Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

[résolu] PC très lent + onglets intempestifs resolu

theot-é

Par theot-é
dans Analyses et éradication malwares

 Partager

Messages recommandés

theot-é Member

theot-é

Posté(e)
  • Auteur
Posté(e)

Merci pour le temps que tu m'accordes !

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:37:47, on 18/03/2008

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16609)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Launch Manager\LManager.exe

C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

C:\Program Files\USB Disk Win98 Driver\Res.exe

C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Valve\Steam\Steam.exe

C:\Program Files\Google\Google Updater\GoogleUpdater.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\ehome\ehmsas.exe

C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE

C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE

C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\valérie\Desktop\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

F2 - REG:system.ini: Shell=

F2 - REG:system.ini: UserInit=

O1 - Hosts: ::1 localhost

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll

O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe

O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [uSB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [?????????] ??????????????e

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [steam] "C:\Program Files\Valve\Steam\Steam.exe" -silent

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Empowering Technology Launcher.lnk = ?

O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O13 - Gopher Prefix:

O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_12.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe

O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe

O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe

O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: perfmons Service (perfmons) - Unknown owner - C:\Windows\system32\perfs.exe

O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Routing Service (Routing) - Unknown owner - C:\Windows\system32\routing.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

 

--

End of file - 11184 bytes

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Il y a du nouveau depuis le dernier rapport. Pour les prochains rapports HijackThis, n'utilise que la version que je t'ai fait télécharger.

 

Télécharge combofix.exe de sUBs et sauvegarde le sur ton bureau (et pas ailleurs).

  • Double-clique combofix.exe afin de l'exécuter et suis les instructions.
  • Lorsque l'analyse sera complétée, un rapport apparaîtra.
  • Copie-colle ce rapport dans ta prochaine réponse.
    Le rapport se trouve dans : C:\Combofix.txt (si jamais).

theot-é Member

theot-é

Posté(e)
  • Auteur
Posté(e)

Désolée mais c'était long, voici le rapport combofix

 

ComboFix 08-03-17.1 - valérie 2008-03-18 21:58:15.1 - NTFSx86

Microsoft® Windows Vista Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1206 [GMT 1:00]

Endroit: C:\Users\valérie\Desktop\ComboFix.exe

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\Users\valérie\AppData\Local\kwbxco.dat

C:\Users\valérie\AppData\Local\kwbxco.exe

C:\Users\valérie\AppData\Local\kwbxco_nav.dat

C:\Users\valérie\AppData\Local\kwbxco_navps.dat

C:\Windows\system32\drmgs.sys

C:\Windows\system32\Indt2.sys

C:\Windows\system32\nvs2.inf

C:\Windows\system32\routing.exe

 

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Service_perfmons

-------\Service_Routing

 

 

((((((((((((((((((((((((((((( Fichiers créés 2008-02-18 to 2008-03-18 ))))))))))))))))))))))))))))))))))))

.

 

Pas de nouveau fichier créé dans cet espace de temps

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-03-19 02:07 --------- d-----w C:\ProgramData\Spybot - Search & Destroy

2008-03-19 02:07 --------- d-----w C:\Program Files\USB Disk Win98 Driver

2008-03-19 02:07 --------- d-----w C:\Program Files\Spybot - Search & Destroy

2008-03-19 02:07 --------- d-----w C:\Program Files\Norton Security Scan

2008-03-19 02:07 --------- d-----w C:\Program Files\MSN Messenger

2008-03-19 02:07 --------- d-----w C:\Program Files\Google

2008-03-19 02:07 --------- d-----w C:\Program Files\Common Files\Steam

2008-03-19 02:07 --------- d-----w C:\Program Files\Common Files\LightScribe

2008-03-18 18:02 --------- d-----w C:\Program Files\Launch Manager

2008-03-18 17:23 --------- d-----w C:\ProgramData\Google Updater

2008-03-18 05:35 --------- d-----w C:\Program Files\Common Files\Symantec Shared

2008-03-17 18:25 --------- d-----w C:\Program Files\Panda Security

2008-03-17 18:21 --------- d-----w C:\ProgramData\Symantec

2008-03-15 21:10 --------- d-----w C:\Program Files\SpeedRam2

2008-03-15 19:21 --------- d-----w C:\Program Files\OrangeHSS

2008-03-15 19:05 --------- d-----w C:\Program Files\Common Files\France Telecom

2008-03-15 19:01 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-03-15 19:01 --------- d-----w C:\Program Files\SAGEM

2008-03-15 08:31 --------- d-----w C:\ProgramData\Grisoft

2008-03-14 12:01 --------- d-----w C:\Program Files\SC

2008-03-12 20:47 --------- d-----w C:\Program Files\Panicware

2008-03-12 20:28 --------- d---a-w C:\ProgramData\TEMP

2008-03-12 17:16 --------- d-----w C:\Program Files\Alwil Software

2008-03-12 16:37 --------- d-----w C:\Program Files\ATI

2008-03-12 13:19 --------- d-----w C:\Program Files\Windows Mail

2008-03-12 12:07 --------- d-----w C:\ProgramData\ATI

2008-03-12 11:52 --------- d-----w C:\Program Files\ATI Technologies

2008-03-12 09:00 --------- d-----w C:\ProgramData\Avira

2008-03-12 09:00 --------- d-----w C:\Program Files\Avira

2008-03-08 11:10 --------- d-----w C:\Program Files\Valve

2008-03-05 12:46 --------- d-----w C:\Program Files\directx

2008-03-04 21:52 --------- d-----w C:\Program Files\EA GAMES

2008-03-03 20:46 716,272 ----a-w C:\Windows\system32\drivers\sptd.sys

2008-02-27 19:51 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys

2008-02-27 19:51 107,832 ----a-w C:\Windows\System32\PnkBstrB.exe

2008-02-27 12:58 674,600 ----a-w C:\Windows\System32\pbsvc.exe

2008-02-27 12:58 66,872 ----a-w C:\Windows\System32\PnkBstrA.exe

2008-02-26 18:35 107,888 ----a-w C:\Windows\System32\CmdLineExt.dll

2008-02-26 18:26 --------- d-----w C:\Program Files\GameSpy

2008-02-21 12:05 31,232 ----a-w C:\Windows\System32\trzDAF9.tmp

2008-02-13 12:34 194,560 ----a-w C:\Windows\System32\WebClnt.dll

2008-02-13 12:34 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys

2008-02-13 12:23 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys

2008-02-13 12:23 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe

2008-02-13 12:23 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe

2008-02-13 12:23 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys

2008-02-13 12:23 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys

2008-02-13 12:23 15,928 ----a-w C:\Windows\system32\drivers\pciide.sys

2008-02-13 12:23 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys

2008-02-13 12:21 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys

2008-02-13 12:21 24,064 ----a-w C:\Windows\System32\netcfg.exe

2008-02-13 12:21 22,016 ----a-w C:\Windows\System32\netiougc.exe

2008-02-13 12:21 216,632 ----a-w C:\Windows\system32\drivers\netio.sys

2008-02-13 12:21 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll

2008-02-13 12:20 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll

2008-02-13 12:20 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll

2008-02-13 12:20 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll

2008-02-13 12:20 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll

2008-02-13 12:20 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll

2008-02-13 12:20 1,686,528 ----a-w C:\Windows\System32\gameux.dll

2008-02-13 12:08 824,832 ----a-w C:\Windows\System32\wininet.dll

2008-02-13 12:08 56,320 ----a-w C:\Windows\System32\iesetup.dll

2008-02-13 12:08 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll

2008-02-13 12:08 26,624 ----a-w C:\Windows\System32\ieUnatt.exe

2008-02-02 12:17 --------- d-----w C:\Program Files\Windows Live Safety Center

2008-01-27 18:17 --------- d-----w C:\ProgramData\CyberLink

2008-01-23 19:34 --------- d-----w C:\Program Files\Uniblue

2008-01-22 21:39 3,482,112 ----a-w C:\Windows\system32\drivers\atikmdag.sys

2008-01-22 20:40 368,640 ----a-w C:\Windows\System32\ATIDEMGX.dll

2008-01-22 20:40 274,432 ----a-w C:\Windows\System32\atipdlxx.dll

2008-01-22 20:40 237,568 ----a-w C:\Windows\System32\Oemdspif.dll

2008-01-22 20:40 159,744 ----a-w C:\Windows\System32\atitmmxx.dll

2008-01-22 20:39 43,520 ----a-w C:\Windows\System32\ati2edxx.dll

2008-01-22 20:39 245,760 ----a-w C:\Windows\System32\Ati2evxx.dll

2008-01-22 20:38 643,072 ----a-w C:\Windows\System32\Ati2evxx.exe

2008-01-22 20:26 3,031,552 ----a-w C:\Windows\System32\atiumdag.dll

2008-01-22 20:25 9,781,248 ----a-w C:\Windows\System32\atioglxx.dll

2008-01-22 20:13 3,936,256 ----a-w C:\Windows\System32\atiumdva.dll

2008-01-22 20:02 47,104 ----a-w C:\Windows\System32\amdpcom32.dll

2008-01-22 19:51 49,152 ----a-w C:\Windows\system32\drivers\ati2erec.dll

2008-01-10 05:50 1,244,672 ----a-w C:\Windows\System32\mcmde.dll

2008-01-09 12:01 11,776 ----a-w C:\Windows\System32\sbunattend.exe

2007-08-29 13:14 174 --sha-w C:\Program Files\desktop.ini

.

 

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"????r"="" []

"?????????"="" []

"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55 5674352]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-23 08:44 68856]

"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440]

"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2004-11-22 08:18 307200]

"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560]

"Steam"="C:\Program Files\Valve\Steam\Steam.exe" [2008-03-15 14:12 1266936]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-06-22 18:26 1006264]

"RtHDVCpl"="RtHDVCpl.exe" [2006-11-20 07:13 4018176 C:\Windows\RtHDVCpl.exe]

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 04:00 815104]

"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 20:48 57344]

"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-11-15 07:02 614400]

"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648]

"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 09:22 517768]

"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-07-28 08:22 1836544]

"USB Storage Toolbox"="C:\Program Files\USB Disk Win98 Driver\Res.EXE" [2005-09-14 19:44 65536]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00 132496]

"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]

"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]

"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06 29696]

Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2006-12-05 22:36:42 528384]

Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-06-23 08:44:40 124912]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"UacDisableNotify"=dword:00000001

"InternetSettingsDisableNotify"=dword:00000001

"AutoUpdateDisableNotify"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"AntiVirusOverride"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"TCP Query User{0B09415F-800E-40E4-8C87-9A6D622113F8}C:\\program files\\msn messenger\\msnmsgr.exe"= UDP:C:\program files\msn messenger\msnmsgr.exe:Messenger

"UDP Query User{9FEF4D41-E038-4058-9AB5-46AE003F3EF0}C:\\program files\\msn messenger\\msnmsgr.exe"= TCP:C:\program files\msn messenger\msnmsgr.exe:Messenger

"TCP Query User{A9307707-A9F5-4128-926F-76A3F3A8E074}C:\\program files\\msn messenger\\livecall.exe"= UDP:C:\program files\msn messenger\livecall.exe:Windows Live Call

"UDP Query User{9986FC8E-697F-4CF0-8792-60C7F64C277F}C:\\program files\\msn messenger\\livecall.exe"= TCP:C:\program files\msn messenger\livecall.exe:Windows Live Call

"{4D72D3BA-AA02-479B-B5DB-D5A2DC5C59C8}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire

"{1442CFCC-7D91-4271-A920-32512341CBFA}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire

"{5A544D88-966D-41DF-B8D7-D82EB86BA501}"= UDP:C:\Program Files\Internet Explorer\iexplore.exe:Internet Explorer

"{193DE59D-B853-4420-851F-321FE476F727}"= TCP:C:\Program Files\Internet Explorer\iexplore.exe:Internet Explorer

"{F38DB6A3-1565-47F8-81A1-5179A6D5B1D2}"= UDP:C:\Program Files\eMule\emule.exe:eMule

"{0EB32ECF-80C4-45AC-9779-63799817BDD7}"= TCP:C:\Program Files\eMule\emule.exe:eMule

"TCP Query User{72C8BA92-8668-4FF9-8C75-48EC022D4967}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex17.531\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= UDP:C:\users\valérie\appdata\local\temp\rar$ex17.531\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe

"UDP Query User{93AA364F-63F2-4B9B-A209-183E90DAE832}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex17.531\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= TCP:C:\users\valérie\appdata\local\temp\rar$ex17.531\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe

"TCP Query User{D288C505-BCD6-454F-8A5B-E947B9EE4D9F}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex22.390\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= UDP:C:\users\valérie\appdata\local\temp\rar$ex22.390\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe

"UDP Query User{EBFA0995-4A65-4CD6-8A9A-9D2923A20373}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex22.390\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= TCP:C:\users\valérie\appdata\local\temp\rar$ex22.390\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe

"TCP Query User{34AC4AE6-76E3-4A47-9189-A75D8F48402D}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex29.094\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= UDP:C:\users\valérie\appdata\local\temp\rar$ex29.094\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe

"UDP Query User{0B4F3247-6950-4545-A463-F697C3FC2581}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex29.094\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= TCP:C:\users\valérie\appdata\local\temp\rar$ex29.094\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe

"TCP Query User{557E0DFB-7810-4E16-A452-3055E0952A25}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex10.219\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= UDP:C:\users\valérie\appdata\local\temp\rar$ex10.219\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe

"UDP Query User{267B729A-CADC-46D8-AE5A-AFD16F9ECAD3}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex10.219\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= TCP:C:\users\valérie\appdata\local\temp\rar$ex10.219\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe

"TCP Query User{411B283F-3E1D-4DBC-8BA0-1C7C8FD0415A}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex14.406\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= UDP:C:\users\valérie\appdata\local\temp\rar$ex14.406\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe

"UDP Query User{8DB66593-E448-42A3-BAA4-9D41118DB31B}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex14.406\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= TCP:C:\users\valérie\appdata\local\temp\rar$ex14.406\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe

"TCP Query User{BD9A9D92-4B67-4199-9FCB-F354B802A823}C:\\program files\\gamespy\\comrade\\comrade.exe"= UDP:C:\program files\gamespy\comrade\comrade.exe:Comrade

"UDP Query User{4FACFC1C-CE7D-4FDA-9009-32F3758FB4AB}C:\\program files\\gamespy\\comrade\\comrade.exe"= TCP:C:\program files\gamespy\comrade\comrade.exe:Comrade

"{4B9FB7FB-B6D8-4786-AA87-24FC93D67669}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA

"{BD10FFDE-F49F-49DD-A1C6-629ECF37B0FC}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA

"{2A6E0F86-0F67-45FA-82BE-EDC7DFD4E3C6}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB

"{A8B3E104-0CBB-4FF5-B319-D5FD9D16A21E}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB

"TCP Query User{F153FFDB-F17F-4F21-9DE8-B586DC42516C}C:\\program files\\the all-seeing eye\\eye.exe"= UDP:C:\program files\the all-seeing eye\eye.exe:Yahoo! All-Seeing Eye

"UDP Query User{30CCDD93-AEC3-42D7-982A-03888E55A29A}C:\\program files\\the all-seeing eye\\eye.exe"= TCP:C:\program files\the all-seeing eye\eye.exe:Yahoo! All-Seeing Eye

"TCP Query User{4B1B923D-5188-46CC-86ED-C3DC1ED882AC}C:\\windows\\system32\\dplaysvr.exe"= UDP:C:\windows\system32\dplaysvr.exe:Application d'assistance Microsoft DirectPlay

"UDP Query User{68A83DB9-77F6-458D-BE4E-40C617AAC338}C:\\windows\\system32\\dplaysvr.exe"= TCP:C:\windows\system32\dplaysvr.exe:Application d'assistance Microsoft DirectPlay

"TCP Query User{7A8E3E65-0A3A-4348-B1EF-CDCE15A3B471}C:\\program files\\commandos ii\\comm2.exe"= UDP:C:\program files\commandos ii\comm2.exe:comm2

"UDP Query User{00F1F9F1-86E8-4791-95F7-5857A25B59CD}C:\\program files\\commandos ii\\comm2.exe"= TCP:C:\program files\commandos ii\comm2.exe:comm2

"TCP Query User{BC372235-5D3C-4C88-8B7C-EC71C110BFC4}C:\\program files\\valve\\steam\\steamapps\\theot62\\counter-strike\\hl.exe"= UDP:C:\program files\valve\steam\steamapps\theot62\counter-strike\hl.exe:Half-Life Launcher

"UDP Query User{5B692514-EE89-4C67-B764-D662AB026778}C:\\program files\\valve\\steam\\steamapps\\theot62\\counter-strike\\hl.exe"= TCP:C:\program files\valve\steam\steamapps\theot62\counter-strike\hl.exe:Half-Life Launcher

"{392F9AEA-2FAB-4CC4-B5DD-69DB9BB24BEC}"= UDP:C:\Program Files\Valve\Steam\Steam.exe:Steam

"{F0C82633-7E23-456F-AC09-7F366167CEF7}"= TCP:C:\Program Files\Valve\Steam\Steam.exe:Steam

"TCP Query User{AB42AE40-12FF-4E8A-A268-EBFC36A08AFF}C:\\program files\\valve\\steam\\steamapps\\theot62\\condition zero deleted scenes\\hl.exe"= UDP:C:\program files\valve\steam\steamapps\theot62\condition zero deleted scenes\hl.exe:Half-Life Launcher

"UDP Query User{C78D3DCD-8E71-4FC5-8FD0-2DF48EE70CE9}C:\\program files\\valve\\steam\\steamapps\\theot62\\condition zero deleted scenes\\hl.exe"= TCP:C:\program files\valve\steam\steamapps\theot62\condition zero deleted scenes\hl.exe:Half-Life Launcher

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]

"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

 

R0 AtiPcie;ATI PCI Express (3GIO) Filter;C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 16:22]

R0 SI3112r;ATI-4379 Serial ATA Controller;C:\Windows\system32\DRIVERS\SI3112r.sys [2007-02-01 23:50]

R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2007-12-04 15:52]

R2 eNet Service;eNet Service;C:\Acer\Empowering Technology\eNet\eNet Service.exe [2006-11-20 20:43]

R2 eSettingsService;eSettings Service;C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2006-11-12 23:13]

R2 MobilityService;MobilityService;C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 12:57]

R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-04 10:39]

R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-01-22 22:39]

R3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-03-11 18:14]

S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2007-08-31 16:46]

S3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRIVERS\athr.sys [2006-11-10 07:38]

S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-01-22 22:39]

S3 StMp3Rec;Pilote de périphérique de la restauration de lecteur;C:\Windows\system32\Drivers\StMp3Rec.sys [2007-02-15 15:14]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1bd35b60-e9ae-11dc-9685-0016d4a90a0a}]

\shell\AutoRun\command - J:\Autorun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8fe8cc08-20c8-11dc-b1c0-806e6f6e6963}]

\shell\AutoRun\command - E:\installation_livebox.exe

 

.

Contenu du dossier 'Scheduled Tasks/Tâches planifiées'

"2008-02-15 14:33:29 C:\Windows\Tasks\Norton Security Scan.job"

- C:\Program Files\Norton Security Scan\Nss.exe

.

**************************************************************************

 

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-03-18 22:08:51

Windows 6.0.6000 NTFS

 

Balayage processus cachés ...

 

Balayage caché autostart entries ...

 

Balayage des fichiers cachés ...

 

Scan terminé avec succès

Les fichiers cachés: 0

 

**************************************************************************

.

------------------------ Other Running Processes ------------------------

.

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\Ati2evxx.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Program Files\Launch Manager\LManager.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Windows\system32\PnkBstrA.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\system32\PnkBstrB.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE

C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE

C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\MSN Messenger\usnsvc.exe

C:\Program Files\MSN Messenger\livecall.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\conime.exe

.

**************************************************************************

.

Temps d'accomplissement: 2008-03-18 22:20:46 - machine was rebooted [val‚rie]

ComboFix-quarantined-files.txt 2008-03-18 21:20:40

.

2008-03-14 05:00:33 --- E O F ---

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Re, je ne suis pas parti, je regardais ces données. :P

Voici la suite des opérations.

 

  • Crée un fichier texte nommé CFScript.txt
  • Double clique pour l'ouvrir, et copie colle ceci dedans :

File::

C:\Windows\system32\perfs.exe

 

Registry::

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"????r"=-

"?????????"=-

 

Service::

Service_perfmons

Service_Routing

  • Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture
    CFScript.gif
    • Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
    • Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
    • Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
    • Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

theot-é Member

theot-é

Posté(e)
  • Auteur
Posté(e)

Voici le deuxième rapport combofix

 

ComboFix 08-03-17.1 - valérie 2008-03-18 22:59:22.2 - NTFSx86

Microsoft® Windows Vista Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1027 [GMT 1:00]

Endroit: C:\Users\valérie\Desktop\ComboFix.exe

Command switches used :: C:\Users\valÚrie\Desktop\CFScript - Raccourci.lnk

* Création d'un nouveau point de restauration

.

 

((((((((((((((((((((((((((((( Fichiers créés 2008-02-18 to 2008-03-18 ))))))))))))))))))))))))))))))))))))

.

 

Pas de nouveau fichier créé dans cet espace de temps

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-03-19 02:07 --------- d-----w C:\Users\valérie\AppData\Roaming\DAEMON Tools

2008-03-19 02:07 --------- d-----w C:\ProgramData\Spybot - Search & Destroy

2008-03-19 02:07 --------- d-----w C:\Program Files\USB Disk Win98 Driver

2008-03-19 02:07 --------- d-----w C:\Program Files\Spybot - Search & Destroy

2008-03-19 02:07 --------- d-----w C:\Program Files\Norton Security Scan

2008-03-19 02:07 --------- d-----w C:\Program Files\MSN Messenger

2008-03-19 02:07 --------- d-----w C:\Program Files\Google

2008-03-19 02:07 --------- d-----w C:\Program Files\Common Files\Steam

2008-03-19 02:07 --------- d-----w C:\Program Files\Common Files\LightScribe

2008-03-18 22:04 3,145,728 --sha-w C:\Users\valérie\ntuser.dat

2008-03-18 22:04 3,145,728 --sha-w C:\Users\valérie\ntuser.dat

2008-03-18 18:02 --------- d-----w C:\Program Files\Launch Manager

2008-03-18 17:23 --------- d-----w C:\ProgramData\Google Updater

2008-03-18 05:35 --------- d-----w C:\Program Files\Common Files\Symantec Shared

2008-03-17 18:25 --------- d-----w C:\Program Files\Panda Security

2008-03-17 18:21 --------- d-----w C:\ProgramData\Symantec

2008-03-15 21:10 --------- d-----w C:\Program Files\SpeedRam2

2008-03-15 19:21 --------- d-----w C:\Program Files\OrangeHSS

2008-03-15 19:05 --------- d-----w C:\Program Files\Common Files\France Telecom

2008-03-15 19:01 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-03-15 19:01 --------- d-----w C:\Program Files\SAGEM

2008-03-15 08:32 --------- d-----w C:\Users\valérie\AppData\Roaming\Grisoft

2008-03-15 08:31 --------- d-----w C:\ProgramData\Grisoft

2008-03-14 12:01 --------- d-----w C:\Program Files\SC

2008-03-12 20:47 --------- d-----w C:\Program Files\Panicware

2008-03-12 20:28 --------- d---a-w C:\ProgramData\TEMP

2008-03-12 17:16 --------- d-----w C:\Program Files\Alwil Software

2008-03-12 16:37 --------- d-----w C:\Program Files\ATI

2008-03-12 13:19 --------- d-----w C:\Program Files\Windows Mail

2008-03-12 12:07 --------- d-----w C:\ProgramData\ATI

2008-03-12 11:52 --------- d-----w C:\Program Files\ATI Technologies

2008-03-12 09:00 --------- d-----w C:\ProgramData\Avira

2008-03-12 09:00 --------- d-----w C:\Program Files\Avira

2008-03-08 16:42 --------- d-----w C:\Users\valérie\AppData\Roaming\OpenOffice.org2

2008-03-08 11:24 --------- d-s---w C:\Users\valérie\AppData\Roaming\Microsoft

2008-03-08 11:10 --------- d-----w C:\Program Files\Valve

2008-03-05 12:46 --------- d-----w C:\Program Files\directx

2008-03-04 21:52 --------- d-----w C:\Program Files\EA GAMES

2008-03-03 20:46 716,272 ----a-w C:\Windows\system32\drivers\sptd.sys

2008-02-27 19:51 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys

2008-02-27 19:51 107,832 ----a-w C:\Windows\System32\PnkBstrB.exe

2008-02-27 12:59 22,328 ----a-w C:\Users\valérie\AppData\Roaming\PnkBstrK.sys

2008-02-27 12:58 674,600 ----a-w C:\Windows\System32\pbsvc.exe

2008-02-27 12:58 66,872 ----a-w C:\Windows\System32\PnkBstrA.exe

2008-02-26 18:35 107,888 ----a-w C:\Windows\System32\CmdLineExt.dll

2008-02-26 18:35 --------- d--h--r C:\Users\valérie\AppData\Roaming\SecuROM

2008-02-26 18:26 --------- d-----w C:\Program Files\GameSpy

2008-02-21 12:05 31,232 ----a-w C:\Windows\System32\trzDAF9.tmp

2008-02-13 12:34 194,560 ----a-w C:\Windows\System32\WebClnt.dll

2008-02-13 12:34 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys

2008-02-13 12:23 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys

2008-02-13 12:23 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe

2008-02-13 12:23 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe

2008-02-13 12:23 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys

2008-02-13 12:23 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys

2008-02-13 12:23 15,928 ----a-w C:\Windows\system32\drivers\pciide.sys

2008-02-13 12:23 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys

2008-02-13 12:21 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys

2008-02-13 12:21 24,064 ----a-w C:\Windows\System32\netcfg.exe

2008-02-13 12:21 22,016 ----a-w C:\Windows\System32\netiougc.exe

2008-02-13 12:21 216,632 ----a-w C:\Windows\system32\drivers\netio.sys

2008-02-13 12:21 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll

2008-02-13 12:20 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll

2008-02-13 12:20 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll

2008-02-13 12:20 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll

2008-02-13 12:20 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll

2008-02-13 12:20 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll

2008-02-13 12:20 1,686,528 ----a-w C:\Windows\System32\gameux.dll

2008-02-13 12:08 824,832 ----a-w C:\Windows\System32\wininet.dll

2008-02-13 12:08 56,320 ----a-w C:\Windows\System32\iesetup.dll

2008-02-13 12:08 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll

2008-02-13 12:08 26,624 ----a-w C:\Windows\System32\ieUnatt.exe

2008-02-02 12:17 --------- d-----w C:\Program Files\Windows Live Safety Center

2008-01-27 18:17 --------- d-----w C:\Users\valérie\AppData\Roaming\CyberLink

2008-01-27 18:17 --------- d-----w C:\ProgramData\CyberLink

2008-01-23 19:34 --------- d-----w C:\Program Files\Uniblue

2008-01-22 21:39 3,482,112 ----a-w C:\Windows\system32\drivers\atikmdag.sys

2008-01-22 20:40 368,640 ----a-w C:\Windows\System32\ATIDEMGX.dll

2008-01-22 20:40 274,432 ----a-w C:\Windows\System32\atipdlxx.dll

2008-01-22 20:40 237,568 ----a-w C:\Windows\System32\Oemdspif.dll

2008-01-22 20:40 159,744 ----a-w C:\Windows\System32\atitmmxx.dll

2008-01-22 20:39 43,520 ----a-w C:\Windows\System32\ati2edxx.dll

2008-01-22 20:39 245,760 ----a-w C:\Windows\System32\Ati2evxx.dll

2008-01-22 20:38 643,072 ----a-w C:\Windows\System32\Ati2evxx.exe

2008-01-22 20:26 3,031,552 ----a-w C:\Windows\System32\atiumdag.dll

2008-01-22 20:25 9,781,248 ----a-w C:\Windows\System32\atioglxx.dll

2008-01-22 20:13 3,936,256 ----a-w C:\Windows\System32\atiumdva.dll

2008-01-22 20:02 47,104 ----a-w C:\Windows\System32\amdpcom32.dll

2008-01-22 19:51 49,152 ----a-w C:\Windows\system32\drivers\ati2erec.dll

2008-01-10 05:50 1,244,672 ----a-w C:\Windows\System32\mcmde.dll

2008-01-09 12:01 11,776 ----a-w C:\Windows\System32\sbunattend.exe

2007-12-18 12:27 44,924 ----a-w C:\Users\valérie\ffdshow.reg

2007-12-18 12:27 44,924 ----a-w C:\Users\valérie\ffdshow.reg

2007-08-29 13:14 174 --sha-w C:\Program Files\desktop.ini

.

 

((((((((((((((((((((((((((((( snapshot@2008-03-18_22.18.50.89 )))))))))))))))))))))))))))))))))))))))))

.

- 2008-03-18 20:23:20 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat

+ 2008-03-18 21:22:03 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat

+ 2008-03-18 21:22:03 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat.LOG1

- 2008-03-18 21:07:02 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat

+ 2008-03-18 21:11:44 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat

- 2008-03-18 20:14:53 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat

+ 2008-03-18 21:20:48 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat

- 2008-03-18 21:07:02 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat

+ 2008-03-18 21:11:37 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat

- 2008-03-18 21:06:47 278,528 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2008-03-18 21:51:53 278,528 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2008-03-18 21:06:47 360,448 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2008-03-18 21:51:53 360,448 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2008-03-18 21:06:47 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2008-03-18 21:51:53 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2008-03-18 20:15:00 107,614 ----a-w C:\Windows\System32\perfc009.dat

+ 2008-03-18 21:17:00 107,614 ----a-w C:\Windows\System32\perfc009.dat

- 2008-03-18 20:15:00 122,020 ----a-w C:\Windows\System32\perfc00C.dat

+ 2008-03-18 21:17:00 122,020 ----a-w C:\Windows\System32\perfc00C.dat

- 2008-03-18 20:15:00 618,470 ----a-w C:\Windows\System32\perfh009.dat

+ 2008-03-18 21:17:00 618,470 ----a-w C:\Windows\System32\perfh009.dat

- 2008-03-18 20:15:00 700,222 ----a-w C:\Windows\System32\perfh00C.dat

+ 2008-03-18 21:17:01 700,222 ----a-w C:\Windows\System32\perfh00C.dat

- 2008-03-18 20:12:22 9,808 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3553214446-3599369004-1934773952-1000_UserData.bin

+ 2008-03-18 21:12:49 9,934 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3553214446-3599369004-1934773952-1000_UserData.bin

- 2008-03-18 20:12:21 70,894 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin

+ 2008-03-18 21:12:43 71,018 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin

.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"????r"="" []

"?????????"="" []

"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55 5674352]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-23 08:44 68856]

"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440]

"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2004-11-22 08:18 307200]

"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560]

"Steam"="C:\Program Files\Valve\Steam\Steam.exe" [2008-03-15 14:12 1266936]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-06-22 18:26 1006264]

"RtHDVCpl"="RtHDVCpl.exe" [2006-11-20 07:13 4018176 C:\Windows\RtHDVCpl.exe]

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 04:00 815104]

"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 20:48 57344]

"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-11-15 07:02 614400]

"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648]

"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 09:22 517768]

"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-07-28 08:22 1836544]

"USB Storage Toolbox"="C:\Program Files\USB Disk Win98 Driver\Res.EXE" [2005-09-14 19:44 65536]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00 132496]

"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]

"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]

"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06 29696]

Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2006-12-05 22:36:42 528384]

Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-06-23 08:44:40 124912]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"UacDisableNotify"=dword:00000001

"InternetSettingsDisableNotify"=dword:00000001

"AutoUpdateDisableNotify"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"AntiVirusOverride"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"TCP Query User{0B09415F-800E-40E4-8C87-9A6D622113F8}C:\\program files\\msn messenger\\msnmsgr.exe"= UDP:C:\program files\msn messenger\msnmsgr.exe:Messenger

"UDP Query User{9FEF4D41-E038-4058-9AB5-46AE003F3EF0}C:\\program files\\msn messenger\\msnmsgr.exe"= TCP:C:\program files\msn messenger\msnmsgr.exe:Messenger

"TCP Query User{A9307707-A9F5-4128-926F-76A3F3A8E074}C:\\program files\\msn messenger\\livecall.exe"= UDP:C:\program files\msn messenger\livecall.exe:Windows Live Call

"UDP Query User{9986FC8E-697F-4CF0-8792-60C7F64C277F}C:\\program files\\msn messenger\\livecall.exe"= TCP:C:\program files\msn messenger\livecall.exe:Windows Live Call

"{4D72D3BA-AA02-479B-B5DB-D5A2DC5C59C8}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire

"{1442CFCC-7D91-4271-A920-32512341CBFA}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire

"{5A544D88-966D-41DF-B8D7-D82EB86BA501}"= UDP:C:\Program Files\Internet Explorer\iexplore.exe:Internet Explorer

"{193DE59D-B853-4420-851F-321FE476F727}"= TCP:C:\Program Files\Internet Explorer\iexplore.exe:Internet Explorer

"{F38DB6A3-1565-47F8-81A1-5179A6D5B1D2}"= UDP:C:\Program Files\eMule\emule.exe:eMule

"{0EB32ECF-80C4-45AC-9779-63799817BDD7}"= TCP:C:\Program Files\eMule\emule.exe:eMule

"TCP Query User{72C8BA92-8668-4FF9-8C75-48EC022D4967}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex17.531\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= UDP:C:\users\valérie\appdata\local\temp\rar$ex17.531\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe

"UDP Query User{93AA364F-63F2-4B9B-A209-183E90DAE832}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex17.531\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= TCP:C:\users\valérie\appdata\local\temp\rar$ex17.531\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe

"TCP Query User{D288C505-BCD6-454F-8A5B-E947B9EE4D9F}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex22.390\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= UDP:C:\users\valérie\appdata\local\temp\rar$ex22.390\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe

"UDP Query User{EBFA0995-4A65-4CD6-8A9A-9D2923A20373}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex22.390\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= TCP:C:\users\valérie\appdata\local\temp\rar$ex22.390\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe

"TCP Query User{34AC4AE6-76E3-4A47-9189-A75D8F48402D}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex29.094\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= UDP:C:\users\valérie\appdata\local\temp\rar$ex29.094\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe

"UDP Query User{0B4F3247-6950-4545-A463-F697C3FC2581}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex29.094\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= TCP:C:\users\valérie\appdata\local\temp\rar$ex29.094\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe

"TCP Query User{557E0DFB-7810-4E16-A452-3055E0952A25}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex10.219\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= UDP:C:\users\valérie\appdata\local\temp\rar$ex10.219\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe

"UDP Query User{267B729A-CADC-46D8-AE5A-AFD16F9ECAD3}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex10.219\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= TCP:C:\users\valérie\appdata\local\temp\rar$ex10.219\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe

"TCP Query User{411B283F-3E1D-4DBC-8BA0-1C7C8FD0415A}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex14.406\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= UDP:C:\users\valérie\appdata\local\temp\rar$ex14.406\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe

"UDP Query User{8DB66593-E448-42A3-BAA4-9D41118DB31B}C:\\users\\valérie\\appdata\\local\\temp\\rar$ex14.406\\world.of.warcraft.working.crackfix.server.readnfo-xilince\\world.of.warcraft.server.v.0.2-xilince\\bin\\wowemu.exe"= TCP:C:\users\valérie\appdata\local\temp\rar$ex14.406\world.of.warcraft.working.crackfix.server.readnfo-xilince\world.of.warcraft.server.v.0.2-xilince\bin\wowemu.exe:wowemu.exe

"TCP Query User{BD9A9D92-4B67-4199-9FCB-F354B802A823}C:\\program files\\gamespy\\comrade\\comrade.exe"= UDP:C:\program files\gamespy\comrade\comrade.exe:Comrade

"UDP Query User{4FACFC1C-CE7D-4FDA-9009-32F3758FB4AB}C:\\program files\\gamespy\\comrade\\comrade.exe"= TCP:C:\program files\gamespy\comrade\comrade.exe:Comrade

"{4B9FB7FB-B6D8-4786-AA87-24FC93D67669}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA

"{BD10FFDE-F49F-49DD-A1C6-629ECF37B0FC}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA

"{2A6E0F86-0F67-45FA-82BE-EDC7DFD4E3C6}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB

"{A8B3E104-0CBB-4FF5-B319-D5FD9D16A21E}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB

"TCP Query User{F153FFDB-F17F-4F21-9DE8-B586DC42516C}C:\\program files\\the all-seeing eye\\eye.exe"= UDP:C:\program files\the all-seeing eye\eye.exe:Yahoo! All-Seeing Eye

"UDP Query User{30CCDD93-AEC3-42D7-982A-03888E55A29A}C:\\program files\\the all-seeing eye\\eye.exe"= TCP:C:\program files\the all-seeing eye\eye.exe:Yahoo! All-Seeing Eye

"TCP Query User{4B1B923D-5188-46CC-86ED-C3DC1ED882AC}C:\\windows\\system32\\dplaysvr.exe"= UDP:C:\windows\system32\dplaysvr.exe:Application d'assistance Microsoft DirectPlay

"UDP Query User{68A83DB9-77F6-458D-BE4E-40C617AAC338}C:\\windows\\system32\\dplaysvr.exe"= TCP:C:\windows\system32\dplaysvr.exe:Application d'assistance Microsoft DirectPlay

"TCP Query User{7A8E3E65-0A3A-4348-B1EF-CDCE15A3B471}C:\\program files\\commandos ii\\comm2.exe"= UDP:C:\program files\commandos ii\comm2.exe:comm2

"UDP Query User{00F1F9F1-86E8-4791-95F7-5857A25B59CD}C:\\program files\\commandos ii\\comm2.exe"= TCP:C:\program files\commandos ii\comm2.exe:comm2

"TCP Query User{BC372235-5D3C-4C88-8B7C-EC71C110BFC4}C:\\program files\\valve\\steam\\steamapps\\theot62\\counter-strike\\hl.exe"= UDP:C:\program files\valve\steam\steamapps\theot62\counter-strike\hl.exe:Half-Life Launcher

"UDP Query User{5B692514-EE89-4C67-B764-D662AB026778}C:\\program files\\valve\\steam\\steamapps\\theot62\\counter-strike\\hl.exe"= TCP:C:\program files\valve\steam\steamapps\theot62\counter-strike\hl.exe:Half-Life Launcher

"{392F9AEA-2FAB-4CC4-B5DD-69DB9BB24BEC}"= UDP:C:\Program Files\Valve\Steam\Steam.exe:Steam

"{F0C82633-7E23-456F-AC09-7F366167CEF7}"= TCP:C:\Program Files\Valve\Steam\Steam.exe:Steam

"TCP Query User{AB42AE40-12FF-4E8A-A268-EBFC36A08AFF}C:\\program files\\valve\\steam\\steamapps\\theot62\\condition zero deleted scenes\\hl.exe"= UDP:C:\program files\valve\steam\steamapps\theot62\condition zero deleted scenes\hl.exe:Half-Life Launcher

"UDP Query User{C78D3DCD-8E71-4FC5-8FD0-2DF48EE70CE9}C:\\program files\\valve\\steam\\steamapps\\theot62\\condition zero deleted scenes\\hl.exe"= TCP:C:\program files\valve\steam\steamapps\theot62\condition zero deleted scenes\hl.exe:Half-Life Launcher

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]

"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

 

R0 AtiPcie;ATI PCI Express (3GIO) Filter;C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 16:22]

R0 SI3112r;ATI-4379 Serial ATA Controller;C:\Windows\system32\DRIVERS\SI3112r.sys [2007-02-01 23:50]

R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2007-12-04 15:52]

R2 eNet Service;eNet Service;C:\Acer\Empowering Technology\eNet\eNet Service.exe [2006-11-20 20:43]

R2 eSettingsService;eSettings Service;C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2006-11-12 23:13]

R2 MobilityService;MobilityService;C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 12:57]

R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-04 10:39]

R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-01-22 22:39]

R3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-03-11 18:14]

S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2007-08-31 16:46]

S3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRIVERS\athr.sys [2006-11-10 07:38]

S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-01-22 22:39]

S3 StMp3Rec;Pilote de périphérique de la restauration de lecteur;C:\Windows\system32\Drivers\StMp3Rec.sys [2007-02-15 15:14]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1bd35b60-e9ae-11dc-9685-0016d4a90a0a}]

\shell\AutoRun\command - J:\Autorun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8fe8cc08-20c8-11dc-b1c0-806e6f6e6963}]

\shell\AutoRun\command - E:\installation_livebox.exe

 

.

Contenu du dossier 'Scheduled Tasks/Tâches planifiées'

"2008-02-15 14:33:29 C:\Windows\Tasks\Norton Security Scan.job"

- C:\Program Files\Norton Security Scan\Nss.exe

.

**************************************************************************

 

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-03-18 23:04:32

Windows 6.0.6000 NTFS

 

Balayage processus cachés ...

 

Balayage caché autostart entries ...

 

Balayage des fichiers cachés ...

 

Scan terminé avec succès

Les fichiers cachés: 0

 

**************************************************************************

.

Temps d'accomplissement: 2008-03-18 23:07:59

ComboFix-quarantined-files.txt 2008-03-18 22:07:54

ComboFix2.txt 2008-03-18 21:20:47

.

2008-03-14 05:00:33 --- E O F ---

theot-é Member

theot-é

Posté(e)
  • Auteur
Posté(e)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:14:26, on 18/03/2008

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16609)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Launch Manager\LManager.exe

C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

C:\Program Files\USB Disk Win98 Driver\Res.exe

C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Valve\Steam\Steam.exe

C:\Program Files\Google\Google Updater\GoogleUpdater.exe

C:\Windows\ehome\ehmsas.exe

C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE

C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE

C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\conime.exe

C:\Program Files\MSN Messenger\livecall.exe

C:\Windows\Explorer.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Users\valérie\Desktop\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll

O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe

O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [uSB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [steam] "C:\Program Files\Valve\Steam\Steam.exe" -silent

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Empowering Technology Launcher.lnk = ?

O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O13 - Gopher Prefix:

O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_12.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe

O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe

O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe

O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

 

--

End of file - 10727 bytes

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Le rapport est propre.

As-tu encore des symptômes anormaux ?

 

Dis moi, je vois là dedans que tu as sur la machine énormément de logiciels de sécurité.

- la suite de Norton

- l'antivirus avast

- l'antispyware AVG

- windows defender

- spybot (teatime activé)

 

Ca fait du monde, au moins un des Antispywares est de trop et va gêner l'autre. AVG perd son bouclier résident au bout de 30 jours, mais cleui de windows defender continuera de fonctionner. Teatimer ne sert pas tant que ça, tu peux le désactiver, mais conserver spybot comme simple scanneur.

Si la suite Norton intègre l'antivirus, il faudra désinstaller avast : il ne faut q'un antivirus résident à la fois sur la machine.

theot-é Member

theot-é

Posté(e)
  • Auteur
Posté(e)

Euh, oui il y a encore quelque chose :P

Quand je lance internet il me met un message d'erreur avec une croix rouge mais se lance quand meme.

Je n'ai plus les onglets intempestifs.

L'ordinateur ne rame plus ! OUF :P Tu es mon sauveur :P

 

Sinon, pour conclure, je garde

 

windows defender

spybot comme simple scanneur

et avast, c'est ça ?

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...