Windows\system32\taskeng.exe C:\Windows\ehome\ehmsas.exe C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\valérie\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll F2 - REG:system.ini: Shell= F2 - REG:system.ini: UserInit= O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [uSB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [?????????] ??????????????e O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [steam] "C:\Program Files\Valve\Steam\Steam.exe" -silent O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Empowering Technology Launcher.lnk = ? O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_12.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: perfmons Service (perfmons) - Unknown owner - C:\Windows\system32\perfs.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Routing Service (Routing) - Unknown owner - C:\Windows\system32\routing.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 11184 bytes

désolée, ça ne marche pas non plus, j'ai planté plusieurs fois pendant ces manip là Je me demande ce que j'ai ! ça à l'air d'aller de pire en pire, j'ai des messages msn de personnes que je ne connais et que je bloque ! j'espère que vous pourrez m'aider mais la manipulation runthis ne fonctionne pas meme en desactivant le compte administrateur ! Pouvez vous me proposer autre chose ? SVP MERCI Valérie Oui il est installé, je suis désolée j'ai un controle flood qui me bloque aussi !