au secour
Forum Sécurité - Virus : au secour
je n'ai plus d'antivirus qui fonctionne et impossible de désinstaller antivir en plus quand je veux faire un clic droit sur les icones de mon bureau le message suivant apparait " explorateur windows a cessé de fonctionner" je sais plus quoi faire; j'ai essayé une restauration et ça change rien. s'il vous plait aidez moi
en plus quand je veux supprimer certains programmes ça ne marche pas.
Bonjour,
Télécharge Elibagla au bas de cette page.
Il est préférable pour certains antivirus de les désactiver avant d’entâmer cette procédure !
- Clique sur le Descargar Elibagla afin de télécharger le fichier, enregistre-le sur ton Bureau.
- Lance le en double cliquant dessus.
- Vérifie que dans le menu déroulant Unidad, il y ait bien la racine de la racine de la partition où est installé Windows, généralement -> C:\
- L'option Eliminar Ficheros Automaticamente doit également être cochée.
- Clique sur Explorar pour lancer l'analyse.
- Poste le rapport généré en fin fin d'analyse.
Répondre à XmichouX
je n'arrive pas télécharger elibagla
C'est à dire ?
Peux-tu l'apporter par clef usb dans ce cas ?
Répondre à XmichouX
non je n'en ai pas . tu m'as dit de le télécharger en bas de cette page mais je vois pas ou. j'ai essayé de le trouver sur google je ne le vois pas.
Tout en bas de la page indiquée, il y a une icône " descargar Elibagla 11.65", tu cliques là dessus.
Répondre à XmichouX
c bon j'ai fait.mais comment je poste le rapport
excuse moi mais je comprend pas, je n'ai pas ça sur la page. je suis perdu là.
je n'ai que explorar ou salir et dans le carré blanc il n'y à rien d'affiché.
pendant l'annalyse ça me met acceso denegado a la carpeta est ce normal?
"Oui", à la fin du scan poste moi le rapport.
Répondre à XmichouX
le scan est fini mais il n'y as aucun rapport. ça me dit : numero total de directorios: 18681
numéro total de ficheros: 121685
numéro de annalysados : 16841
" eliminados : 0
" de infectados : 0
et j'ai 2 choix possible soit explorar ( que j'ai déjà fait) soit salir. en tout cas merci de ton aide c'est gentil parce que la je suis complètement perdu
Bon, on va voir ..
Fais un clic droit sur ComboFix (de sUBs) et choisis Enregistrer la cible (du lien) sous.
- Choisis le Bureau, insère un trait d'union entre Combo et Fix de telle manière à obtenir Combo-Fix.exe, puis choisis Enregistrer.
- Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)
- Double clique sur ComboFix.exe.
- Accepte la licence en cliquant sur Oui.
- Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
Le rapport se trouve ici : %systemdrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)
Aide : Comment utiliser ComboFix.
Répondre à XmichouX
excuse moi j'étais partie . quand je fais un clic droit sur combofix et que je clic sur enregistrer ça disparait de mon écran et rien ne se passe.
finalement j'ai réussit. voici le rapport : ComboFix 08-07-30.02 - alison 2008-07-31 15:46:48.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.2255 [GMT 2:00]
Endroit: C:\Users\alison\Desktop\Combo-Fix.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2008-06-28 to 2008-07-31 ))))))))))))))))))))))))))))))))))))
.
2008-07-31 15:43 . 2008-07-31 15:43 <REP> d-------- C:\ComboFix
2008-07-31 10:16 . 2008-07-31 10:16 <REP> d-------- C:\Program Files\ItsLabel
2008-07-28 20:16 . 2008-07-28 20:16 <REP> d-------- C:\Users\All Users\Friends Games
2008-07-28 20:16 . 2008-07-28 20:16 <REP> d-------- C:\ProgramData\Friends Games
2008-07-28 17:59 . 2008-07-31 11:42 <REP> d-------- C:\Program Files\Outlook Messenger
2008-07-28 17:59 . 2003-12-12 11:08 495,616 --a------ C:\Windows\System32\Scanner.dll
2008-07-28 17:59 . 2004-03-09 00:00 260,880 --a------ C:\Windows\System32\msflxgrd.ocx
2008-07-28 17:59 . 2004-03-08 10:30 212,240 --a------ C:\Windows\System32\RICHTX32.OCX
2008-07-28 17:59 . 1999-11-05 00:00 131,968 --a------ C:\Windows\System32\DHTMLED.OCX
2008-07-28 17:59 . 2007-04-13 13:34 118,784 --a------ C:\Windows\System32\ConaitoExtended.ocx
2008-07-28 17:59 . 1998-03-26 01:12 53,248 --a------ C:\Windows\System32\zlib.dll
2008-07-28 17:59 . 2008-07-28 17:59 454 --a------ C:\Scanner.ECF
2008-07-27 19:04 . 2008-07-27 19:04 <REP> d-------- C:\Users\All Users\Oberon Media
2008-07-27 19:04 . 2008-07-27 19:04 <REP> d-------- C:\ProgramData\Oberon Media
2008-07-27 16:32 . 2008-07-27 16:32 <REP> d-------- C:\Boonty(0)
2008-07-27 16:32 . 2008-07-31 11:42 <REP> d-------- C:\Boonty
2008-07-26 22:44 . 2008-07-31 11:42 <REP> d-------- C:\Program Files\Common Files\xing shared
2008-07-26 20:01 . 2008-07-26 20:01 107,888 --a------ C:\Windows\System32\CmdLineExt.dll
2008-07-26 17:21 . 2008-07-31 11:42 <REP> d-------- C:\Program Files\Téléchargeur de Singles
2008-07-26 16:56 . 2008-07-26 17:33 <REP> d-------- C:\Program Files\Puppy Luv
2008-07-26 16:56 . 2008-07-31 11:42 <REP> d-------- C:\Program Files\Family Feud Dream Home
2008-07-26 16:28 . 2008-07-26 16:48 <REP> d-------- C:\Program Files\Atlantis Adventure
2008-07-26 16:23 . 2008-07-28 19:31 <REP> d-------- C:\Users\All Users\Flood Light Games
2008-07-26 16:23 . 2008-07-28 19:31 <REP> d-------- C:\Users\alison\AppData\Roaming\Flood Light Games
2008-07-26 16:23 . 2008-07-28 19:31 <REP> d-------- C:\ProgramData\Flood Light Games
2008-07-26 14:24 . 2008-07-26 16:23 <REP> d-------- C:\Program Files\Sallys Spa
2008-07-26 10:09 . 2008-07-31 11:07 <REP> d-------- C:\Users\All Users\Avira(304)
2008-07-26 10:09 . 2008-07-31 11:33 <REP> d-------- C:\Users\All Users\Avira(283)
2008-07-26 10:09 . 2008-07-31 10:58 <REP> d-------- C:\Users\All Users\Avira(256)
2008-07-26 10:09 . 2008-07-26 10:09 <REP> d-------- C:\Users\All Users\Avira(251)
2008-07-26 10:09 . 2008-07-31 11:42 <REP> d-------- C:\Users\All Users\Avira
2008-07-26 10:09 . 2008-07-31 11:07 <REP> d-------- C:\ProgramData\Avira(304)
2008-07-26 10:09 . 2008-07-31 11:33 <REP> d-------- C:\ProgramData\Avira(283)
2008-07-26 10:09 . 2008-07-31 10:58 <REP> d-------- C:\ProgramData\Avira(256)
2008-07-26 10:09 . 2008-07-26 10:09 <REP> d-------- C:\ProgramData\Avira(251)
2008-07-26 10:09 . 2008-07-31 11:42 <REP> d-------- C:\ProgramData\Avira
2008-07-26 10:09 . 2008-07-31 11:42 <REP> d-------- C:\Program Files\Avira
2008-07-25 12:03 . 2008-07-25 12:03 <REP> d-------- C:\Users\alison\AppData\Roaming\UNOUndercover
2008-07-24 00:31 . 2008-07-24 00:31 <REP> d-------- C:\Users\All Users\Fenomen Games
2008-07-24 00:31 . 2008-07-24 00:31 <REP> d-------- C:\ProgramData\Fenomen Games
2008-07-23 23:49 . 2008-07-23 23:49 <REP> d-------- C:\Users\All Users\FreshGames
2008-07-23 23:49 . 2008-07-23 23:49 <REP> d-------- C:\ProgramData\FreshGames
2008-07-23 22:57 . 2008-07-24 10:06 <REP> d-------- C:\Program Files\M6 Jeux
2008-07-23 21:03 . 2008-07-23 21:03 <REP> d-------- C:\Users\All Users\HipSoft
2008-07-23 21:03 . 2008-07-23 21:03 <REP> d-------- C:\ProgramData\HipSoft
2008-07-23 14:25 . 2008-07-23 22:16 <REP> d-------- C:\Program Files\CandyFactory_at
2008-07-23 14:12 . 2008-07-31 10:58 <REP> d-------- C:\Program Files\BoontyGames
2008-07-23 13:27 . 2008-07-23 14:02 <REP> d-------- C:\Program Files\ParadisePetSalon_at
2008-07-23 13:05 . 2008-07-23 13:05 <REP> d-------- C:\Program Files\eMule
2008-07-23 11:17 . 2008-07-23 11:17 <REP> d-------- C:\Program Files\Web Media Player
2008-07-20 15:30 . 2008-07-20 15:30 <REP> d-------- C:\Users\All Users\Intenium
2008-07-20 15:30 . 2008-07-20 15:30 <REP> d-------- C:\ProgramData\Intenium
2008-07-17 12:21 . 2008-07-17 12:24 <REP> d-------- C:\Program Files\Windows Live Toolbar
2008-07-11 09:52 . 2008-06-26 03:45 12,240,896 --a------ C:\Windows\System32\NlsLexicons0007.dll
2008-07-11 09:52 . 2008-06-26 03:45 2,644,480 --a------ C:\Windows\System32\NlsLexicons0009.dll
2008-07-11 09:52 . 2008-06-26 05:29 801,280 --a------ C:\Windows\System32\NaturalLanguage6.dll
2008-07-09 09:41 . 2008-04-26 10:25 3,600,952 --a------ C:\Windows\System32\ntkrnlpa.exe
2008-07-09 09:41 . 2008-04-26 10:25 3,549,240 --a------ C:\Windows\System32\ntoskrnl.exe
2008-07-09 09:41 . 2008-04-26 10:26 891,448 --a------ C:\Windows\System32\drivers\tcpip.sys
2008-07-09 09:41 . 2008-04-12 05:32 784,896 --a------ C:\Windows\System32\rpcrt4.dll
2008-07-09 09:41 . 2008-05-10 05:35 564,736 --a------ C:\Windows\System32\emdmgmt.dll
2008-07-09 09:41 . 2008-04-05 03:21 72,192 --a------ C:\Windows\System32\drivers\pacer.sys
2008-07-09 09:41 . 2008-04-05 05:34 15,360 --a------ C:\Windows\System32\pacerprf.dll
2008-07-09 09:40 . 2008-05-08 23:59 430,080 --a------ C:\Windows\System32\vbscript.dll
2008-07-09 09:40 . 2008-05-08 23:59 180,224 --a------ C:\Windows\System32\scrobj.dll
2008-07-09 09:40 . 2008-05-08 23:59 172,032 --a------ C:\Windows\System32\scrrun.dll
2008-07-09 09:40 . 2008-05-08 23:59 155,648 --a------ C:\Windows\System32\wscript.exe
2008-07-09 09:40 . 2008-05-08 23:58 135,168 --a------ C:\Windows\System32\wshom.ocx
2008-07-09 09:40 . 2008-05-08 23:58 135,168 --a------ C:\Windows\System32\cscript.exe
2008-07-09 09:40 . 2008-05-08 23:59 90,112 --a------ C:\Windows\System32\wshext.dll
2008-07-07 16:57 . 2008-07-07 16:57 <REP> d-------- C:\Users\alison\AppData\Roaming\funkitron
2008-07-07 16:35 . 2008-07-07 16:35 <REP> d-------- C:\Users\All Users\Vogue Tales
2008-07-07 16:35 . 2008-07-07 16:35 <REP> d-------- C:\ProgramData\Vogue Tales
2008-07-04 20:55 . 2008-07-26 20:01 <REP> d-------- C:\Users\alison\AppData\Roaming\cerasus.media
2008-07-04 14:08 . 2008-07-04 14:08 <REP> d-------- C:\Windows\Doggie Dash
2008-07-04 14:04 . 2008-07-23 14:13 <REP> d-------- C:\Program Files\Alawar
2008-07-04 13:57 . 2008-07-18 00:06 <REP> d-------- C:\Program Files\GameFiesta
2008-07-04 13:55 . 2008-07-23 09:35 <REP> d-------- C:\games
2008-06-17 12:35 . 2008-06-17 12:35 <REP> d-------- C:\Users\All Users\GameHouse
2008-06-17 12:35 . 2008-06-17 12:35 <REP> d-------- C:\ProgramData\GameHouse
2008-06-16 23:01 . 2008-06-16 23:01 <REP> d-------- C:\Users\All Users\PlayPond
2008-06-16 23:01 . 2008-06-16 23:01 <REP> d-------- C:\ProgramData\PlayPond
2008-06-15 10:18 . 2008-04-23 06:42 428,544 --a------ C:\Windows\System32\EncDec.dll
2008-06-15 10:18 . 2008-04-23 06:42 293,376 --a------ C:\Windows\System32\psisdecd.dll
2008-06-15 10:18 . 2008-04-23 06:41 218,624 --a------ C:\Windows\System32\psisrndr.ax
2008-06-15 10:18 . 2008-04-23 06:41 57,856 --a------ C:\Windows\System32\MSDvbNP.ax
2008-06-08 00:00 . 2008-06-08 00:00 <REP> d-------- C:\Users\alison\AppData\Roaming\My Games
2008-06-07 23:34 . 2008-06-07 23:34 <REP> d-------- C:\Users\All Users\SpinTop Games
2008-06-07 23:34 . 2008-06-07 23:34 <REP> d-------- C:\ProgramData\SpinTop Games
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-31 09:58 --------- d-----w C:\ProgramData\Google Updater
2008-07-31 09:42 --------- d-----w C:\Program Files\Téléchargeur de Singles
2008-07-31 09:42 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-07-31 09:42 --------- d-----w C:\Program Files\Pogo FR
2008-07-31 09:42 --------- d-----w C:\Program Files\Common Files\Real
2008-07-31 09:26 --------- d-----w C:\Users\alison\AppData\Roaming\LimeWire
2008-07-31 08:59 --------- d-----w C:\Program Files\Common Files\Roxio Shared
2008-07-31 08:58 --------- d-----w C:\ProgramData\Zylom
2008-07-31 08:58 --------- d-----w C:\Program Files\Paradise Pet Salon
2008-07-31 08:17 --------- d-----w C:\Users\alison\AppData\Roaming\EoRezo
2008-07-31 08:17 --------- d-----w C:\Program Files\EoRezo
2008-07-31 08:02 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-07-30 18:33 --------- d-----w C:\ProgramData\Avira(236)
2008-07-30 18:33 --------- d-----w C:\Program Files\Roxio
2008-07-30 18:33 --------- d-----w C:\Program Files\Navilog1
2008-07-30 18:33 --------- d-----w C:\Program Files\CCleaner
2008-07-30 17:38 --------- d---a-w C:\ProgramData\TEMP
2008-07-30 12:55 1,508 ----a-w C:\Users\alison\AppData\Roaming\wklnhst.dat
2008-07-26 20:56 --------- d-----w C:\Users\alison\AppData\Roaming\PlayFirst
2008-07-26 20:56 --------- d-----w C:\ProgramData\PlayFirst
2008-07-26 15:17 --------- d-----w C:\Users\alison\AppData\Roaming\iWin
2008-07-26 07:57 --------- d-----w C:\ProgramData\Roxio
2008-07-26 07:28 --------- d-----w C:\Program Files\Zylom Games
2008-07-25 13:24 --------- d-----w C:\ProgramData\Fashion Solitaire 1.2
2008-07-25 12:45 --------- d-----w C:\Program Files\Real
2008-07-23 20:16 --------- d-----w C:\Users\alison\AppData\Roaming\Zylom
2008-07-23 11:06 --------- d-----w C:\ProgramData\eMule
2008-07-17 22:06 --------- d-----w C:\Program Files\MSN Games
2008-07-17 10:29 --------- d-----w C:\ProgramData\WLInstaller
2008-07-10 07:03 --------- d-----w C:\Program Files\Windows Mail
2008-06-01 09:27 --------- d-----w C:\Program Files\Neuf
2008-05-10 03:35 885,248 ----a-w C:\Windows\System32\RacEngn.dll
2008-04-26 08:08 1,314,816 ----a-w C:\Windows\System32\quartz.dll
2008-04-25 04:35 826,880 ----a-w C:\Windows\System32\wininet.dll
2008-04-23 16:08 2,560 ----a-w C:\Windows\_MSRSTRT.EXE
2008-04-02 14:09 35,840 ----a-w C:\Users\alison\AppData\Roaming\smvss.exe
2008-03-31 18:10 174 --sha-w C:\Program Files\desktop.ini
2008-03-23 08:15 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2008-03-19 13:00 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012008031920080320\index.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe" [2007-07-19 15:32 1120568]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"ccleaner"="C:\Program Files\CCleaner\CCleaner.exe" [2008-03-25 11:48 906480]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-25 21:36 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-07-26 22:44 185896]
C:\Users\alison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 - Capture d'‚cran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-08-24 04:45:42 101784]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-04-06 01:06:58 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{A0EDBD8D-7D3A-43D6-8366-D541EE9EFA8C}"= Profile=Private|C:\Program Files\CyberLink\MagicSports\MagicSports.exe:_this_program_will_be_deleted
"{B690FAAD-D07B-4355-9137-5529ABB1A002}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{EBF1D58E-A84D-472B-A0FD-6DB64E2382F3}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{4D889A5B-C592-4646-BD0C-E6F330532701}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{767A6DF5-28DC-4118-A3D0-F41F1D747FC4}C:\\program files\\emule\\emule.exe"= Disabled:UDP:C:\program files\emule\emule.exe:eMule Plus
"UDP Query User{55B782E0-3933-47AD-BABF-5BFC91676C2F}C:\\program files\\emule\\emule.exe"= Disabled:TCP:C:\program files\emule\emule.exe:eMule Plus
"{256AF0D8-4918-4DEC-9E96-BEE344475AF0}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{03AAC2E1-DA0C-4DFB-B86B-91D2289A85CC}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{E4E7FA10-DE24-4A27-88DD-C69733D1E2BA}C:\\program files\\windows sidebar\\sidebar.exe"= UDP:C:\program files\windows sidebar\sidebar.exe:Volet Windows
"UDP Query User{84DF5FB1-798E-4372-B5CC-C06C07F4D344}C:\\program files\\windows sidebar\\sidebar.exe"= TCP:C:\program files\windows sidebar\sidebar.exe:Volet Windows
"{B131CF6C-4C61-409D-A47F-9BEE6BA55EC6}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{C015526C-EDE5-45C5-B82A-B2B4CB0062F1}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"TCP Query User{ADD5F65C-38A0-4CB8-B8BE-FBDE1BAA9028}C:\\program files\\adsltv\\adsltv.exe"= UDP:C:\program files\adsltv\adsltv.exe:adsltv
"UDP Query User{732A08EB-F54F-45F8-AF00-424644AFB168}C:\\program files\\adsltv\\adsltv.exe"= TCP:C:\program files\adsltv\adsltv.exe:adsltv
"{7B9EF840-619E-404F-98C7-8AA2EB1C0947}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{13DDAEDB-CD5B-47C1-A8E9-9367A6A5B586}"= UDP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{70A71B56-E013-4147-AD7D-81A10594847F}"= TCP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{DC019061-C6EB-4C3B-8447-99286A6967A3}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{FA05C00B-57E0-4736-8CB3-D13A798315B9}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{A4D1A9BF-4834-4BDA-9DC6-4B24BE312E69}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{3DB2F8D5-C204-44A3-BAA8-94EE1F1C72DB}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{0EF0A066-06F9-433F-B46E-3EC1335726E4}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{38E5A808-7ABF-4088-BE74-B7B6F7E73453}C:\\program files\\sony online entertainment\\wheel of fortune\\wheel of fortune.exe"= UDP:C:\program files\sony online entertainment\wheel of fortune\wheel of fortune.exe:Wheel of Fortune
"UDP Query User{9B0FE892-EC35-4083-BA3C-23C5F5BD41D8}C:\\program files\\sony online entertainment\\wheel of fortune\\wheel of fortune.exe"= TCP:C:\program files\sony online entertainment\wheel of fortune\wheel of fortune.exe:Wheel of Fortune
"TCP Query User{A16070E6-FBD9-4916-9445-F79149113567}C:\\program files\\webmediaplayer\\webmediaplayer.exe"= UDP:C:\program files\webmediaplayer\webmediaplayer.exe:WebMediaPlayer
"UDP Query User{5A441F18-46AC-4098-8BFF-4F8E1BB9282F}C:\\program files\\webmediaplayer\\webmediaplayer.exe"= TCP:C:\program files\webmediaplayer\webmediaplayer.exe:WebMediaPlayer
"{E46D78E7-A46C-417D-A0DE-1ADAA2D042F4}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{842414CC-7EB9-422F-AC6A-E2548F284C94}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-03-29 19:31]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-03-29 19:32]
S3 Boonty Games;Boonty Games;C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2008-03-23 09:38]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a2a0a297-f5a7-11dc-ba35-806e6f6e6963}]
\shell\AutoRun\command - F:\setupSNK.exe
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
2008-07-31 C:\Windows\Tasks\Extension de garantie.job
- C:\Program Files\Packard Bell\SetupmyPC\PBCarNot.exe [2006-11-21 18:38]
2008-03-25 C:\Windows\Tasks\PBReg.job
- C:\Program Files\HDReg\HDRegDel.exe []
2008-05-01 C:\Windows\Tasks\PBRegbk.job
- C:\Program Files\HDReg\HDRegDel.exe []
2008-07-31 C:\Windows\Tasks\Recovery DVD Creator.job
- C:\Program Files\Packard Bell\SetupMyPc\MCDCheck.exe [2006-11-21 18:34]
2008-07-23 C:\Windows\Tasks\rpc.job
- C:\Program Files\Winferno\RegistryPowerCleaner\RegPowerClean.exe []
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Users\alison\AppData\Roaming\Mozilla\Firefox\Profiles\s6bjxgpe.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://fr.msn.com/
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-31 15:49:47
Windows 6.0.6001 Service Pack 1 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-07-31 15:50:52
ComboFix-quarantined-files.txt 2008-07-31 13:50:49
Pre-Run: 271,245,471,744 octets libres
Post-Run: 271,210,446,848 octets libres
236 --- E O F --- 2008-07-31 09:50:20
est tu toujours disponible pour m'aider ? car j'ai peur de rester sur internet sans antivirus. merci d'avance
Je vois que tu as installé plein de fois AntiVir !
Désinstalle via Ajout/Suppression de Programmes (si présents) :
- AntiVir
- Eorezo (et compagnie)
- Boonty
- BoontyGames
----
Sélectionne l'intégralité du cadre ci-dessous :
File::
|
- Copie/colle le dans le Bloc Notes (Démarrer\Tous les programmes\Accessoires\Bloc notes.)
- Enregistre le sous sur ton bureau sous le nom de CFScript.txt
- Glisse maintenant le fichier CFScript.txt dans ComboFix.exe comme ci-dessous :
- Cela va relancer Combofix. Poste le contenu du rapport ComboFix.txt après redémarrage s'il y
Répondre à XmichouX
j'ai fait tout comme tu m'as dit ça relance bien combofix mais ensuite rien ne se passe.
finalement j'ai réussit en éteignant mon pc voici le rapport : merci de ton aide ComboFix 08-07-30.02 - alison 2008-07-31 17:49:23.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1864 [GMT 2:00]
Endroit: C:\Users\alison\Desktop\Combo-Fix.exe
Command switches used :: C:\Users\alison\Desktop\CFScript.txt
* Création d'un nouveau point de restauration
FILE ::
C:\Windows\Tasks\PBReg.job
C:\Windows\Tasks\PBRegbk.job
C:\Windows\Tasks\rpc.job
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Boonty
C:\Boonty(0)
C:\Boonty\Games\babyblimp{356863}.exe
C:\Program Files\Avira
C:\Program Files\Avira\AntiVir PersonalEdition Classic\aebb.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\aecore.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeemu.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\aegen.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\aehelp.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeheur.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeoffice.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\aepack.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\aerdl.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescn.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescript.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\aevdf.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avadmin.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avarkt.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avconfig.cpl
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avconfig.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avconfig.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avconfig64.cpl
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avevtlog.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avinet.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avipbb.inf
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avipc.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avnotify.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avnotify.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avpref.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avreg.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avrep.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avwinll.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avwsc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\ccev.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\ccevrc.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\ccgen.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\ccgenrc.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\ccgrdrc.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\ccguard.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\cclib.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\cclic.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\cclicrc.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\ccmainrc.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\ccmsg.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\ccprofil.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\ccquamgr.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\ccquarc.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\ccreporc.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\ccreport.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\ccscanrc.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\ccsched.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\ccscherc.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\cctpc.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\ccupdate.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\ccupdrc.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aebb.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aecore.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aeemu.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aegen.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aehelp.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aeheur.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aeoffice.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aepack.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aerdl.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aescn.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aescript.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aevdf.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\avrep.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\guardevt.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\guardgui.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\guardmsg.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\licmgr.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\licmgr.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\luke.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\lukeres.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\mfc71u.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\mgrs.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\msgclient.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\msvcp71.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\msvcr71.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\netnt.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\preupd.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\rchelp.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\rcimage.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\rctext.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\scewxml.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\schedr.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\setup.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\setup.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\smtplib.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sqlite3.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\ssmdrv.inf
C:\Program Files\Avira\AntiVir PersonalEdition Classic\unacev2.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\update.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\updgui.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\updguirc.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlibrc.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\wksstats.dll
C:\Program Files\Avira\AntiVir PersonalEdition Classic\wsctool.exe
C:\Program Files\BoontyGames
C:\Program Files\BoontyGames\Components\bureau.url
C:\Program Files\BoontyGames\Components\Joystick.ico
C:\Program Files\BoontyGames\Components\start.url
C:\Program Files\BoontyGames\I Love Cats\agility.dxr
C:\Program Files\BoontyGames\I Love Cats\away.dxr
C:\Program Files\BoontyGames\I Love Cats\chase.dxr
C:\Program Files\BoontyGames\I Love Cats\Components\apiprotection.cab
C:\Program Files\BoontyGames\I Love Cats\Components\extract.exe
C:\Program Files\BoontyGames\I Love Cats\Components\features.cab
C:\Program Files\BoontyGames\I Love Cats\Components\game.cab
C:\Program Files\BoontyGames\I Love Cats\Components\offline.cab
C:\Program Files\BoontyGames\I Love Cats\drm.ini
C:\Program Files\BoontyGames\I Love Cats\drop.dxr
C:\Program Files\BoontyGames\I Love Cats\empty.cxt
C:\Program Files\BoontyGames\I Love Cats\flyball.dxr
C:\Program Files\BoontyGames\I Love Cats\framework.dxr
C:\Program Files\BoontyGames\I Love Cats\game.cxt
C:\Program Files\BoontyGames\I Love Cats\gfx.cxt
C:\Program Files\BoontyGames\I Love Cats\gfx_agility.cxt
C:\Program Files\BoontyGames\I Love Cats\gfx_away.cxt
C:\Program Files\BoontyGames\I Love Cats\gfx_chase.cxt
C:\Program Files\BoontyGames\I Love Cats\gfx_drop.cxt
C:\Program Files\BoontyGames\I Love Cats\gfx_flyball.cxt
C:\Program Files\BoontyGames\I Love Cats\gfx_investigate.cxt
C:\Program Files\BoontyGames\I Love Cats\gfx_kite.cxt
C:\Program Files\BoontyGames\I Love Cats\gfx_memo2.cxt
C:\Program Files\BoontyGames\I Love Cats\gfx_obstacle.cxt
C:\Program Files\BoontyGames\I Love Cats\gfx_pac.cxt
C:\Program Files\BoontyGames\I Love Cats\gfx_pegsolitaire2.cxt
C:\Program Files\BoontyGames\I Love Cats\gfx_pinch.cxt
C:\Program Files\BoontyGames\I Love Cats\gfx_secure.cxt
C:\Program Files\BoontyGames\I Love Cats\gfx_seesaw.cxt
C:\Program Files\BoontyGames\I Love Cats\gfx_sitter.cxt
C:\Program Files\BoontyGames\I Love Cats\gfx_stamp.cxt
C:\Program Files\BoontyGames\I Love Cats\gfx_steeplechase.cxt
C:\Program Files\BoontyGames\I Love Cats\gfx_swing.cxt
C:\Program Files\BoontyGames\I Love Cats\gfx_throw.cxt
C:\Program Files\BoontyGames\I Love Cats\gfx_track.cxt
C:\Program Files\BoontyGames\I Love Cats\gfx_wave.cxt
C:\Program Files\BoontyGames\I Love Cats\gfx_wildride.cxt
C:\Program Files\BoontyGames\I Love Cats\Icon.ico
C:\Program Files\BoontyGames\I Love Cats\investigate.dxr
C:\Program Files\BoontyGames\I Love Cats\kite.dxr
C:\Program Files\BoontyGames\I Love Cats\license_FR_2007.txt
C:\Program Files\BoontyGames\I Love Cats\loader.exe
C:\Program Files\BoontyGames\I Love Cats\loader.exe.manifest
C:\Program Files\BoontyGames\I Love Cats\mainmenu02.dxr
C:\Program Files\BoontyGames\I Love Cats\memo2.dxr
C:\Program Files\BoontyGames\I Love Cats\mui.ini
C:\Program Files\BoontyGames\I Love Cats\obstacle.dxr
C:\Program Files\BoontyGames\I Love Cats\pac.dxr
C:\Program Files\BoontyGames\I Love Cats\paul.dll
C:\Program Files\BoontyGames\I Love Cats\pegsolitaire2.dxr
C:\Program Files\BoontyGames\I Love Cats\pinch.dxr
C:\Program Files\BoontyGames\I Love Cats\Readme_FR_cats.txt
C:\Program Files\BoontyGames\I Love Cats\secure.dxr
C:\Program Files\BoontyGames\I Love Cats\seesaw.dxr
C:\Program Files\BoontyGames\I Love Cats\sfx.cxt
C:\Program Files\BoontyGames\I Love Cats\sfx_agility.cxt
C:\Program Files\BoontyGames\I Love Cats\sfx_away.cxt
C:\Program Files\BoontyGames\I Love Cats\sfx_chase.cxt
C:\Program Files\BoontyGames\I Love Cats\sfx_drop.cxt
C:\Program Files\BoontyGames\I Love Cats\sfx_flyball.cxt
C:\Program Files\BoontyGames\I Love Cats\sfx_investigate.cxt
C:\Program Files\BoontyGames\I Love Cats\sfx_kite.cxt
C:\Program Files\BoontyGames\I Love Cats\sfx_memo2.cxt
C:\Program Files\BoontyGames\I Love Cats\sfx_obstacle.cxt
C:\Program Files\BoontyGames\I Love Cats\sfx_pac.cxt
C:\Program Files\BoontyGames\I Love Cats\sfx_pegsolitaire2.cxt
C:\Program Files\BoontyGames\I Love Cats\sfx_pinch.cxt
C:\Program Files\BoontyGames\I Love Cats\sfx_secure.cxt
C:\Program Files\BoontyGames\I Love Cats\sfx_seesaw.cxt
C:\Program Files\BoontyGames\I Love Cats\sfx_sitter.cxt
C:\Program Files\BoontyGames\I Love Cats\sfx_stamp.cxt
C:\Program Files\BoontyGames\I Love Cats\sfx_steeplechase.cxt
C:\Program Files\BoontyGames\I Love Cats\sfx_swing.cxt
C:\Program Files\BoontyGames\I Love Cats\sfx_throw.cxt
C:\Program Files\BoontyGames\I Love Cats\sfx_track.cxt
C:\Program Files\BoontyGames\I Love Cats\sfx_wave.cxt
C:\Program Files\BoontyGames\I Love Cats\sfx_wildride.cxt
C:\Program Files\BoontyGames\I Love Cats\SHARED.cxt
C:\Program Files\BoontyGames\I Love Cats\sitter.dxr
C:\Program Files\BoontyGames\I Love Cats\stamp.dxr
C:\Program Files\BoontyGames\I Love Cats\steeplechase.dxr
C:\Program Files\BoontyGames\I Love Cats\swing.dxr
C:\Program Files\BoontyGames\I Love Cats\throw.dxr
C:\Program Files\BoontyGames\I Love Cats\track.dxr
C:\Program Files\BoontyGames\I Love Cats\TRIAL.INI
C:\Program Files\BoontyGames\I Love Cats\ui\abort.html
C:\Program Files\BoontyGames\I Love Cats\ui\activate.html
C:\Program Files\BoontyGames\I Love Cats\ui\activation_connection.html
C:\Program Files\BoontyGames\I Love Cats\ui\activation_failed.html
C:\Program Files\BoontyGames\I Love Cats\ui\activation_offline.html
C:\Program Files\BoontyGames\I Love Cats\ui\activation_succeeded.html
C:\Program Files\BoontyGames\I Love Cats\ui\activation_unlock.html
C:\Program Files\BoontyGames\I Love Cats\ui\announce\announce-functions.js
C:\Program Files\BoontyGames\I Love Cats\ui\announce\announce.css
C:\Program Files\BoontyGames\I Love Cats\ui\Exit.html
C:\Program Files\BoontyGames\I Love Cats\ui\gamedata\4042_fr_s.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\gamedata\4061_fr_s.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\gamedata\4089_fr_s.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\gamedata\4144_fr_b.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\gamedata\specific-gamedata.css
C:\Program Files\BoontyGames\I Love Cats\ui\gamedata\specific-gamedata.js
C:\Program Files\BoontyGames\I Love Cats\ui\help\activation.html
C:\Program Files\BoontyGames\I Love Cats\ui\help\coupons-offers.html
C:\Program Files\BoontyGames\I Love Cats\ui\help\help-common.css
C:\Program Files\BoontyGames\I Love Cats\ui\help\help-functions.js
C:\Program Files\BoontyGames\I Love Cats\ui\help\index.html
C:\Program Files\BoontyGames\I Love Cats\ui\help\limitations-in-trial.html
C:\Program Files\BoontyGames\I Love Cats\ui\help\man-unlock-00.html
C:\Program Files\BoontyGames\I Love Cats\ui\help\man-unlock-01.html
C:\Program Files\BoontyGames\I Love Cats\ui\help\man-unlock-02.html
C:\Program Files\BoontyGames\I Love Cats\ui\help\man-unlock-03.html
C:\Program Files\BoontyGames\I Love Cats\ui\help\no-net-access.html
C:\Program Files\BoontyGames\I Love Cats\ui\help\no-trial.html
C:\Program Files\BoontyGames\I Love Cats\ui\help\purchase.html
C:\Program Files\BoontyGames\I Love Cats\ui\help\report.html
C:\Program Files\BoontyGames\I Love Cats\ui\help\sys-requirements.html
C:\Program Files\BoontyGames\I Love Cats\ui\help\trblshoot-01.html
C:\Program Files\BoontyGames\I Love Cats\ui\help\trblshoot-02gift.html
C:\Program Files\BoontyGames\I Love Cats\ui\help\trblshoot-02nopurchase.html
C:\Program Files\BoontyGames\I Love Cats\ui\help\trblshoot-02purchase.html
C:\Program Files\BoontyGames\I Love Cats\ui\help\trblshoot-03purchase.html
C:\Program Files\BoontyGames\I Love Cats\ui\help\trblshoot-03recover.html
C:\Program Files\BoontyGames\I Love Cats\ui\help\trblshoot-04error.html
C:\Program Files\BoontyGames\I Love Cats\ui\help\trblshoot-04unlocked.html
C:\Program Files\BoontyGames\I Love Cats\ui\help\trying.html
C:\Program Files\BoontyGames\I Love Cats\ui\main.html
C:\Program Files\BoontyGames\I Love Cats\ui\normal.html
C:\Program Files\BoontyGames\I Love Cats\ui\progress.html
C:\Program Files\BoontyGames\I Love Cats\ui\specific\specific-buyonly.css
C:\Program Files\BoontyGames\I Love Cats\ui\specific\specific-common.css
C:\Program Files\BoontyGames\I Love Cats\ui\specific\specific-error.css
C:\Program Files\BoontyGames\I Love Cats\ui\specific\specific-exit.css
C:\Program Files\BoontyGames\I Love Cats\ui\specific\specific-expiry.css
C:\Program Files\BoontyGames\I Love Cats\ui\specific\specific-gauge.css
C:\Program Files\BoontyGames\I Love Cats\ui\specific\specific-normal.css
C:\Program Files\BoontyGames\I Love Cats\ui\specific\specific-popup.css
C:\Program Files\BoontyGames\I Love Cats\ui\specific\specific-site.js
C:\Program Files\BoontyGames\I Love Cats\ui\specific\specific-splash.css
C:\Program Files\BoontyGames\I Love Cats\ui\specific\specific-status.js
C:\Program Files\BoontyGames\I Love Cats\ui\specific\specific-support.js
C:\Program Files\BoontyGames\I Love Cats\ui\specific\specific-trial.css
C:\Program Files\BoontyGames\I Love Cats\ui\specific\unused_specific-splash.css
C:\Program Files\BoontyGames\I Love Cats\ui\style\alert.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\alert.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\design-common.css
C:\Program Files\BoontyGames\I Love Cats\ui\style\design-popup.css
C:\Program Files\BoontyGames\I Love Cats\ui\style\design-splash.css
C:\Program Files\BoontyGames\I Love Cats\ui\style\functions.js
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_advertising_line.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_advertising_line.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bkg_gameimg.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bkg_gameimg.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bkg_infos.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bkg_infos.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bkg_trialexit_left.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bkg_trialexit_left.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bkg_trialexit_middle.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bkg_trialexit_middle.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bkg_trialexit_right.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bkg_trialexit_right.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bkg_window.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bkg_window.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_bak_off_left.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_bak_off_left.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_bak_off_middle.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_bak_off_middle.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_bak_off_right.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_bak_off_right.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_bak_over_left.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_bak_over_left.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_bak_over_middle.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_bak_over_middle.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_bak_over_right.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_bak_over_right.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_gameinfo_off_left.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_gameinfo_off_left.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_gameinfo_off_middle.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_gameinfo_off_middle.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_gameinfo_off_right.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_gameinfo_off_right.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_gameinfo_over_left.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_gameinfo_over_left.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_gameinfo_over_middle.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_gameinfo_over_middle.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_gameinfo_over_right.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_gameinfo_over_right.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_gray_left.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_gray_left.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_gray_middle.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_gray_middle.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_gray_right.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_gray_right.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_help_left.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_help_left.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_help_middle.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_help_middle.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_help_right.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_help_right.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_moregames_left.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_moregames_left.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_moregames_middle.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_moregames_middle.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_moregames_right.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_moregames_right.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_play_left.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_play_left.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_play_middle.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_play_middle.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_play_right.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_play_right.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_subscribe_left.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_subscribe_left.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_subscribe_middle.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_subscribe_middle.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_subscribe_right.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_subscribe_right.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_unlock_left.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_unlock_left.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_unlock_middle.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_unlock_middle.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_unlock_right.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_bt_unlock_right.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_footer.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_footer.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_footer_trans.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_footer_trans.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_icon_buy.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_icon_buy.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_icon_help.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_icon_help.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_icon_infos_close.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_icon_infos_close.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_icon_infos_open.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_icon_infos_open.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_icon_moregames.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_icon_moregames.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_icon_play.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_icon_play.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_icon_unlock.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_icon_unlock.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_popup_bkg.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_popup_bkg.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_popup_buy_icon.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_popup_buy_icon.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_popup_buy_left.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_popup_buy_left.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_popup_buy_middle.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_popup_buy_middle.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_popup_buy_right.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_popup_buy_right.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_popup_sep_h.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_popup_sep_h.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_popup_sep_v.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_popup_sep_v.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_popup_subscribe_icon.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_popup_subscribe_icon.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_popup_subscribe_left.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_popup_subscribe_left.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_popup_subscribe_middle.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_popup_subscribe_middle.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_popup_subscribe_right.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_popup_subscribe_right.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_popup_verisign.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_popup_verisign.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_powered_by_boonty.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_powered_by_boonty.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_progressb_bkg_left.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_progressb_bkg_left.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_progressb_bkg_middle.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_progressb_bkg_middle.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_progressb_bkg_right.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_progressb_bkg_right.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_progressb_ko_left.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_progressb_ko_left.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_progressb_ko_middle.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_progressb_ko_middle.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_progressb_ko_right.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_progressb_ko_right.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_progressb_left.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_progressb_left.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_progressb_middle.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_progressb_middle.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_progressb_ok_left.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_progressb_ok_left.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_progressb_ok_middle.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_progressb_ok_middle.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_progressb_ok_right.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_progressb_ok_right.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_progressb_right.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_progressb_right.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_unlock_title_left.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_unlock_title_left.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_unlock_title_right.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\metashell_unlock_title_right.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\png-filter.js
C:\Program Files\BoontyGames\I Love Cats\ui\style\separator-horizontal.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\separator-horizontal.png
C:\Program Files\BoontyGames\I Love Cats\ui\style\waiting.gif
C:\Program Files\BoontyGames\I Love Cats\ui\style\waiting.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\waiting_stop.jpg
C:\Program Files\BoontyGames\I Love Cats\ui\style\waiting_stop.png
C:\Program Files\BoontyGames\I Love Cats\ui\unlock.html
C:\Program Files\BoontyGames\I Love Cats\unins000.dat
C:\Program Files\BoontyGames\I Love Cats\unins000.exe
C:\Program Files\BoontyGames\I Love Cats\wave.dxr
C:\Program Files\BoontyGames\I Love Cats\web.ico
C:\Program Files\BoontyGames\I Love Cats\wildride.dxr
C:\Program Files\BoontyGames\I Love Cats\Xtras\budapi.x32
C:\Program Files\BoontyGames\I Love Cats\Xtras\Cursor Asset.x32
C:\Program Files\BoontyGames\I Love Cats\Xtras\FileIo.x32
C:\Program Files\BoontyGames\I Love Cats\Xtras\FileXtra4.x32
C:\Program Files\BoontyGames\I Love Cats\Xtras\Flash Asset.x32
C:\Program Files\BoontyGames\I Love Cats\Xtras\PrintOMatic MX (Win32)\PrintOMatic MX.x32
C:\Program Files\BoontyGames\I Love Cats\Xtras\PrintOMatic MX.data
C:\Program Files\BoontyGames\I Love Cats\Xtras\PrintOMatic MX.rsrc
C:\Program Files\BoontyGames\I Love Cats\Xtras\RavImageExport.x32
C:\Program Files\BoontyGames\I Love Cats\Xtras\Resolution.x32
C:\Program Files\BoontyGames\I Love Cats\Xtras\SetMouseLoc.x32
C:\Program Files\BoontyGames\I Love Cats\Xtras\WheelMouse.x32
C:\Program Files\BoontyGames\I Love Cats\Xtras\XMLParser.x32
C:\Program Files\EoRezo
C:\Program Files\EoRezo\EoAdv\eoAdv.url
C:\Program Files\EoRezo\EoAdv\tmp\eoRezoBho.dll.4396
C:\ProgramData\Avira
C:\ProgramData\Avira(236)
C:\ProgramData\Avira(236)\AntiVir PersonalEdition Classic\EVENTDB\avevtdb.dbe
C:\ProgramData\Avira(236)\AntiVir PersonalEdition Classic\LOGFILES\sched.log
C:\ProgramData\Avira(236)\AntiVir PersonalEdition Classic\LOGFILES\setup.log
C:\ProgramData\Avira(251)
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\addr_file.html
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeset.dat
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir0.vdf
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir1.vdf
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir2.vdf
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir3.vdf
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\EVENTDB\avevtdb.dbe
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\IDX\classic-nt-en.info
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\IDX\master.idx
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\JOBS\produpd.avj
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\JOBS\scanjob.avj
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\JOBS\startupd.avj
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\JOBS\updjob.avj
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\LOGFILES\avguard.log
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\LOGFILES\AVSCAN-20080726-101651-469B9749.LOG
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\LOGFILES\AVSCAN-20080726-101654-48FA4009.LOG
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\LOGFILES\AVSCAN-20080727-101713-C85DC66E.LOG
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\LOGFILES\AVSCAN-20080727-101716-CB0483C5.LOG
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\LOGFILES\sched.log
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\LOGFILES\setup.log
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\LOGFILES\Upd-2008-07-26-10-14-47.log
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\LOGFILES\Upd-2008-07-27-10-16-09.log
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\LOGFILES\Upd-2008-07-28-10-16-07.log
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\LOGFILES\Upd-2008-07-29-10-16-07.log
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\LOGFILES\Upd-2008-07-30-10-16-08.log
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\PROFILES\folder.avp
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\PROFILES\rootkit.avp
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\REPORTS\1a566803.avl
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\REPORTS\1ee4348c.avl
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\REPORTS\38188a54.avl
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\REPORTS\3db4a25d.avl
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\REPORTS\6cb3191e.avl
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\REPORTS\7c077b3a.avl
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\REPORTS\ad9db18d.avl
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\REPORTS\d0aec8a4.avl
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\REPORTS\de5b74be.avl
C:\ProgramData\Avira(251)\AntiVir PersonalEdition Classic\update.conf
C:\ProgramData\Avira(256)
C:\ProgramData\Avira(256)\AntiVir PersonalEdition Classic\EVENTDB\avevtdb.dbe
C:\ProgramData\Avira(256)\AntiVir PersonalEdition Classic\LOGFILES\avguard.log
C:\ProgramData\Avira(256)\AntiVir PersonalEdition Classic\LOGFILES\sched.log
C:\ProgramData\Avira(283)
C:\ProgramData\Avira(283)\AntiVir PersonalEdition Classic\EVENTDB\avevtdb.dbe
C:\ProgramData\Avira(283)\AntiVir PersonalEdition Classic\LOGFILES\avguard.log
C:\ProgramData\Avira(283)\AntiVir PersonalEdition Classic\LOGFILES\sched.log
C:\ProgramData\Avira(304)
C:\ProgramData\Avira(304)\AntiVir PersonalEdition Classic\EVENTDB\avevtdb.dbe
C:\ProgramData\Avira(304)\AntiVir PersonalEdition Classic\LOGFILES\avguard.log
C:\ProgramData\Avira(304)\AntiVir PersonalEdition Classic\LOGFILES\sched.log
C:\ProgramData\Avira\AntiVir PersonalEdition Classic\AVWIN.INI
C:\ProgramData\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aebb.dll
C:\ProgramData\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aecore.dll
C:\ProgramData\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeemu.dll
C:\ProgramData\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aegen.dll
C:\ProgramData\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aehelp.dll
C:\ProgramData\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeheur.dll
C:\ProgramData\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeoffice.dll
C:\ProgramData\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aepack.dll
C:\ProgramData\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aerdl.dll
C:\ProgramData\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescn.dll
C:\ProgramData\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescript.dll
C:\ProgramData\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aevdf.dll
C:\ProgramData\Avira\AntiVir PersonalEdition Classic\EVENTDB\avevtdb.dbe
C:\ProgramData\Avira\AntiVir PersonalEdition Classic\LOGFILES\avguard.log
C:\ProgramData\Avira\AntiVir PersonalEdition Classic\LOGFILES\sched.log
C:\ProgramData\GameHouse
C:\ProgramData\GameHouse\Games\Gold Rush - Treasure Hunt Deluxe\players\players.plrs.!
C:\ProgramData\GameHouse\Games\Gold Rush - Treasure Hunt Deluxe\players\scores.xml.!
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\addr_file.html
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeset.dat
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir0.vdf
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir1.vdf
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir2.vdf
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir3.vdf
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\EVENTDB\avevtdb.dbe
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\IDX\classic-nt-en.info
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\IDX\master.idx
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\JOBS\produpd.avj
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\JOBS\scanjob.avj
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\JOBS\startupd.avj
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\JOBS\updjob.avj
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\LOGFILES\avguard.log
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\LOGFILES\AVSCAN-20080726-101651-469B9749.LOG
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\LOGFILES\AVSCAN-20080726-101654-48FA4009.LOG
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\LOGFILES\AVSCAN-20080727-101713-C85DC66E.LOG
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\LOGFILES\AVSCAN-20080727-101716-CB0483C5.LOG
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\LOGFILES\sched.log
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\LOGFILES\setup.log
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\LOGFILES\Upd-2008-07-26-10-14-47.log
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\LOGFILES\Upd-2008-07-27-10-16-09.log
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\LOGFILES\Upd-2008-07-28-10-16-07.log
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\LOGFILES\Upd-2008-07-29-10-16-07.log
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\LOGFILES\Upd-2008-07-30-10-16-08.log
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\PROFILES\folder.avp
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\PROFILES\rootkit.avp
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\REPORTS\1a566803.avl
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\REPORTS\1ee4348c.avl
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\REPORTS\38188a54.avl
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\REPORTS\3db4a25d.avl
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\REPORTS\6cb3191e.avl
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\REPORTS\7c077b3a.avl
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\REPORTS\ad9db18d.avl
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\REPORTS\d0aec8a4.avl
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\REPORTS\de5b74be.avl
C:\Users\All Users\Avira(251)\AntiVir PersonalEdition Classic\update.conf
C:\Users\All Users\Avira(256)\AntiVir PersonalEdition Classic\EVENTDB\avevtdb.dbe
C:\Users\All Users\Avira(256)\AntiVir PersonalEdition Classic\LOGFILES\avguard.log
C:\Users\All Users\Avira(256)\AntiVir PersonalEdition Classic\LOGFILES\sched.log
C:\Users\All Users\Avira(283)\AntiVir PersonalEdition Classic\EVENTDB\avevtdb.dbe
C:\Users\All Users\Avira(283)\AntiVir PersonalEdition Classic\LOGFILES\avguard.log
C:\Users\All Users\Avira(283)\AntiVir PersonalEdition Classic\LOGFILES\sched.log
C:\Users\All Users\Avira(304)\AntiVir PersonalEdition Classic\EVENTDB\avevtdb.dbe
C:\Users\All Users\Avira(304)\AntiVir PersonalEdition Classic\LOGFILES\avguard.log
C:\Users\All Users\Avira(304)\AntiVir PersonalEdition Classic\LOGFILES\sched.log
C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\AVWIN.INI
C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aebb.dll
C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aecore.dll
C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeemu.dll
C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aegen.dll
C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aehelp.dll
C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeheur.dll
C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeoffice.dll
C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aepack.dll
C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aerdl.dll
C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescn.dll
C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescript.dll
C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aevdf.dll
C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\EVENTDB\avevtdb.dbe
C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\LOGFILES\avguard.log
C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\LOGFILES\sched.log
C:\Users\All Users\GameHouse\Games\Gold Rush - Treasure Hunt Deluxe\players\players.plrs.!
C:\Users\All Users\GameHouse\Games\Gold Rush - Treasure Hunt Deluxe\players\scores.xml.!
C:\Windows\Tasks\PBReg.job
C:\Windows\Tasks\PBRegbk.job
C:\Windows\Tasks\rpc.job
.
((((((((((((((((((((((((((((( Fichiers créés 2008-06-28 to 2008-07-31 ))))))))))))))))))))))))))))))))))))
.
2008-07-31 17:46 . 2008-07-31 17:48 <REP> d-------- C:\327882R2FWJFW
2008-07-31 15:43 . 2008-07-31 15:43 <REP> d-------- C:\ComboFix
2008-07-31 10:16 . 2008-07-31 10:16 <REP> d-------- C:\Program Files\ItsLabel
2008-07-28 20:16 . 2008-07-28 20:16 <REP> d-------- C:\Users\All Users\Friends Games
2008-07-28 20:16 . 2008-07-28 20:16 <REP> d-------- C:\ProgramData\Friends Games
2008-07-28 17:59 . 2008-07-31 11:42 <REP> d-------- C:\Program Files\Outlook Messenger
2008-07-28 17:59 . 2003-12-12 11:08 495,616 --a------ C:\Windows\System32\Scanner.dll
2008-07-28 17:59 . 2004-03-09 00:00 260,880 --a------ C:\Windows\System32\msflxgrd.ocx
2008-07-28 17:59 . 2004-03-08 10:30 212,240 --a------ C:\Windows\System32\RICHTX32.OCX
2008-07-28 17:59 . 1999-11-05 00:00 131,968 --a------ C:\Windows\System32\DHTMLED.OCX
2008-07-28 17:59 . 2007-04-13 13:34 118,784 --a------ C:\Windows\System32\ConaitoExtended.ocx
2008-07-28 17:59 . 1998-03-26 01:12 53,248 --a------ C:\Windows\System32\zlib.dll
2008-07-28 17:59 . 2008-07-28 17:59 454 --a------ C:\Scanner.ECF
2008-07-27 19:04 . 2008-07-27 19:04 <REP> d-------- C:\Users\All Users\Oberon Media
2008-07-27 19:04 . 2008-07-27 19:04 <REP> d-------- C:\ProgramData\Oberon Media
2008-07-26 22:44 . 2008-07-31 11:42 <REP> d-------- C:\Program Files\Common Files\xing shared
2008-07-26 20:01 . 2008-07-26 20:01 107,888 --a------ C:\Windows\System32\CmdLineExt.dll
2008-07-26 17:21 . 2008-07-31 11:42 <REP> d-------- C:\Program Files\Téléchargeur de Singles
2008-07-26 16:56 . 2008-07-26 17:33 <REP> d-------- C:\Program Files\Puppy Luv
2008-07-26 16:56 . 2008-07-31 11:42 <REP> d-------- C:\Program Files\Family Feud Dream Home
2008-07-26 16:28 . 2008-07-26 16:48 <REP> d-------- C:\Program Files\Atlantis Adventure
2008-07-26 16:23 . 2008-07-28 19:31 <REP> d-------- C:\Users\All Users\Flood Light Games
2008-07-26 16:23 . 2008-07-28 19:31 <REP> d-------- C:\Users\alison\AppData\Roaming\Flood Light Games
2008-07-26 16:23 . 2008-07-28 19:31 <REP> d-------- C:\ProgramData\Flood Light Games
2008-07-26 14:24 . 2008-07-26 16:23 <REP> d-------- C:\Program Files\Sallys Spa
2008-07-25 12:03 . 2008-07-25 12:03 <REP> d-------- C:\Users\alison\AppData\Roaming\UNOUndercover
2008-07-24 00:31 . 2008-07-24 00:31 <REP> d-------- C:\Users\All Users\Fenomen Games
2008-07-24 00:31 . 2008-07-24 00:31 <REP> d-------- C:\ProgramData\Fenomen Games
2008-07-23 23:49 . 2008-07-23 23:49 <REP> d-------- C:\Users\All Users\FreshGames
2008-07-23 23:49 . 2008-07-23 23:49 <REP> d-------- C:\ProgramData\FreshGames
2008-07-23 22:57 . 2008-07-24 10:06 <REP> d-------- C:\Program Files\M6 Jeux
2008-07-23 21:03 . 2008-07-23 21:03 <REP> d-------- C:\Users\All Users\HipSoft
2008-07-23 21:03 . 2008-07-23 21:03 <REP> d-------- C:\ProgramData\HipSoft
2008-07-23 14:25 . 2008-07-23 22:16 <REP> d-------- C:\Program Files\CandyFactory_at
2008-07-23 13:27 . 2008-07-23 14:02 <REP> d-------- C:\Program Files\ParadisePetSalon_at
2008-07-23 13:05 . 2008-07-23 13:05 <REP> d-------- C:\Program Files\eMule
2008-07-23 11:17 . 2008-07-23 11:17 <REP> d-------- C:\Program Files\Web Media Player
2008-07-20 15:30 . 2008-07-20 15:30 <REP> d-------- C:\Users\All Users\Intenium
2008-07-20 15:30 . 2008-07-20 15:30 <REP> d-------- C:\ProgramData\Intenium
2008-07-17 12:21 . 2008-07-17 12:24 <REP> d-------- C:\Program Files\Windows Live Toolbar
2008-07-11 09:52 . 2008-06-26 03:45 12,240,896 --a------ C:\Windows\System32\NlsLexicons0007.dll
2008-07-11 09:52 . 2008-06-26 03:45 2,644,480 --a------ C:\Windows\System32\NlsLexicons0009.dll
2008-07-11 09:52 . 2008-06-26 05:29 801,280 --a------ C:\Windows\System32\NaturalLanguage6.dll
2008-07-09 09:41 . 2008-04-26 10:25 3,600,952 --a------ C:\Windows\System32\ntkrnlpa.exe
2008-07-09 09:41 . 2008-04-26 10:25 3,549,240 --a------ C:\Windows\System32\ntoskrnl.exe
2008-07-09 09:41 . 2008-04-26 10:26 891,448 --a------ C:\Windows\System32\drivers\tcpip.sys
2008-07-09 09:41 . 2008-04-12 05:32 784,896 --a------ C:\Windows\System32\rpcrt4.dll
2008-07-09 09:41 . 2008-05-10 05:35 564,736 --a------ C:\Windows\System32\emdmgmt.dll
2008-07-09 09:41 . 2008-04-05 03:21 72,192 --a------ C:\Windows\System32\drivers\pacer.sys
2008-07-09 09:41 . 2008-04-05 05:34 15,360 --a------ C:\Windows\System32\pacerprf.dll
2008-07-09 09:40 . 2008-05-08 23:59 430,080 --a------ C:\Windows\System32\vbscript.dll
2008-07-09 09:40 . 2008-05-08 23:59 180,224 --a------ C:\Windows\System32\scrobj.dll
2008-07-09 09:40 . 2008-05-08 23:59 172,032 --a------ C:\Windows\System32\scrrun.dll
2008-07-09 09:40 . 2008-05-08 23:59 155,648 --a------ C:\Windows\System32\wscript.exe
2008-07-09 09:40 . 2008-05-08 23:58 135,168 --a------ C:\Windows\System32\wshom.ocx
2008-07-09 09:40 . 2008-05-08 23:58 135,168 --a------ C:\Windows\System32\cscript.exe
2008-07-09 09:40 . 2008-05-08 23:59 90,112 --a------ C:\Windows\System32\wshext.dll
2008-07-07 16:57 . 2008-07-07 16:57 <REP> d-------- C:\Users\alison\AppData\Roaming\funkitron
2008-07-07 16:35 . 2008-07-07 16:35 <REP> d-------- C:\Users\All Users\Vogue Tales
2008-07-07 16:35 . 2008-07-07 16:35 <REP> d-------- C:\ProgramData\Vogue Tales
2008-07-04 20:55 . 2008-07-26 20:01 <REP> d-------- C:\Users\alison\AppData\Roaming\cerasus.media
2008-07-04 14:08 . 2008-07-04 14:08 <REP> d-------- C:\Windows\Doggie Dash
2008-07-04 14:04 . 2008-07-23 14:13 <REP> d-------- C:\Program Files\Alawar
2008-07-04 13:57 . 2008-07-18 00:06 <REP> d-------- C:\Program Files\GameFiesta
2008-07-04 13:55 . 2008-07-23 09:35 <REP> d-------- C:\games
2008-06-16 23:01 . 2008-06-16 23:01 <REP> d-------- C:\Users\All Users\PlayPond
2008-06-16 23:01 . 2008-06-16 23:01 <REP> d-------- C:\ProgramData\PlayPond
2008-06-15 10:18 . 2008-04-23 06:42 428,544 --a------ C:\Windows\System32\EncDec.dll
2008-06-15 10:18 . 2008-04-23 06:42 293,376 --a------ C:\Windows\System32\psisdecd.dll
2008-06-15 10:18 . 2008-04-23 06:41 218,624 --a------ C:\Windows\System32\psisrndr.ax
2008-06-15 10:18 . 2008-04-23 06:41 57,856 --a------ C:\Windows\System32\MSDvbNP.ax
2008-06-08 00:00 . 2008-06-08 00:00 <REP> d-------- C:\Users\alison\AppData\Roaming\My Games
2008-06-07 23:34 . 2008-06-07 23:34 <REP> d-------- C:\Users\All Users\SpinTop Games
2008-06-07 23:34 . 2008-06-07 23:34 <REP> d-------- C:\ProgramData\SpinTop Games
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-31 15:12 --------- d-----w C:\Program Files\CCleaner
2008-07-31 09:58 --------- d-----w C:\ProgramData\Google Updater
2008-07-31 09:42 --------- d-----w C:\Program Files\Téléchargeur de Singles
2008-07-31 09:42 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-07-31 09:42 --------- d-----w C:\Program Files\Pogo FR
2008-07-31 09:42 --------- d-----w C:\Program Files\Common Files\Real
2008-07-31 09:26 --------- d-----w C:\Users\alison\AppData\Roaming\LimeWire
2008-07-31 08:59 --------- d-----w C:\Program Files\Common Files\Roxio Shared
2008-07-31 08:58 --------- d-----w C:\ProgramData\Zylom
2008-07-31 08:58 --------- d-----w C:\Program Files\Paradise Pet Salon
2008-07-31 08:17 --------- d-----w C:\Users\alison\AppData\Roaming\EoRezo
2008-07-31 08:02 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-07-30 18:33 --------- d-----w C:\Program Files\Roxio
2008-07-30 18:33 --------- d-----w C:\Program Files\Navilog1
2008-07-30 17:38 --------- d---a-w C:\ProgramData\TEMP
2008-07-30 12:55 1,508 ----a-w C:\Users\alison\AppData\Roaming\wklnhst.dat
2008-07-26 20:56 --------- d-----w C:\Users\alison\AppData\Roaming\PlayFirst
2008-07-26 20:56 --------- d-----w C:\ProgramData\PlayFirst
2008-07-26 15:17 --------- d-----w C:\Users\alison\AppData\Roaming\iWin
2008-07-26 07:57 --------- d-----w C:\ProgramData\Roxio
2008-07-26 07:28 --------- d-----w C:\Program Files\Zylom Games
2008-07-25 13:24 --------- d-----w C:\ProgramData\Fashion Solitaire 1.2
2008-07-25 12:45 --------- d-----w C:\Program Files\Real
2008-07-23 20:16 --------- d-----w C:\Users\alison\AppData\Roaming\Zylom
2008-07-23 11:06 --------- d-----w C:\ProgramData\eMule
2008-07-17 22:06 --------- d-----w C:\Program Files\MSN Games
2008-07-17 10:29 --------- d-----w C:\ProgramData\WLInstaller
2008-07-10 07:03 --------- d-----w C:\Program Files\Windows Mail
2008-06-01 09:27 --------- d-----w C:\Program Files\Neuf
2008-05-10 03:35 885,248 ----a-w C:\Windows\System32\RacEngn.dll
2008-04-26 08:08 1,314,816 ----a-w C:\Windows\System32\quartz.dll
2008-04-25 04:35 826,880 ----a-w C:\Windows\System32\wininet.dll
2008-04-23 16:08 2,560 ----a-w C:\Windows\_MSRSTRT.EXE
2008-04-02 14:09 35,840 ----a-w C:\Users\alison\AppData\Roaming\smvss.exe
2008-03-31 18:10 174 --sha-w C:\Program Files\desktop.ini
2008-03-23 08:15 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2008-03-19 13:00 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012008031920080320\index.dat
.
((((((((((((((((((((((((((((( snapshot@2008-07-31_15.50.14.37 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-07-31 13:38:00 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat
+ 2008-07-31 15:49:54 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat
- 2008-07-31 13:37:55 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2008-07-31 15:49:48 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2008-07-31 15:49:48 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2008-07-31 13:45:08 81,920 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-07-31 15:39:24 81,920 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-07-31 13:45:08 98,304 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-07-31 15:39:24 98,304 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-07-31 13:45:08 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-07-31 15:39:24 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-07-31 13:37:34 14,088 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2420169323-654155849-279479277-1002_UserData.bin
+ 2008-07-31 15:49:14 14,088 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2420169323-654155849-279479277-1002_UserData.bin
- 2008-07-31 13:37:34 73,470 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-07-31 15:49:14 73,470 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-07-31 08:49:21 63,600 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-07-31 15:49:23 63,732 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe" [2007-07-19 15:32 1120568]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"ccleaner"="C:\Program Files\CCleaner\CCleaner.exe" [2008-07-29 15:41 1213680]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-25 21:36 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-07-26 22:44 185896]
C:\Users\alison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 - Capture d'‚cran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-08-24 04:45:42 101784]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-04-06 01:06:58 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{A0EDBD8D-7D3A-43D6-8366-D541EE9EFA8C}"= Profile=Private|C:\Program Files\CyberLink\MagicSports\MagicSports.exe:_this_program_will_be_deleted
"{B690FAAD-D07B-4355-9137-5529ABB1A002}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{EBF1D58E-A84D-472B-A0FD-6DB64E2382F3}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{4D889A5B-C592-4646-BD0C-E6F330532701}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{767A6DF5-28DC-4118-A3D0-F41F1D747FC4}C:\\program files\\emule\\emule.exe"= Disabled:UDP:C:\program files\emule\emule.exe:eMule Plus
"UDP Query User{55B782E0-3933-47AD-BABF-5BFC91676C2F}C:\\program files\\emule\\emule.exe"= Disabled:TCP:C:\program files\emule\emule.exe:eMule Plus
"{256AF0D8-4918-4DEC-9E96-BEE344475AF0}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{03AAC2E1-DA0C-4DFB-B86B-91D2289A85CC}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{E4E7FA10-DE24-4A27-88DD-C69733D1E2BA}C:\\program files\\windows sidebar\\sidebar.exe"= UDP:C:\program files\windows sidebar\sidebar.exe:Volet Windows
"UDP Query User{84DF5FB1-798E-4372-B5CC-C06C07F4D344}C:\\program files\\windows sidebar\\sidebar.exe"= TCP:C:\program files\windows sidebar\sidebar.exe:Volet Windows
"{B131CF6C-4C61-409D-A47F-9BEE6BA55EC6}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{C015526C-EDE5-45C5-B82A-B2B4CB0062F1}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"TCP Query User{ADD5F65C-38A0-4CB8-B8BE-FBDE1BAA9028}C:\\program files\\adsltv\\adsltv.exe"= UDP:C:\program files\adsltv\adsltv.exe:adsltv
"UDP Query User{732A08EB-F54F-45F8-AF00-424644AFB168}C:\\program files\\adsltv\\adsltv.exe"= TCP:C:\program files\adsltv\adsltv.exe:adsltv
"{7B9EF840-619E-404F-98C7-8AA2EB1C0947}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{13DDAEDB-CD5B-47C1-A8E9-9367A6A5B586}"= UDP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{70A71B56-E013-4147-AD7D-81A10594847F}"= TCP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{DC019061-C6EB-4C3B-8447-99286A6967A3}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{FA05C00B-57E0-4736-8CB3-D13A798315B9}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{A4D1A9BF-4834-4BDA-9DC6-4B24BE312E69}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{3DB2F8D5-C204-44A3-BAA8-94EE1F1C72DB}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{0EF0A066-06F9-433F-B46E-3EC1335726E4}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{38E5A808-7ABF-4088-BE74-B7B6F7E73453}C:\\program files\\sony online entertainment\\wheel of fortune\\wheel of fortune.exe"= UDP:C:\program files\sony online entertainment\wheel of fortune\wheel of fortune.exe:Wheel of Fortune
"UDP Query User{9B0FE892-EC35-4083-BA3C-23C5F5BD41D8}C:\\program files\\sony online entertainment\\wheel of fortune\\wheel of fortune.exe"= TCP:C:\program files\sony online entertainment\wheel of fortune\wheel of fortune.exe:Wheel of Fortune
"TCP Query User{A16070E6-FBD9-4916-9445-F79149113567}C:\\program files\\webmediaplayer\\webmediaplayer.exe"= UDP:C:\program files\webmediaplayer\webmediaplayer.exe:WebMediaPlayer
"UDP Query User{5A441F18-46AC-4098-8BFF-4F8E1BB9282F}C:\\program files\\webmediaplayer\\webmediaplayer.exe"= TCP:C:\program files\webmediaplayer\webmediaplayer.exe:WebMediaPlayer
"{E46D78E7-A46C-417D-A0DE-1ADAA2D042F4}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{842414CC-7EB9-422F-AC6A-E2548F284C94}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-03-29 19:31]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-03-29 19:32]
S3 Boonty Games;Boonty Games;C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2008-03-23 09:38]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a2a0a297-f5a7-11dc-ba35-806e6f6e6963}]
\shell\AutoRun\command - F:\setupSNK.exe
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
2008-07-31 C:\Windows\Tasks\Extension de garantie.job
- C:\Program Files\Packard Bell\SetupmyPC\PBCarNot.exe [2006-11-21 18:38]
2008-07-31 C:\Windows\Tasks\Recovery DVD Creator.job
- C:\Program Files\Packard Bell\SetupMyPc\MCDCheck.exe [2006-11-21 18:34]
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-avgnt - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-31 17:54:00
Windows 6.0.6001 Service Pack 1 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-07-31 17:55:07
ComboFix-quarantined-files.txt 2008-07-31 15:55:04
ComboFix2.txt 2008-07-31 13:50:53
Pre-Run: 269,929,672,704 octets libres
Post-Run: 269,891,059,712 octets libres
812 --- E O F --- 2008-07-31 09:50:20
au faite si tu vois plusieurs fois antivir c'est parce que j'ai essayé de le désinstallé et j'y arrive et j'ai essayé de le retélécharger je n'y arrive pas non plus. sans oublier que dès que je fait un clic droit sur les icones de mon bureau j'ai un message " windows explorer a cessé de fonctionner" qu'elle galère. heureusement que tu es là. merci de ton aide
Re,
Dis moi ce qu'il y a là-dedans stp : C:\327882R2FWJFW
Tu peux essayer de réinstaller AntiVir pour voir.
Télécharge Ccleaner sur ton Bureau.
- Clique sur "download the latest version"
- Installe-le en laissant seulement les options suivantes cochées :
- Ajouter un raccourci sur le Bureau
- Contrôler automatiquement les mises à jour de CCleaner
- Lance le Nettoyage
- Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.
Aide : Comment utiliser CCleaner.
********************
Télécharge AntiVir sur ton Bureau.
- Double clique sur l'exécutable téléchargé pour lancer l'installation.
- A la fin de l'installation, clique sur Finish.
- Ouvre Antivir, assure-toi qu’il soit bien à jour !
- Dans l'onglet Local Protection, choisis Scanner.
- Active la recherche de rootkits via le + de rootkit search, puis dans manual selection, coche tout (tes partitions de disque dur).
- Clique sur la loupe du milieu pour lancer le scan en tant qu'Administrateur.
- Poste moi le rapport généré : Pour cela, clique sur l'onglet Overview, puis choisis Reports, tu trouveras son rapport..
Note : Pour une éradication des menaces plus efficace, lance le scan en mode sans échec.
Aide : Comment installer et utiliser AntiVir.
Répondre à XmichouX
j'ai réussi à installer ccleaner et à l'exécuter comme il faut mais pour antivir je rame. je m'y connais pas trop et j'ai du mal a comprendre.
j'ai réussi mais ça a mis " l'instalation à échoué'
ouf cette fois c'est bon je te remercie sincèrement pour ta patience et ta gentillesse.
J'attends le rapport AntiVir 
Répondre à XmichouX
bonjour désolé j'ai été oubligé de coupé la conexion hier à cause de l'orage. voici le rapport:
Avira AntiVir Personal
Report file date: vendredi 1 août 2008 06:45
Scanning for 1523821 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (Service Pack 1) [6.0.6001]
Boot mode: Normally booted
Username: SYSTEM
Computer name: PC-DE-ALISON
Version information:
BUILD.DAT : 8.1.0.326 16933 Bytes 11/07/2008 12:57:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
ANTIVIR2.VDF : 7.0.5.174 2027008 Bytes 25/07/2008 18:17:00
ANTIVIR3.VDF : 7.0.5.200 212480 Bytes 31/07/2008 18:17:01
Engineversion : 8.1.1.15
AEVDF.DLL : 8.1.0.5 102772 Bytes 09/07/2008 08:46:50
AESCRIPT.DLL : 8.1.0.61 311675 Bytes 31/07/2008 18:17:12
AESCN.DLL : 8.1.0.23 119156 Bytes 31/07/2008 18:17:11
AERDL.DLL : 8.1.0.20 418165 Bytes 09/07/2008 08:46:50
AEPACK.DLL : 8.1.2.1 364917 Bytes 31/07/2008 18:17:09
AEOFFICE.DLL : 8.1.0.21 192891 Bytes 31/07/2008 18:17:08
AEHEUR.DLL : 8.1.0.44 1343863 Bytes 31/07/2008 18:17:07
AEHELP.DLL : 8.1.0.15 115063 Bytes 09/07/2008 08:46:50
AEGEN.DLL : 8.1.0.32 315765 Bytes 31/07/2008 18:17:04
AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 18:17:03
AECORE.DLL : 8.1.1.8 172406 Bytes 31/07/2008 18:17:02
AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 08:50:42
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 18:17:02
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: vendredi 1 août 2008 06:45
The scan of running processes will be started
Scan process 'SearchFilterHost.exe' - '1' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
Scan process 'unsecapp.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'SmpSys.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'reader_sl.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'dwm.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '1' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'ashServ.exe' - '1' Module(s) have been scanned
Scan process 'aswUpdSv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'TrustedInstaller.exe' - '1' Module(s) have been scanned
Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
Scan process 'audiodg.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
47 processes with 47 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
[INFO] Please restart the search with Administrator rights
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
[INFO] Please restart the search with Administrator rights
Master boot sector HD3
[INFO] No virus was found!
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
[INFO] Please restart the search with Administrator rights
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '38' files ).
Starting the file scan:
Begin scan in 'C:\' <HDD>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
End of the scan: vendredi 1 août 2008 07:24
Used time: 39:47 Minute(s)
The scan has been done completely.
19306 Scanning directories
280085 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
280083 Files not concerned
1969 Archives were scanned
5 Warnings
0 Notes
par contre j'ai toujours un petit soucis quand je veux faire un clic droit sur les icones de mon bureau ça me met " explorateur windows a cessé de fonctionner" si tu pouvais me dire ce que je doit faire ce serais sympa de ta part. merci encore.
Bien, plus de soucis pour AntiVir.
Poste un nouveau rapport HijackThis.
Répondre à XmichouX
bonsoir voici le rapport . par contre quand tu auras 2 min tu pourrais m'expliquer ce qui ne vas pas avec mon pc, dès que je veux faire un clic droit sur mon bureau j'ai le message suivant qui apparait: "explorateur windows à cessé de fonctionner " . merci . Logfile of HijackThis v1.99.1
Scan saved at 23:17:12, on 02/08/2008
Platform: Unknown Windows (WinNT 6.00.1905 SP1)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\mobsync.exe
C:\Windows\Explorer.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Neuf\Widget Neuf\9widget.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Users\alison\AppData\Local\Temp\Rar$EX00.680\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi- [...] ey=IESTART
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Call HoverToCall class - {7E853D72-626A-48EC-A868-BA8D5E23E045} - C:\Program Files\Windows Live\Messenger\HTC.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/too [...] ontrol.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
Tu as bien désinstallé Avast ?
Actuellement, tu utilises une version obsolète d'HijackThis.
Je t'invite à désinstaller HijackThis, puis à le retélécharger. Voici la procédure 
Télécharge Hijackthis (de Trend Micro) sur ton Bureau.
- Double clique sur HJTInstall.exe pour lancer l'installation.
- Clique sur Install.
- Double clique sur le raccourci d'HijackThis qui vient d'être créé pour le lancer. (Clique droit -> lancer en tant qu'admin si sous Vista)
- Accepte la licence en cliquant sur Yes.
- Clique sur Do a system scan and save a logfile.
- Poste ici le rapport généré.
Note : Le rapport se trouve également ici : C:\Program Files\Trend Micro\Hijackthis\Hijackthis.log
Aide : Comment utiliser HijackThis.
Répondre à XmichouX
bonsoir je viens de faire ce que tu m'as dit sauf que je ne peux pas exécuter en tant qu'administrateur comme je te disais précédemment je peux plus faire de clic droit sur mon bureau. Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:45:29, on 03/08/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\eMule\emule.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Windows\Explorer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Call HoverToCall class - {7E853D72-626A-48EC-A868-BA8D5E23E045} - C:\Program Files\Windows Live\Messenger\HTC.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/too [...] ontrol.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
--
End of file - 7508 bytes
Re,
Je pars en vacances demain.
Merci d'envoyer un MP à un autre Helper ou membre affilié pour obtenir de l'aide.
Répondre à XmichouX
Il y a 1220 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
