adwares, trojans, navipromo et Boonty Games

Pour EbayCenter, dis moi ce qu'il y a la dedans : c:\program files\eBayCenter\

Merci beaucoup.

c:\windows\system32\scardsvr.exe...quand j'ouvre ça il apparait un petit écran noir...avec un index clignotant comme pour écrire...mais qd j'écris il ne se passe rien...qu'en faire? le supprimer....?
c:\program files\eBayer 3\ebayer3d.exe...ebayer 3 est un programme acheté sur ebay pour faire une enchère au dernier moment,,,
c:\program files\eBayCenter\eBayCenter.exe ...est un programme similaire au précédent acheté aussi sur ebay...
AAALOGO est un programme que j'ai acheté pour faire des logos( entètes de factures entre autres)

> c:\windows\temp\

Vide ce répértoire entièrement mais ne le supprime pas!

JE NE SAIS PAS COMMENT FAIRE ET J'AI PEUR DE FAIRE DES BÊTISES....

MERCI....ROGER....

JE NE SAIS PAS COMMENT TE FAIRE PARVENIR CE QU'IL Y A DANS EBAY CENTER...
impossible de faire un copié collé...

bonjour

aiglenoir1000, merci de ne pas écrire en majuscules sur le forum = crier

pour poster ce qu'il y a dans le dossier eBayCenter faites une/des captures écran : http://adub115.free.fr/Tutos/TutoCapture.pdf

taille maxi pour les images ici 600x600 et en mode miniatures (IMG CODE) hébergé sur le site http://www.hiboox.com/

Aigle noir : -> http://www.generation-nt.com/smart-card-server-scardsvr-exe-processus-27527.h(...)

C'est un programme légitime ! Ne le supprime pas !

bonsoir...désolé d'avoir"crié"...c'est par ignorance...
je n'arrive pas a poster le dossier EbayCenter...n'est'il pas plus simple de le virer...il fait double emploi avec ebayeur 3...merci...roger...

Salut,

Quitte toutes tes applications lancéeqs et lance juste EbayCenter.exe et Ebayer3D.exe .

Ensuite, télécharges Currports et lance l'executable. Poste le résultat dans ta prochaine réponse (je veux la liste complète).

bonjour...en informatique , mon QI doit avoisiner celui de l'oursin...je n'arrive pas a trouver ebayCenter.exe ni ebay3D.exe et je suis incapable de lancer l'
"exécutable" ??? de currports...help...stp...merci...roger

c:\program files\eBayCenter\
c:\program files\eBayer3D\

dans ces répertoires.

Extrais le contenu du fichier que tu as téléchargé sur le bureau et lance cports.exe une fois les deux programmes cités au dessus, lancés.

bonjour...voilà , j'ai fais mon possible...j'espère que le résultat te conviendra

TCP/UDP Ports List

Created by using CurrPorts

Process Name Process ID Protocol Local Port Local Port Name Local Address Remote Port Remote Port Name Remote Address Remote Host Name State Process Path Product Name File Description File Version Company Process Created On User Name Process Services Process Attributes Added On Module Filename Remote IP Country
alg.exe 2336 TCP 1027 127.0.0.1 3078 192.168.1.10 roger-cf10e21d6.home Established C:\WINDOWS\System32\alg.exe Microsoft® Windows® Operating System Application Layer Gateway Service 5.1.2600.5512 (xpsp.080413-0852) Microsoft Corporation 03/12/2008 21:25:05 ALG A 03/12/2008 23:42:22 C:\WINDOWS\System32\alg.exe
alg.exe 2336 TCP 3080 192.168.1.10 21 ftp 193.22.143.162 ftpclubic22.clubic.com Established C:\WINDOWS\System32\alg.exe Microsoft® Windows® Operating System Application Layer Gateway Service 5.1.2600.5512 (xpsp.080413-0852) Microsoft Corporation 03/12/2008 21:25:05 ALG A 03/12/2008 23:42:22 C:\WINDOWS\System32\alg.exe
alg.exe 2336 TCP 1027 127.0.0.1 3082 192.168.1.10 roger-cf10e21d6.home Established C:\WINDOWS\System32\alg.exe Microsoft® Windows® Operating System Application Layer Gateway Service 5.1.2600.5512 (xpsp.080413-0852) Microsoft Corporation 03/12/2008 21:25:05 ALG A 03/12/2008 23:42:22 C:\WINDOWS\System32\alg.exe
alg.exe 2336 TCP 3084 192.168.1.10 21 ftp 193.22.143.223 Established C:\WINDOWS\System32\alg.exe Microsoft® Windows® Operating System Application Layer Gateway Service 5.1.2600.5512 (xpsp.080413-0852) Microsoft Corporation 03/12/2008 21:25:05 ALG A 03/12/2008 23:42:22 C:\WINDOWS\System32\alg.exe
alg.exe 2336 TCP 1027 127.0.0.1 0.0.0.0 Listening C:\WINDOWS\System32\alg.exe Microsoft® Windows® Operating System Application Layer Gateway Service 5.1.2600.5512 (xpsp.080413-0852) Microsoft Corporation 03/12/2008 21:25:05 ALG A 03/12/2008 23:42:22 C:\WINDOWS\System32\alg.exe
AppleMobileDeviceService.exe 664 TCP 27015 127.0.0.1 1039 127.0.0.1 localhost Established C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe Apple Mobile Device Service Apple Mobile Device Service 2.11.32.0 Apple Inc. 03/12/2008 21:24:52 AUTORITE NT\SYSTEM Apple Mobile Device A 03/12/2008 23:42:22 C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
AppleMobileDeviceService.exe 664 TCP 27015 127.0.0.1 0.0.0.0 Listening C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe Apple Mobile Device Service Apple Mobile Device Service 2.11.32.0 Apple Inc. 03/12/2008 21:24:52 AUTORITE NT\SYSTEM Apple Mobile Device A 03/12/2008 23:42:22 C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
ashMaiSv.exe 1356 TCP 12143 127.0.0.1 0.0.0.0 Listening C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe avast! Antivirus avast! e-Mail Scanner Service 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:02 AUTORITE NT\SYSTEM avast! Mail Scanner A 03/12/2008 23:42:22
ashMaiSv.exe 1356 TCP 12110 127.0.0.1 0.0.0.0 Listening C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe avast! Antivirus avast! e-Mail Scanner Service 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:02 AUTORITE NT\SYSTEM avast! Mail Scanner A 03/12/2008 23:42:22 C:\WINDOWS\system32\RPCRT4.dll
ashMaiSv.exe 1356 TCP 12025 127.0.0.1 0.0.0.0 Listening C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe avast! Antivirus avast! e-Mail Scanner Service 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:02 AUTORITE NT\SYSTEM avast! Mail Scanner A 03/12/2008 23:42:22 C:\WINDOWS\system32\RPCRT4.dll
ashMaiSv.exe 1356 TCP 12119 127.0.0.1 0.0.0.0 Listening C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe avast! Antivirus avast! e-Mail Scanner Service 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:02 AUTORITE NT\SYSTEM avast! Mail Scanner A 03/12/2008 23:42:22 C:\WINDOWS\system32\kernel32.dll
ashWebSv.exe 1432 TCP 12080 127.0.0.1 2716 127.0.0.1 localhost Established C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\WINDOWS\system32\kernel32.dll
ashWebSv.exe 1432 TCP 3002 192.168.1.10 80 http 91.103.136.102 Established C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
ashWebSv.exe 1432 TCP 12080 127.0.0.1 2718 127.0.0.1 localhost Established C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\WINDOWS\system32\kernel32.dll
ashWebSv.exe 1432 TCP 2709 192.168.1.10 80 http 212.23.166.71 achille.homere.jmsp.net Established C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
ashWebSv.exe 1432 TCP 2679 192.168.1.10 80 http 216.239.59.103 Close Wait C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
ashWebSv.exe 1432 TCP 3035 192.168.1.10 80 http 66.102.9.127 lm-in-f127.google.com Close Wait C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
ashWebSv.exe 1432 TCP 3024 192.168.1.10 80 http 74.125.77.154 ew-in-f154.google.com Close Wait C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
ashWebSv.exe 1432 TCP 3019 192.168.1.10 80 http 91.103.136.102 Established C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
ashWebSv.exe 1432 TCP 12080 127.0.0.1 3055 127.0.0.1 localhost Established C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\WINDOWS\system32\kernel32.dll
ashWebSv.exe 1432 TCP 2714 192.168.1.10 80 http 212.23.166.70 diomede.homere.jmsp.net Established C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
ashWebSv.exe 1432 TCP 12080 127.0.0.1 2720 127.0.0.1 localhost Established C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\WINDOWS\system32\kernel32.dll
ashWebSv.exe 1432 TCP 2711 192.168.1.10 80 http 212.23.166.71 achille.homere.jmsp.net Established C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
ashWebSv.exe 1432 TCP 2715 192.168.1.10 80 http 212.23.166.70 diomede.homere.jmsp.net Established C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
ashWebSv.exe 1432 TCP 12080 127.0.0.1 2721 127.0.0.1 localhost Established C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\WINDOWS\system32\kernel32.dll
ashWebSv.exe 1432 TCP 12080 127.0.0.1 3074 127.0.0.1 localhost Established C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\WINDOWS\system32\kernel32.dll
ashWebSv.exe 1432 TCP 12080 127.0.0.1 2708 127.0.0.1 localhost Established C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\WINDOWS\system32\kernel32.dll
ashWebSv.exe 1432 TCP 3073 192.168.1.10 80 http 66.102.9.127 lm-in-f127.google.com Close Wait C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
ashWebSv.exe 1432 TCP 3056 192.168.1.10 80 http 194.78.100.11 11.100-78-194.adsl-static.isp.belgacom.be Established C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
ashWebSv.exe 1432 TCP 12080 127.0.0.1 2678 127.0.0.1 localhost Established C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\WINDOWS\system32\kernel32.dll
ashWebSv.exe 1432 TCP 12080 127.0.0.1 2710 127.0.0.1 localhost Established C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\WINDOWS\system32\kernel32.dll
ashWebSv.exe 1432 TCP 2717 192.168.1.10 80 http 212.23.178.135 carter.mecano.jmsp.net Established C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
ashWebSv.exe 1432 TCP 12080 127.0.0.1 2712 127.0.0.1 localhost Established C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\WINDOWS\system32\kernel32.dll
ashWebSv.exe 1432 TCP 2719 192.168.1.10 80 http 212.23.178.135 carter.mecano.jmsp.net Established C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
ashWebSv.exe 1432 TCP 3075 192.168.1.10 80 http 93.188.128.20 Close Wait C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
ashWebSv.exe 1432 TCP 12080 127.0.0.1 2713 127.0.0.1 localhost Established C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\WINDOWS\system32\kernel32.dll
ashWebSv.exe 1432 TCP 12080 127.0.0.1 3001 127.0.0.1 localhost Established C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\WINDOWS\system32\kernel32.dll
ashWebSv.exe 1432 TCP 12080 127.0.0.1 2698 127.0.0.1 localhost Established C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\WINDOWS\system32\kernel32.dll
ashWebSv.exe 1432 TCP 12080 127.0.0.1 3018 127.0.0.1 localhost Established C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\WINDOWS\system32\kernel32.dll
ashWebSv.exe 1432 TCP 12080 127.0.0.1 0.0.0.0 Listening C:\Program Files\Alwil Software\Avast4\ashWebSv.exe avast! Antivirus avast! Web Scanner 4, 8, 1287, 0 ALWIL Software 03/12/2008 21:25:03 AUTORITE NT\SYSTEM avast! Web Scanner A 03/12/2008 23:42:22 C:\WINDOWS\system32\kernel32.dll
firefox.exe 3828 TCP 2716 127.0.0.1 12080 127.0.0.1 localhost Established C:\Program Files\Mozilla Firefox\firefox.exe Firefox Firefox 1.9.0.4 Mozilla Corporation 03/12/2008 23:39:13 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:22 C:\Program Files\Mozilla Firefox\nspr4.dll
firefox.exe 3828 TCP 3078 192.168.1.10 21 ftp 193.22.143.162 ftpclubic22.clubic.com Established C:\Program Files\Mozilla Firefox\firefox.exe Firefox Firefox 1.9.0.4 Mozilla Corporation 03/12/2008 23:39:13 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:22 C:\Program Files\Mozilla Firefox\nspr4.dll
firefox.exe 3828 TCP 2718 127.0.0.1 12080 127.0.0.1 localhost Established C:\Program Files\Mozilla Firefox\firefox.exe Firefox Firefox 1.9.0.4 Mozilla Corporation 03/12/2008 23:39:13 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:22 C:\Program Files\Mozilla Firefox\nspr4.dll
firefox.exe 3828 TCP 2671 127.0.0.1 2672 127.0.0.1 localhost Established C:\Program Files\Mozilla Firefox\firefox.exe Firefox Firefox 1.9.0.4 Mozilla Corporation 03/12/2008 23:39:13 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:22 C:\Program Files\Mozilla Firefox\nspr4.dll
firefox.exe 3828 TCP 2672 127.0.0.1 2671 127.0.0.1 localhost Established C:\Program Files\Mozilla Firefox\firefox.exe Firefox Firefox 1.9.0.4 Mozilla Corporation 03/12/2008 23:39:13 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:22 C:\Program Files\Mozilla Firefox\nspr4.dll
firefox.exe 3828 TCP 3055 127.0.0.1 12080 127.0.0.1 localhost Established C:\Program Files\Mozilla Firefox\firefox.exe Firefox Firefox 1.9.0.4 Mozilla Corporation 03/12/2008 23:39:13 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:22 C:\Program Files\Mozilla Firefox\nspr4.dll
firefox.exe 3828 TCP 2720 127.0.0.1 12080 127.0.0.1 localhost Established C:\Program Files\Mozilla Firefox\firefox.exe Firefox Firefox 1.9.0.4 Mozilla Corporation 03/12/2008 23:39:13 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:22 C:\Program Files\Mozilla Firefox\nspr4.dll
firefox.exe 3828 TCP 2721 127.0.0.1 12080 127.0.0.1 localhost Established C:\Program Files\Mozilla Firefox\firefox.exe Firefox Firefox 1.9.0.4 Mozilla Corporation 03/12/2008 23:39:13 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:22 C:\Program Files\Mozilla Firefox\nspr4.dll
firefox.exe 3828 TCP 3074 127.0.0.1 12080 127.0.0.1 localhost Established C:\Program Files\Mozilla Firefox\firefox.exe Firefox Firefox 1.9.0.4 Mozilla Corporation 03/12/2008 23:39:13 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:22 C:\Program Files\Mozilla Firefox\nspr4.dll
firefox.exe 3828 TCP 2674 127.0.0.1 2673 127.0.0.1 localhost Established C:\Program Files\Mozilla Firefox\firefox.exe Firefox Firefox 1.9.0.4 Mozilla Corporation 03/12/2008 23:39:13 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:22 C:\Program Files\Mozilla Firefox\nspr4.dll
firefox.exe 3828 TCP 2673 127.0.0.1 2674 127.0.0.1 localhost Established C:\Program Files\Mozilla Firefox\firefox.exe Firefox Firefox 1.9.0.4 Mozilla Corporation 03/12/2008 23:39:13 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:22 C:\Program Files\Mozilla Firefox\nspr4.dll
firefox.exe 3828 TCP 2708 127.0.0.1 12080 127.0.0.1 localhost Established C:\Program Files\Mozilla Firefox\firefox.exe Firefox Firefox 1.9.0.4 Mozilla Corporation 03/12/2008 23:39:13 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:22 C:\Program Files\Mozilla Firefox\nspr4.dll
firefox.exe 3828 TCP 3082 192.168.1.10 21 ftp 193.22.143.223 Established C:\Program Files\Mozilla Firefox\firefox.exe Firefox Firefox 1.9.0.4 Mozilla Corporation 03/12/2008 23:39:13 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:22 C:\Program Files\Mozilla Firefox\nspr4.dll
firefox.exe 3828 TCP 2678 127.0.0.1 12080 127.0.0.1 localhost Established C:\Program Files\Mozilla Firefox\firefox.exe Firefox Firefox 1.9.0.4 Mozilla Corporation 03/12/2008 23:39:13 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:22 C:\Program Files\Mozilla Firefox\nspr4.dll
firefox.exe 3828 TCP 2710 127.0.0.1 12080 127.0.0.1 localhost Established C:\Program Files\Mozilla Firefox\firefox.exe Firefox Firefox 1.9.0.4 Mozilla Corporation 03/12/2008 23:39:13 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:22 C:\Program Files\Mozilla Firefox\nspr4.dll
firefox.exe 3828 TCP 2712 127.0.0.1 12080 127.0.0.1 localhost Established C:\Program Files\Mozilla Firefox\firefox.exe Firefox Firefox 1.9.0.4 Mozilla Corporation 03/12/2008 23:39:13 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:22 C:\Program Files\Mozilla Firefox\nspr4.dll
firefox.exe 3828 TCP 2713 127.0.0.1 12080 127.0.0.1 localhost Established C:\Program Files\Mozilla Firefox\firefox.exe Firefox Firefox 1.9.0.4 Mozilla Corporation 03/12/2008 23:39:13 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:22 C:\Program Files\Mozilla Firefox\nspr4.dll
firefox.exe 3828 TCP 3001 127.0.0.1 12080 127.0.0.1 localhost Established C:\Program Files\Mozilla Firefox\firefox.exe Firefox Firefox 1.9.0.4 Mozilla Corporation 03/12/2008 23:39:13 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:22 C:\Program Files\Mozilla Firefox\nspr4.dll
firefox.exe 3828 TCP 2698 127.0.0.1 12080 127.0.0.1 localhost Established C:\Program Files\Mozilla Firefox\firefox.exe Firefox Firefox 1.9.0.4 Mozilla Corporation 03/12/2008 23:39:13 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:22 C:\Program Files\Mozilla Firefox\nspr4.dll
firefox.exe 3828 TCP 3018 127.0.0.1 12080 127.0.0.1 localhost Established C:\Program Files\Mozilla Firefox\firefox.exe Firefox Firefox 1.9.0.4 Mozilla Corporation 03/12/2008 23:39:13 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:22 C:\Program Files\Mozilla Firefox\nspr4.dll
iTunesHelper.exe 3204 TCP 1039 127.0.0.1 27015 127.0.0.1 localhost Established C:\Program Files\iTunes\iTunesHelper.exe iTunes iTunesHelper Module 8.0.1.11 Apple Inc. 03/12/2008 21:24:48 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:22 C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll
lsass.exe 808 UDP 500 isakmp 0.0.0.0 C:\WINDOWS\system32\lsass.exe Microsoft® Windows® Operating System LSA Shell (Export Version) 5.1.2600.5512 (xpsp.080413-2113) Microsoft Corporation 03/12/2008 21:24:34 AUTORITE NT\SYSTEM PolicyAgent, ProtectedStorage, SamSs A 03/12/2008 23:42:22 C:\WINDOWS\system32\oakley.DLL
lsass.exe 808 UDP 4500 0.0.0.0 C:\WINDOWS\system32\lsass.exe Microsoft® Windows® Operating System LSA Shell (Export Version) 5.1.2600.5512 (xpsp.080413-2113) Microsoft Corporation 03/12/2008 21:24:34 AUTORITE NT\SYSTEM PolicyAgent, ProtectedStorage, SamSs A 03/12/2008 23:42:23 C:\WINDOWS\system32\oakley.DLL
mDNSResponder.exe 712 TCP 5354 127.0.0.1 0.0.0.0 Listening C:\Program Files\Bonjour\mDNSResponder.exe Bonjour Bonjour Service 1,0,5,11 Apple Inc. 03/12/2008 21:24:52 AUTORITE NT\SYSTEM Bonjour Service A 03/12/2008 23:42:22
mDNSResponder.exe 712 UDP 1025 0.0.0.0 C:\Program Files\Bonjour\mDNSResponder.exe Bonjour Bonjour Service 1,0,5,11 Apple Inc. 03/12/2008 21:24:52 AUTORITE NT\SYSTEM Bonjour Service A 03/12/2008 23:42:23
mDNSResponder.exe 712 UDP 5353 192.168.1.10 C:\Program Files\Bonjour\mDNSResponder.exe Bonjour Bonjour Service 1,0,5,11 Apple Inc. 03/12/2008 21:24:52 AUTORITE NT\SYSTEM Bonjour Service A 03/12/2008 23:42:23
mDNSResponder.exe 712 UDP 58575 0.0.0.0 C:\Program Files\Bonjour\mDNSResponder.exe Bonjour Bonjour Service 1,0,5,11 Apple Inc. 03/12/2008 21:24:52 AUTORITE NT\SYSTEM Bonjour Service A 03/12/2008 23:42:23
Skype.exe 3376 TCP 1055 192.168.1.10 33374 91.188.42.158 client42-158.ultracom.lv Established C:\Program Files\Skype\Phone\Skype.exe Skype Skype. Take a deep breath 3.6.0.248 Skype Technologies S.A. 03/12/2008 21:24:52 ROGER-CF10E21D6\Propriétaire AR 03/12/2008 23:42:22 C:\Program Files\Skype\Phone\Skype.exe
Skype.exe 3376 TCP 80 http 0.0.0.0 0.0.0.0 Listening C:\Program Files\Skype\Phone\Skype.exe Skype Skype. Take a deep breath 3.6.0.248 Skype Technologies S.A. 03/12/2008 21:24:52 ROGER-CF10E21D6\Propriétaire AR 03/12/2008 23:42:22
Skype.exe 3376 TCP 16535 0.0.0.0 0.0.0.0 Listening C:\Program Files\Skype\Phone\Skype.exe Skype Skype. Take a deep breath 3.6.0.248 Skype Technologies S.A. 03/12/2008 21:24:52 ROGER-CF10E21D6\Propriétaire AR 03/12/2008 23:42:22 C:\WINDOWS\system32\RPCRT4.dll
Skype.exe 3376 TCP 443 https 0.0.0.0 0.0.0.0 Listening C:\Program Files\Skype\Phone\Skype.exe Skype Skype. Take a deep breath 3.6.0.248 Skype Technologies S.A. 03/12/2008 21:24:52 ROGER-CF10E21D6\Propriétaire AR 03/12/2008 23:42:22 C:\WINDOWS\system32\RPCRT4.dll
Skype.exe 3376 UDP 1044 127.0.0.1 C:\Program Files\Skype\Phone\Skype.exe Skype Skype. Take a deep breath 3.6.0.248 Skype Technologies S.A. 03/12/2008 21:24:52 ROGER-CF10E21D6\Propriétaire AR 03/12/2008 23:42:22
Skype.exe 3376 UDP 16535 0.0.0.0 C:\Program Files\Skype\Phone\Skype.exe Skype Skype. Take a deep breath 3.6.0.248 Skype Technologies S.A. 03/12/2008 21:24:52 ROGER-CF10E21D6\Propriétaire AR 03/12/2008 23:42:23
Skype.exe 3376 UDP 443 https 0.0.0.0 C:\Program Files\Skype\Phone\Skype.exe Skype Skype. Take a deep breath 3.6.0.248 Skype Technologies S.A. 03/12/2008 21:24:52 ROGER-CF10E21D6\Propriétaire AR 03/12/2008 23:42:23
svchost.exe 1056 TCP 135 epmap 0.0.0.0 0.0.0.0 Listening C:\WINDOWS\system32\svchost.exe Microsoft® Windows® Operating System Generic Host Process for Win32 Services 5.1.2600.5512 (xpsp.080413-2111) Microsoft Corporation 03/12/2008 21:24:36 RpcSs A 03/12/2008 23:42:22 C:\WINDOWS\system32\RPCRT4.dll
svchost.exe 1200 UDP 123 ntp 127.0.0.1 C:\WINDOWS\system32\svchost.exe Microsoft® Windows® Operating System Generic Host Process for Win32 Services 5.1.2600.5512 (xpsp.080413-2111) Microsoft Corporation 03/12/2008 21:24:36 AUTORITE NT\SYSTEM AudioSrv, CryptSvc, Dhcp, ERSvc, EventSystem, FastUserSwitchingCompatibility, helpsvc, HidServ, lanmanserver, lanmanworkstation, Netman, Nla, RasMan, Schedule, seclogon A 03/12/2008 23:42:23 c:\windows\system32\w32time.dll
svchost.exe 1200 UDP 123 ntp 192.168.1.10 C:\WINDOWS\system32\svchost.exe Microsoft® Windows® Operating System Generic Host Process for Win32 Services 5.1.2600.5512 (xpsp.080413-2111) Microsoft Corporation 03/12/2008 21:24:36 AUTORITE NT\SYSTEM AudioSrv, CryptSvc, Dhcp, ERSvc, EventSystem, FastUserSwitchingCompatibility, helpsvc, HidServ, lanmanserver, lanmanworkstation, Netman, Nla, RasMan, Schedule, seclogon A 03/12/2008 23:42:23 c:\windows\system32\w32time.dll
svchost.exe 1412 UDP 1900 127.0.0.1 C:\WINDOWS\system32\svchost.exe Microsoft® Windows® Operating System Generic Host Process for Win32 Services 5.1.2600.5512 (xpsp.080413-2111) Microsoft Corporation 03/12/2008 21:24:37 LmHosts, SSDPSRV, WebClient A 03/12/2008 23:42:23 c:\windows\system32\ssdpsrv.dll
svchost.exe 1412 UDP 1900 192.168.1.10 C:\WINDOWS\system32\svchost.exe Microsoft® Windows® Operating System Generic Host Process for Win32 Services 5.1.2600.5512 (xpsp.080413-2111) Microsoft Corporation 03/12/2008 21:24:37 LmHosts, SSDPSRV, WebClient A 03/12/2008 23:42:23 c:\windows\system32\ssdpsrv.dll
System 4 TCP 139 netbios-ssn 192.168.1.10 0.0.0.0 Listening N/A 03/12/2008 23:42:22
System 4 TCP 445 microsoft-ds 0.0.0.0 0.0.0.0 Listening N/A 03/12/2008 23:42:22
System 4 UDP 137 netbios-ns 192.168.1.10 N/A 03/12/2008 23:42:23
System 4 UDP 138 netbios-dgm 192.168.1.10 N/A 03/12/2008 23:42:23
System 4 UDP 445 microsoft-ds 0.0.0.0 N/A 03/12/2008 23:42:23
Unknown 0 TCP 2912 192.168.1.10 80 http 194.126.157.12 js.cybermonitor.com Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2944 192.168.1.10 80 http 194.126.157.12 js.cybermonitor.com Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 3003 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2907 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 3067 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2955 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 3051 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2939 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2936 192.168.1.10 80 http 217.146.179.200 bs1.ads.vip.ukl.yahoo.com Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 2972 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2972 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 3020 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12110 127.0.0.1 3006 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 2924 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 2988 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 3036 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 3053 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2893 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 3069 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2941 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2957 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2922 192.168.1.10 80 http 217.146.179.200 bs1.ads.vip.ukl.yahoo.com Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2931 192.168.1.10 80 http 194.126.157.12 js.cybermonitor.com Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 3022 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 3038 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2926 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 2943 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 3071 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 2911 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2892 192.168.1.10 80 http 217.146.179.200 bs1.ads.vip.ukl.yahoo.com Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2928 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 3008 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2880 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 2961 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 2993 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 3025 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 2978 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2914 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 2930 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 3010 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 2963 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 2995 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 3027 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 3043 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 3011 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2947 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 2899 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 3076 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 2980 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 2884 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2897 192.168.1.10 80 http 217.146.179.200 bs1.ads.vip.ukl.yahoo.com Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 3013 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 3029 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2997 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2887 127.0.0.1 12110 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 2901 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 2933 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 3045 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2965 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 2949 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12110 127.0.0.1 2887 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 3015 192.168.1.10 80 http 193.22.143.61 php11.clubic.com Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2902 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 3046 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2918 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2982 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 3040 192.168.1.10 80 http 62.161.94.118 chicoutimi.xiti.com Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 3004 192.168.1.10 80 http 194.126.157.12 js.cybermonitor.com Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 3072 192.168.1.10 80 http 62.161.94.118 chicoutimi.xiti.com Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 2951 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 3031 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 2999 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 2935 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2967 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 3047 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2996 192.168.1.10 80 http 217.146.179.200 bs1.ads.vip.ukl.yahoo.com Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2964 192.168.1.10 80 http 217.146.179.200 bs1.ads.vip.ukl.yahoo.com Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2973 192.168.1.10 80 http 194.126.157.12 js.cybermonitor.com Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2989 192.168.1.10 80 http 194.126.157.12 js.cybermonitor.com Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 2920 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 3032 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 2984 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 3016 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2981 192.168.1.10 80 http 217.146.179.200 bs1.ads.vip.ukl.yahoo.com Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2917 192.168.1.10 80 http 217.146.179.200 bs1.ads.vip.ukl.yahoo.com Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2905 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2969 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 2889 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 3065 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 12080 127.0.0.1 2921 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2953 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2937 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2950 192.168.1.10 80 http 217.146.179.200 bs1.ads.vip.ukl.yahoo.com Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2986 127.0.0.1 12080 127.0.0.1 localhost Time Wait N/A 03/12/2008 23:42:22
Unknown 0 TCP 2903 192.168.1.10 80 http 217.146.179.200 bs1.ads.vip.ukl.yahoo.com Time Wait N/A 03/12/2008 23:42:22
VoipCheapCom.exe 3312 UDP 54189 0.0.0.0 C:\Program Files\VoipCheapCom\VoipCheapCom.exe VoipCheapCom Client to make VoIP calls. 4, 2, 517, 0 VoipCheapCom 03/12/2008 21:24:49 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:23 C:\Program Files\VoipCheapCom\VoipCheapCom.exe
VoipCheapCom.exe 3312 UDP 47700 0.0.0.0 C:\Program Files\VoipCheapCom\VoipCheapCom.exe VoipCheapCom Client to make VoIP calls. 4, 2, 517, 0 VoipCheapCom 03/12/2008 21:24:49 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:23 C:\Program Files\VoipCheapCom\VoipCheapCom.exe
VoipCheapCom.exe 3312 UDP 23629 0.0.0.0 C:\Program Files\VoipCheapCom\VoipCheapCom.exe VoipCheapCom Client to make VoIP calls. 4, 2, 517, 0 VoipCheapCom 03/12/2008 21:24:49 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:23 C:\Program Files\VoipCheapCom\VoipCheapCom.exe
VoipCheapCom.exe 3312 UDP 1040 127.0.0.1 C:\Program Files\VoipCheapCom\VoipCheapCom.exe VoipCheapCom Client to make VoIP calls. 4, 2, 517, 0 VoipCheapCom 03/12/2008 21:24:49 ROGER-CF10E21D6\Propriétaire A 03/12/2008 23:42:23 C:\WINDOWS\system32\WININET.dll
YesMessenger.exe 564 UDP 1047 127.0.0.1

merci...

j'ai oublié de te dire...j'avais qq jeux sur mon pc et je ne sais plus les ouvrir
que faire,,,merci...roger...

bonsoir...mon pc me dit....

Le pilote du périphérique"MSI Bluetooth device"empêche la mise en veille de l'ordinateur.Fermez toutes les applications et réessayez.Si le problème persiste, peut etre devrez-vous mettre à jour ce pilote.

ça veut dire quoi? et que dois-je faire à ce sujet? merci...roger

Il s'agit du driver pour le bluetooth qui semble poser quelques soucis.
Double clique sur poste de travail > Afficher les infos systèmes > Matériel > Gestionnaire de périphériques > Périphériques Bluetooth > Clique droit sur ton périphérique > Propriétés > Mise à jour.


>Télécharges MalwareBytes ici.
>Lance-le pour le mettre à jour.
>Redémarre en mode sans-échec (en tapotant sur F8 au lancement du PC).
>Effectue un scan Complet avec MalwareBytes et conserve le rapport.
>Redémarre en mode normal et poste le rapport dans ta prochaine réponse.

bonsoir...pardon pour ce silence mais j'ai été fort occupé...voici donc ce rapport

Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1456
Windows 5.1.2600 Service Pack 3

20/12/2008 01:19:04
mbam-log-2008-12-20 (01-18-53).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|)
Eléments examinés: 202714
Temps écoulé: 1 hour(s), 3 minute(s), 50 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\Local Page (Hijack.Search) -> Bad: (http://www.iesearch.com/) Good: (http://www.google.com/) -> No action taken.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
F:\battlefield\TaZ-TeaM_BattleField2 Keygen.exe (Trojan.Agent) -> No action taken.


encore merci pour cette aide

Salut,

Quels sont les jeux concernés?

Redémarre en mode sans-échec (en tapotant sur F8 au démarrage du PC) et lance un scan complet avec ton antivirus. Cela va prendre un peu de temps sois patient.
Une fois le scan fini, il devrait te refiler le rapport du scan.
Copie-le dans ton prochain message.

bonjour...les jeux sont rainbow web et rainbow web 2...il y avait aussi cradle of persia mais celui-là je l'ai récupéré...je l'ai retéléchargé et j'avais le code d'activation...donc...mais pour les 2 autres ça ne fonctionne pas comme ça...

Redémarre en mode sans-échec (en tapotant sur F8 au démarrage du PC) et lance un scan complet avec ton antivirus. Cela va prendre un peu de temps sois patient.
Une fois le scan fini, il devrait te refiler le rapport du scan.
Copie-le dans ton prochain message.

j'ai essayé mais avast me dit:lignes listées 2382...impossible de scanner
cela ne provient il pas de la mise en veille qui intervient trop vite...+ou-3min
je ne sais pas comment changer ça...c'est nouveau , mais c'est peut être moi qui ai cliqué au mauvais endroit...
quelques petite remarque quant au comportement de mon pc...beaucoup de choses sont revenue dans l'ordre...mais...1o...la page d'accueil continue a changer sans demande de ma part...2o...ma corbeille se vide automatiquement...
3o...chaque fois que j'allume mon pc spybot me dit que "coolweb search ctfmon32
.exe essaie de se charger...je refuse pcq il est décrit comme parasite variant...source Paul Collins startup list...que faire?merci...
et je me permet de crier...JOYEUX NOEL....je suppose que dans ce cas exceptionnel c'est permis de crier...merci...roger

Rainbow Web et Cradle of Persia font parti de Boonty Games, qui est vilain. Je te déconseille donc d'y jouer.

C'est peut-être encore un peu tôt pour un scan de Avast.

Effectue la manipulation ici.

Poste le rapport obtenu dans ta prochaine réponse.

bonne année 2009.....voici donc l'analyse demandée dans ton dernier message...
MERCI...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:19:45, on 01/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\Medion\KeyStat\KeyStat.exe
C:\WINDOWS\Dit.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\VoipCheapCom\VoipCheapCom.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\DNA\btdna.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\eBayCenter\eBayCenter.exe
C:\Program Files\eBayer 3\ebayer3d.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\YesMessenger\YesMessenger.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\mmc.exe
C:\WINDOWS\system32\DfrgNtfs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=101764&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/e(...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IE PopUp-Killer - {49E0E0F0-5C30-11D4-945D-000000000003} - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04b\BrStDvPt.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Keyboard Status] C:\PROGRA~1\Medion\KeyStat\KeyStat.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKCU\..\Run: [VoipCheapCom] "C:\Program Files\VoipCheapCom\VoipCheapCom.exe" -nosplash -minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Ashampoo PopUpBlocker] C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: BoontyBox 01net.lnk = C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: YesMessenger.lnk = C:\Program Files\YesMessenger\YesMessenger.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: eBayCenter.lnk = C:\Program Files\eBayCenter\eBayCenter.exe
O4 - Global Startup: eBayer 3.lnk = C:\Program Files\eBayer 3\ebayer3d.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

--
End of file - 12457 bytes

Salut,

Bonne année !!!

j'ai grillé quelques saletés, la plupart dues à BoontyGames.

Voici la manipulation à suivre :

>Lance HijackThis et coche les lignes suivantes puis clique sur "Fix Checked":



>Désinstalle ces programmes en allant dans Panneau de Configuration > Ajout/Supressions de programmes :

Boonty
BoontyBox
YesMessenger
Ashampoo
AskBar
AskBarDis

(Tu as aussi la Yahoo Toolbar non? Tu veux la garder ou non, sachant qu'il existe des toolbars plus pratiques)

Une fois tout cela fait, reboot ton PC et refais-moi un scan avec HijackThis, puis poste-le.

bonjour...non...bonsoir...avant de faire quoi que ce soit, j'ai refais une analyse avec hijackThis...pcq j'ai été repêcher qq jeux sur boonty games...par ignorance...voici le rapport...merci...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:42:06, on 05/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\Medion\KeyStat\KeyStat.exe
C:\WINDOWS\Dit.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\VoipCheapCom\VoipCheapCom.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\eBayCenter\eBayCenter.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\YesMessenger\YesMessenger.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\BoontyGames\Cradle of Persia\CradleOfPersia.exe
C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\BoontyGames.0001
C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=101764&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/e(...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IE PopUp-Killer - {49E0E0F0-5C30-11D4-945D-000000000003} - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04b\BrStDvPt.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Keyboard Status] C:\PROGRA~1\Medion\KeyStat\KeyStat.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKCU\..\Run: [VoipCheapCom] "C:\Program Files\VoipCheapCom\VoipCheapCom.exe" -nosplash -minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Ashampoo PopUpBlocker] C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: YesMessenger.lnk = C:\Program Files\YesMessenger\YesMessenger.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: eBayCenter.lnk = C:\Program Files\eBayCenter\eBayCenter.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

--
End of file - 12380 bytes

désolé de t'avoir compliqué la tache par bêtise...avec boonty games...
j'ai fais les manip que tu m'as demandées et voici le résultat...merci...


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:24:36, on 06/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/e(...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

--
End of file - 5595 bytes

Ca m'a l'air un peu plus sympa

Un petit combofix au cas où? Poste le rapport steuplé !

voilà mon petit rapport , Maître , j'ai fais l'analyse en mode sans échec...j'ai bien fais?? que faire pour les jeux...fini boonty games...ou il y a un moyen ou un autre site plus propre??? et puisque la désinfection a l'air de se terminer...que me conseilles tu comme antivirus...j'ai avast...merci...

ComboFix 08-11-18.02 - Propriétaire 2009-01-06 22:12:12.3 - NTFSx86

Lancé depuis: c:\documents and settings\Propriétaire\Bureau\ComboFix.exe
.
- Mode FONCTIONNALITES REDUITES -
.

((((((((((((((((((((((((((((( Fichiers créés du 2008-12-06 au 2009-01-06 ))))))))))))))))))))))))))))))))))))
.

2008-12-24 13:31 . 2009-01-05 21:21 <REP> d-------- c:\program files\Zylom Games
2008-12-24 13:31 . 2008-12-24 13:31 <REP> d-------- c:\documents and settings\Propriétaire\Application Data\Zylom
2008-12-24 13:31 . 2008-12-24 13:31 <REP> d-------- c:\documents and settings\All Users\Application Data\Zylom
2008-12-17 01:06 . 2009-01-05 19:19 <REP> d-------- c:\program files\DNA
2008-12-17 01:06 . 2008-12-17 01:06 <REP> d-------- c:\program files\BitTorrent
2008-12-17 01:06 . 2008-12-17 01:06 <REP> d-------- c:\program files\AskBarDis
2008-12-17 01:06 . 2009-01-05 23:49 <REP> d-------- c:\documents and settings\Propriétaire\Application Data\DNA
2008-12-17 01:06 . 2008-12-17 01:20 <REP> d-------- c:\documents and settings\Propriétaire\Application Data\BitTorrent

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-06 20:55 --------- d-----w c:\documents and settings\Propriétaire\Application Data\Skype
2009-01-06 16:33 17,408 ----a-w c:\windows\system32\drivers\USBCRFT.SYS
2009-01-06 15:24 --------- d-----w c:\documents and settings\Propriétaire\Application Data\skypePM
2009-01-02 17:04 --------- d-----w c:\documents and settings\Propriétaire\Application Data\LimeWire
2008-12-19 23:13 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2008-12-13 13:17 2,460 ----a-w c:\documents and settings\TEMP\Application Data\wklnhst.dat
2008-12-04 22:03 --------- d-----w c:\program files\iTunes
2008-12-04 22:03 --------- d-----w c:\program files\iPod
2008-12-04 22:03 --------- d-----w c:\program files\Fichiers communs\Apple
2008-12-04 22:03 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-04 22:01 --------- d-----w c:\program files\QuickTime
2008-12-04 21:57 --------- d-----w c:\program files\Safari
2008-12-04 20:45 --------- d-----w c:\program files\BoontyGames
2008-12-03 22:58 --------- d-----w c:\program files\Boonty
2008-12-03 18:54 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-03 18:54 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2008-11-22 10:16 --------- d-----w c:\documents and settings\TEMP\Application Data\Jasc Software Inc
2008-11-19 21:28 --------- d-----w c:\program files\VoipCheapCom
2008-11-19 12:16 --------- d-----w c:\documents and settings\Propriétaire\Application Data\Apple Computer
2008-11-19 08:50 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2008-11-17 13:26 --------- d-----w c:\program files\Navilog1
2008-11-16 18:01 --------- d-----w c:\program files\OpenOffice.org 3
2008-11-16 18:01 --------- d-----w c:\program files\JRE
2008-11-09 23:34 --------- d-----w c:\documents and settings\Propriétaire\Application Data\OpenOffice.org
2008-11-09 09:57 --------- d-----w c:\documents and settings\Thomas\Application Data\Malwarebytes
2008-11-09 09:02 --------- d-----w c:\documents and settings\Thomas\Application Data\Apple Computer
2008-11-09 00:45 --------- d-----w c:\documents and settings\Propriétaire\Application Data\Malwarebytes
2008-11-09 00:45 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-08 21:42 --------- d-----w c:\program files\Fichiers communs\Symantec Shared
2008-11-08 21:09 --------- d-----w c:\program files\Java
2008-11-08 08:29 --------- d-----w c:\program files\AVG
2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-10-16 20:18 826,368 ----a-w c:\windows\system32\wininet.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 07:56 262,144 ----a-w C:\ntuser.dat
2008-02-13 21:22 32 ----a-w c:\documents and settings\All Users\Application Data\ezsid.dat
2007-11-18 16:18 774,144 ----a-w c:\program files\RngInterstitial.dll
2007-07-17 16:37 23,572 ----a-w c:\documents and settings\Propriétaire\Application Data\wklnhst.dat
2006-11-09 07:10 20,822 ----a-w c:\documents and settings\Titou\Application Data\wklnhst.dat
2006-01-26 13:08 444 ----a-w c:\documents and settings\Thomas\Application Data\wklnhst.dat
2006-09-14 12:01 1,160 --sha-w c:\windows\system32\KGyGaAvL.sys
2008-09-21 08:35 16,384 --sha-w c:\windows\system32\config\systemprofile\Cookies\index.dat
2008-09-21 08:35 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
2008-09-21 08:35 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008092120080922\index.dat
2008-09-21 08:35 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.

((((((((((((((((((((((((((((( snapshot@2008-11-18_21.38.40.34 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-08-26 08:11:45 124,928 -c----w c:\windows\ie7updates\KB958215-IE7\advpack.dll
+ 2008-08-26 08:11:45 347,136 -c----w c:\windows\ie7updates\KB958215-IE7\dxtmsft.dll
+ 2008-08-26 08:11:45 214,528 -c----w c:\windows\ie7updates\KB958215-IE7\dxtrans.dll
+ 2008-08-26 08:11:45 133,120 -c----w c:\windows\ie7updates\KB958215-IE7\extmgr.dll
+ 2008-08-26 08:11:45 63,488 -c----w c:\windows\ie7updates\KB958215-IE7\icardie.dll
+ 2008-08-25 08:39:40 70,656 -c----w c:\windows\ie7updates\KB958215-IE7\ie4uinit.exe
+ 2008-08-26 08:11:45 153,088 -c----w c:\windows\ie7updates\KB958215-IE7\ieakeng.dll
+ 2008-08-26 08:11:45 230,400 -c----w c:\windows\ie7updates\KB958215-IE7\ieaksie.dll
+ 2008-08-23 05:54:51 161,792 -c----w c:\windows\ie7updates\KB958215-IE7\ieakui.dll
+ 2008-08-26 08:11:46 383,488 -c----w c:\windows\ie7updates\KB958215-IE7\ieapfltr.dll
+ 2008-08-26 08:11:46 384,512 -c----w c:\windows\ie7updates\KB958215-IE7\iedkcs32.dll
+ 2008-10-03 17:12:27 6,066,176 -c----w c:\windows\ie7updates\KB958215-IE7\ieframe.dll
+ 2008-08-26 08:11:48 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\iernonce.dll
+ 2008-08-26 08:11:48 267,776 -c----w c:\windows\ie7updates\KB958215-IE7\iertutil.dll
+ 2008-08-25 08:38:00 13,824 -c----w c:\windows\ie7updates\KB958215-IE7\ieudinit.exe
+ 2008-08-23 05:56:15 635,848 -c----w c:\windows\ie7updates\KB958215-IE7\iexplore.exe
+ 2008-08-26 08:11:49 27,648 -c----w c:\windows\ie7updates\KB958215-IE7\jsproxy.dll
+ 2008-08-26 08:11:49 459,264 -c----w c:\windows\ie7updates\KB958215-IE7\msfeeds.dll
+ 2008-08-26 08:11:49 52,224 -c----w c:\windows\ie7updates\KB958215-IE7\msfeedsbs.dll
+ 2008-08-27 09:11:52 3,593,216 -c----w c:\windows\ie7updates\KB958215-IE7\mshtml.dll
+ 2008-08-26 08:11:52 477,696 -c----w c:\windows\ie7updates\KB958215-IE7\mshtmled.dll
+ 2008-08-26 08:11:52 193,024 -c----w c:\windows\ie7updates\KB958215-IE7\msrating.dll
+ 2008-08-26 08:11:52 671,232 -c----w c:\windows\ie7updates\KB958215-IE7\mstime.dll
+ 2008-08-26 08:11:52 102,912 -c----w c:\windows\ie7updates\KB958215-IE7\occache.dll
+ 2008-08-26 08:11:52 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\updspapi.dll
+ 2008-08-26 08:11:52 105,984 -c----w c:\windows\ie7updates\KB958215-IE7\url.dll
+ 2008-08-26 08:11:53 1,159,680 -c----w c:\windows\ie7updates\KB958215-IE7\urlmon.dll
+ 2008-08-26 08:11:53 233,472 -c----w c:\windows\ie7updates\KB958215-IE7\webcheck.dll
+ 2008-08-26 08:11:54 826,368 -c----w c:\windows\ie7updates\KB958215-IE7\wininet.dll
+ 2008-10-17 00:48:40 3,593,216 -c----w c:\windows\ie7updates\KB960714-IE7\mshtml.dll
+ 2007-03-06 01:34:38 216,800 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:47 394,976 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\updspapi.dll
+ 2008-12-04 22:03:36 102,400 ----a-r c:\windows\Installer\{318AB667-3230-41B5-A617-CB3BF748D371}\iTunesIco.exe
+ 2008-12-04 21:57:14 307,200 ----a-r c:\windows\Installer\{582D2A53-F426-4C5E-A2E6-43C1AB36B907}\SafariIco.exe
- 2008-08-26 08:11:45 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-10-16 20:18:31 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-11-18 17:41:38 1,233,112 ----a-w c:\windows\system32\aswBoot.exe
+ 2008-11-18 17:35:22 97,480 ----a-w c:\windows\system32\AvastSS.scr
- 2008-08-26 08:11:45 124,928 -c--a-w c:\windows\system32\dllcache\advpack.dll
+ 2008-10-16 20:18:31 124,928 -c--a-w c:\windows\system32\dllcache\advpack.dll
+ 2008-04-13 19:46:30 18,944 -c--a-w c:\windows\system32\dllcache\bthusb.sys
- 2008-07-18 20:10:48 94,920 -c--a-w c:\windows\system32\dllcache\cdm.dll
+ 2008-10-16 13:09:44 92,696 -c--a-w c:\windows\system32\dllcache\cdm.dll
- 2008-08-26 08:11:45 347,136 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-10-16 20:18:31 347,136 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-08-26 08:11:45 214,528 -c--a-w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-10-16 20:18:31 214,528 -c--a-w c:\windows\system32\dllcache\dxtrans.dll
- 2008-08-26 08:11:45 133,120 -c--a-w c:\windows\system32\dllcache\extmgr.dll
+ 2008-10-16 20:18:31 133,120 -c--a-w c:\windows\system32\dllcache\extmgr.dll
+ 2008-04-14 03:34:04 193,024 -c--a-w c:\windows\system32\dllcache\fsquirt.exe
+ 2008-10-23 12:36:51 286,720 -c----w c:\windows\system32\dllcache\gdi32.dll
- 2008-08-26 08:11:45 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
+ 2008-10-16 20:18:32 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
- 2008-08-25 08:39:40 70,656 -c--a-w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-10-16 13:12:20 70,656 -c--a-w c:\windows\system32\dllcache\ie4uinit.exe
- 2008-08-26 08:11:45 153,088 -c--a-w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-10-16 20:18:32 153,088 -c--a-w c:\windows\system32\dllcache\ieakeng.dll
- 2008-08-26 08:11:45 230,400 -c--a-w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-10-16 20:18:32 230,400 -c--a-w c:\windows\system32\dllcache\ieaksie.dll
- 2008-08-23 05:54:51 161,792 -c--a-w c:\windows\system32\dllcache\ieakui.dll
+ 2008-10-15 07:04:53 161,792 -c--a-w c:\windows\system32\dllcache\ieakui.dll
- 2008-08-26 08:11:46 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-10-16 20:18:32 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
- 2008-08-26 08:11:46 384,512 -c--a-w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-10-16 20:18:32 384,512 -c--a-w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-10-03 17:12:27 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll
+ 2008-10-16 20:18:35 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll
- 2008-08-26 08:11:48 44,544 -c--a-w c:\windows\system32\dllcache\iernonce.dll
+ 2008-10-16 20:18:35 44,544 -c--a-w c:\windows\system32\dllcache\iernonce.dll
- 2008-08-26 08:11:48 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
+ 2008-10-16 20:18:35 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
- 2008-08-25 08:38:00 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
+ 2008-10-16 13:11:09 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
- 2008-08-23 05:56:15 635,848 -c--a-w c:\windows\system32\dllcache\iexplore.exe
+ 2008-10-15 07:06:26 633,632 -c--a-w c:\windows\system32\dllcache\iexplore.exe
- 2008-08-26 08:11:49 27,648 -c--a-w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-10-16 20:18:36 27,648 -c--a-w c:\windows\system32\dllcache\jsproxy.dll
- 2006-10-18 19:03:58 100,864 -c--a-w c:\windows\system32\dllcache\logagent.exe
+ 2008-06-18 00:09:22 100,864 -c--a-w c:\windows\system32\dllcache\logagent.exe
- 2008-08-26 08:11:49 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
+ 2008-10-16 20:18:37 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
- 2008-08-26 08:11:49 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-10-16 20:18:37 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-08-27 09:11:52 3,593,216 -c--a-w c:\windows\system32\dllcache\mshtml.dll
+ 2008-12-13 06:37:56 3,593,216 -c--a-w c:\windows\system32\dllcache\mshtml.dll
- 2008-08-26 08:11:52 477,696 -c--a-w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-10-16 20:18:40 477,696 -c--a-w c:\windows\system32\dllcache\mshtmled.dll
- 2008-08-26 08:11:52 193,024 -c--a-w c:\windows\system32\dllcache\msrating.dll
+ 2008-10-16 20:18:40 193,024 -c--a-w c:\windows\system32\dllcache\msrating.dll
- 2008-08-26 08:11:52 671,232 -c--a-w c:\windows\system32\dllcache\mstime.dll
+ 2008-10-16 20:18:41 671,232 -c--a-w c:\windows\system32\dllcache\mstime.dll
- 2008-08-26 08:11:52 102,912 -c--a-w c:\windows\system32\dllcache\occache.dll
+ 2008-10-16 20:18:41 102,912 -c--a-w c:\windows\system32\dllcache\occache.dll
- 2008-08-26 08:11:52 44,544 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-10-16 20:18:41 44,544 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
- 2008-04-14 02:33:46 246,814 -c--a-w c:\windows\system32\dllcache\strmdll.dll
+ 2008-10-03 10:03:53 247,326 -c--a-w c:\windows\system32\dllcache\strmdll.dll
- 2008-08-26 08:11:52 105,984 -c--a-w c:\windows\system32\dllcache\url.dll
+ 2008-10-16 20:18:41 105,984 -c--a-w c:\windows\system32\dllcache\url.dll
- 2008-08-26 08:11:53 1,159,680 -c--a-w c:\windows\system32\dllcache\urlmon.dll
+ 2008-10-16 20:18:42 1,160,192 -c--a-w c:\windows\system32\dllcache\urlmon.dll
- 2008-08-26 08:11:53 233,472 -c--a-w c:\windows\system32\dllcache\webcheck.dll
+ 2008-10-16 20:18:42 233,472 -c--a-w c:\windows\system32\dllcache\webcheck.dll
- 2008-08-26 08:11:54 826,368 -c--a-w c:\windows\system32\dllcache\wininet.dll
+ 2008-10-16 20:18:43 826,368 -c--a-w c:\windows\system32\dllcache\wininet.dll
- 2006-10-18 20:47:20 937,984 -c--a-w c:\windows\system32\dllcache\WMNetMgr.dll
+ 2008-06-18 04:03:08 938,496 -c--a-w c:\windows\system32\dllcache\WMNetmgr.dll
- 2006-10-18 20:47:22 2,450,944 -c--a-w c:\windows\system32\dllcache\wmvcore.dll
+ 2008-06-18 04:03:14 2,458,112 -c--a-w c:\windows\system32\dllcache\WMVCore.dll
- 2008-07-18 20:09:44 563,912 -c--a-w c:\windows\system32\dllcache\wuapi.dll
+ 2008-10-16 13:12:20 561,688 -c--a-w c:\windows\system32\dllcache\wuapi.dll
- 2008-07-18 20:10:42 53,448 -c--a-w c:\windows\system32\dllcache\wuauclt.exe
+ 2008-10-16 13:09:44 51,224 -c--a-w c:\windows\system32\dllcache\wuauclt.exe
- 2008-07-18 20:09:42 1,811,656 -c--a-w c:\windows\system32\dllcache\wuaueng.dll
+ 2008-10-16 13:13:40 1,809,944 -c--a-w c:\windows\system32\dllcache\wuaueng.dll
- 2008-07-18 20:09:46 325,832 -c--a-w c:\windows\system32\dllcache\wucltui.dll
+ 2008-10-16 13:12:22 323,608 -c--a-w c:\windows\system32\dllcache\wucltui.dll
- 2008-07-18 20:10:20 36,552 -c--a-w c:\windows\system32\dllcache\wups.dll
+ 2008-10-16 13:08:58 34,328 -c--a-w c:\windows\system32\dllcache\wups.dll
- 2008-07-18 20:09:44 205,000 -c--a-w c:\windows\system32\dllcache\wuweb.dll
+ 2008-10-16 13:13:40 202,776 -c--a-w c:\windows\system32\dllcache\wuweb.dll
+ 2008-11-18 18:00:11 26,944 ----a-w c:\windows\system32\drivers\aavmker4.sys
+ 2008-11-18 18:02:43 20,560 ----a-w c:\windows\system32\drivers\aswFsBlk.sys
+ 2008-11-18 18:04:36 93,296 ----a-w c:\windows\system32\drivers\aswmon.sys
+ 2008-11-18 18:04:21 94,032 ----a-w c:\windows\system32\drivers\aswmon2.sys
+ 2008-11-18 18:01:09 23,152 ----a-w c:\windows\system32\drivers\aswRdr.sys
+ 2008-11-18 18:03:33 110,160 ----a-w c:\windows\system32\drivers\aswSP.sys
+ 2008-11-18 18:01:23 50,864 ----a-w c:\windows\system32\drivers\aswTdi.sys
- 2008-04-13 18:46:29 18,944 ----a-w c:\windows\system32\drivers\bthusb.sys
+ 2008-04-13 19:46:30 18,944 ----a-w c:\windows\system32\drivers\BTHUSB.SYS
- 2008-08-26 08:11:45 347,136 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-10-16 20:18:31 347,136 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-08-26 08:11:45 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-10-16 20:18:31 214,528 ----a-w c:\windows\system32\dxtrans.dll
- 2008-08-26 08:11:45 133,120 ----a-w c:\windows\system32\extmgr.dll
+ 2008-10-16 20:18:31 133,120 ----a-w c:\windows\system32\extmgr.dll
- 2008-04-14 02:34:04 193,024 ----a-w c:\windows\system32\fsquirt.exe
+ 2008-04-14 03:34:04 193,024 ----a-w c:\windows\system32\fsquirt.exe
- 2008-08-26 08:11:45 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2008-10-16 20:18:32 63,488 ----a-w c:\windows\system32\icardie.dll
- 2008-08-25 08:39:40 70,656 ----a-w c:\windows\system32\ie4uinit.exe
+ 2008-10-16 13:12:20 70,656 ----a-w c:\windows\system32\ie4uinit.exe
- 2008-08-26 08:11:45 153,088 ----a-w c:\windows\system32\ieakeng.dll
+ 2008-10-16 20:18:32 153,088 ----a-w c:\windows\system32\ieakeng.dll
- 2008-08-26 08:11:45 230,400 ----a-w c:\windows\system32\ieaksie.dll
+ 2008-10-16 20:18:32 230,400 ----a-w c:\windows\system32\ieaksie.dll
- 2008-08-23 05:54:51 161,792 ----a-w c:\windows\system32\ieakui.dll
+ 2008-10-15 07:04:53 161,792 ----a-w c:\windows\system32\ieakui.dll
- 2008-08-26 08:11:46 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2008-10-16 20:18:32 383,488 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-08-26 08:11:46 384,512 ----a-w c:\windows\system32\iedkcs32.dll
+ 2008-10-16 20:18:32 384,512 ----a-w c:\windows\system32\iedkcs32.dll
- 2008-10-03 17:12:27 6,066,176 ----a-w c:\windows\system32\ieframe.dll
+ 2008-10-16 20:18:35 6,066,176 ----a-w c:\windows\system32\ieframe.dll
- 2008-08-26 08:11:48 44,544 ----a-w c:\windows\system32\iernonce.dll
+ 2008-10-16 20:18:35 44,544 ----a-w c:\windows\system32\iernonce.dll
- 2008-08-26 08:11:48 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2008-10-16 20:18:35 267,776 ----a-w c:\windows\system32\iertutil.dll
- 2008-08-25 08:38:00 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-10-16 13:11:09 13,824 ----a-w c:\windows\system32\ieudinit.exe
- 2008-08-26 08:11:49 27,648 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-10-16 20:18:36 27,648 ----a-w c:\windows\system32\jsproxy.dll
- 2006-10-18 19:03:58 100,864 ----a-w c:\windows\system32\logagent.exe
+ 2008-06-18 00:09:22 100,864 ----a-w c:\windows\system32\logagent.exe
- 2008-11-04 00:10:25 17,318,336 ----a-w c:\windows\system32\MRT.exe
+ 2008-12-09 23:24:37 17,593,280 ----a-w c:\windows\system32\MRT.exe
- 2008-08-26 08:11:49 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-10-16 20:18:37 459,264 ----a-w c:\windows\system32\msfeeds.dll
- 2008-08-26 08:11:49 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2008-10-16 20:18:37 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
- 2008-08-27 09:11:52 3,593,216 ----a-w c:\windows\system32\mshtml.dll
+ 2008-12-13 06:37:56 3,593,216 ----a-w c:\windows\system32\mshtml.dll
- 2008-08-26 08:11:52 477,696 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-10-16 20:18:40 477,696 ----a-w c:\windows\system32\mshtmled.dll
- 2008-08-26 08:11:52 193,024 ----a-w c:\windows\system32\msrating.dll
+ 2008-10-16 20:18:40 193,024 ----a-w c:\windows\system32\msrating.dll
- 2008-08-26 08:11:52 671,232 ----a-w c:\windows\system32\mstime.dll
+ 2008-10-16 20:18:41 671,232 ----a-w c:\windows\system32\mstime.dll
- 2008-08-26 08:11:52 102,912 ----a-w c:\windows\system32\occache.dll
+ 2008-10-16 20:18:41 102,912 ----a-w c:\windows\system32\occache.dll
- 2008-10-26 06:41:52 73,474 ----a-w c:\windows\system32\perfc009.dat
+ 2009-01-04 22:44:12 80,278 ----a-w c:\windows\system32\perfc009.dat
- 2008-10-26 06:41:52 99,584 ----a-w c:\windows\system32\perfc00C.dat
+ 2009-01-04 22:44:12 110,060 ----a-w c:\windows\system32\perfc00C.dat
- 2008-10-26 06:41:52 418,562 ----a-w c:\windows\system32\perfh009.dat
+ 2009-01-04 22:44:12 430,550 ----a-w c:\windows\system32\perfh009.dat
- 2008-10-26 06:41:52 564,268 ----a-w c:\windows\system32\perfh00C.dat
+ 2009-01-04 22:44:12 585,760 ----a-w c:\windows\system32\perfh00C.dat
- 2008-08-26 08:11:52 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-10-16 20:18:41 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-10-16 13:08:58 34,328 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.788\wups.dll
+ 2008-10-16 13:09:44 43,544 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.788\wups2.dll
- 2008-07-08 13:03:54 18,296 ------w c:\windows\system32\spmsg.dll
+ 2007-11-30 11:19:06 18,296 ------w c:\windows\system32\spmsg.dll
- 2008-04-14 02:33:46 246,814 ----a-w c:\windows\system32\strmdll.dll
+ 2008-10-03 10:03:53 247,326 ----a-w c:\windows\system32\strmdll.dll
- 2008-04-14 02:34:25 60,416 ------w c:\windows\system32\tzchange.exe
+ 2008-10-23 10:06:59 62,976 ------w c:\windows\system32\tzchange.exe
- 2008-08-26 08:11:52 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-10-16 20:18:41 105,984 ----a-w c:\windows\system32\url.dll
- 2008-08-26 08:11:53 1,159,680 ----a-w c:\windows\system32\urlmon.dll
+ 2008-10-16 20:18:42 1,160,192 ----a-w c:\windows\system32\urlmon.dll
- 2008-08-26 08:11:53 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2008-10-16 20:18:42 233,472 ----a-w c:\windows\system32\webcheck.dll
- 2006-10-18 20:47:20 937,984 ----a-w c:\windows\system32\WMNetMgr.dll
+ 2008-06-18 04:03:08 938,496 ----a-w c:\windows\system32\WMNetmgr.dll
- 2006-10-18 20:47:22 2,450,944 ----a-w c:\windows\system32\wmvcore.dll
+ 2008-06-18 04:03:14 2,458,112 ----a-w c:\windows\system32\WMVCore.dll
+ 2009-01-05 23:21:52 16,384 ----atw c:\windows\temp\Perflib_Perfdata_4ec.dat
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSConfig"="c:\windows\pchealth\helpctr\Binaries\MSCONFIG.EXE" [2008-04-14 172544]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.enc"= ITIG726.acm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^eBayCenter.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\eBayCenter.lnk
backup=c:\windows\pss\eBayCenter.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Status Monitor.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Status Monitor.lnk
backup=c:\windows\pss\Status Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 3.0.lnk]
path=c:\documents and settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
--a------ 2008-10-01 11:57 111936 c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
--a------ 2005-01-12 20:05 344064 c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2006-08-22 08:52 94208 c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
--a------ 2006-06-26 20:45 1211176 c:\program files\Microsoft ActiveSync\wcescomm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail]
--a------ 2008-07-24 13:22 243072 c:\program files\IncrediMail\bin\IncMail.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
--a------ 2004-03-10 11:39 40960 c:\program files\ScanSoft\PaperPort\IndexSearch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-11-20 13:20 290088 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Keyboard Status]
--a------ 2005-01-25 10:03 411648 c:\progra~1\Medion\KeyStat\KeyStat.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
--a------ 2005-06-08 14:44 196608 c:\program files\Logitech\Video\ManifestEngine.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
--a------ 2005-06-08 15:24 458752 c:\program files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
--a------ 2005-06-08 15:14 217088 c:\program files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
--a------ 2005-07-19 17:32 221184 c:\windows\system32\LVCOMSX.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Magentic]
--a------ 2006-06-18 08:56 311340 c:\progra~1\Magentic\bin\Magentic.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt]
--------- 2004-05-25 09:16 49152 c:\program files\Brother\Brmfl04b\BrStDvPt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
-ra------ 2008-02-01 17:22 21898024 c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-09-16 11:16 1833296 c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
-ra------ 2003-10-14 10:22 155648 c:\program files\Fichiers communs\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-10-23 23:02 185896 c:\program files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipCheapCom]
--a------ 2008-09-13 17:33 9218872 c:\program files\VoipCheapCom\voipcheapcom.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
--a------ 2004-06-29 08:06 88363 c:\windows\AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
--a------ 2008-04-14 03:34 110592 c:\windows\system32\bthprops.cpl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dit]
--a------ 2004-07-20 17:18 90112 c:\windows\Dit.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raccourci vers la page des propriétés de High Definition Audio]
--------- 2004-03-17 15:10 61952 c:\windows\system32\Hdaudpropshortcut.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"xmlprov"=3 (0x3)
"WZCSVC"=2 (0x2)
"WudfSvc"=3 (0x3)
"wuauserv"=2 (0x2)
"wscsvc"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)
"WmiApSrv"=3 (0x3)
"WmdmPmSN"=3 (0x3)
"winmgmt"=2 (0x2)
"WebClient"=2 (0x2)
"W32Time"=2 (0x2)
"VSS"=3 (0x3)
"usnjsvc"=3 (0x3)
"UPS"=3 (0x3)
"upnphost"=3 (0x3)
"TrkWks"=2 (0x2)
"Themes"=2 (0x2)
"TermService"=3 (0x3)
"TapiSrv"=3 (0x3)
"SysmonLog"=3 (0x3)
"SwPrv"=3 (0x3)
"stisvc"=2 (0x2)
"SSDPSRV"=3 (0x3)
"srservice"=2 (0x2)
"Spooler"=2 (0x2)
"ShellHWDetection"=2 (0x2)
"SharedAccess"=2 (0x2)
"SENS"=2 (0x2)
"seclogon"=2 (0x2)
"Schedule"=2 (0x2)
"SCardSvr"=2 (0x2)
"SamSs"=2 (0x2)
"RSVP"=3 (0x3)
"RDSessMgr"=3 (0x3)
"RasMan"=3 (0x3)
"RasAuto"=3 (0x3)
"ProtectedStorage"=2 (0x2)
"PolicyAgent"=2 (0x2)
"PlugPlay"=2 (0x2)
"ose"=3 (0x3)
"NtmsSvc"=3 (0x3)
"NtLmSsp"=3 (0x3)
"Nla"=3 (0x3)
"Netman"=3 (0x3)
"Netlogon"=3 (0x3)
"NBService"=3 (0x3)
"napagent"=3 (0x3)
"MSIServer"=3 (0x3)
"MSDTC"=3 (0x3)
"mnmsrvc"=3 (0x3)
"LmHosts"=2 (0x2)
"lanmanworkstation"=2 (0x2)
"lanmanserver"=2 (0x2)
"iPod Service"=3 (0x3)
"ImapiService"=3 (0x3)
"IDriverT"=3 (0x3)
"HTTPFilter"=3 (0x3)
"hkmsvc"=3 (0x3)
"HidServ"=2 (0x2)
"helpsvc"=2 (0x2)
"gusvc"=3 (0x3)
"FastUserSwitchingCompatibility"=3 (0x3)
"EventSystem"=3 (0x3)
"Eventlog"=2 (0x2)
"ERSvc"=2 (0x2)
"EapHost"=3 (0x3)
"Dot3svc"=3 (0x3)
"Dnscache"=2 (0x2)
"dmserver"=3 (0x3)
"dmadmin"=3 (0x3)
"Dhcp"=2 (0x2)
"CryptSvc"=2 (0x2)
"COMSysApp"=3 (0x3)
"CiSvc"=3 (0x3)
"BthServ"=2 (0x2)
"Browser"=2 (0x2)
"Brother XP spl Service"=2 (0x2)
"brmfrmps"=2 (0x2)
"Boonty Games"=3 (0x3)
"Bonjour Service"=2 (0x2)
"BlueSoleil Hid Service"=2 (0x2)
"BITS"=3 (0x3)
"avast! Web Scanner"=3 (0x3)
"avast! Mail Scanner"=3 (0x3)
"avast! Antivirus"=2 (0x2)
"AudioSrv"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"aswUpdSv"=2 (0x2)
"aspnet_state"=3 (0x3)
"AppMgmt"=3 (0x3)
"Apple Mobile Device"=2 (0x2)
"ALG"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\eBayCenter\\eBayCenter.exe"=
"c:\\Program Files\\Magentic\\bin\\MgImp.exe"=
"c:\\Program Files\\Magentic\\bin\\Magentic.exe"=
"c:\\Program Files\\Magentic\\bin\\MgApp.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\VoipCheapCom\\VoipCheapCom.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
\Shell\AutoRun\command - I:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8f343358-a126-11dd-96e2-001109e2e899}]
\Shell\AutoRun\command - I:\LaunchU3.exe -a
.
Contenu du dossier 'Tâches planifiées'

2008-09-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-01-06 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2006-07-07 17:26]
.
.
------- Examen supplémentaire -------
.
FireFox -: Profile - c:\documents and settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\3ybmjjck.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.sweetim.com/search.asp?src=2&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.ask.com/?o=101764&l=dis
FF -: plugin - c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF -: plugin - c:\program files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - c:\program files\DNA\plugins\npbtdna.dll
FF -: plugin - c:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npgcplug.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npmidas.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npracplug.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF -: plugin - c:\program files\Real\RealArcade\Plugins\Mozilla\npracplug.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-06 22:12:57
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2009-01-06 22:21:47
ComboFix-quarantined-files.txt 2009-01-06 21:21:44
ComboFix2.txt 2008-11-19 18:32:41
ComboFix3.txt 2008-11-18 20:39:55

Avant-CF: 39 808 634 880 octets libres
Après-CF: 39,814,295,552 octets libres

530 --- E O F --- 2008-12-18 17:33:28

Salut,

J'oublie pas pour les outils/conseils pour t'aider à gérer ton PC, je te les donne quand on aura fini (dans un bon moment quand même )
Evite à présent de faire des modifications ou des installations pendant la désinfection.
Je note que tu as installé Bittorent et la AskBar (qui est surement liée à une infection).

Attention donc, pour Bittorent lorsque tu télécharges quelquechose, fais-le inspecter par ton antivirus avant de le lancer ou l'installer (enfin si tu veux l'enlever, dis-le dans ton prochain message )

Peut-tu désinstaller la AskBar à partir du panneau de Configuration? Après cela vérifie que cette barre a bien disparue (c:\program files\AskBarDis).

>> Va dans "Démarrer" > "Executer" > tape "Regedit".
Ensuite balade toi dans l'arborescence jusqu'ici :
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

et supprime cette clef: Boonty games (si tu la trouves).

>> Un peu de ménage:

tutorial écrit par dédétraqué-

- Redémarre en mode sans-échec.(Important)

- Clique sur le menu démarrer/Exécuter, tape notepad à l’invite de commande et OK.

- Copie/colle ce qui est en citation ci-dessous dans le Bloc-Notes :




- Enregistre ce fichier sur le bureau (Impératif)

-Nom du fichier : CFScript.txt
-Type du fichier : tous les fichiers

- Clique sur Enregistrer et quitte le Bloc Notes

Important Déconnecte toi de l’internet et désactive ton Antivirus et antispyware avant de faire le glisser/déposer

- Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe sur le bureau, comme sur cette capture (l’icône est un lion) :



* Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
* Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
* Si le fichier ne s'ouvre pas, il se trouve ici > C:\ ComboFix.txt


>> Peux-tu me dire ce que c'est que ce programme?


>> Il y a un reste de LimeWire,tu peux le supprimer:


>>

J'ai vu ca dans le log de ComboFix. Lorsque tu lances Firefox quelle est la page qui s'affiche? (serait-ce une page dont l'adresse est hxxp://www.ask.com/?o=101764&l=dis ?)

bonsoir...je n'arrive pas à tout faire...je suis bloqué pcq je n'arrive pas à désactiver antivirus et antispyware...si j'ai su , j'ai oublié....help...
d'autre part...je ne sais pas d'ou sortent bittorent et askbar...je ne sais mm pas à quoi ça sert(au risque de passer pour un ignare)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
quand j'arrive à service , j'ai dans le tableau à droite ab(en rouge)/par défaut
...type REG SZ....???et pas de boonty games

je ne sais pas ce qu'est C:/program files/JRE

c'est pas un reste de limewire...j'ai carrément oublié de virer limewire...
maintenant c'est fait...

FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.sweetim.com/search.asp?src=2&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.ask.com/?o=101764&l=dis

effectivement , quand j'ouvre firefox c'est bien hxxp://www.ask.com/?o=101764&l=dis ?) qui s'ouvre et ça m'emm...nuie...mais je ne sais pas comment virer ça pour revenir sur firefox...merci pour tout ces conseils...
roger...

Bonsoir,

Bittorent est un logiciel de peer-to-peer utilisé pour du transfert de fichiers (légaux et illégaux )
AskBar est une barre de recherche placée sur un navigateur (IE, Firefox...).
Elle est souvent rencontrée du fait de son installation sans le consentement de l'utilisateur.

Ok, donc pour boonty game et JRE (qui doit être apparenté à Java).

Pour changer la page : Outils > Options > Page d'accueil : et tu tapes la page que tu veux.
En revanche il me semble que cela ne règle pas complètement le problème.

J'attend le rapport Combofix dès que possible.

pardon pour combofix mais je n'arrive pas à désactiver antivirus et antispyware
merci...de me guider ...roger...

Salut,

Tu n'arrives pas à les virer à partir de la barre des tâches (petits icônes en bas à droite de l'écran) ?
As-tu essayé en mode sans échec? (parfois certains programmes ne se lancent pas comme l'antivirus :))

Si cela ne fonctionne toujours pas il va falloir que tu les vires des processus (ctrl+ alt + supr, section processus).
Pas grave si tu shootes (virer) le mauvais processus.

bonsoir...j'ai fais ça à ma façon...après avoir quitté l'internet j'ai viré avast et spybot à partir du panneau de configuration...j'ai fais mon analyse combofix et j'ai réinstallé antivirus et antispyware...voici le résultat de l'analyse...
merci.du tps que tu m'accordes...roger...

ComboFix 08-11-18.02 - Propriétaire 2009-01-08 23:47:05.4 - NTFSx86

Lancé depuis: c:\documents and settings\Propriétaire\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\Propriétaire\Bureau\CFScript.txt
.
- Mode FONCTIONNALITES REDUITES -

FILE ::
c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Zylom
c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\nsIZylomPlugin.xpt
c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylomgamesplayer.dll
c:\documents and settings\Propriétaire\Application Data\Zylom
c:\program files\Boonty
c:\program files\BoontyGames
c:\program files\BoontyGames\Atlantis Sky Patrol\AtlantisSkyPatrol.exe
c:\program files\BoontyGames\Atlantis Sky Patrol\channel.gpk
c:\program files\BoontyGames\Atlantis Sky Patrol\data.gpk
c:\program files\BoontyGames\Atlantis Sky Patrol\Fenetre.bmp
c:\program files\BoontyGames\Atlantis Sky Patrol\fenetrepop.bmp
c:\program files\BoontyGames\Atlantis Sky Patrol\FLEXnet Activation Service Installer.dll
c:\program files\BoontyGames\Atlantis Sky Patrol\local\options.ini
c:\program files\BoontyGames\Atlantis Sky Patrol\local\players.dat
c:\program files\BoontyGames\Atlantis Sky Patrol\local\roger.gam
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\buy_connectionrequired.html
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\connectionrequired.html
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\css\ShellStyle.css
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\css\ShellStyle_de.css
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\css\ShellStyle_en.css
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\css\ShellStyle_fr.css
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\css\ShellStyle_it.css
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\css\ShellStyle_nl.css
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\css\ShellStyle_po.css
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\css\ShellStyle_sp.css
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bg_nomjeu.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bg_table.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgDELOCK.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgDELOCK_Bottom.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgDELOCK_Coin.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgDELOCK_Left.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgDELOCK_Right.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgERROR.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgERROR_Bottom.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgERROR_Coin.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgERROR_Left.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgERROR_Right.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgOK.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgOK_Bottom.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgOK_Coin.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgOK_Left.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgOK_Right.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgREDUC.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgREDUC_Bottom.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgREDUC_Coin.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgREDUC_Left.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgREDUC_Right.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgSECURE.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgSECURE_Bottom.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgSECURE_Coin.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgSECURE_Left.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgSECURE_Right.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgSUPPORT.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgSUPPORT_Bottom.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgSUPPORT_Coin.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgSUPPORT_Left.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\bkgSUPPORT_Right.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\blocBkg.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\blocBottom.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\blocBottomLeft.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\blocBottomLeftC.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\blocBottomLeftCN.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\blocBottomLeftCR.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\blocBottomRight.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\blocCoinCadenas.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\blocError.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\blocExpiredTop.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\blocJouezMiddle.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\blocJouezTop.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\blocLeft.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\blocMiddle.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\blocRight.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\blocTop.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\blocTopLeft.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\blocTopRight.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\boontysecure.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\Bottom.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\BottomLeft.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\BottomLeftEast.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\BottomLeftNorth.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\BottomRight.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\BottomRightNorth.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\BottomRightWest.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\btAcheterLeft.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\btAcheterMiddle.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\btAcheterRight.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\BtBlueLeft.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\BtBlueMiddle.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\BtBlueRight.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\btJouerLeft.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\btJouerMiddle.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\btJouerRight.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\btn_acheter.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\btn_fermer.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\btn_infos.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\btn_jouer.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\btn_nomjeu2.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\btn_reactiver.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\btn_reduc.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\btn_suivant.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\btn_suivant2.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\BtnBuyExit.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\BtYellowLeft.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\BtYellowMiddle.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\BtYellowQuestion.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\BtYellowRight.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\ButtonBkgLeft_Off.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\ButtonBkgLeft_On.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\ButtonBkgMiddle_Off.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\ButtonBkgMiddle_On.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\ButtonBkgRight_Off.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\ButtonBkgRight_On.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\CacheImgJeu.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\caddie.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\cadenas.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\CloseOff.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\CloseOn.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\fleche.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\flechetrial.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\greypoint.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\jeu.jpg
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\jouer_gratuitement.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\Left.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\MaximizeOff.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\MaximizeOn.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\MinimizeOff.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\MinimizeOn.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\PopBottom.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\PopBottomLeft.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\PopBottomRight.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\PopLeft.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\PopRight.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\PopTop.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\PopTopLeft.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\PopTopRight.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\Right.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\scroll.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\scroll_bkg.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\separator2.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\separatorEnd.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\separatorMiddle.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\separatorStart.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\Shell_popup_03.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\Shell_popup_06.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\Shell_popup_08.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\Shell_popup_09.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\spacer.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\test.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\Top.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\TopLeft.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\TopLeftSouth.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\TopRight.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\TopRightWest.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\transp.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\Images\wait.gif
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\js\ShellScripts.js
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\manualtransaction.html
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\pageerror.html
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\pleasewait.html
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\repairstart.html
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\thankyou.html
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\transfailure.html
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\trialexit.html
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\trialexpired.html
c:\program files\BoontyGames\Atlantis Sky Patrol\SHELL_DEFAULT_HTML\trialstart.html
c:\program files\BoontyGames\Atlantis Sky Patrol\SpMU.lnk
c:\program files\BoontyGames\Atlantis Sky Patrol\trial.ini
c:\program files\BoontyGames\Atlantis Sky Patrol\unins000.dat
c:\program files\BoontyGames\Atlantis Sky Patrol\unins000.exe
c:\program files\BoontyGames\Atlantis Sky Patrol\website.url
c:\program files\BoontyGames\atlantisskypatrol{210020}.exe
c:\program files\BoontyGames\Components\bureau.url
c:\program files\BoontyGames\Components\Joystick.ico
c:\program files\BoontyGames\Components\start.url
c:\program files\BoontyGames\Cradle of Persia\bass.dll
c:\program files\BoontyGames\Cradle of Persia\CradleOfPersia.exe
c:\program files\BoontyGames\Cradle of Persia\data.pak
c:\program files\BoontyGames\Cradle of Persia\Fenetre.bmp
c:\program files\BoontyGames\Cradle of Persia\fenetrepop.bmp
c:\program files\BoontyGames\Cradle of Persia\FLEXnet Activation Service Installer.dll
c:\program files\BoontyGames\Cradle of Persia\Hiscores.xml
c:\program files\BoontyGames\Cradle of Persia\Music\birds.ogg
c:\program files\BoontyGames\Cradle of Persia\Music\menu.ogg
c:\program files\BoontyGames\Cradle of Persia\Music\persia_game1.ogg
c:\program files\BoontyGames\Cradle of Persia\Music\persia_game2.ogg
c:\program files\BoontyGames\Cradle of Persia\Music\persia_game3.ogg
c:\program files\BoontyGames\Cradle of Persia\Pyro.dll
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\buy_connectionrequired.html
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\connectionrequired.html
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\css\ShellStyle.css
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\css\ShellStyle_br.css
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\css\ShellStyle_de.css
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\css\ShellStyle_en.css
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\css\ShellStyle_fr.css
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\css\ShellStyle_it.css
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\css\ShellStyle_nb.css
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\css\ShellStyle_nl.css
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\css\ShellStyle_po.css
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\css\ShellStyle_sp.css
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\css\ShellStyle_us.css
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bg_nomjeu.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bg_table.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgDELOCK.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgDELOCK_Bottom.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgDELOCK_Coin.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgDELOCK_Left.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgDELOCK_Right.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgERROR.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgERROR_Bottom.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgERROR_Coin.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgERROR_Left.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgERROR_Right.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgOK.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgOK_Bottom.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgOK_Coin.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgOK_Left.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgOK_Right.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgREDUC.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgREDUC_Bottom.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgREDUC_Coin.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgREDUC_Left.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgREDUC_Right.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgSECURE.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgSECURE_Bottom.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgSECURE_Coin.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgSECURE_Left.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgSECURE_Right.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgSUPPORT.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgSUPPORT_Bottom.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgSUPPORT_Coin.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgSUPPORT_Left.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\bkgSUPPORT_Right.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\blocBkg.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\blocBottom.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\blocBottomLeft.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\blocBottomLeftC.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\blocBottomLeftCN.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\blocBottomLeftCR.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\blocBottomRight.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\blocCoinCadenas.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\blocError.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\blocExpiredTop.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\blocJouezMiddle.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\blocJouezTop.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\blocLeft.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\blocMiddle.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\blocRight.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\blocTop.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\blocTopLeft.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\blocTopRight.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\boontysecure.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\Bottom.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\BottomLeft.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\BottomLeftEast.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\BottomLeftNorth.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\BottomRight.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\BottomRightNorth.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\BottomRightWest.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\btAcheterLeft.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\btAcheterMiddle.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\btAcheterRight.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\BtBlueLeft.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\BtBlueMiddle.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\BtBlueRight.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\btJouerLeft.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\btJouerMiddle.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\btJouerRight.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\btn_acheter.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\btn_fermer.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\btn_infos.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\btn_jouer.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\btn_nomjeu2.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\btn_reactiver.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\btn_reduc.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\btn_suivant.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\btn_suivant2.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\BtnBuyExit.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\BtYellowLeft.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\BtYellowMiddle.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\BtYellowQuestion.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\BtYellowRight.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\ButtonBkgLeft_Off.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\ButtonBkgLeft_On.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\ButtonBkgMiddle_Off.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\ButtonBkgMiddle_On.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\ButtonBkgRight_Off.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\ButtonBkgRight_On.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\CacheImgJeu.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\caddie.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\cadenas.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\CloseOff.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\CloseOn.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\fleche.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\flechetrial.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\greypoint.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\jeu.jpg
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\jouer_gratuitement.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\Left.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\MaximizeOff.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\MaximizeOn.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\MinimizeOff.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\MinimizeOn.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\PopBottom.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\PopBottomLeft.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\PopBottomRight.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\PopLeft.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\PopRight.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\PopTop.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\PopTopLeft.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\PopTopRight.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\Right.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\scroll.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\scroll_bkg.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\separator2.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\separatorEnd.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\separatorMiddle.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\separatorStart.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\Shell_popup_03.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\Shell_popup_06.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\Shell_popup_08.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\Shell_popup_09.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\spacer.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\test.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\Top.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\TopLeft.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\TopLeftSouth.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\TopRight.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\TopRightWest.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\transp.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\Images\wait.gif
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\js\ShellScripts.js
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\manualtransaction.html
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\pageerror.html
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\pleasewait.html
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\repairstart.html
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\thankyou.html
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\transfailure.html
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\trialexit.html
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\trialexpired.html
c:\program files\BoontyGames\Cradle of Persia\SHELL_DEFAULT_HTML\trialstart.html
c:\program files\BoontyGames\Cradle of Persia\Sound\bn_activate.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\bn_arrow_use.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\bn_cancel.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\bn_dinamit_use.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\bn_img_change.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\bn_light_use.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\bn_magic_use.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\bn_mix_use.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\bn_plus_use.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\bn_select.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\bn_str_use.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\bn_tm_use.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\bonus_res_appear.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\box_dead_01.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\box_dead_02.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\colomn_dead.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\congratulations.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\constr_built.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\constr_select.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\constr_select_error.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\end_level.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\episode_complete.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\epoch_appear.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\field_over.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\field_start.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\int_btn_down.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\int_btn_over.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\int_label_counter.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\int_nag.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\int_panel_open.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\it_dead.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\it_dead_bonus.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\it_dead_empty.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\it_dead_food.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\it_dead_gold.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\it_dead_stuff.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\it_mismatch.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\it_move.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\it_select.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\lck_dead.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\lives_down.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\lives_up.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\mlty_appear.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\mlty_appear_01.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\mlty_appear_02.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\mlty_appear_03.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\mlty_appear_04.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\mlty_appear_05.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\mlty_appear_06.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\mlty_appear_07.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\mlty_appear_08.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\page_turn.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\panel_down.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\panel_up.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\people_hint.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\promotion.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\pzl_cell_dead.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\salut_blow.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\salut_fly.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\stamp.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\time_left.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\time_warning.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\wall_dead_01.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\wall_dead_02.ogg
c:\program files\BoontyGames\Cradle of Persia\Sound\wall_dead_03.ogg
c:\program files\BoontyGames\Cradle of Persia\SpMU.lnk
c:\program files\BoontyGames\Cradle of Persia\Textures\Pyro\PyroDemo2.pyro
c:\program files\BoontyGames\Cradle of Persia\trial.ini
c:\program files\BoontyGames\Cradle of Persia\unins000.dat
c:\program files\BoontyGames\Cradle of Persia\unins000.exe
c:\program files\BoontyGames\cradleofpersia{326410}.exe
c:\program files\BoontyGames\Rainbow Web 2\bass.dll
c:\program files\BoontyGames\Rainbow Web 2\data.sgd
c:\program files\BoontyGames\Rainbow Web 2\Fenetre.bmp
c:\program files\BoontyGames\Rainbow Web 2\fenetrepop.bmp
c:\program files\BoontyGames\Rainbow Web 2\FLEXnet Activation Service Installer.dll
c:\program files\BoontyGames\Rainbow Web 2\GDF.dll
c:\program files\BoontyGames\Rainbow Web 2\highscores.dat
c:\program files\BoontyGames\Rainbow Web 2\lang.sgd
c:\program files\BoontyGames\Rainbow Web 2\license.txt
c:\program files\BoontyGames\Rainbow Web 2\publisher.sgd
c:\program files\BoontyGames\Rainbow Web 2\RainbowWeb2.exe
c:\program files\BoontyGames\Rainbow Web 2\readme.txt
c:\program files\BoontyGames\Rainbow Web 2\records.dat
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\~pleasewait.html
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\buy_connectionrequired.html
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\connectionrequired.html
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\css\ShellStyle.css
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\css\ShellStyle_br.css
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\css\ShellStyle_de.css
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\css\ShellStyle_en.css
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\css\ShellStyle_fr.css
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\css\ShellStyle_it.css
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\css\ShellStyle_nb.css
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\css\ShellStyle_nl.css
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\css\ShellStyle_po.css
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\css\ShellStyle_sp.css
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\css\ShellStyle_us.css
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bg_nomjeu.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bg_table.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgDELOCK.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgDELOCK_Bottom.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgDELOCK_Coin.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgDELOCK_Left.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgDELOCK_Right.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgERROR.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgERROR_Bottom.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgERROR_Coin.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgERROR_Left.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgERROR_Right.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgOK.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgOK_Bottom.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgOK_Coin.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgOK_Left.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgOK_Right.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgREDUC.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgREDUC_Bottom.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgREDUC_Coin.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgREDUC_Left.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgREDUC_Right.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgSECURE.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgSECURE_Bottom.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgSECURE_Coin.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgSECURE_Left.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgSECURE_Right.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgSUPPORT.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgSUPPORT_Bottom.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgSUPPORT_Coin.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgSUPPORT_Left.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\bkgSUPPORT_Right.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\blocBkg.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\blocBottom.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\blocBottomLeft.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\blocBottomLeftC.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\blocBottomLeftCN.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\blocBottomLeftCR.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\blocBottomRight.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\blocCoinCadenas.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\blocError.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\blocExpiredTop.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\blocJouezMiddle.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\blocJouezTop.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\blocLeft.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\blocMiddle.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\blocRight.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\blocTop.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\blocTopLeft.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\blocTopRight.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\boontysecure.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\Bottom.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\BottomLeft.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\BottomLeftEast.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\BottomLeftNorth.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\BottomRight.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\BottomRightNorth.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\BottomRightWest.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\btAcheterLeft.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\btAcheterMiddle.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\btAcheterRight.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\BtBlueLeft.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\BtBlueMiddle.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\BtBlueRight.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\btJouerLeft.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\btJouerMiddle.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\btJouerRight.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\btn_acheter.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\btn_fermer.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\btn_infos.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\btn_jouer.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\btn_nomjeu2.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\btn_reactiver.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\btn_reduc.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\btn_suivant.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\btn_suivant2.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\BtnBuyExit.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\BtYellowLeft.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\BtYellowMiddle.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\BtYellowQuestion.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\BtYellowRight.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\ButtonBkgLeft_Off.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\ButtonBkgLeft_On.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\ButtonBkgMiddle_Off.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\ButtonBkgMiddle_On.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\ButtonBkgRight_Off.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\ButtonBkgRight_On.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\CacheImgJeu.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\caddie.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\cadenas.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\CloseOff.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\CloseOn.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\fleche.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\flechetrial.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\greypoint.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\jeu.jpg
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\jouer_gratuitement.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\Left.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\MaximizeOff.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\MaximizeOn.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\MinimizeOff.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\MinimizeOn.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\PopBottom.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\PopBottomLeft.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\PopBottomRight.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\PopLeft.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\PopRight.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\PopTop.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\PopTopLeft.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\PopTopRight.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\Right.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\scroll.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\scroll_bkg.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\separator2.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\separatorEnd.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\separatorMiddle.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\separatorStart.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\Shell_popup_03.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\Shell_popup_06.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\Shell_popup_08.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\Shell_popup_09.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\spacer.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\test.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\Top.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\TopLeft.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\TopLeftSouth.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\TopRight.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\TopRightWest.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\transp.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\Images\wait.gif
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\js\ShellScripts.js
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\manualtransaction.html
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\pageerror.html
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\pleasewait.html
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\repairstart.html
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\thankyou.html
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\transfailure.html
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\trialexit.html
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\trialexpired.html
c:\program files\BoontyGames\Rainbow Web 2\SHELL_DEFAULT_HTML\trialstart.html
c:\program files\BoontyGames\Rainbow Web 2\SpMU.lnk
c:\program files\BoontyGames\Rainbow Web 2\trial.ini
c:\program files\BoontyGames\Rainbow Web 2\unins000.dat
c:\program files\BoontyGames\Rainbow Web 2\unins000.exe
c:\program files\BoontyGames\rainbowweb2{331510}.exe
c:\program files\Fichiers communs\Symantec Shared
c:\program files\Fichiers communs\Symantec Shared\Registry Backup\ccReg.reg
c:\program files\Fichiers communs\Symantec Shared\Registry Backup\ccReg_old.reg
c:\program files\Fichiers communs\Symantec Shared\Registry Backup\CommonClient.reg
c:\program files\Fichiers communs\Symantec Shared\Registry Backup\CommonClient_old.reg
c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
c:\program files\Zylom Games
c:\program files\Zylom Games\Rainbow Web Deluxe\bass.dll
c:\program files\Zylom Games\Rainbow Web Deluxe\data.sgd
c:\program files\Zylom Games\Rainbow Web Deluxe\GameInstlr.exe
c:\program files\Zylom Games\Rainbow Web Deluxe\license.txt
c:\program files\Zylom Games\Rainbow Web Deluxe\rainbowweb.dll
c:\program files\Zylom Games\Rainbow Web Deluxe\rainbowweb.exe
c:\program files\Zylom Games\Rainbow Web Deluxe\readme.txt
c:\program files\Zylom Games\Rainbow Web Deluxe\realarcade.ico
c:\program files\Zylom Games\Rainbow Web Deluxe\UnInstall.log
c:\program files\Zylom Games\Rainbow Web Deluxe\wrapperdl.tdat
c:\program files\Zylom Games\Rainbow Web Deluxe\wrapperresources.dat
c:\program files\Zylom Games\Rainbow Web Deluxe\zylom.ico

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-08 au 2009-01-08 ))))))))))))))))))))))))))))))))))))
.

2008-12-17 01:06 . 2009-01-05 19:19 <REP> d-------- c:\program files\DNA
2008-12-17 01:06 . 2008-12-17 01:06 <REP> d-------- c:\program files\BitTorrent
2008-12-17 01:06 . 2009-01-05 23:49 <REP> d-------- c:\documents and settings\Propriétaire\Application Data\DNA
2008-12-17 01:06 . 2009-01-08 00:04 <REP> d-------- c:\documents and settings\Propriétaire\Application Data\BitTorrent

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-08 22:39 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-01-08 22:39 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-08 22:37 17,408 ----a-w c:\windows\system32\drivers\USBCRFT.SYS
2009-01-08 22:25 --------- d-----w c:\documents and settings\Propriétaire\Application Data\Skype
2009-01-08 21:55 --------- d-----w c:\documents and settings\Propriétaire\Application Data\skypePM
2009-01-02 17:04 --------- d-----w c:\documents and settings\Propriétaire\Application Data\LimeWire
2008-12-19 23:13 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2008-12-13 13:17 2,460 ----a-w c:\documents and settings\TEMP\Application Data\wklnhst.dat
2008-12-04 22:03 --------- d-----w c:\program files\iTunes
2008-12-04 22:03 --------- d-----w c:\program files\iPod
2008-12-04 22:03 --------- d-----w c:\program files\Fichiers communs\Apple
2008-12-04 22:03 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-04 22:01 --------- d-----w c:\program files\QuickTime
2008-12-04 21:57 --------- d-----w c:\program files\Safari
2008-12-03 18:54 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-03 18:54 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2008-11-22 10:16 --------- d-----w c:\documents and settings\TEMP\Application Data\Jasc Software Inc
2008-11-19 21:28 --------- d-----w c:\program files\VoipCheapCom
2008-11-19 12:16 --------- d-----w c:\documents and settings\Propriétaire\Application Data\Apple Computer
2008-11-19 08:50 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2008-11-17 13:26 --------- d-----w c:\program files\Navilog1
2008-11-16 18:01 --------- d-----w c:\program files\OpenOffice.org 3
2008-11-09 23:34 --------- d-----w c:\documents and settings\Propriétaire\Application Data\OpenOffice.org
2008-11-09 09:57 --------- d-----w c:\documents and settings\Thomas\Application Data\Malwarebytes
2008-11-09 09:02 --------- d-----w c:\documents and settings\Thomas\Application Data\Apple Computer
2008-11-09 00:45 --------- d-----w c:\documents and settings\Propriétaire\Application Data\Malwarebytes
2008-11-09 00:45 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-08 21:09 --------- d-----w c:\program files\Java
2008-11-08 08:29 --------- d-----w c:\program files\AVG
2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-10-16 20:18 826,368 ----a-w c:\windows\system32\wininet.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 07:56 262,144 ----a-w C:\ntuser.dat
2008-02-13 21:22 32 ----a-w c:\documents and settings\All Users\Application Data\ezsid.dat
2007-11-18 16:18 774,144 ----a-w c:\program files\RngInterstitial.dll
2007-07-17 16:37 23,572 ----a-w c:\documents and settings\Propriétaire\Application Data\wklnhst.dat
2006-11-09 07:10 20,822 ----a-w c:\documents and settings\Titou\Application Data\wklnhst.dat
2006-01-26 13:08 444 ----a-w c:\documents and settings\Thomas\Application Data\wklnhst.dat
2006-09-14 12:01 1,160 --sha-w c:\windows\system32\KGyGaAvL.sys
2008-09-21 08:35 16,384 --sha-w c:\windows\system32\config\systemprofile\Cookies\index.dat
2008-09-21 08:35 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
2008-09-21 08:35 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008092120080922\index.dat
2008-09-21 08:35 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

---- Directory of c:\program files\JRE ----

c:\program files\JRE\


((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSConfig"="c:\windows\pchealth\helpctr\Binaries\MSCONFIG.EXE" [2008-04-14 172544]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.enc"= ITIG726.acm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^eBayCenter.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\eBayCenter.lnk
backup=c:\windows\pss\eBayCenter.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Status Monitor.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Status Monitor.lnk
backup=c:\windows\pss\Status Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 3.0.lnk]
path=c:\documents and settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
--a------ 2008-10-01 11:57 111936 c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
--a------ 2005-01-12 20:05 344064 c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2006-08-22 08:52 94208 c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
--a------ 2006-06-26 20:45 1211176 c:\program files\Microsoft ActiveSync\wcescomm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail]
--a------ 2008-07-24 13:22 243072 c:\program files\IncrediMail\bin\IncMail.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
--a------ 2004-03-10 11:39 40960 c:\program files\ScanSoft\PaperPort\IndexSearch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-11-20 13:20 290088 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Keyboard Status]
--a------ 2005-01-25 10:03 411648 c:\progra~1\Medion\KeyStat\KeyStat.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
--a------ 2005-06-08 14:44 196608 c:\program files\Logitech\Video\ManifestEngine.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
--a------ 2005-06-08 15:24 458752 c:\program files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
--a------ 2005-06-08 15:14 217088 c:\program files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
--a------ 2005-07-19 17:32 221184 c:\windows\system32\LVCOMSX.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Magentic]
--a------ 2006-06-18 08:56 311340 c:\progra~1\Magentic\bin\Magentic.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt]
--------- 2004-05-25 09:16 49152 c:\program files\Brother\Brmfl04b\BrStDvPt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
-ra------ 2008-02-01 17:22 21898024 c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
-ra------ 2003-10-14 10:22 155648 c:\program files\Fichiers communs\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-10-23 23:02 185896 c:\program files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipCheapCom]
--a------ 2008-09-13 17:33 9218872 c:\program files\VoipCheapCom\voipcheapcom.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
--a------ 2004-06-29 08:06 88363 c:\windows\AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
--a------ 2008-04-14 03:34 110592 c:\windows\system32\bthprops.cpl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dit]
--a------ 2004-07-20 17:18 90112 c:\windows\Dit.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raccourci vers la page des propriétés de High Definition Audio]
--------- 2004-03-17 15:10 61952 c:\windows\system32\Hdaudpropshortcut.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"<NO NAME>"=
"xmlprov"=3 (0x3)
"WZCSVC"=2 (0x2)
"WudfSvc"=3 (0x3)
"wuauserv"=2 (0x2)
"wscsvc"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)
"WmiApSrv"=3 (0x3)
"WmdmPmSN"=3 (0x3)
"winmgmt"=2 (0x2)
"WebClient"=2 (0x2)
"W32Time"=2 (0x2)
"VSS"=3 (0x3)
"usnjsvc"=3 (0x3)
"UPS"=3 (0x3)
"upnphost"=3 (0x3)
"TrkWks"=2 (0x2)
"Themes"=2 (0x2)
"TermService"=3 (0x3)
"TapiSrv"=3 (0x3)
"SysmonLog"=3 (0x3)
"SwPrv"=3 (0x3)
"stisvc"=2 (0x2)
"SSDPSRV"=3 (0x3)
"srservice"=2 (0x2)
"Spooler"=2 (0x2)
"ShellHWDetection"=2 (0x2)
"SharedAccess"=2 (0x2)
"SENS"=2 (0x2)
"seclogon"=2 (0x2)
"Schedule"=2 (0x2)
"SCardSvr"=2 (0x2)
"SamSs"=2 (0x2)
"RSVP"=3 (0x3)
"RDSessMgr"=3 (0x3)
"RasMan"=3 (0x3)
"RasAuto"=3 (0x3)
"ProtectedStorage"=2 (0x2)
"PolicyAgent"=2 (0x2)
"PlugPlay"=2 (0x2)
"ose"=3 (0x3)
"NtmsSvc"=3 (0x3)
"NtLmSsp"=3 (0x3)
"Nla"=3 (0x3)
"Netman"=3 (0x3)
"Netlogon"=3 (0x3)
"NBService"=3 (0x3)
"napagent"=3 (0x3)
"MSIServer"=3 (0x3)
"MSDTC"=3 (0x3)
"mnmsrvc"=3 (0x3)
"LmHosts"=2 (0x2)
"lanmanworkstation"=2 (0x2)
"lanmanserver"=2 (0x2)
"iPod Service"=3 (0x3)
"ImapiService"=3 (0x3)
"IDriverT"=3 (0x3)
"HTTPFilter"=3 (0x3)
"hkmsvc"=3 (0x3)
"HidServ"=2 (0x2)
"helpsvc"=2 (0x2)
"gusvc"=3 (0x3)
"FastUserSwitchingCompatibility"=3 (0x3)
"EventSystem"=3 (0x3)
"Eventlog"=2 (0x2)
"ERSvc"=2 (0x2)
"EapHost"=3 (0x3)
"Dot3svc"=3 (0x3)
"Dnscache"=2 (0x2)
"dmserver"=3 (0x3)
"dmadmin"=3 (0x3)
"Dhcp"=2 (0x2)
"CryptSvc"=2 (0x2)
"COMSysApp"=3 (0x3)
"CiSvc"=3 (0x3)
"BthServ"=2 (0x2)
"Browser"=2 (0x2)
"Brother XP spl Service"=2 (0x2)
"brmfrmps"=2 (0x2)
"Boonty Games"=3 (0x3)
"Bonjour Service"=2 (0x2)
"BlueSoleil Hid Service"=2 (0x2)
"BITS"=3 (0x3)
"AudioSrv"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"aspnet_state"=3 (0x3)
"AppMgmt"=3 (0x3)
"Apple Mobile Device"=2 (0x2)
"ALG"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\eBayCenter\\eBayCenter.exe"=
"c:\\Program Files\\Magentic\\bin\\MgImp.exe"=
"c:\\Program Files

si j'ai bien vu , tu n'as pas tout...voici la suite...merci...

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\eBayCenter\\eBayCenter.exe"=
"c:\\Program Files\\Magentic\\bin\\MgImp.exe"=
"c:\\Program Files\\Magentic\\bin\\Magentic.exe"=
"c:\\Program Files\\Magentic\\bin\\MgApp.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\VoipCheapCom\\VoipCheapCom.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
\Shell\AutoRun\command - I:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8f343358-a126-11dd-96e2-001109e2e899}]
\Shell\AutoRun\command - I:\LaunchU3.exe -a

*Newly Created Service* - CATCHME
.
Contenu du dossier 'Tâches planifiées'

2008-09-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-01-08 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2006-07-07 17:26]
.
- - - - ORPHELINS SUPPRIMES - - - -

MSConfigStartUp-LDM - \Program\BackWeb-8876480.exe



**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-08 23:49:02
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2009-01-08 23:56:47
ComboFix-quarantined-files.txt 2009-01-08 22:56:45
ComboFix2.txt 2009-01-06 21:21:48
ComboFix3.txt 2008-11-19 18:32:41
ComboFix4.txt 2008-11-18 20:39:55

Avant-CF: 40 015 060 992 octets libres
Après-CF: 40,048,746,496 octets libres

904 --- E O F --- 2008-12-18 17:33:28

Bonsoir,


Effectivement c'est une technique, même si elle est un peu longue ^^

Ca m'a l'air bien mieux!! Maintenant on va vérifier que j'ai rien oublié:

_____________________________________

Tutorial écrit par Malekal-

Ouvre internet explorer --> Outils --> Options internet --> onglet "sécurité" --> Valide "niveau par défaut".
Toujours sur Internet explorer --> Outils --> Options internet --> onglet "avancé" --> valide "Paramètres par défaut".

Pour effectuer les scans, désactive ton antivirus, logiciels de protections et logiciels pouvant bloquer les popups (barres Google, barres Yahoo etc..).

Scan en ligne avec Kaspersky :
- Fais un Scan en ligne sur Kaspersky en utilisant Internet Explorer et pas firefox, ça ne marchera pas!.
- Si tu es perdu, tu peux suivre cette aide pour les scans en ligne
- Scan le poste de travail
- Copie/colle le rapport du scan ici

Note : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", vas dans Ajout/Suppression de programmes et désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.

Si le scan avec Kaspersky ne fonctionne pas, tu peux faire un scan en ligne avec Panda :
- Fais un nano/total scan avec panda en désactivant ton antivirus pendant le scan!
- Enregitre toi sur le site en créant un compte à partir du bouton Register Free à droite.
- Après avoir indiqué une adresse mail valide et un mot de passe.. tu vas recevoir un mail.. clic sur le lien pour activer ton compte
- Retourne sur le site et identifie toi dans la partie droite en indiquant ton adresse mail et ton mot de passe
- Coche au milieu l'option Full Scan puis clic sur le bouton Scan now
- Le site va te demander d'accepter l'installation du contrôle Activex.. accepte en cliquant sur le bouton Oui.
- Le programme va télécharger les mises à jour puis le scan va se faire.. Il peut durer une heure.
- Une fois le scan terminé.. clic en bas de la page de rapport sur le bouton Desinfect
- Ensuite dans la partie haute, clic sur le petit bouton Save.. Cela va te permettre d'enregistrer un rapport sur ton bureau.
- Ouvre ce rapport et Copie/colle le rapport panda ici

AIDE : Si tu es perdu, tu peux suivre cette aide pour les scans en ligne)

bonjour...je pars qq jours en voyage...je fais ça dès que je rentre... merci...roger...

pas de soucis, bon voyage!

Bonjour...retour de voyage , j'y repart demain...
désolé mais je n'arrive mm pas à ouvrir internet explorer...
a partir de "tous les programmes" je clique et c'est yahoo qui s'ouvre avec une page intitulée EO.ST que faire? merci...roger...

bonjour...je suis de retour...stp , un conseil pour ouvrir internet exploreur...
merci...roger...

Salut,



Une fois Internet Explorer lancé va dans : Outils > Options Internet > Section "page de démarrage" dans la fenêtre et tu rentres la page souhaitée au démarrage.

Referme et réouvre IE pour vérifier que ca fonctionne.

Dans le cas contraire, effectue un rapport HijackThis en prenant le soin de ne lancer aucune application à par Internet Explorer(lance-le c'est important).

bonsoir...j'ai essayé d'ouvrir IE en mode sans échec=impossible...
alors j'ai fais une analyse HijackThis en mode normal...après avoir ouvert IE...
voici le rapport...merci...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:39:52, on 22/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Documents and Settings\Propriétaire\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\Medion\KeyStat\KeyStat.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\VoipCheapCom\VoipCheapCom.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\eBayCenter\eBayCenter.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://y.lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/e(...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\Propriétaire\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04b\BrStDvPt.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Keyboard Status] C:\PROGRA~1\Medion\KeyStat\KeyStat.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [VoipCheapCom] "C:\Program Files\VoipCheapCom\VoipCheapCom.exe" -nosplash -minimized
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: eBayCenter.lnk = C:\Program Files\eBayCenter\eBayCenter.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

--
End of file - 11961 bytes

Salut,

Je pense savoir d'ou cela viens.

Désinstalle EoRezo, puis va dans "Démarrer">"Executer"> Tape "Regedit" et recherche toutes les clefs "EoRezo".

bonsoir...j'ai désinstallé EoRezo a partir du panneau de config. ...mais cette page est tj là qd j'ouvre internet explorer...
je ne sais pas comment faire une recherche des clefs...help...merci...roger...