Sujet Précédent Sujet Suivant

Enlever la publicité

Fermé
odin - 28 oct. 2008 à 17:44
 schummy - 29 mai 2010 à 19:45
Bonjour,

Je souhaiterais savoir comment enlever les publicité (casino, porno, etc), car ca fait déja plusieur jour que j'essaie mais sans succès.

Merci de votre aide.

46 réponses

Précédent
Réponse 21 / 46
odin
28 oct. 2008 à 19:40
rapport : ComboFix 08-10-28.01 - PATTY 2008-10-28 19:04:44.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1530 [GMT 1:00]
Lancé depuis: C:\Documents and Settings\PATTY\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\Documents and Settings\PATTY\Application Data\hidires
C:\Documents and Settings\PATTY\Application Data\m
C:\Documents and Settings\PATTY\Application Data\m\list.oct
C:\Documents and Settings\PATTY\Application Data\m\shared\[Programmi.-.ITA].Sicurezza.AVG.6(antivirus).Spyware.e.SpyBot.AdAware.il.tutto.con.seriali.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\A Fantasy Journey Screensaver 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Aare AVI to VCD DVD SVCD MPEG Converter 6.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AbNote 1.7.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AbsolutePrivacy 2.02.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Access Password Recovery Master 1.0.0.5.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AccessPatrol 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Active@ ISO File Manager 2.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\activePrinter 1.4.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Advanced MP3 Converter 2.63 [Patch].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Advanced Office Password Breaker 1.40 (KeyGen).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AmIAScreenSaverOrNot 1.0.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Antiquity Riddles 1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AnVir Virus Destroyer 3.7 [Serial].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Apdsoft Web Mailer 3.03.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Apex iPod Video Converter 4.19 With Crack.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\ArcaMagica Packaging Templates 2.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\ARulesXL 2.0.6.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\ASPlayer 3.00f.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Atomic PST Password Recovery 1.60.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Atomic RAR Password Recovery 1.20 Patch.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AV Bros. Colorist 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AVG.Antivírus.7.0.322.em.português.+.Keygen.&.Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AVG.AntiVirus.v7.1.371.Multilangages.Incl-Keygen.par.eMule-Paradise.com.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Banner Maker Pro 6.0.8.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Basenjinn Desktop Buddy 1.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Batch It! Ultra 3.978 KeyGen.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\BatchOutput 1.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Battlefield 1942 BiTurbo Mod.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Bay Area Diving RSS feed 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Big Faceless Report Generator 1.1.34.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Bigeye Network Manager 3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Birthdays 2.3 Key+Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Bitdefender.v8.Keygen.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\BpmChecker 3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\BRICKLETTER 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\CarryDVD 4.5.0 Crack.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\celum IMAGINE 3.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\CHP Incident Information 1.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\CoCoMiner 1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\ColorPickUp 1.1.0.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Command & Conquer Generals Train map.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Coollector 1.13.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\CTC 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\CTMailer 2.20.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Customized Windows Logon 1.0 (Key+Serial).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Dealership Director 3.01 Patch.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Deleted Digital Photo Pictures Retrieval 2.0.1.5.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Dramatica Pro 4.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\DVD Base Lite 5.530.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\DVD to VCD AVI DivX Converter 3.2 build 069 Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\DVD X IMAGER 2.0.0.1 (Serial).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Dynomite 2.01.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Easy SMTP Server 2.7 [Key].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\EasyTVA V1.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Email Spy Pro 5.1.6.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\EnergySaver 2.31.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\ESXManager 7.5.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Excel Password Recovery Key 6.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Exe Password 2004 7.114.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\F-Album 1.8.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Falling Icons 3D Screensaver 1.2 (Key+Serial).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\FastChords 3.6 Key+Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\FileMenu 1.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Flashback 1.5.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Flippin' Switcheroo 1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Folder Iconizer 1.4.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\FRS Clocks and Time 1.8 [KeyGen].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\GalleryView 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\GAMP Candy 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Generador2.0.Para.Actualizaciones.Del.Antivirus.Nod32.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\GetAnonymous Professional 2.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\GoToMeeting 3.0 [KeyGen].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Grass Roots 1.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Hadi Farsi Builder 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\HandyRec Professional 4.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\HD Workbench 1.1.31 Cracked.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\HidePro 0.5.1.70 (beta 3).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\High--Low 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\HotDog Junior 1.51.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Hours Manager 1.1 (Key+Serial).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\HumanityThunder 3.1.1028 (Key).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\iDump 1.1.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\IESnap 1.2 (Key+Serial).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\InsideCAT Lite Edition 4.00 [Key].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Insider 3.02 [Key+Serial].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\iPod Audio Studio 6.4.2 [With Crack].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Itookia Free Icon Set.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Jerrycan 6.28.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Keyspan USB Twin Serial Adapter Software 1.9.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Landscape 1.2.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Lemonade Tycoon 2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\LingvoSoft Dictionary 2007 German - French 4.0.22 Key+Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\LingvoSoft Suite 2006 Turkish-Russian for Windows 3.1.29.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Logic Builder - VBA Runtime Demo 1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Lunar Colongitude 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MagiName 1.2 Build 30 Patch.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MasterBlaster Deluxe 2.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MCAFEE.ANTISPYWARE.V1.0.2005.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\McAfee.Internet.Security.Suite.V7.0.2005.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Medianet 1.0.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MonoCalendar 0.7.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Morovia Royal Mail RM4SCC Fontware 3.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MorphVOX 2.9.8.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MP3DJ Broadcast 3.7 (With Crack).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MSDict Professional Dictionary Bundle (Symbian Series 80) 2.40.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Muon 1.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MYquery Analyzer 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\N-Ball 2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Net Snippets Standard 3.3 [Key].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Network Traffic Generator and Monitor 1.7.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Nuclear Clock 2.24.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\OGM to AVI Converter 3.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\OpenOffice IFilter 1.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PacRush 1.42.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Paint Shop Photo Album 5.01 (Crack).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Paquet Builder 2.9.5.0 Key.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Password generator 1.0 beta.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Password Inventory 1.1.0.2 (Key).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PC-Com Basic 8.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PDF Conversion Series - PDF2TXT 1.1 build 1115.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PDF Security and Privacy Audit 2.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Perfect Day
C:\Documents and Settings\PATTY\Application Data\m\shared\Phyllotaxis Screensaver 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PictMatch 2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Pink Calendar and Day Planner 6.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Planetary Dreamscapes 1 1.0 [Serial].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PM Master 2.8 [Crack].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PopSurfer 1.1 (With Crack).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Portals of Arnak 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Power Siphon 1.9.6.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PowerPoint Slide Show Converter 2.3.0.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\ProcView32 2.01.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\QuidProQuo 1.04 Key.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\r.a.d.ajax 1.62 Key+Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Radio Max toolbar for IE 4.5.129.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Rapid Backup Beta 1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\RAR IFilter 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\RC Converter 2.0 [Cracked].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Remote Software Installation Utility 2007 Key+Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Renamer 5.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\RGS-ADSLBoost 1.0.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\RSS Content Generator Enterprise 3.1.58 Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\San Francisco 49ers screensaver.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Scenic Drive - Welsh Hills to Chestnut Hills 1.0 [Cracked].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Sense Remote Control 1.4.0.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Sfx-Factory 2.6.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Sideways Screensaver 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Slawdog Smart Shutdown 1.4.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\SmartFormFiller 5.1 With Crack.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\SMB iCRM 4.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Soft193 Password Manager 1.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Softdiv Audio Converter 3.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Space War Online 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Spamihilator 0.9.9.31.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\SQLeonardo 2006.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Starlines INC 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\swBatchPrint 1.5.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Symantec.Norton.Antivirus.2007.Full.+.Symantec.Norton.Internet.Security.2007.Full.part1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\TestLAB 3.0.3 [Serial].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Text Converter 2.1.3.21.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\TextPad 5.0.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\The Business OpsCenter 3.5.0 KeyGen.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Thunder Batch 2.1.2 [Cracked].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Titanium Checkbook 3.2 With Crack.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Trade Empires 1.01 patch.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Traffic Scotland Cameras 1.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Trojan Guarder 5.54.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Twinsen's Odyssey demo.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\uCertify PrepKit for test 70-300 8.02.5 Key.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Unreal Tournament 2003 - Fire Pitt v1.1 deathmatch map.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Unreal Tournament 2003 - Knallert45 deathmatch map.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\UrVirtualDesktops 1.0.0.31.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\VAS Free System Tools 1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\VB Doodle 5.0.0.68.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Vegetarian Cookery 1.0 (With Crack).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\VerMan's Art Converter 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Visual Catalogues Lite 4.16.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Voice Tracker 1.3 Key.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\VOKATOR 1.0.2 Key.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Volt 1.301.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Warcraft III - Lt. Bronx's Assault map.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Warcraft III - The Death Sheep map.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Warhammer 40,000 Dawn of War The Canyon map 2.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\WGP FolderLock 2006 1.0.4 (Patch).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\When Clones Attack 1.04.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Wincry 1.6.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\WinLog Assist 2.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\WOA Custom Document Properties 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Woize 2.5.0.32959.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Word Password Recovery Key 8.0 build 2514.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\WordCaptureX 2.2 KeyGen.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\X-Copy Professional 1.6.50.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\YASA VOB to iPod Converter 4.0 Cracked.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Zarafa Outlook Sharing 4.22 [Key+Serial].zip
C:\Documents and Settings\PATTY\Application Data\m\srvlist.oct
C:\Documents and Settings\PATTY\ravmonlog
C:\resycled
C:\resycled\boot.com
C:\WINDOWS\cnsinfo.dat
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\_000009_.tmp.dll
C:\WINDOWS\system32\fxtslgsw.ini
C:\WINDOWS\system32\kdpuf.exe
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\plpgbsvi.ini
C:\WINDOWS\system32\RsDdcfii.ini
C:\WINDOWS\system32\RsDdcfii.ini2
C:\xcrashdump.dat

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Legacy_CNSMINKP
-------\Service_Boonty Games


((((((((((((((((((((((((((((( Fichiers créés du 2008-09-28 au 2008-10-28 ))))))))))))))))))))))))))))))))))))
.

2008-10-28 18:27 . 2008-10-28 18:51 <REP> d-------- C:\Lop SD
2008-10-28 18:07 . 2008-10-28 18:24 <REP> d-------- C:\Program Files\Navilog1
2008-10-28 17:54 . 2008-10-28 17:54 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-28 17:54 . 2008-10-28 17:54 <REP> d-------- C:\Documents and Settings\PATTY\Application Data\Malwarebytes
2008-10-28 17:54 . 2008-10-28 17:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-28 17:54 . 2008-10-22 16:10 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-28 17:54 . 2008-10-22 16:10 15,504 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-28 16:27 . 2008-10-28 16:33 <REP> d-------- C:\Program Files\TuneUp Utilities 2008
2008-10-28 16:27 . 2008-10-28 16:27 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-10-28 16:27 . 2008-10-28 16:27 355,584 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-10-28 16:27 . 2008-05-29 09:28 28,416 --a------ C:\WINDOWS\system32\uxtuneup.dll
2008-10-28 16:11 . 2008-10-28 16:11 <REP> d-------- C:\Program Files\Zylom Games2
2008-10-28 13:43 . 2008-10-28 13:43 <REP> d-------- C:\Documents and Settings\PATTY\Application Data\ESET
2008-10-28 13:27 . 2008-10-28 13:27 <REP> d-------- C:\Program Files\ESET
2008-10-28 13:27 . 2008-10-28 13:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ESET
2008-10-28 13:07 . 2008-10-28 13:07 144 --a------ C:\WINDOWS\wininit.ini
2008-10-27 22:40 . 2008-10-27 22:40 <REP> d-------- C:\VundoFix Backups
2008-10-27 22:36 . 2008-10-27 22:37 <REP> d-------- C:\rsit
2008-10-27 22:36 . 2008-10-27 22:37 <REP> d-------- C:\Program Files\trend micro
2008-10-26 16:41 . 2008-10-26 16:41 <REP> d-------- C:\Program Files\Yahoo!
2008-10-26 16:41 . 2008-10-26 16:42 <REP> d-------- C:\Program Files\CCleaner
2008-10-24 06:59 . 2008-10-15 17:35 337,408 --------- C:\WINDOWS\system32\dllcache\netapi32.dll
2008-10-23 14:46 . 2008-10-23 14:46 <REP> d-------- C:\Program Files\SmartShopper
2008-10-23 14:46 . 2008-10-27 14:49 <REP> d-------- C:\Documents and Settings\PATTY\Application Data\SmartShopper
2008-10-23 14:46 . 2008-10-23 14:46 0 --a------ C:\WINDOWS\_MSI5166._IS
2008-10-22 15:51 . 2006-11-13 14:30 106,496 --a------ C:\WINDOWS\system32\ssPlantasia.scr
2008-10-22 13:16 . 2008-10-22 13:16 <REP> d-------- C:\Program Files\DD PlayCam
2008-10-22 13:15 . 2008-10-22 13:15 <REP> d-------- C:\Program Files\Fichiers communs\Look312P
2008-10-22 13:15 . 2004-03-19 17:11 90,968 --a------ C:\WINDOWS\system32\drivers\usbVM31b.sys
2008-10-22 13:15 . 2003-05-15 16:17 61,440 --a------ C:\WINDOWS\system32\VM31bSTI.dll
2008-10-21 23:44 . 2008-10-22 18:40 <REP> d-------- C:\WINDOWS\Album
2008-10-21 23:43 . 2008-10-22 22:52 <REP> d-------- C:\Program Files\Look 312P
2008-10-21 23:43 . 2005-06-27 17:24 184,392 --------- C:\WINDOWS\system32\VM31bPrp.Ax
2008-10-21 23:32 . 2008-04-13 19:45 60,032 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2008-10-21 23:32 . 2008-04-13 19:45 60,032 --a------ C:\WINDOWS\system32\dllcache\usbaudio.sys
2008-10-16 21:13 . 2008-08-14 14:23 2,191,232 --------- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-10-16 21:13 . 2008-08-14 14:23 2,147,328 --------- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-10-16 21:13 . 2008-08-14 14:23 2,068,096 --------- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-10-16 21:13 . 2008-08-14 14:23 2,025,984 --------- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-10-16 13:01 . 2008-09-15 16:26 1,846,528 --------- C:\WINDOWS\system32\dllcache\win32k.sys
2008-10-16 12:15 . 2008-09-08 11:41 333,824 --------- C:\WINDOWS\system32\dllcache\srv.sys
2008-10-14 23:51 . 2008-10-14 23:51 <REP> d-------- C:\Documents and Settings\PATTY\Application Data\GamesCafe
2008-10-10 23:21 . 2008-10-19 19:58 <REP> d-------- C:\Documents and Settings\PATTY\Application Data\Shopping Blocks
2008-10-04 13:51 . 2008-10-04 13:51 <REP> d-------- C:\Program Files\Eidos
2008-10-04 09:20 . 2008-10-04 09:20 <REP> d-------- C:\Documents and Settings\PATTY\Application Data\Anuman Interactive

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-28 16:31 --------- d-----w C:\Program Files\Zylom Games
2008-10-28 16:21 --------- d-----w C:\Documents and Settings\PATTY\Application Data\Zylom
2008-10-28 15:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-10-28 13:19 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-10-28 12:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-28 01:35 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-10-28 01:34 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-28 01:34 --------- d-----w C:\Documents and Settings\PATTY\Application Data\EoRezo
2008-10-28 00:27 --------- d-----w C:\Program Files\EoRezo
2008-10-27 21:23 --------- d-----w C:\Program Files\WiPen
2008-10-27 21:11 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-10-26 20:19 --------- d-----w C:\Program Files\eMule
2008-10-23 15:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\MythPeople
2008-10-05 12:25 --------- d-----w C:\Program Files\GameSpy Arcade
2008-10-04 21:05 --------- d-----w C:\Documents and Settings\PATTY\Application Data\PlayFirst
2008-10-04 20:11 --------- d-----w C:\Program Files\Ubisoft
2008-10-04 20:11 --------- d-----w C:\Program Files\Codemasters
2008-10-04 20:11 --------- d-----w C:\Program Files\Anuman Interactive
2008-10-04 08:26 278,984 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys
2008-09-25 10:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\GameHouse
2008-09-23 21:49 --------- d-----w C:\Documents and Settings\PATTY\Application Data\Playrix Entertainment
2008-09-19 12:07 18,048 ----a-w C:\WINDOWS\system32\drivers\lirsgt.sys
2008-09-17 12:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sandlot Games
2008-09-12 23:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\POPWWPROFILES
2008-09-12 07:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Gogii
2008-09-11 20:54 --------- d-----w C:\Documents and Settings\PATTY\Application Data\SPAMfighter
2008-09-08 10:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-09-07 12:01 --------- d-----w C:\Program Files\Maxis
2008-09-07 11:08 --------- d-----w C:\Program Files\MSN Messenger
2008-09-04 11:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\MumboJumbo
2008-09-02 09:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\PlayFirst
2008-04-01 16:46 212,368 ----a-w C:\Documents and Settings\PATTY\Application Data\GDIPFONTCACHEV1.DAT
2007-04-25 14:08 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2003-03-21 11:37 16,056 ----a-w C:\Program Files\owcstp16.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="C:\APPS\SMP\SmpSys.exe" [2005-11-17 975360]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-09 68856]
"AnumanLive"="C:\Documents and Settings\PATTY\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe" [2008-07-01 347648]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2007-10-25 1410304]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 7700480]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]

C:\Documents and Settings\PATTY\Menu D‚marrer\Programmes\D‚marrage\
FreeBot.lnk - C:\Program Files\FreeBot\freebot.exe [2006-04-04 2480440]

C:\Documents and Settings\PATTY\Menu D‚marrer\Programmes\D‚marrage\
FreeBot.lnk - C:\Program Files\FreeBot\freebot.exe [2006-04-04 2480440]

C:\Documents and Settings\PATTY\Menu D‚marrer\Programmes\D‚marrage\
FreeBot.lnk - C:\Program Files\FreeBot\freebot.exe [2006-04-04 2480440]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.iv31"= C:\WINDOWS\system32\ir32_32.dll
"vidc.iv32"= C:\WINDOWS\system32\ir32_32.dll
"msacm.dvacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.mpegacm"= mpegacm.acm
"msacm.ulmp3acm"= ulmp3acm.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"C:\\WINDOWS\\system32\\mmc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"13789:TCP"= 13789:TCP:NortonAV
"16158:TCP"= 16158:TCP:NortonAV
"16502:TCP"= 16502:TCP:NortonAV
"16499:TCP"= 16499:TCP:NortonAV
"15187:TCP"= 15187:TCP:NortonAV
"56586:TCP"= 56586:TCP:Pando P2P TCP Listening Port
"56586:UDP"= 56586:UDP:Pando P2P UDP Listening Port

R2 ithsgt;ithsgt;C:\WINDOWS\system32\DRIVERS\ithsgt.sys [2007-02-10 162432]
R2 lilsgt;lilsgt;C:\WINDOWS\system32\DRIVERS\lilsgt.sys [2007-02-10 12032]
R2 NwSapAgent;Agent SAP;C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 SrvCDEject;SrvCDEject;C:\Program Files\Packard Bell\SrvCDEject.exe [2006-07-25 613376]
R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 3xHybrid;ASUSTek SAA713x PCI Card;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-04-28 882688]
R3 RTSTOR;USB Mass Stroage Device;C:\WINDOWS\system32\drivers\RTSTOR.SYS [2005-12-21 20096]
R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys [2005-11-28 7040]
S2 AbyssWebServer;Abyss Web Server;F:\abyssws.exe [ ]
S3 DIGIRPS;Pilote PortServer Digi;C:\WINDOWS\system32\DRIVERS\digirlpt.sys [2001-08-23 42656]
S3 gAGP440p;gAGP440p;C:\DOCUME~1\PATTY\LOCALS~1\Temp\gAGP440p.sys [ ]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\system32\drivers\mbamswissarmy.sys [2008-10-22 38496]
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2004-05-17 17536]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-10-28 355584]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8b7aeaa1-6abb-11dd-8174-00038a000015}]
\Shell\AutoRun\command - F:\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a5e536d2-4688-11dc-bfed-00038a000015}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
\Shell\Open(&0)\command - Recycled\ctfmon.exe
.
Contenu du dossier 'Tâches planifiées'

2008-10-28 C:\WINDOWS\Tasks\Maintenance en 1 clic.job
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:23]
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{32341E7E-C319-46DE-91D0-E30BB1A3CABA} - (no file)
BHO-{6A511CCC-E0F0-4A27-A70A-664C11A4F999} - (no file)
HKLM-Run-C:\WINDOWS\system32\kdpuf.exe - C:\WINDOWS\system32\kdpuf.exe
Notify-__c008EED6 - C:\WINDOWS\system32\__c008EED6.dat
Notify-cbXooMcY - cbXooMcY.dll


.
------- Examen supplémentaire -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.lo.st
R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s
O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 -: {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - {BCEB373D-A35A-4200-BD43-8586CD9DFAE7} -

O16 -: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} - hxxp://zylom.king.com/ctl/kingcomie.cab
C:\WINDOWS\Downloaded Program Files\KingComIE.inf
C:\WINDOWS\KingComIE.dll

O16 -: {48DF87EE-F2DE-11D8-BE7F-302050C10811} - hxxp://www.flysuite.com/flyword/loaderword_win_fr.cab
C:\WINDOWS\Downloaded Program Files\FlyLoader.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-28 19:20:32
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\ehome\ehrecvr.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\X10nets.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2008-10-28 19:29:13 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-10-28 18:29:10

Avant-CF: 249 614 553 088 octets libres
Après-CF: 249,048,584,192 octets libres

450 --- E O F --- 2008-10-25 12:13:51
0
Réponse 22 / 46
odin
28 oct. 2008 à 19:40
rapport : ComboFix 08-10-28.01 - PATTY 2008-10-28 19:04:44.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1530 [GMT 1:00]
Lancé depuis: C:\Documents and Settings\PATTY\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\Documents and Settings\PATTY\Application Data\hidires
C:\Documents and Settings\PATTY\Application Data\m
C:\Documents and Settings\PATTY\Application Data\m\list.oct
C:\Documents and Settings\PATTY\Application Data\m\shared\[Programmi.-.ITA].Sicurezza.AVG.6(antivirus).Spyware.e.SpyBot.AdAware.il.tutto.con.seriali.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\A Fantasy Journey Screensaver 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Aare AVI to VCD DVD SVCD MPEG Converter 6.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AbNote 1.7.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AbsolutePrivacy 2.02.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Access Password Recovery Master 1.0.0.5.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AccessPatrol 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Active@ ISO File Manager 2.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\activePrinter 1.4.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Advanced MP3 Converter 2.63 [Patch].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Advanced Office Password Breaker 1.40 (KeyGen).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AmIAScreenSaverOrNot 1.0.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Antiquity Riddles 1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AnVir Virus Destroyer 3.7 [Serial].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Apdsoft Web Mailer 3.03.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Apex iPod Video Converter 4.19 With Crack.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\ArcaMagica Packaging Templates 2.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\ARulesXL 2.0.6.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\ASPlayer 3.00f.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Atomic PST Password Recovery 1.60.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Atomic RAR Password Recovery 1.20 Patch.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AV Bros. Colorist 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AVG.Antivírus.7.0.322.em.português.+.Keygen.&.Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AVG.AntiVirus.v7.1.371.Multilangages.Incl-Keygen.par.eMule-Paradise.com.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Banner Maker Pro 6.0.8.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Basenjinn Desktop Buddy 1.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Batch It! Ultra 3.978 KeyGen.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\BatchOutput 1.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Battlefield 1942 BiTurbo Mod.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Bay Area Diving RSS feed 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Big Faceless Report Generator 1.1.34.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Bigeye Network Manager 3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Birthdays 2.3 Key+Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Bitdefender.v8.Keygen.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\BpmChecker 3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\BRICKLETTER 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\CarryDVD 4.5.0 Crack.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\celum IMAGINE 3.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\CHP Incident Information 1.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\CoCoMiner 1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\ColorPickUp 1.1.0.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Command & Conquer Generals Train map.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Coollector 1.13.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\CTC 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\CTMailer 2.20.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Customized Windows Logon 1.0 (Key+Serial).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Dealership Director 3.01 Patch.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Deleted Digital Photo Pictures Retrieval 2.0.1.5.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Dramatica Pro 4.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\DVD Base Lite 5.530.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\DVD to VCD AVI DivX Converter 3.2 build 069 Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\DVD X IMAGER 2.0.0.1 (Serial).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Dynomite 2.01.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Easy SMTP Server 2.7 [Key].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\EasyTVA V1.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Email Spy Pro 5.1.6.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\EnergySaver 2.31.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\ESXManager 7.5.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Excel Password Recovery Key 6.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Exe Password 2004 7.114.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\F-Album 1.8.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Falling Icons 3D Screensaver 1.2 (Key+Serial).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\FastChords 3.6 Key+Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\FileMenu 1.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Flashback 1.5.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Flippin' Switcheroo 1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Folder Iconizer 1.4.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\FRS Clocks and Time 1.8 [KeyGen].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\GalleryView 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\GAMP Candy 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Generador2.0.Para.Actualizaciones.Del.Antivirus.Nod32.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\GetAnonymous Professional 2.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\GoToMeeting 3.0 [KeyGen].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Grass Roots 1.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Hadi Farsi Builder 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\HandyRec Professional 4.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\HD Workbench 1.1.31 Cracked.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\HidePro 0.5.1.70 (beta 3).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\High--Low 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\HotDog Junior 1.51.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Hours Manager 1.1 (Key+Serial).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\HumanityThunder 3.1.1028 (Key).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\iDump 1.1.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\IESnap 1.2 (Key+Serial).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\InsideCAT Lite Edition 4.00 [Key].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Insider 3.02 [Key+Serial].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\iPod Audio Studio 6.4.2 [With Crack].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Itookia Free Icon Set.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Jerrycan 6.28.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Keyspan USB Twin Serial Adapter Software 1.9.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Landscape 1.2.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Lemonade Tycoon 2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\LingvoSoft Dictionary 2007 German - French 4.0.22 Key+Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\LingvoSoft Suite 2006 Turkish-Russian for Windows 3.1.29.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Logic Builder - VBA Runtime Demo 1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Lunar Colongitude 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MagiName 1.2 Build 30 Patch.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MasterBlaster Deluxe 2.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MCAFEE.ANTISPYWARE.V1.0.2005.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\McAfee.Internet.Security.Suite.V7.0.2005.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Medianet 1.0.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MonoCalendar 0.7.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Morovia Royal Mail RM4SCC Fontware 3.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MorphVOX 2.9.8.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MP3DJ Broadcast 3.7 (With Crack).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MSDict Professional Dictionary Bundle (Symbian Series 80) 2.40.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Muon 1.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MYquery Analyzer 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\N-Ball 2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Net Snippets Standard 3.3 [Key].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Network Traffic Generator and Monitor 1.7.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Nuclear Clock 2.24.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\OGM to AVI Converter 3.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\OpenOffice IFilter 1.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PacRush 1.42.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Paint Shop Photo Album 5.01 (Crack).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Paquet Builder 2.9.5.0 Key.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Password generator 1.0 beta.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Password Inventory 1.1.0.2 (Key).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PC-Com Basic 8.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PDF Conversion Series - PDF2TXT 1.1 build 1115.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PDF Security and Privacy Audit 2.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Perfect Day
C:\Documents and Settings\PATTY\Application Data\m\shared\Phyllotaxis Screensaver 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PictMatch 2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Pink Calendar and Day Planner 6.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Planetary Dreamscapes 1 1.0 [Serial].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PM Master 2.8 [Crack].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PopSurfer 1.1 (With Crack).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Portals of Arnak 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Power Siphon 1.9.6.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PowerPoint Slide Show Converter 2.3.0.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\ProcView32 2.01.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\QuidProQuo 1.04 Key.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\r.a.d.ajax 1.62 Key+Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Radio Max toolbar for IE 4.5.129.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Rapid Backup Beta 1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\RAR IFilter 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\RC Converter 2.0 [Cracked].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Remote Software Installation Utility 2007 Key+Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Renamer 5.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\RGS-ADSLBoost 1.0.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\RSS Content Generator Enterprise 3.1.58 Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\San Francisco 49ers screensaver.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Scenic Drive - Welsh Hills to Chestnut Hills 1.0 [Cracked].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Sense Remote Control 1.4.0.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Sfx-Factory 2.6.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Sideways Screensaver 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Slawdog Smart Shutdown 1.4.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\SmartFormFiller 5.1 With Crack.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\SMB iCRM 4.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Soft193 Password Manager 1.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Softdiv Audio Converter 3.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Space War Online 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Spamihilator 0.9.9.31.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\SQLeonardo 2006.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Starlines INC 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\swBatchPrint 1.5.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Symantec.Norton.Antivirus.2007.Full.+.Symantec.Norton.Internet.Security.2007.Full.part1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\TestLAB 3.0.3 [Serial].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Text Converter 2.1.3.21.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\TextPad 5.0.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\The Business OpsCenter 3.5.0 KeyGen.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Thunder Batch 2.1.2 [Cracked].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Titanium Checkbook 3.2 With Crack.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Trade Empires 1.01 patch.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Traffic Scotland Cameras 1.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Trojan Guarder 5.54.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Twinsen's Odyssey demo.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\uCertify PrepKit for test 70-300 8.02.5 Key.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Unreal Tournament 2003 - Fire Pitt v1.1 deathmatch map.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Unreal Tournament 2003 - Knallert45 deathmatch map.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\UrVirtualDesktops 1.0.0.31.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\VAS Free System Tools 1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\VB Doodle 5.0.0.68.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Vegetarian Cookery 1.0 (With Crack).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\VerMan's Art Converter 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Visual Catalogues Lite 4.16.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Voice Tracker 1.3 Key.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\VOKATOR 1.0.2 Key.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Volt 1.301.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Warcraft III - Lt. Bronx's Assault map.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Warcraft III - The Death Sheep map.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Warhammer 40,000 Dawn of War The Canyon map 2.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\WGP FolderLock 2006 1.0.4 (Patch).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\When Clones Attack 1.04.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Wincry 1.6.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\WinLog Assist 2.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\WOA Custom Document Properties 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Woize 2.5.0.32959.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Word Password Recovery Key 8.0 build 2514.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\WordCaptureX 2.2 KeyGen.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\X-Copy Professional 1.6.50.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\YASA VOB to iPod Converter 4.0 Cracked.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Zarafa Outlook Sharing 4.22 [Key+Serial].zip
C:\Documents and Settings\PATTY\Application Data\m\srvlist.oct
C:\Documents and Settings\PATTY\ravmonlog
C:\resycled
C:\resycled\boot.com
C:\WINDOWS\cnsinfo.dat
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\_000009_.tmp.dll
C:\WINDOWS\system32\fxtslgsw.ini
C:\WINDOWS\system32\kdpuf.exe
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\plpgbsvi.ini
C:\WINDOWS\system32\RsDdcfii.ini
C:\WINDOWS\system32\RsDdcfii.ini2
C:\xcrashdump.dat

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Legacy_CNSMINKP
-------\Service_Boonty Games


((((((((((((((((((((((((((((( Fichiers créés du 2008-09-28 au 2008-10-28 ))))))))))))))))))))))))))))))))))))
.

2008-10-28 18:27 . 2008-10-28 18:51 <REP> d-------- C:\Lop SD
2008-10-28 18:07 . 2008-10-28 18:24 <REP> d-------- C:\Program Files\Navilog1
2008-10-28 17:54 . 2008-10-28 17:54 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-28 17:54 . 2008-10-28 17:54 <REP> d-------- C:\Documents and Settings\PATTY\Application Data\Malwarebytes
2008-10-28 17:54 . 2008-10-28 17:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-28 17:54 . 2008-10-22 16:10 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-28 17:54 . 2008-10-22 16:10 15,504 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-28 16:27 . 2008-10-28 16:33 <REP> d-------- C:\Program Files\TuneUp Utilities 2008
2008-10-28 16:27 . 2008-10-28 16:27 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-10-28 16:27 . 2008-10-28 16:27 355,584 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-10-28 16:27 . 2008-05-29 09:28 28,416 --a------ C:\WINDOWS\system32\uxtuneup.dll
2008-10-28 16:11 . 2008-10-28 16:11 <REP> d-------- C:\Program Files\Zylom Games2
2008-10-28 13:43 . 2008-10-28 13:43 <REP> d-------- C:\Documents and Settings\PATTY\Application Data\ESET
2008-10-28 13:27 . 2008-10-28 13:27 <REP> d-------- C:\Program Files\ESET
2008-10-28 13:27 . 2008-10-28 13:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ESET
2008-10-28 13:07 . 2008-10-28 13:07 144 --a------ C:\WINDOWS\wininit.ini
2008-10-27 22:40 . 2008-10-27 22:40 <REP> d-------- C:\VundoFix Backups
2008-10-27 22:36 . 2008-10-27 22:37 <REP> d-------- C:\rsit
2008-10-27 22:36 . 2008-10-27 22:37 <REP> d-------- C:\Program Files\trend micro
2008-10-26 16:41 . 2008-10-26 16:41 <REP> d-------- C:\Program Files\Yahoo!
2008-10-26 16:41 . 2008-10-26 16:42 <REP> d-------- C:\Program Files\CCleaner
2008-10-24 06:59 . 2008-10-15 17:35 337,408 --------- C:\WINDOWS\system32\dllcache\netapi32.dll
2008-10-23 14:46 . 2008-10-23 14:46 <REP> d-------- C:\Program Files\SmartShopper
2008-10-23 14:46 . 2008-10-27 14:49 <REP> d-------- C:\Documents and Settings\PATTY\Application Data\SmartShopper
2008-10-23 14:46 . 2008-10-23 14:46 0 --a------ C:\WINDOWS\_MSI5166._IS
2008-10-22 15:51 . 2006-11-13 14:30 106,496 --a------ C:\WINDOWS\system32\ssPlantasia.scr
2008-10-22 13:16 . 2008-10-22 13:16 <REP> d-------- C:\Program Files\DD PlayCam
2008-10-22 13:15 . 2008-10-22 13:15 <REP> d-------- C:\Program Files\Fichiers communs\Look312P
2008-10-22 13:15 . 2004-03-19 17:11 90,968 --a------ C:\WINDOWS\system32\drivers\usbVM31b.sys
2008-10-22 13:15 . 2003-05-15 16:17 61,440 --a------ C:\WINDOWS\system32\VM31bSTI.dll
2008-10-21 23:44 . 2008-10-22 18:40 <REP> d-------- C:\WINDOWS\Album
2008-10-21 23:43 . 2008-10-22 22:52 <REP> d-------- C:\Program Files\Look 312P
2008-10-21 23:43 . 2005-06-27 17:24 184,392 --------- C:\WINDOWS\system32\VM31bPrp.Ax
2008-10-21 23:32 . 2008-04-13 19:45 60,032 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2008-10-21 23:32 . 2008-04-13 19:45 60,032 --a------ C:\WINDOWS\system32\dllcache\usbaudio.sys
2008-10-16 21:13 . 2008-08-14 14:23 2,191,232 --------- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-10-16 21:13 . 2008-08-14 14:23 2,147,328 --------- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-10-16 21:13 . 2008-08-14 14:23 2,068,096 --------- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-10-16 21:13 . 2008-08-14 14:23 2,025,984 --------- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-10-16 13:01 . 2008-09-15 16:26 1,846,528 --------- C:\WINDOWS\system32\dllcache\win32k.sys
2008-10-16 12:15 . 2008-09-08 11:41 333,824 --------- C:\WINDOWS\system32\dllcache\srv.sys
2008-10-14 23:51 . 2008-10-14 23:51 <REP> d-------- C:\Documents and Settings\PATTY\Application Data\GamesCafe
2008-10-10 23:21 . 2008-10-19 19:58 <REP> d-------- C:\Documents and Settings\PATTY\Application Data\Shopping Blocks
2008-10-04 13:51 . 2008-10-04 13:51 <REP> d-------- C:\Program Files\Eidos
2008-10-04 09:20 . 2008-10-04 09:20 <REP> d-------- C:\Documents and Settings\PATTY\Application Data\Anuman Interactive

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-28 16:31 --------- d-----w C:\Program Files\Zylom Games
2008-10-28 16:21 --------- d-----w C:\Documents and Settings\PATTY\Application Data\Zylom
2008-10-28 15:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-10-28 13:19 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-10-28 12:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-28 01:35 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-10-28 01:34 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-28 01:34 --------- d-----w C:\Documents and Settings\PATTY\Application Data\EoRezo
2008-10-28 00:27 --------- d-----w C:\Program Files\EoRezo
2008-10-27 21:23 --------- d-----w C:\Program Files\WiPen
2008-10-27 21:11 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-10-26 20:19 --------- d-----w C:\Program Files\eMule
2008-10-23 15:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\MythPeople
2008-10-05 12:25 --------- d-----w C:\Program Files\GameSpy Arcade
2008-10-04 21:05 --------- d-----w C:\Documents and Settings\PATTY\Application Data\PlayFirst
2008-10-04 20:11 --------- d-----w C:\Program Files\Ubisoft
2008-10-04 20:11 --------- d-----w C:\Program Files\Codemasters
2008-10-04 20:11 --------- d-----w C:\Program Files\Anuman Interactive
2008-10-04 08:26 278,984 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys
2008-09-25 10:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\GameHouse
2008-09-23 21:49 --------- d-----w C:\Documents and Settings\PATTY\Application Data\Playrix Entertainment
2008-09-19 12:07 18,048 ----a-w C:\WINDOWS\system32\drivers\lirsgt.sys
2008-09-17 12:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sandlot Games
2008-09-12 23:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\POPWWPROFILES
2008-09-12 07:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Gogii
2008-09-11 20:54 --------- d-----w C:\Documents and Settings\PATTY\Application Data\SPAMfighter
2008-09-08 10:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-09-07 12:01 --------- d-----w C:\Program Files\Maxis
2008-09-07 11:08 --------- d-----w C:\Program Files\MSN Messenger
2008-09-04 11:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\MumboJumbo
2008-09-02 09:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\PlayFirst
2008-04-01 16:46 212,368 ----a-w C:\Documents and Settings\PATTY\Application Data\GDIPFONTCACHEV1.DAT
2007-04-25 14:08 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2003-03-21 11:37 16,056 ----a-w C:\Program Files\owcstp16.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="C:\APPS\SMP\SmpSys.exe" [2005-11-17 975360]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-09 68856]
"AnumanLive"="C:\Documents and Settings\PATTY\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe" [2008-07-01 347648]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2007-10-25 1410304]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 7700480]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]

C:\Documents and Settings\PATTY\Menu D‚marrer\Programmes\D‚marrage\
FreeBot.lnk - C:\Program Files\FreeBot\freebot.exe [2006-04-04 2480440]

C:\Documents and Settings\PATTY\Menu D‚marrer\Programmes\D‚marrage\
FreeBot.lnk - C:\Program Files\FreeBot\freebot.exe [2006-04-04 2480440]

C:\Documents and Settings\PATTY\Menu D‚marrer\Programmes\D‚marrage\
FreeBot.lnk - C:\Program Files\FreeBot\freebot.exe [2006-04-04 2480440]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.iv31"= C:\WINDOWS\system32\ir32_32.dll
"vidc.iv32"= C:\WINDOWS\system32\ir32_32.dll
"msacm.dvacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.mpegacm"= mpegacm.acm
"msacm.ulmp3acm"= ulmp3acm.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"C:\\WINDOWS\\system32\\mmc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"13789:TCP"= 13789:TCP:NortonAV
"16158:TCP"= 16158:TCP:NortonAV
"16502:TCP"= 16502:TCP:NortonAV
"16499:TCP"= 16499:TCP:NortonAV
"15187:TCP"= 15187:TCP:NortonAV
"56586:TCP"= 56586:TCP:Pando P2P TCP Listening Port
"56586:UDP"= 56586:UDP:Pando P2P UDP Listening Port

R2 ithsgt;ithsgt;C:\WINDOWS\system32\DRIVERS\ithsgt.sys [2007-02-10 162432]
R2 lilsgt;lilsgt;C:\WINDOWS\system32\DRIVERS\lilsgt.sys [2007-02-10 12032]
R2 NwSapAgent;Agent SAP;C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 SrvCDEject;SrvCDEject;C:\Program Files\Packard Bell\SrvCDEject.exe [2006-07-25 613376]
R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 3xHybrid;ASUSTek SAA713x PCI Card;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-04-28 882688]
R3 RTSTOR;USB Mass Stroage Device;C:\WINDOWS\system32\drivers\RTSTOR.SYS [2005-12-21 20096]
R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys [2005-11-28 7040]
S2 AbyssWebServer;Abyss Web Server;F:\abyssws.exe [ ]
S3 DIGIRPS;Pilote PortServer Digi;C:\WINDOWS\system32\DRIVERS\digirlpt.sys [2001-08-23 42656]
S3 gAGP440p;gAGP440p;C:\DOCUME~1\PATTY\LOCALS~1\Temp\gAGP440p.sys [ ]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\system32\drivers\mbamswissarmy.sys [2008-10-22 38496]
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2004-05-17 17536]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-10-28 355584]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8b7aeaa1-6abb-11dd-8174-00038a000015}]
\Shell\AutoRun\command - F:\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a5e536d2-4688-11dc-bfed-00038a000015}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
\Shell\Open(&0)\command - Recycled\ctfmon.exe
.
Contenu du dossier 'Tâches planifiées'

2008-10-28 C:\WINDOWS\Tasks\Maintenance en 1 clic.job
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:23]
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{32341E7E-C319-46DE-91D0-E30BB1A3CABA} - (no file)
BHO-{6A511CCC-E0F0-4A27-A70A-664C11A4F999} - (no file)
HKLM-Run-C:\WINDOWS\system32\kdpuf.exe - C:\WINDOWS\system32\kdpuf.exe
Notify-__c008EED6 - C:\WINDOWS\system32\__c008EED6.dat
Notify-cbXooMcY - cbXooMcY.dll


.
------- Examen supplémentaire -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.lo.st
R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s
O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 -: {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - {BCEB373D-A35A-4200-BD43-8586CD9DFAE7} -

O16 -: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} - hxxp://zylom.king.com/ctl/kingcomie.cab
C:\WINDOWS\Downloaded Program Files\KingComIE.inf
C:\WINDOWS\KingComIE.dll

O16 -: {48DF87EE-F2DE-11D8-BE7F-302050C10811} - hxxp://www.flysuite.com/flyword/loaderword_win_fr.cab
C:\WINDOWS\Downloaded Program Files\FlyLoader.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-28 19:20:32
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\ehome\ehrecvr.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\X10nets.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2008-10-28 19:29:13 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-10-28 18:29:10

Avant-CF: 249 614 553 088 octets libres
Après-CF: 249,048,584,192 octets libres

450 --- E O F --- 2008-10-25 12:13:51
0
Réponse 23 / 46
odin
28 oct. 2008 à 19:40
rapport : ComboFix 08-10-28.01 - PATTY 2008-10-28 19:04:44.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1530 [GMT 1:00]
Lancé depuis: C:\Documents and Settings\PATTY\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\Documents and Settings\PATTY\Application Data\hidires
C:\Documents and Settings\PATTY\Application Data\m
C:\Documents and Settings\PATTY\Application Data\m\list.oct
C:\Documents and Settings\PATTY\Application Data\m\shared\[Programmi.-.ITA].Sicurezza.AVG.6(antivirus).Spyware.e.SpyBot.AdAware.il.tutto.con.seriali.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\A Fantasy Journey Screensaver 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Aare AVI to VCD DVD SVCD MPEG Converter 6.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AbNote 1.7.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AbsolutePrivacy 2.02.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Access Password Recovery Master 1.0.0.5.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AccessPatrol 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Active@ ISO File Manager 2.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\activePrinter 1.4.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Advanced MP3 Converter 2.63 [Patch].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Advanced Office Password Breaker 1.40 (KeyGen).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AmIAScreenSaverOrNot 1.0.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Antiquity Riddles 1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AnVir Virus Destroyer 3.7 [Serial].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Apdsoft Web Mailer 3.03.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Apex iPod Video Converter 4.19 With Crack.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\ArcaMagica Packaging Templates 2.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\ARulesXL 2.0.6.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\ASPlayer 3.00f.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Atomic PST Password Recovery 1.60.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Atomic RAR Password Recovery 1.20 Patch.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AV Bros. Colorist 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AVG.Antivírus.7.0.322.em.português.+.Keygen.&.Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\AVG.AntiVirus.v7.1.371.Multilangages.Incl-Keygen.par.eMule-Paradise.com.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Banner Maker Pro 6.0.8.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Basenjinn Desktop Buddy 1.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Batch It! Ultra 3.978 KeyGen.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\BatchOutput 1.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Battlefield 1942 BiTurbo Mod.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Bay Area Diving RSS feed 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Big Faceless Report Generator 1.1.34.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Bigeye Network Manager 3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Birthdays 2.3 Key+Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Bitdefender.v8.Keygen.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\BpmChecker 3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\BRICKLETTER 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\CarryDVD 4.5.0 Crack.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\celum IMAGINE 3.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\CHP Incident Information 1.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\CoCoMiner 1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\ColorPickUp 1.1.0.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Command & Conquer Generals Train map.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Coollector 1.13.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\CTC 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\CTMailer 2.20.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Customized Windows Logon 1.0 (Key+Serial).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Dealership Director 3.01 Patch.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Deleted Digital Photo Pictures Retrieval 2.0.1.5.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Dramatica Pro 4.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\DVD Base Lite 5.530.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\DVD to VCD AVI DivX Converter 3.2 build 069 Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\DVD X IMAGER 2.0.0.1 (Serial).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Dynomite 2.01.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Easy SMTP Server 2.7 [Key].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\EasyTVA V1.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Email Spy Pro 5.1.6.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\EnergySaver 2.31.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\ESXManager 7.5.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Excel Password Recovery Key 6.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Exe Password 2004 7.114.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\F-Album 1.8.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Falling Icons 3D Screensaver 1.2 (Key+Serial).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\FastChords 3.6 Key+Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\FileMenu 1.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Flashback 1.5.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Flippin' Switcheroo 1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Folder Iconizer 1.4.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\FRS Clocks and Time 1.8 [KeyGen].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\GalleryView 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\GAMP Candy 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Generador2.0.Para.Actualizaciones.Del.Antivirus.Nod32.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\GetAnonymous Professional 2.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\GoToMeeting 3.0 [KeyGen].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Grass Roots 1.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Hadi Farsi Builder 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\HandyRec Professional 4.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\HD Workbench 1.1.31 Cracked.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\HidePro 0.5.1.70 (beta 3).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\High--Low 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\HotDog Junior 1.51.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Hours Manager 1.1 (Key+Serial).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\HumanityThunder 3.1.1028 (Key).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\iDump 1.1.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\IESnap 1.2 (Key+Serial).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\InsideCAT Lite Edition 4.00 [Key].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Insider 3.02 [Key+Serial].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\iPod Audio Studio 6.4.2 [With Crack].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Itookia Free Icon Set.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Jerrycan 6.28.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Keyspan USB Twin Serial Adapter Software 1.9.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Landscape 1.2.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Lemonade Tycoon 2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\LingvoSoft Dictionary 2007 German - French 4.0.22 Key+Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\LingvoSoft Suite 2006 Turkish-Russian for Windows 3.1.29.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Logic Builder - VBA Runtime Demo 1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Lunar Colongitude 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MagiName 1.2 Build 30 Patch.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MasterBlaster Deluxe 2.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MCAFEE.ANTISPYWARE.V1.0.2005.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\McAfee.Internet.Security.Suite.V7.0.2005.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Medianet 1.0.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MonoCalendar 0.7.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Morovia Royal Mail RM4SCC Fontware 3.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MorphVOX 2.9.8.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MP3DJ Broadcast 3.7 (With Crack).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MSDict Professional Dictionary Bundle (Symbian Series 80) 2.40.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Muon 1.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\MYquery Analyzer 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\N-Ball 2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Net Snippets Standard 3.3 [Key].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Network Traffic Generator and Monitor 1.7.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Nuclear Clock 2.24.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\OGM to AVI Converter 3.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\OpenOffice IFilter 1.2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PacRush 1.42.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Paint Shop Photo Album 5.01 (Crack).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Paquet Builder 2.9.5.0 Key.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Password generator 1.0 beta.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Password Inventory 1.1.0.2 (Key).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PC-Com Basic 8.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PDF Conversion Series - PDF2TXT 1.1 build 1115.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PDF Security and Privacy Audit 2.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Perfect Day
C:\Documents and Settings\PATTY\Application Data\m\shared\Phyllotaxis Screensaver 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PictMatch 2.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Pink Calendar and Day Planner 6.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Planetary Dreamscapes 1 1.0 [Serial].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PM Master 2.8 [Crack].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PopSurfer 1.1 (With Crack).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Portals of Arnak 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Power Siphon 1.9.6.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\PowerPoint Slide Show Converter 2.3.0.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\ProcView32 2.01.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\QuidProQuo 1.04 Key.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\r.a.d.ajax 1.62 Key+Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Radio Max toolbar for IE 4.5.129.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Rapid Backup Beta 1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\RAR IFilter 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\RC Converter 2.0 [Cracked].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Remote Software Installation Utility 2007 Key+Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Renamer 5.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\RGS-ADSLBoost 1.0.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\RSS Content Generator Enterprise 3.1.58 Serial.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\San Francisco 49ers screensaver.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Scenic Drive - Welsh Hills to Chestnut Hills 1.0 [Cracked].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Sense Remote Control 1.4.0.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Sfx-Factory 2.6.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Sideways Screensaver 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Slawdog Smart Shutdown 1.4.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\SmartFormFiller 5.1 With Crack.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\SMB iCRM 4.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Soft193 Password Manager 1.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Softdiv Audio Converter 3.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Space War Online 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Spamihilator 0.9.9.31.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\SQLeonardo 2006.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Starlines INC 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\swBatchPrint 1.5.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Symantec.Norton.Antivirus.2007.Full.+.Symantec.Norton.Internet.Security.2007.Full.part1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\TestLAB 3.0.3 [Serial].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Text Converter 2.1.3.21.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\TextPad 5.0.3.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\The Business OpsCenter 3.5.0 KeyGen.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Thunder Batch 2.1.2 [Cracked].zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Titanium Checkbook 3.2 With Crack.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Trade Empires 1.01 patch.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Traffic Scotland Cameras 1.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Trojan Guarder 5.54.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Twinsen's Odyssey demo.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\uCertify PrepKit for test 70-300 8.02.5 Key.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Unreal Tournament 2003 - Fire Pitt v1.1 deathmatch map.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Unreal Tournament 2003 - Knallert45 deathmatch map.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\UrVirtualDesktops 1.0.0.31.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\VAS Free System Tools 1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\VB Doodle 5.0.0.68.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Vegetarian Cookery 1.0 (With Crack).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\VerMan's Art Converter 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Visual Catalogues Lite 4.16.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Voice Tracker 1.3 Key.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\VOKATOR 1.0.2 Key.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Volt 1.301.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Warcraft III - Lt. Bronx's Assault map.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Warcraft III - The Death Sheep map.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Warhammer 40,000 Dawn of War The Canyon map 2.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\WGP FolderLock 2006 1.0.4 (Patch).zip
C:\Documents and Settings\PATTY\Application Data\m\shared\When Clones Attack 1.04.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Wincry 1.6.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\WinLog Assist 2.1.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\WOA Custom Document Properties 1.0.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Woize 2.5.0.32959.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Word Password Recovery Key 8.0 build 2514.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\WordCaptureX 2.2 KeyGen.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\X-Copy Professional 1.6.50.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\YASA VOB to iPod Converter 4.0 Cracked.zip
C:\Documents and Settings\PATTY\Application Data\m\shared\Zarafa Outlook Sharing 4.22 [Key+Serial].zip
C:\Documents and Settings\PATTY\Application Data\m\srvlist.oct
C:\Documents and Settings\PATTY\ravmonlog
C:\resycled
C:\resycled\boot.com
C:\WINDOWS\cnsinfo.dat
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\_000009_.tmp.dll
C:\WINDOWS\system32\fxtslgsw.ini
C:\WINDOWS\system32\kdpuf.exe
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\plpgbsvi.ini
C:\WINDOWS\system32\RsDdcfii.ini
C:\WINDOWS\system32\RsDdcfii.ini2
C:\xcrashdump.dat

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Legacy_CNSMINKP
-------\Service_Boonty Games


((((((((((((((((((((((((((((( Fichiers créés du 2008-09-28 au 2008-10-28 ))))))))))))))))))))))))))))))))))))
.

2008-10-28 18:27 . 2008-10-28 18:51 <REP> d-------- C:\Lop SD
2008-10-28 18:07 . 2008-10-28 18:24 <REP> d-------- C:\Program Files\Navilog1
2008-10-28 17:54 . 2008-10-28 17:54 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-28 17:54 . 2008-10-28 17:54 <REP> d-------- C:\Documents and Settings\PATTY\Application Data\Malwarebytes
2008-10-28 17:54 . 2008-10-28 17:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-28 17:54 . 2008-10-22 16:10 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-28 17:54 . 2008-10-22 16:10 15,504 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-28 16:27 . 2008-10-28 16:33 <REP> d-------- C:\Program Files\TuneUp Utilities 2008
2008-10-28 16:27 . 2008-10-28 16:27 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-10-28 16:27 . 2008-10-28 16:27 355,584 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-10-28 16:27 . 2008-05-29 09:28 28,416 --a------ C:\WINDOWS\system32\uxtuneup.dll
2008-10-28 16:11 . 2008-10-28 16:11 <REP> d-------- C:\Program Files\Zylom Games2
2008-10-28 13:43 . 2008-10-28 13:43 <REP> d-------- C:\Documents and Settings\PATTY\Application Data\ESET
2008-10-28 13:27 . 2008-10-28 13:27 <REP> d-------- C:\Program Files\ESET
2008-10-28 13:27 . 2008-10-28 13:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ESET
2008-10-28 13:07 . 2008-10-28 13:07 144 --a------ C:\WINDOWS\wininit.ini
2008-10-27 22:40 . 2008-10-27 22:40 <REP> d-------- C:\VundoFix Backups
2008-10-27 22:36 . 2008-10-27 22:37 <REP> d-------- C:\rsit
2008-10-27 22:36 . 2008-10-27 22:37 <REP> d-------- C:\Program Files\trend micro
2008-10-26 16:41 . 2008-10-26 16:41 <REP> d-------- C:\Program Files\Yahoo!
2008-10-26 16:41 . 2008-10-26 16:42 <REP> d-------- C:\Program Files\CCleaner
2008-10-24 06:59 . 2008-10-15 17:35 337,408 --------- C:\WINDOWS\system32\dllcache\netapi32.dll
2008-10-23 14:46 . 2008-10-23 14:46 <REP> d-------- C:\Program Files\SmartShopper
2008-10-23 14:46 . 2008-10-27 14:49 <REP> d-------- C:\Documents and Settings\PATTY\Application Data\SmartShopper
2008-10-23 14:46 . 2008-10-23 14:46 0 --a------ C:\WINDOWS\_MSI5166._IS
2008-10-22 15:51 . 2006-11-13 14:30 106,496 --a------ C:\WINDOWS\system32\ssPlantasia.scr
2008-10-22 13:16 . 2008-10-22 13:16 <REP> d-------- C:\Program Files\DD PlayCam
2008-10-22 13:15 . 2008-10-22 13:15 <REP> d-------- C:\Program Files\Fichiers communs\Look312P
2008-10-22 13:15 . 2004-03-19 17:11 90,968 --a------ C:\WINDOWS\system32\drivers\usbVM31b.sys
2008-10-22 13:15 . 2003-05-15 16:17 61,440 --a------ C:\WINDOWS\system32\VM31bSTI.dll
2008-10-21 23:44 . 2008-10-22 18:40 <REP> d-------- C:\WINDOWS\Album
2008-10-21 23:43 . 2008-10-22 22:52 <REP> d-------- C:\Program Files\Look 312P
2008-10-21 23:43 . 2005-06-27 17:24 184,392 --------- C:\WINDOWS\system32\VM31bPrp.Ax
2008-10-21 23:32 . 2008-04-13 19:45 60,032 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2008-10-21 23:32 . 2008-04-13 19:45 60,032 --a------ C:\WINDOWS\system32\dllcache\usbaudio.sys
2008-10-16 21:13 . 2008-08-14 14:23 2,191,232 --------- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-10-16 21:13 . 2008-08-14 14:23 2,147,328 --------- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-10-16 21:13 . 2008-08-14 14:23 2,068,096 --------- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-10-16 21:13 . 2008-08-14 14:23 2,025,984 --------- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-10-16 13:01 . 2008-09-15 16:26 1,846,528 --------- C:\WINDOWS\system32\dllcache\win32k.sys
2008-10-16 12:15 . 2008-09-08 11:41 333,824 --------- C:\WINDOWS\system32\dllcache\srv.sys
2008-10-14 23:51 . 2008-10-14 23:51 <REP> d-------- C:\Documents and Settings\PATTY\Application Data\GamesCafe
2008-10-10 23:21 . 2008-10-19 19:58 <REP> d-------- C:\Documents and Settings\PATTY\Application Data\Shopping Blocks
2008-10-04 13:51 . 2008-10-04 13:51 <REP> d-------- C:\Program Files\Eidos
2008-10-04 09:20 . 2008-10-04 09:20 <REP> d-------- C:\Documents and Settings\PATTY\Application Data\Anuman Interactive

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-28 16:31 --------- d-----w C:\Program Files\Zylom Games
2008-10-28 16:21 --------- d-----w C:\Documents and Settings\PATTY\Application Data\Zylom
2008-10-28 15:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-10-28 13:19 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-10-28 12:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-28 01:35 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-10-28 01:34 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-28 01:34 --------- d-----w C:\Documents and Settings\PATTY\Application Data\EoRezo
2008-10-28 00:27 --------- d-----w C:\Program Files\EoRezo
2008-10-27 21:23 --------- d-----w C:\Program Files\WiPen
2008-10-27 21:11 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-10-26 20:19 --------- d-----w C:\Program Files\eMule
2008-10-23 15:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\MythPeople
2008-10-05 12:25 --------- d-----w C:\Program Files\GameSpy Arcade
2008-10-04 21:05 --------- d-----w C:\Documents and Settings\PATTY\Application Data\PlayFirst
2008-10-04 20:11 --------- d-----w C:\Program Files\Ubisoft
2008-10-04 20:11 --------- d-----w C:\Program Files\Codemasters
2008-10-04 20:11 --------- d-----w C:\Program Files\Anuman Interactive
2008-10-04 08:26 278,984 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys
2008-09-25 10:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\GameHouse
2008-09-23 21:49 --------- d-----w C:\Documents and Settings\PATTY\Application Data\Playrix Entertainment
2008-09-19 12:07 18,048 ----a-w C:\WINDOWS\system32\drivers\lirsgt.sys
2008-09-17 12:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sandlot Games
2008-09-12 23:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\POPWWPROFILES
2008-09-12 07:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Gogii
2008-09-11 20:54 --------- d-----w C:\Documents and Settings\PATTY\Application Data\SPAMfighter
2008-09-08 10:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-09-07 12:01 --------- d-----w C:\Program Files\Maxis
2008-09-07 11:08 --------- d-----w C:\Program Files\MSN Messenger
2008-09-04 11:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\MumboJumbo
2008-09-02 09:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\PlayFirst
2008-04-01 16:46 212,368 ----a-w C:\Documents and Settings\PATTY\Application Data\GDIPFONTCACHEV1.DAT
2007-04-25 14:08 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2003-03-21 11:37 16,056 ----a-w C:\Program Files\owcstp16.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="C:\APPS\SMP\SmpSys.exe" [2005-11-17 975360]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-09 68856]
"AnumanLive"="C:\Documents and Settings\PATTY\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe" [2008-07-01 347648]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2007-10-25 1410304]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 7700480]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]

C:\Documents and Settings\PATTY\Menu D‚marrer\Programmes\D‚marrage\
FreeBot.lnk - C:\Program Files\FreeBot\freebot.exe [2006-04-04 2480440]

C:\Documents and Settings\PATTY\Menu D‚marrer\Programmes\D‚marrage\
FreeBot.lnk - C:\Program Files\FreeBot\freebot.exe [2006-04-04 2480440]

C:\Documents and Settings\PATTY\Menu D‚marrer\Programmes\D‚marrage\
FreeBot.lnk - C:\Program Files\FreeBot\freebot.exe [2006-04-04 2480440]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.iv31"= C:\WINDOWS\system32\ir32_32.dll
"vidc.iv32"= C:\WINDOWS\system32\ir32_32.dll
"msacm.dvacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.mpegacm"= mpegacm.acm
"msacm.ulmp3acm"= ulmp3acm.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"C:\\WINDOWS\\system32\\mmc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"13789:TCP"= 13789:TCP:NortonAV
"16158:TCP"= 16158:TCP:NortonAV
"16502:TCP"= 16502:TCP:NortonAV
"16499:TCP"= 16499:TCP:NortonAV
"15187:TCP"= 15187:TCP:NortonAV
"56586:TCP"= 56586:TCP:Pando P2P TCP Listening Port
"56586:UDP"= 56586:UDP:Pando P2P UDP Listening Port

R2 ithsgt;ithsgt;C:\WINDOWS\system32\DRIVERS\ithsgt.sys [2007-02-10 162432]
R2 lilsgt;lilsgt;C:\WINDOWS\system32\DRIVERS\lilsgt.sys [2007-02-10 12032]
R2 NwSapAgent;Agent SAP;C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 SrvCDEject;SrvCDEject;C:\Program Files\Packard Bell\SrvCDEject.exe [2006-07-25 613376]
R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 3xHybrid;ASUSTek SAA713x PCI Card;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-04-28 882688]
R3 RTSTOR;USB Mass Stroage Device;C:\WINDOWS\system32\drivers\RTSTOR.SYS [2005-12-21 20096]
R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys [2005-11-28 7040]
S2 AbyssWebServer;Abyss Web Server;F:\abyssws.exe [ ]
S3 DIGIRPS;Pilote PortServer Digi;C:\WINDOWS\system32\DRIVERS\digirlpt.sys [2001-08-23 42656]
S3 gAGP440p;gAGP440p;C:\DOCUME~1\PATTY\LOCALS~1\Temp\gAGP440p.sys [ ]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\system32\drivers\mbamswissarmy.sys [2008-10-22 38496]
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2004-05-17 17536]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-10-28 355584]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8b7aeaa1-6abb-11dd-8174-00038a000015}]
\Shell\AutoRun\command - F:\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a5e536d2-4688-11dc-bfed-00038a000015}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
\Shell\Open(&0)\command - Recycled\ctfmon.exe
.
Contenu du dossier 'Tâches planifiées'

2008-10-28 C:\WINDOWS\Tasks\Maintenance en 1 clic.job
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:23]
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{32341E7E-C319-46DE-91D0-E30BB1A3CABA} - (no file)
BHO-{6A511CCC-E0F0-4A27-A70A-664C11A4F999} - (no file)
HKLM-Run-C:\WINDOWS\system32\kdpuf.exe - C:\WINDOWS\system32\kdpuf.exe
Notify-__c008EED6 - C:\WINDOWS\system32\__c008EED6.dat
Notify-cbXooMcY - cbXooMcY.dll


.
------- Examen supplémentaire -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.lo.st
R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s
O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 -: {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - {BCEB373D-A35A-4200-BD43-8586CD9DFAE7} -

O16 -: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} - hxxp://zylom.king.com/ctl/kingcomie.cab
C:\WINDOWS\Downloaded Program Files\KingComIE.inf
C:\WINDOWS\KingComIE.dll

O16 -: {48DF87EE-F2DE-11D8-BE7F-302050C10811} - hxxp://www.flysuite.com/flyword/loaderword_win_fr.cab
C:\WINDOWS\Downloaded Program Files\FlyLoader.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-28 19:20:32
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\ehome\ehrecvr.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\X10nets.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2008-10-28 19:29:13 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-10-28 18:29:10

Avant-CF: 249 614 553 088 octets libres
Après-CF: 249,048,584,192 octets libres

450 --- E O F --- 2008-10-25 12:13:51
0
Réponse 24 / 46
odin
28 oct. 2008 à 19:43
euh dsl j'ai pas fait gaffe, j'ai envoyer 3 fois le mm rapport....
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 46
odin
28 oct. 2008 à 19:52
quelqu'un peut continuer ce poste svp?
0
Réponse 26 / 46
odin
28 oct. 2008 à 19:58
s'il vous plais, le membre qui s'occupait de moi est parti, pouvez vous le relayer svp
0
Réponse 27 / 46
odin
28 oct. 2008 à 20:03
svp...
0
Réponse 28 / 46
odin
28 oct. 2008 à 20:10
Quelqu'un peut me dire ce que je dis faire après combofix s'il vous plais
0
Réponse 29 / 46
Psycotix Messages postés 16 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 4 novembre 2008
28 oct. 2008 à 20:30
à l'aide svp, HELP
0
Réponse 30 / 46
Psycotix Messages postés 16 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 4 novembre 2008
28 oct. 2008 à 20:40
S'IL VOUS PLAIT
0
Réponse 31 / 46
Psycotix Messages postés 16 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 4 novembre 2008
28 oct. 2008 à 20:49
qu'est ce que je dois faire ensuite?
0
Réponse 32 / 46
Psycotix Messages postés 16 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 4 novembre 2008
28 oct. 2008 à 21:37
bon j'ai contacter un de tes collègue chiquetine, il m'a conseillé de faire avancer le poste avec un rapport hijack
donc en voila un:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:37:19, on 28/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\APPS\SMP\SmpSys.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\PATTY\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Packard Bell\SrvCDEject.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\PATTY\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AnumanLive] C:\Documents and Settings\PATTY\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: FreeBot.lnk = C:\Program Files\FreeBot\freebot.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: FreeBot.lnk = C:\Program Files\FreeBot\freebot.exe (User 'Default user')
O4 - Startup: FreeBot.lnk = C:\Program Files\FreeBot\freebot.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - https://www.king.com/
O16 - DPF: {48DF87EE-F2DE-11D8-BE7F-302050C10811} (FlyLoader Class) - http://www.flysuite.com/flyword/loaderword_win_fr.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Abyss Web Server (AbyssWebServer) - Unknown owner - F:\abyssws.exe (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SrvCDEject - Unknown owner - C:\Program Files\Packard Bell\SrvCDEject.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
O24 - Desktop Component 0: (no name) - https://image.jeuxvideo.com/pics/logo1.gif
0
Réponse 33 / 46
Psycotix Messages postés 16 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 4 novembre 2008
28 oct. 2008 à 22:21
moi je m'en vais donc c'est ma soeur qui prend le relai alors essay de détailer un peut plus les explications voila a+ et merci
0
Réponse 34 / 46
Utilisateur anonyme
29 oct. 2008 à 00:53
Il faut patienter. Le rapport que tu lui a envoyé------->>>COMBOFIX nécessite une grande prudence et il est long à analyser. Il faut prendre ton mal en patience! Chiquitine ne laissera pas tomber. Tu peux compter sur elle. Tu auras une réponse sous peu!!! N'envoie pas de MP à tout le monde pour prendre la suite....cela ne sert à rien!

De plus, les helpeurs, tout comme toi je suppose ont une vie privée.

Ca va arriver, pas de panique! A++ :))

Bonne chance et bonne continuation.
0
Réponse 35 / 46
Utilisateur anonyme
3 nov. 2008 à 14:00
re désolé


Telecharge UsbFix sur ton bureau

--> Lance l installation avec les parametres par default

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir

--> Double clic sur le raccourci UsbFix sur ton bureau

--> Le pc va redémarer

-->Apres redémarrage post le rapport UsbFix.txt

Note : le rapport UsbFix.txt est sauvegardé a la racine du disque
0
Réponse 36 / 46
pat
3 nov. 2008 à 14:20
-------------- UsbFix V2.395 ---------------

* User : PATTY - 121888950314
* Outils mis a jours le 01/11/2008 par Chiquitine29 et Chimay8
* Recherche effectuée à 14:12:11 le 03/11/2008
* Windows Xp - Internet Explorer 7.0.5730.11


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\userinit.exe
C:\DOCUME~1\PATTY\LOCALS~1\Temp\1.tmp\b2e.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\eHome\ehRec.exe
C:\Program Files\Packard Bell\SrvCDEject.exe

--------------- [ Informations lecteurs ] ----------------

C: - Lecteur fixe


--------------- [ Registre / Startup ] ----------------


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
NvCplDaemon REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
TkBellExe REG_SZ "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
AVP REG_SZ "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\avp6_post_uninstall

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
SmpcSys REG_SZ C:\APPS\SMP\SmpSys.exe
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

--------------- [ Registre / Mountpoint2 ] ----------------

Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8b7aeaa1-6abb-11dd-8174-00038a000015}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a5e536d2-4688-11dc-bfed-00038a000015}\Shell\AutoRun\command

--------------- [ Nettoyage des disques ] ----------------


--------------- [ Listing des fichiers présents ] ----------------

-> /!\ Le resultat doit etre interprété par un spécialiste /!\

[10/08/2004 14:00][--ah-----] C:\NTDETECT.COM
[09/05/2007 21:16][--ah-----] C:\Google Updater.exe
[09/05/2007 21:16][--ah-----] C:\UNWISE.EXE
[12/02/2007 13:51][--ahs----] C:\BOOT.INI

--------------- ! Fin du rapport ! ----------------
0
Réponse 37 / 46
Utilisateur anonyme
3 nov. 2008 à 14:31
Telecharge malwarebytes

Tu l´instale; le programme va se mettre automatiquement a jour.

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".

Puis click sur "rechercher".

Laisse le scanner le pc...

Si des elements on ete trouvés > click sur supprimer la selection.

si il t´es demandé de redemarrer > click sur "yes".

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.

Copie et colle le rapport stp.

PS : les rapport sont aussi rangé dans l onglet rapport/log
0
Réponse 38 / 46
pat
3 nov. 2008 à 16:45
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1358
Windows 5.1.2600 Service Pack 3

03/11/2008 16:44:22
mbam-log-2008-11-03 (16-44-13).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 245736
Temps écoulé: 1 hour(s), 12 minute(s), 29 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{32341e7e-c319-46de-91d0-e30bb1a3caba} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{32341e7e-c319-46de-91d0-e30bb1a3caba} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\sexvid (Trojan.DNSChanger) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c008eed6 (Trojan.Vundo) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\system32\ (Trojan.Vundo) -> No action taken.
C:\Program Files\EoRezo (Rogue.Eorezo) -> No action taken.
0
Réponse 39 / 46
Utilisateur anonyme
3 nov. 2008 à 16:46
No action taken

tu as supprimé la selection ?
0
Réponse 40 / 46
pat
3 nov. 2008 à 16:55
oui
0

Discussions similaires

Message "Un bloqueur de publicité empêche la lecture..."
pistouri -
pistouri -

0 réponse
M6 Replay désactiver le bloqueur de publicité
katydel88 -
Mathieu -

14 réponses
Comment désactiver le mode sécurisé de la Freebox POP.
Cycy -
munstef676 -

11 réponses
comment desactiver un bloqueur de pub
amour10 -
MPMP10 -

4 réponses
Comment enlever l'audiodescription pour non voyant ?
chantal1234 -
Sim -

52 réponses