Clic droit s'active tout seul
Résolu/Fermé
satcom
-
5 janv. 2009 à 20:58
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 - 10 janv. 2009 à 15:25
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 - 10 janv. 2009 à 15:25
A voir également:
- Clic droit s'active tout seul
- Windows 11 clic droit afficher plus d'options par défaut - Guide
- Image libre de droit gratuite google - Guide
- Pass telecom active - Forum Téléviseurs
- Controle vocal iphone qui s'active tout seul - Forum iPhone
- Clic droit sans souris - Forum Clavier
15 réponses
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
5 janv. 2009 à 21:11
5 janv. 2009 à 21:11
Bonsoir,
▶ Télécharge hijackthis
▶ Tout est expliqué sur mon site web pour l'installer et l'utiliser correctement.
▶ Poste le rapport obtenu dans le bloc note dans ta prochaine réponse.
Comment copier/coller le rapport :
▶ Quand tu as le rapport à l écran, tu fais ctrl A pour "sélectionner tout" puis ctrl C pour "copier".
▶ ensuite tu viens sur le forum pour me répondre et tu fais ctrl V pour "coller" le rapport.
▶ Télécharge hijackthis
▶ Tout est expliqué sur mon site web pour l'installer et l'utiliser correctement.
▶ Poste le rapport obtenu dans le bloc note dans ta prochaine réponse.
Comment copier/coller le rapport :
▶ Quand tu as le rapport à l écran, tu fais ctrl A pour "sélectionner tout" puis ctrl C pour "copier".
▶ ensuite tu viens sur le forum pour me répondre et tu fais ctrl V pour "coller" le rapport.
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
5 janv. 2009 à 22:45
5 janv. 2009 à 22:45
Pas mal d infections dans ton rapport et ton PC n est pas du tout à jour...
Télécharge le SP2 de windows XP :
https://www.01net.com/telecharger/windows/Utilitaire/dll_librairies/fiches/29989.html
ensuite :
▶ Télécharger et enregistrer lopSD sur le Bureau
▶ Double-clic Lop S&D
▶ Faire l'installation
▶ Fermer toutes les applications
▶ Le lancer par un double-clic sur le raccourci qui est sur le bureau
Avec VISTA => clic-droit et => Exécuter en tant qu'administrateur
▶ Taper F pour français , puis presser entrée
▶ Taper 1
▶ Presser Entrée
▶ Le PC va redémarrer
Note= si l'antivirus annonce une infection dans TEMP , l'ignorer
▶ Attendre l'apparition du rapport
▶ Copier le rapport et le coller dans la réponse
le rapport se trouve aussi à C:\lopR
Télécharge le SP2 de windows XP :
https://www.01net.com/telecharger/windows/Utilitaire/dll_librairies/fiches/29989.html
ensuite :
▶ Télécharger et enregistrer lopSD sur le Bureau
▶ Double-clic Lop S&D
▶ Faire l'installation
▶ Fermer toutes les applications
▶ Le lancer par un double-clic sur le raccourci qui est sur le bureau
Avec VISTA => clic-droit et => Exécuter en tant qu'administrateur
▶ Taper F pour français , puis presser entrée
▶ Taper 1
▶ Presser Entrée
▶ Le PC va redémarrer
Note= si l'antivirus annonce une infection dans TEMP , l'ignorer
▶ Attendre l'apparition du rapport
▶ Copier le rapport et le coller dans la réponse
le rapport se trouve aussi à C:\lopR
bonsoir,
vraiment merci pour votre aide c'est vraiment sympas,
j'ai télécharger windows xp... dois je l'installer et si oui comment?
voici une copieq du rapport
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 )
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A04
USER : Administrateur ( Administrator )
BOOT : Normal boot
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:37 Go (Free:2 Go)
D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 06/01/2009|21:09 )
--------------------\\ Listing des dossiers dans APPLIC~1
[23/07/2003|09:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[21/07/2004|13:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
[13/09/2002|09:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[23/07/2003|09:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\InterTrust
[13/09/2002|09:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[15/03/2004|14:40] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\Identities
[15/03/2004|14:40] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\Microsoft
[25/05/2008|10:00] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Adobe
[14/09/2008|20:39] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Apple Computer
[22/04/2008|18:51] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\DataCast
[14/08/2007|19:09] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Google
[02/03/2008|20:26] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Grisoft
[26/07/2007|21:31] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Identities
[02/01/2009|20:13] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\LimeWire
[26/07/2007|22:11] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Macromedia
[22/09/2007|21:07] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Microsoft
[27/08/2008|18:16] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Mozilla
[24/08/2007|14:48] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Samsung
[23/09/2007|13:47] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\SecondLife
[02/01/2009|01:27] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Sun
[22/09/2007|12:58] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\vlc
[01/01/2009|22:59] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\VSO
[22/09/2007|13:10] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\WinRAR
[13/09/2002|09:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[23/07/2003|11:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[08/08/2007|18:02] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe
[04/10/2007|21:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
[04/10/2007|21:34] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
[08/12/2008|21:17] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\EPSON
[14/08/2007|19:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[02/03/2008|20:26] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Grisoft
[15/09/2007|11:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[29/07/2008|10:39] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Soulseek
[26/07/2007|22:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[02/03/2008|20:21] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Yahoo! Companion
[15/03/2004|16:05] C:\DOCUME~1\Bessin\APPLIC~1\Adobe
[19/03/2004|10:40] C:\DOCUME~1\Bessin\APPLIC~1\Help
[15/03/2004|10:17] C:\DOCUME~1\Bessin\APPLIC~1\Identities
[19/03/2004|10:39] C:\DOCUME~1\Bessin\APPLIC~1\Microsoft
[23/03/2004|17:31] C:\DOCUME~1\brunel\APPLIC~1\Identities
[23/03/2004|18:00] C:\DOCUME~1\brunel\APPLIC~1\Microsoft
[13/09/2002|09:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[26/07/2007|21:27] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[04/04/2006|15:28] C:\DOCUME~1\dido\APPLIC~1\Adobe
[09/03/2006|16:13] C:\DOCUME~1\dido\APPLIC~1\Help
[09/03/2006|11:44] C:\DOCUME~1\dido\APPLIC~1\Identities
[04/04/2006|15:28] C:\DOCUME~1\dido\APPLIC~1\InterTrust
[09/03/2006|11:45] C:\DOCUME~1\dido\APPLIC~1\Macromedia
[09/03/2006|11:44] C:\DOCUME~1\dido\APPLIC~1\Microsoft
[04/05/2005|13:48] C:\DOCUME~1\diego\APPLIC~1\Adobe
[26/08/2005|08:30] C:\DOCUME~1\diego\APPLIC~1\AdobeUM
[14/04/2005|11:17] C:\DOCUME~1\diego\APPLIC~1\Arcsoft
[05/10/2004|10:32] C:\DOCUME~1\diego\APPLIC~1\Canon
[30/04/2004|09:27] C:\DOCUME~1\diego\APPLIC~1\Help
[12/02/2004|11:20] C:\DOCUME~1\diego\APPLIC~1\ICAClient
[25/08/2005|13:05] C:\DOCUME~1\diego\APPLIC~1\ICOM
[12/02/2004|11:21] C:\DOCUME~1\diego\APPLIC~1\Identities
[18/04/2005|17:12] C:\DOCUME~1\diego\APPLIC~1\InterTrust
[23/11/2004|12:42] C:\DOCUME~1\diego\APPLIC~1\Leadertech
[24/02/2004|17:16] C:\DOCUME~1\diego\APPLIC~1\Macromedia
[03/08/2005|07:57] C:\DOCUME~1\diego\APPLIC~1\Microsoft
[11/08/2005|17:17] C:\DOCUME~1\diego\APPLIC~1\Mozilla
[24/05/2004|16:27] C:\DOCUME~1\diego\APPLIC~1\Quark
[03/08/2005|08:25] C:\DOCUME~1\diego\APPLIC~1\Spybot - Search & Destroy
[29/07/2004|09:05] C:\DOCUME~1\dipietro\APPLIC~1\Adobe
[25/10/2004|11:46] C:\DOCUME~1\dipietro\APPLIC~1\Help
[22/07/2004|09:47] C:\DOCUME~1\dipietro\APPLIC~1\Identities
[05/01/2005|17:43] C:\DOCUME~1\dipietro\APPLIC~1\InterTrust
[24/02/2005|11:22] C:\DOCUME~1\dipietro\APPLIC~1\Macromedia
[04/02/2005|15:45] C:\DOCUME~1\dipietro\APPLIC~1\Microsoft
[06/08/2004|09:24] C:\DOCUME~1\duciel\APPLIC~1\Adobe
[12/08/2004|10:15] C:\DOCUME~1\duciel\APPLIC~1\Help
[31/08/2005|14:27] C:\DOCUME~1\duciel\APPLIC~1\ICOM
[22/07/2004|09:47] C:\DOCUME~1\duciel\APPLIC~1\Identities
[24/02/2005|11:08] C:\DOCUME~1\duciel\APPLIC~1\Macromedia
[06/09/2004|11:59] C:\DOCUME~1\duciel\APPLIC~1\Microsoft
[30/06/2005|12:24] C:\DOCUME~1\ecollet\APPLIC~1\Adobe
[06/07/2006|12:49] C:\DOCUME~1\ecollet\APPLIC~1\Help
[29/07/2004|15:35] C:\DOCUME~1\ecollet\APPLIC~1\Identities
[01/09/2005|09:36] C:\DOCUME~1\ecollet\APPLIC~1\Lavasoft
[31/07/2006|09:56] C:\DOCUME~1\ecollet\APPLIC~1\Microsoft
[07/05/2004|16:33] C:\DOCUME~1\lagache\APPLIC~1\Identities
[07/05/2004|16:33] C:\DOCUME~1\lagache\APPLIC~1\Microsoft
[26/07/2007|21:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[19/11/2003|18:20] C:\DOCUME~1\MORINI~1\APPLIC~1\Adobe
[13/11/2003|18:25] C:\DOCUME~1\MORINI~1\APPLIC~1\Help
[07/11/2003|10:32] C:\DOCUME~1\MORINI~1\APPLIC~1\Identities
[09/01/2004|16:08] C:\DOCUME~1\MORINI~1\APPLIC~1\Macromedia
[26/11/2003|16:30] C:\DOCUME~1\MORINI~1\APPLIC~1\Microsoft
[26/07/2007|21:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[13/09/2004|15:24] C:\DOCUME~1\ouret\APPLIC~1\Adobe
[02/08/2004|13:05] C:\DOCUME~1\ouret\APPLIC~1\Help
[22/07/2004|09:48] C:\DOCUME~1\ouret\APPLIC~1\Identities
[24/02/2005|11:22] C:\DOCUME~1\ouret\APPLIC~1\Macromedia
[22/07/2004|09:48] C:\DOCUME~1\ouret\APPLIC~1\Microsoft
[07/07/2004|15:56] C:\DOCUME~1\raymond\APPLIC~1\Identities
[07/07/2004|15:56] C:\DOCUME~1\raymond\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[03/01/2009 19:17][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[05/01/2009 20:29][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[16/10/2007|14:23] C:\Program Files\AbiSuite2
[13/09/2002|09:11] C:\Program Files\Accessoires
[08/08/2007|18:01] C:\Program Files\Adobe
[17/09/2007|17:51] C:\Program Files\Alwil Software
[06/07/2004|08:58] C:\Program Files\Analog Devices
[04/10/2007|21:38] C:\Program Files\Apple Software Update
[29/07/2008|13:06] C:\Program Files\Audacity
[15/12/2008|09:05] C:\Program Files\BitComet
[15/03/2004|14:43] C:\Program Files\CMAK
[23/10/2006|12:04] C:\Program Files\Common Files
[13/09/2002|09:11] C:\Program Files\ComPlus Applications
[01/09/2005|12:59] C:\Program Files\CUAgent
[03/08/2007|19:23] C:\Program Files\Dell
[13/09/2002|09:22] C:\Program Files\directx
[07/12/2008|13:27] C:\Program Files\epson
[28/12/2008|23:00] C:\Program Files\Everest Poker
[23/07/2003|09:39] C:\Program Files\EXTRA!
[26/07/2007|21:53] C:\Program Files\Fichiers communs
[15/08/2007|12:00] C:\Program Files\Google
[02/03/2008|20:26] C:\Program Files\Grisoft
[07/12/2008|20:38] C:\Program Files\InstallShield Installation Information
[13/09/2002|09:22] C:\Program Files\intel
[27/07/2007|18:39] C:\Program Files\Internet Explorer
[26/07/2007|21:53] C:\Program Files\Inventel
[02/01/2009|01:29] C:\Program Files\Java
[22/04/2008|17:31] C:\Program Files\MarkAny
[26/08/2008|19:45] C:\Program Files\MediaMonkey
[26/07/2007|21:20] C:\Program Files\Messenger
[13/09/2002|09:11] C:\Program Files\microsoft frontpage
[23/07/2003|10:17] C:\Program Files\Microsoft Office
[27/07/2007|18:39] C:\Program Files\Movie Maker
[06/01/2009|19:13] C:\Program Files\Mozilla Firefox
[26/07/2007|21:20] C:\Program Files\MSN
[03/08/2007|19:55] C:\Program Files\MSN Apps
[26/07/2007|21:20] C:\Program Files\MSN Gaming Zone
[15/09/2007|11:50] C:\Program Files\MSN Messenger
[02/09/2007|16:44] C:\Program Files\MSXML 4.0
[02/09/2007|16:52] C:\Program Files\NetMeeting
[23/07/2003|12:32] C:\Program Files\Oracle
[23/07/2003|14:15] C:\Program Files\ORL
[02/10/2008|20:24] C:\Program Files\Outlook Express
[01/01/2009|23:22] C:\Program Files\PhotoFiltre
[14/04/2004|13:59] C:\Program Files\PrintKey2000
[21/09/2007|12:31] C:\Program Files\QuickTime
[27/08/2008|20:25] C:\Program Files\Samsung
[23/09/2007|13:50] C:\Program Files\SecondLife
[26/07/2007|21:56] C:\Program Files\Securitoo
[26/07/2007|21:22] C:\Program Files\Services en ligne
[29/07/2008|10:37] C:\Program Files\Soulseek-Test
[15/03/2004|15:23] C:\Program Files\Symantec
[15/03/2004|15:18] C:\Program Files\Symantec_Client_Security
[15/03/2004|14:43] C:\Program Files\Terminal Services Client
[01/03/2008|12:43] C:\Program Files\Trend Micro
[23/07/2003|08:45] C:\Program Files\Uninstall Information
[22/09/2007|12:56] C:\Program Files\VideoLAN
[05/01/2009|20:32] C:\Program Files\Wanadoo
[03/08/2007|20:35] C:\Program Files\Windows Media Components
[27/07/2007|18:42] C:\Program Files\Windows Media Player
[26/07/2007|21:20] C:\Program Files\Windows NT
[08/08/2007|18:05] C:\Program Files\WindowsUpdate
[22/09/2007|13:10] C:\Program Files\WinRAR
[31/08/2005|14:28] C:\Program Files\WMA
[26/07/2007|21:27] C:\Program Files\xerox
[02/03/2008|20:01] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[26/11/2007|09:28] C:\Program Files\Fichiers communs\Adobe
[24/08/2007|14:40] C:\Program Files\Fichiers communs\InstallShield
[15/09/2007|11:52] C:\Program Files\Fichiers communs\Microsoft Shared
[26/07/2007|21:21] C:\Program Files\Fichiers communs\MSSoap
[13/09/2002|09:11] C:\Program Files\Fichiers communs\ODBC
[25/11/2005|15:09] C:\Program Files\Fichiers communs\SERVICES
[26/07/2007|21:00] C:\Program Files\Fichiers communs\SpeechEngines
[15/03/2004|15:18] C:\Program Files\Fichiers communs\Symantec Shared
[27/07/2007|18:39] C:\Program Files\Fichiers communs\SYSTEM
--------------------\\ Process
( 36 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ADMINI~1.POL\Cookies\administrateur@adultfriendfinder[1].txt
C:\DOCUME~1\ADMINI~1.POL\Cookies\administrateur@advertising[2].txt
C:\DOCUME~1\ADMINI~1.POL\Cookies\administrateur@ero-advertising[1].txt
C:\DOCUME~1\ADMINI~1.POL\Cookies\administrateur@partypoker[1].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-06 21:12:33
Windows 5.1.2600 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 65
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\ADMINI~1.POL\Recent\Adobe Photoshop Elements v6.0 (Full Version with Keygen).lnk
[F:6308][D:70]-> C:\DOCUME~1\ADMINI~1.POL\LOCALS~1\Temp
[F:455][D:0]-> C:\DOCUME~1\ADMINI~1.POL\Cookies
[F:9486][D:16]-> C:\DOCUME~1\ADMINI~1.POL\LOCALS~1\TEMPOR~1\content.IE5
[F:3][D:0]-> C:\Recycled
1 - "C:\Lop SD\LopR_1.txt" - 06/01/2009|21:14 - Option : [1]
--------------------\\ Fin du rapport a 21:14:47
vraiment merci pour votre aide c'est vraiment sympas,
j'ai télécharger windows xp... dois je l'installer et si oui comment?
voici une copieq du rapport
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 )
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A04
USER : Administrateur ( Administrator )
BOOT : Normal boot
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:37 Go (Free:2 Go)
D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 06/01/2009|21:09 )
--------------------\\ Listing des dossiers dans APPLIC~1
[23/07/2003|09:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[21/07/2004|13:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
[13/09/2002|09:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[23/07/2003|09:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\InterTrust
[13/09/2002|09:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[15/03/2004|14:40] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\Identities
[15/03/2004|14:40] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\Microsoft
[25/05/2008|10:00] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Adobe
[14/09/2008|20:39] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Apple Computer
[22/04/2008|18:51] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\DataCast
[14/08/2007|19:09] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Google
[02/03/2008|20:26] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Grisoft
[26/07/2007|21:31] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Identities
[02/01/2009|20:13] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\LimeWire
[26/07/2007|22:11] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Macromedia
[22/09/2007|21:07] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Microsoft
[27/08/2008|18:16] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Mozilla
[24/08/2007|14:48] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Samsung
[23/09/2007|13:47] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\SecondLife
[02/01/2009|01:27] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Sun
[22/09/2007|12:58] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\vlc
[01/01/2009|22:59] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\VSO
[22/09/2007|13:10] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\WinRAR
[13/09/2002|09:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[23/07/2003|11:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[08/08/2007|18:02] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe
[04/10/2007|21:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
[04/10/2007|21:34] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
[08/12/2008|21:17] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\EPSON
[14/08/2007|19:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[02/03/2008|20:26] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Grisoft
[15/09/2007|11:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[29/07/2008|10:39] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Soulseek
[26/07/2007|22:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[02/03/2008|20:21] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Yahoo! Companion
[15/03/2004|16:05] C:\DOCUME~1\Bessin\APPLIC~1\Adobe
[19/03/2004|10:40] C:\DOCUME~1\Bessin\APPLIC~1\Help
[15/03/2004|10:17] C:\DOCUME~1\Bessin\APPLIC~1\Identities
[19/03/2004|10:39] C:\DOCUME~1\Bessin\APPLIC~1\Microsoft
[23/03/2004|17:31] C:\DOCUME~1\brunel\APPLIC~1\Identities
[23/03/2004|18:00] C:\DOCUME~1\brunel\APPLIC~1\Microsoft
[13/09/2002|09:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[26/07/2007|21:27] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[04/04/2006|15:28] C:\DOCUME~1\dido\APPLIC~1\Adobe
[09/03/2006|16:13] C:\DOCUME~1\dido\APPLIC~1\Help
[09/03/2006|11:44] C:\DOCUME~1\dido\APPLIC~1\Identities
[04/04/2006|15:28] C:\DOCUME~1\dido\APPLIC~1\InterTrust
[09/03/2006|11:45] C:\DOCUME~1\dido\APPLIC~1\Macromedia
[09/03/2006|11:44] C:\DOCUME~1\dido\APPLIC~1\Microsoft
[04/05/2005|13:48] C:\DOCUME~1\diego\APPLIC~1\Adobe
[26/08/2005|08:30] C:\DOCUME~1\diego\APPLIC~1\AdobeUM
[14/04/2005|11:17] C:\DOCUME~1\diego\APPLIC~1\Arcsoft
[05/10/2004|10:32] C:\DOCUME~1\diego\APPLIC~1\Canon
[30/04/2004|09:27] C:\DOCUME~1\diego\APPLIC~1\Help
[12/02/2004|11:20] C:\DOCUME~1\diego\APPLIC~1\ICAClient
[25/08/2005|13:05] C:\DOCUME~1\diego\APPLIC~1\ICOM
[12/02/2004|11:21] C:\DOCUME~1\diego\APPLIC~1\Identities
[18/04/2005|17:12] C:\DOCUME~1\diego\APPLIC~1\InterTrust
[23/11/2004|12:42] C:\DOCUME~1\diego\APPLIC~1\Leadertech
[24/02/2004|17:16] C:\DOCUME~1\diego\APPLIC~1\Macromedia
[03/08/2005|07:57] C:\DOCUME~1\diego\APPLIC~1\Microsoft
[11/08/2005|17:17] C:\DOCUME~1\diego\APPLIC~1\Mozilla
[24/05/2004|16:27] C:\DOCUME~1\diego\APPLIC~1\Quark
[03/08/2005|08:25] C:\DOCUME~1\diego\APPLIC~1\Spybot - Search & Destroy
[29/07/2004|09:05] C:\DOCUME~1\dipietro\APPLIC~1\Adobe
[25/10/2004|11:46] C:\DOCUME~1\dipietro\APPLIC~1\Help
[22/07/2004|09:47] C:\DOCUME~1\dipietro\APPLIC~1\Identities
[05/01/2005|17:43] C:\DOCUME~1\dipietro\APPLIC~1\InterTrust
[24/02/2005|11:22] C:\DOCUME~1\dipietro\APPLIC~1\Macromedia
[04/02/2005|15:45] C:\DOCUME~1\dipietro\APPLIC~1\Microsoft
[06/08/2004|09:24] C:\DOCUME~1\duciel\APPLIC~1\Adobe
[12/08/2004|10:15] C:\DOCUME~1\duciel\APPLIC~1\Help
[31/08/2005|14:27] C:\DOCUME~1\duciel\APPLIC~1\ICOM
[22/07/2004|09:47] C:\DOCUME~1\duciel\APPLIC~1\Identities
[24/02/2005|11:08] C:\DOCUME~1\duciel\APPLIC~1\Macromedia
[06/09/2004|11:59] C:\DOCUME~1\duciel\APPLIC~1\Microsoft
[30/06/2005|12:24] C:\DOCUME~1\ecollet\APPLIC~1\Adobe
[06/07/2006|12:49] C:\DOCUME~1\ecollet\APPLIC~1\Help
[29/07/2004|15:35] C:\DOCUME~1\ecollet\APPLIC~1\Identities
[01/09/2005|09:36] C:\DOCUME~1\ecollet\APPLIC~1\Lavasoft
[31/07/2006|09:56] C:\DOCUME~1\ecollet\APPLIC~1\Microsoft
[07/05/2004|16:33] C:\DOCUME~1\lagache\APPLIC~1\Identities
[07/05/2004|16:33] C:\DOCUME~1\lagache\APPLIC~1\Microsoft
[26/07/2007|21:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[19/11/2003|18:20] C:\DOCUME~1\MORINI~1\APPLIC~1\Adobe
[13/11/2003|18:25] C:\DOCUME~1\MORINI~1\APPLIC~1\Help
[07/11/2003|10:32] C:\DOCUME~1\MORINI~1\APPLIC~1\Identities
[09/01/2004|16:08] C:\DOCUME~1\MORINI~1\APPLIC~1\Macromedia
[26/11/2003|16:30] C:\DOCUME~1\MORINI~1\APPLIC~1\Microsoft
[26/07/2007|21:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[13/09/2004|15:24] C:\DOCUME~1\ouret\APPLIC~1\Adobe
[02/08/2004|13:05] C:\DOCUME~1\ouret\APPLIC~1\Help
[22/07/2004|09:48] C:\DOCUME~1\ouret\APPLIC~1\Identities
[24/02/2005|11:22] C:\DOCUME~1\ouret\APPLIC~1\Macromedia
[22/07/2004|09:48] C:\DOCUME~1\ouret\APPLIC~1\Microsoft
[07/07/2004|15:56] C:\DOCUME~1\raymond\APPLIC~1\Identities
[07/07/2004|15:56] C:\DOCUME~1\raymond\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[03/01/2009 19:17][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[05/01/2009 20:29][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[16/10/2007|14:23] C:\Program Files\AbiSuite2
[13/09/2002|09:11] C:\Program Files\Accessoires
[08/08/2007|18:01] C:\Program Files\Adobe
[17/09/2007|17:51] C:\Program Files\Alwil Software
[06/07/2004|08:58] C:\Program Files\Analog Devices
[04/10/2007|21:38] C:\Program Files\Apple Software Update
[29/07/2008|13:06] C:\Program Files\Audacity
[15/12/2008|09:05] C:\Program Files\BitComet
[15/03/2004|14:43] C:\Program Files\CMAK
[23/10/2006|12:04] C:\Program Files\Common Files
[13/09/2002|09:11] C:\Program Files\ComPlus Applications
[01/09/2005|12:59] C:\Program Files\CUAgent
[03/08/2007|19:23] C:\Program Files\Dell
[13/09/2002|09:22] C:\Program Files\directx
[07/12/2008|13:27] C:\Program Files\epson
[28/12/2008|23:00] C:\Program Files\Everest Poker
[23/07/2003|09:39] C:\Program Files\EXTRA!
[26/07/2007|21:53] C:\Program Files\Fichiers communs
[15/08/2007|12:00] C:\Program Files\Google
[02/03/2008|20:26] C:\Program Files\Grisoft
[07/12/2008|20:38] C:\Program Files\InstallShield Installation Information
[13/09/2002|09:22] C:\Program Files\intel
[27/07/2007|18:39] C:\Program Files\Internet Explorer
[26/07/2007|21:53] C:\Program Files\Inventel
[02/01/2009|01:29] C:\Program Files\Java
[22/04/2008|17:31] C:\Program Files\MarkAny
[26/08/2008|19:45] C:\Program Files\MediaMonkey
[26/07/2007|21:20] C:\Program Files\Messenger
[13/09/2002|09:11] C:\Program Files\microsoft frontpage
[23/07/2003|10:17] C:\Program Files\Microsoft Office
[27/07/2007|18:39] C:\Program Files\Movie Maker
[06/01/2009|19:13] C:\Program Files\Mozilla Firefox
[26/07/2007|21:20] C:\Program Files\MSN
[03/08/2007|19:55] C:\Program Files\MSN Apps
[26/07/2007|21:20] C:\Program Files\MSN Gaming Zone
[15/09/2007|11:50] C:\Program Files\MSN Messenger
[02/09/2007|16:44] C:\Program Files\MSXML 4.0
[02/09/2007|16:52] C:\Program Files\NetMeeting
[23/07/2003|12:32] C:\Program Files\Oracle
[23/07/2003|14:15] C:\Program Files\ORL
[02/10/2008|20:24] C:\Program Files\Outlook Express
[01/01/2009|23:22] C:\Program Files\PhotoFiltre
[14/04/2004|13:59] C:\Program Files\PrintKey2000
[21/09/2007|12:31] C:\Program Files\QuickTime
[27/08/2008|20:25] C:\Program Files\Samsung
[23/09/2007|13:50] C:\Program Files\SecondLife
[26/07/2007|21:56] C:\Program Files\Securitoo
[26/07/2007|21:22] C:\Program Files\Services en ligne
[29/07/2008|10:37] C:\Program Files\Soulseek-Test
[15/03/2004|15:23] C:\Program Files\Symantec
[15/03/2004|15:18] C:\Program Files\Symantec_Client_Security
[15/03/2004|14:43] C:\Program Files\Terminal Services Client
[01/03/2008|12:43] C:\Program Files\Trend Micro
[23/07/2003|08:45] C:\Program Files\Uninstall Information
[22/09/2007|12:56] C:\Program Files\VideoLAN
[05/01/2009|20:32] C:\Program Files\Wanadoo
[03/08/2007|20:35] C:\Program Files\Windows Media Components
[27/07/2007|18:42] C:\Program Files\Windows Media Player
[26/07/2007|21:20] C:\Program Files\Windows NT
[08/08/2007|18:05] C:\Program Files\WindowsUpdate
[22/09/2007|13:10] C:\Program Files\WinRAR
[31/08/2005|14:28] C:\Program Files\WMA
[26/07/2007|21:27] C:\Program Files\xerox
[02/03/2008|20:01] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[26/11/2007|09:28] C:\Program Files\Fichiers communs\Adobe
[24/08/2007|14:40] C:\Program Files\Fichiers communs\InstallShield
[15/09/2007|11:52] C:\Program Files\Fichiers communs\Microsoft Shared
[26/07/2007|21:21] C:\Program Files\Fichiers communs\MSSoap
[13/09/2002|09:11] C:\Program Files\Fichiers communs\ODBC
[25/11/2005|15:09] C:\Program Files\Fichiers communs\SERVICES
[26/07/2007|21:00] C:\Program Files\Fichiers communs\SpeechEngines
[15/03/2004|15:18] C:\Program Files\Fichiers communs\Symantec Shared
[27/07/2007|18:39] C:\Program Files\Fichiers communs\SYSTEM
--------------------\\ Process
( 36 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ADMINI~1.POL\Cookies\administrateur@adultfriendfinder[1].txt
C:\DOCUME~1\ADMINI~1.POL\Cookies\administrateur@advertising[2].txt
C:\DOCUME~1\ADMINI~1.POL\Cookies\administrateur@ero-advertising[1].txt
C:\DOCUME~1\ADMINI~1.POL\Cookies\administrateur@partypoker[1].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-06 21:12:33
Windows 5.1.2600 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 65
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\ADMINI~1.POL\Recent\Adobe Photoshop Elements v6.0 (Full Version with Keygen).lnk
[F:6308][D:70]-> C:\DOCUME~1\ADMINI~1.POL\LOCALS~1\Temp
[F:455][D:0]-> C:\DOCUME~1\ADMINI~1.POL\Cookies
[F:9486][D:16]-> C:\DOCUME~1\ADMINI~1.POL\LOCALS~1\TEMPOR~1\content.IE5
[F:3][D:0]-> C:\Recycled
1 - "C:\Lop SD\LopR_1.txt" - 06/01/2009|21:14 - Option : [1]
--------------------\\ Fin du rapport a 21:14:47
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
6 janv. 2009 à 22:01
6 janv. 2009 à 22:01
Bonsoir,
si tu as téléchargé le SP2, il suffit juste de l exécuter pour lancer l installation...
ensuite :
▶ Relance Lop S&D
▶ Choisis cette fois-ci l'option 2 (Suppression)
▶ Ne ferme pas la fenêtre lors de la suppression !
▶ Poste le rapport généré (C:\lopR.txt)
* (Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
si tu as téléchargé le SP2, il suffit juste de l exécuter pour lancer l installation...
ensuite :
▶ Relance Lop S&D
▶ Choisis cette fois-ci l'option 2 (Suppression)
▶ Ne ferme pas la fenêtre lors de la suppression !
▶ Poste le rapport généré (C:\lopR.txt)
* (Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
j'ai essayé d'installer le sp2 mais cela ne fonction pas
l'unité centrale que je possède est une vielle unité centrale qu'un ami m'a cédé
il semblerai que le windows xp installer dessus est une version pirate
Comment puis je faire pour le mettre à jour ou alors pour acquérir une version non pirate?
voici le rapport obtenu:
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 )
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A04
USER : Administrateur ( Administrator )
BOOT : Normal boot
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:37 Go (Free:2 Go)
D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 06/01/2009|22:50 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ADMINI~1.POL\Cookies\administrateur@adultfriendfinder[1].txt
Supprime! - C:\DOCUME~1\ADMINI~1.POL\Cookies\administrateur@advertising[2].txt
Supprime! - C:\DOCUME~1\ADMINI~1.POL\Cookies\administrateur@ero-advertising[1].txt
Supprime! - C:\DOCUME~1\ADMINI~1.POL\Cookies\administrateur@partypoker[1].txt
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[23/07/2003|09:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[21/07/2004|13:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
[13/09/2002|09:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[23/07/2003|09:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\InterTrust
[13/09/2002|09:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[15/03/2004|14:40] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\Identities
[15/03/2004|14:40] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\Microsoft
[25/05/2008|10:00] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Adobe
[14/09/2008|20:39] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Apple Computer
[22/04/2008|18:51] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\DataCast
[14/08/2007|19:09] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Google
[02/03/2008|20:26] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Grisoft
[26/07/2007|21:31] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Identities
[02/01/2009|20:13] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\LimeWire
[26/07/2007|22:11] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Macromedia
[22/09/2007|21:07] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Microsoft
[27/08/2008|18:16] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Mozilla
[24/08/2007|14:48] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Samsung
[23/09/2007|13:47] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\SecondLife
[02/01/2009|01:27] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Sun
[22/09/2007|12:58] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\vlc
[01/01/2009|22:59] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\VSO
[22/09/2007|13:10] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\WinRAR
[13/09/2002|09:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[23/07/2003|11:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[08/08/2007|18:02] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe
[04/10/2007|21:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
[04/10/2007|21:34] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
[08/12/2008|21:17] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\EPSON
[14/08/2007|19:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[02/03/2008|20:26] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Grisoft
[15/09/2007|11:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[29/07/2008|10:39] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Soulseek
[26/07/2007|22:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[02/03/2008|20:21] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Yahoo! Companion
[15/03/2004|16:05] C:\DOCUME~1\Bessin\APPLIC~1\Adobe
[19/03/2004|10:40] C:\DOCUME~1\Bessin\APPLIC~1\Help
[15/03/2004|10:17] C:\DOCUME~1\Bessin\APPLIC~1\Identities
[19/03/2004|10:39] C:\DOCUME~1\Bessin\APPLIC~1\Microsoft
[23/03/2004|17:31] C:\DOCUME~1\brunel\APPLIC~1\Identities
[23/03/2004|18:00] C:\DOCUME~1\brunel\APPLIC~1\Microsoft
[13/09/2002|09:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[26/07/2007|21:27] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[04/04/2006|15:28] C:\DOCUME~1\dido\APPLIC~1\Adobe
[09/03/2006|16:13] C:\DOCUME~1\dido\APPLIC~1\Help
[09/03/2006|11:44] C:\DOCUME~1\dido\APPLIC~1\Identities
[04/04/2006|15:28] C:\DOCUME~1\dido\APPLIC~1\InterTrust
[09/03/2006|11:45] C:\DOCUME~1\dido\APPLIC~1\Macromedia
[09/03/2006|11:44] C:\DOCUME~1\dido\APPLIC~1\Microsoft
[04/05/2005|13:48] C:\DOCUME~1\diego\APPLIC~1\Adobe
[26/08/2005|08:30] C:\DOCUME~1\diego\APPLIC~1\AdobeUM
[14/04/2005|11:17] C:\DOCUME~1\diego\APPLIC~1\Arcsoft
[05/10/2004|10:32] C:\DOCUME~1\diego\APPLIC~1\Canon
[30/04/2004|09:27] C:\DOCUME~1\diego\APPLIC~1\Help
[12/02/2004|11:20] C:\DOCUME~1\diego\APPLIC~1\ICAClient
[25/08/2005|13:05] C:\DOCUME~1\diego\APPLIC~1\ICOM
[12/02/2004|11:21] C:\DOCUME~1\diego\APPLIC~1\Identities
[18/04/2005|17:12] C:\DOCUME~1\diego\APPLIC~1\InterTrust
[23/11/2004|12:42] C:\DOCUME~1\diego\APPLIC~1\Leadertech
[24/02/2004|17:16] C:\DOCUME~1\diego\APPLIC~1\Macromedia
[03/08/2005|07:57] C:\DOCUME~1\diego\APPLIC~1\Microsoft
[11/08/2005|17:17] C:\DOCUME~1\diego\APPLIC~1\Mozilla
[24/05/2004|16:27] C:\DOCUME~1\diego\APPLIC~1\Quark
[03/08/2005|08:25] C:\DOCUME~1\diego\APPLIC~1\Spybot - Search & Destroy
[29/07/2004|09:05] C:\DOCUME~1\dipietro\APPLIC~1\Adobe
[25/10/2004|11:46] C:\DOCUME~1\dipietro\APPLIC~1\Help
[22/07/2004|09:47] C:\DOCUME~1\dipietro\APPLIC~1\Identities
[05/01/2005|17:43] C:\DOCUME~1\dipietro\APPLIC~1\InterTrust
[24/02/2005|11:22] C:\DOCUME~1\dipietro\APPLIC~1\Macromedia
[04/02/2005|15:45] C:\DOCUME~1\dipietro\APPLIC~1\Microsoft
[06/08/2004|09:24] C:\DOCUME~1\duciel\APPLIC~1\Adobe
[12/08/2004|10:15] C:\DOCUME~1\duciel\APPLIC~1\Help
[31/08/2005|14:27] C:\DOCUME~1\duciel\APPLIC~1\ICOM
[22/07/2004|09:47] C:\DOCUME~1\duciel\APPLIC~1\Identities
[24/02/2005|11:08] C:\DOCUME~1\duciel\APPLIC~1\Macromedia
[06/09/2004|11:59] C:\DOCUME~1\duciel\APPLIC~1\Microsoft
[30/06/2005|12:24] C:\DOCUME~1\ecollet\APPLIC~1\Adobe
[06/07/2006|12:49] C:\DOCUME~1\ecollet\APPLIC~1\Help
[29/07/2004|15:35] C:\DOCUME~1\ecollet\APPLIC~1\Identities
[01/09/2005|09:36] C:\DOCUME~1\ecollet\APPLIC~1\Lavasoft
[31/07/2006|09:56] C:\DOCUME~1\ecollet\APPLIC~1\Microsoft
[07/05/2004|16:33] C:\DOCUME~1\lagache\APPLIC~1\Identities
[07/05/2004|16:33] C:\DOCUME~1\lagache\APPLIC~1\Microsoft
[26/07/2007|21:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[19/11/2003|18:20] C:\DOCUME~1\MORINI~1\APPLIC~1\Adobe
[13/11/2003|18:25] C:\DOCUME~1\MORINI~1\APPLIC~1\Help
[07/11/2003|10:32] C:\DOCUME~1\MORINI~1\APPLIC~1\Identities
[09/01/2004|16:08] C:\DOCUME~1\MORINI~1\APPLIC~1\Macromedia
[26/11/2003|16:30] C:\DOCUME~1\MORINI~1\APPLIC~1\Microsoft
[26/07/2007|21:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[13/09/2004|15:24] C:\DOCUME~1\ouret\APPLIC~1\Adobe
[02/08/2004|13:05] C:\DOCUME~1\ouret\APPLIC~1\Help
[22/07/2004|09:48] C:\DOCUME~1\ouret\APPLIC~1\Identities
[24/02/2005|11:22] C:\DOCUME~1\ouret\APPLIC~1\Macromedia
[22/07/2004|09:48] C:\DOCUME~1\ouret\APPLIC~1\Microsoft
[07/07/2004|15:56] C:\DOCUME~1\raymond\APPLIC~1\Identities
[07/07/2004|15:56] C:\DOCUME~1\raymond\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[03/01/2009 19:17][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[05/01/2009 20:29][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[16/10/2007|14:23] C:\Program Files\AbiSuite2
[13/09/2002|09:11] C:\Program Files\Accessoires
[08/08/2007|18:01] C:\Program Files\Adobe
[17/09/2007|17:51] C:\Program Files\Alwil Software
[06/07/2004|08:58] C:\Program Files\Analog Devices
[04/10/2007|21:38] C:\Program Files\Apple Software Update
[29/07/2008|13:06] C:\Program Files\Audacity
[15/12/2008|09:05] C:\Program Files\BitComet
[15/03/2004|14:43] C:\Program Files\CMAK
[23/10/2006|12:04] C:\Program Files\Common Files
[13/09/2002|09:11] C:\Program Files\ComPlus Applications
[01/09/2005|12:59] C:\Program Files\CUAgent
[03/08/2007|19:23] C:\Program Files\Dell
[13/09/2002|09:22] C:\Program Files\directx
[07/12/2008|13:27] C:\Program Files\epson
[28/12/2008|23:00] C:\Program Files\Everest Poker
[23/07/2003|09:39] C:\Program Files\EXTRA!
[26/07/2007|21:53] C:\Program Files\Fichiers communs
[15/08/2007|12:00] C:\Program Files\Google
[02/03/2008|20:26] C:\Program Files\Grisoft
[07/12/2008|20:38] C:\Program Files\InstallShield Installation Information
[13/09/2002|09:22] C:\Program Files\intel
[27/07/2007|18:39] C:\Program Files\Internet Explorer
[26/07/2007|21:53] C:\Program Files\Inventel
[02/01/2009|01:29] C:\Program Files\Java
[22/04/2008|17:31] C:\Program Files\MarkAny
[26/08/2008|19:45] C:\Program Files\MediaMonkey
[26/07/2007|21:20] C:\Program Files\Messenger
[13/09/2002|09:11] C:\Program Files\microsoft frontpage
[23/07/2003|10:17] C:\Program Files\Microsoft Office
[27/07/2007|18:39] C:\Program Files\Movie Maker
[06/01/2009|21:17] C:\Program Files\Mozilla Firefox
[26/07/2007|21:20] C:\Program Files\MSN
[03/08/2007|19:55] C:\Program Files\MSN Apps
[26/07/2007|21:20] C:\Program Files\MSN Gaming Zone
[15/09/2007|11:50] C:\Program Files\MSN Messenger
[02/09/2007|16:44] C:\Program Files\MSXML 4.0
[02/09/2007|16:52] C:\Program Files\NetMeeting
[23/07/2003|12:32] C:\Program Files\Oracle
[23/07/2003|14:15] C:\Program Files\ORL
[02/10/2008|20:24] C:\Program Files\Outlook Express
[01/01/2009|23:22] C:\Program Files\PhotoFiltre
[14/04/2004|13:59] C:\Program Files\PrintKey2000
[21/09/2007|12:31] C:\Program Files\QuickTime
[27/08/2008|20:25] C:\Program Files\Samsung
[23/09/2007|13:50] C:\Program Files\SecondLife
[26/07/2007|21:56] C:\Program Files\Securitoo
[26/07/2007|21:22] C:\Program Files\Services en ligne
[29/07/2008|10:37] C:\Program Files\Soulseek-Test
[15/03/2004|15:23] C:\Program Files\Symantec
[15/03/2004|15:18] C:\Program Files\Symantec_Client_Security
[15/03/2004|14:43] C:\Program Files\Terminal Services Client
[01/03/2008|12:43] C:\Program Files\Trend Micro
[23/07/2003|08:45] C:\Program Files\Uninstall Information
[22/09/2007|12:56] C:\Program Files\VideoLAN
[05/01/2009|20:32] C:\Program Files\Wanadoo
[03/08/2007|20:35] C:\Program Files\Windows Media Components
[27/07/2007|18:42] C:\Program Files\Windows Media Player
[26/07/2007|21:20] C:\Program Files\Windows NT
[08/08/2007|18:05] C:\Program Files\WindowsUpdate
[22/09/2007|13:10] C:\Program Files\WinRAR
[31/08/2005|14:28] C:\Program Files\WMA
[26/07/2007|21:27] C:\Program Files\xerox
[02/03/2008|20:01] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[26/11/2007|09:28] C:\Program Files\Fichiers communs\Adobe
[24/08/2007|14:40] C:\Program Files\Fichiers communs\InstallShield
[15/09/2007|11:52] C:\Program Files\Fichiers communs\Microsoft Shared
[26/07/2007|21:21] C:\Program Files\Fichiers communs\MSSoap
[13/09/2002|09:11] C:\Program Files\Fichiers communs\ODBC
[25/11/2005|15:09] C:\Program Files\Fichiers communs\SERVICES
[26/07/2007|21:00] C:\Program Files\Fichiers communs\SpeechEngines
[15/03/2004|15:18] C:\Program Files\Fichiers communs\Symantec Shared
[27/07/2007|18:39] C:\Program Files\Fichiers communs\SYSTEM
--------------------\\ Process
( 36 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-06 22:51:30
Windows 5.1.2600 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 65
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\ADMINI~1.POL\Recent\Adobe Photoshop Elements v6.0 (Full Version with Keygen).lnk
[F:6308][D:70]-> C:\DOCUME~1\ADMINI~1.POL\LOCALS~1\Temp
[F:451][D:0]-> C:\DOCUME~1\ADMINI~1.POL\Cookies
[F:9486][D:16]-> C:\DOCUME~1\ADMINI~1.POL\LOCALS~1\TEMPOR~1\content.IE5
[F:3][D:0]-> C:\Recycled
1 - "C:\Lop SD\LopR_1.txt" - 06/01/2009|21:14 - Option : [1]
l'unité centrale que je possède est une vielle unité centrale qu'un ami m'a cédé
il semblerai que le windows xp installer dessus est une version pirate
Comment puis je faire pour le mettre à jour ou alors pour acquérir une version non pirate?
voici le rapport obtenu:
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 )
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A04
USER : Administrateur ( Administrator )
BOOT : Normal boot
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:37 Go (Free:2 Go)
D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 06/01/2009|22:50 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ADMINI~1.POL\Cookies\administrateur@adultfriendfinder[1].txt
Supprime! - C:\DOCUME~1\ADMINI~1.POL\Cookies\administrateur@advertising[2].txt
Supprime! - C:\DOCUME~1\ADMINI~1.POL\Cookies\administrateur@ero-advertising[1].txt
Supprime! - C:\DOCUME~1\ADMINI~1.POL\Cookies\administrateur@partypoker[1].txt
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[23/07/2003|09:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[21/07/2004|13:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
[13/09/2002|09:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[23/07/2003|09:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\InterTrust
[13/09/2002|09:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[15/03/2004|14:40] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\Identities
[15/03/2004|14:40] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\Microsoft
[25/05/2008|10:00] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Adobe
[14/09/2008|20:39] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Apple Computer
[22/04/2008|18:51] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\DataCast
[14/08/2007|19:09] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Google
[02/03/2008|20:26] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Grisoft
[26/07/2007|21:31] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Identities
[02/01/2009|20:13] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\LimeWire
[26/07/2007|22:11] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Macromedia
[22/09/2007|21:07] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Microsoft
[27/08/2008|18:16] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Mozilla
[24/08/2007|14:48] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Samsung
[23/09/2007|13:47] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\SecondLife
[02/01/2009|01:27] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\Sun
[22/09/2007|12:58] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\vlc
[01/01/2009|22:59] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\VSO
[22/09/2007|13:10] C:\DOCUME~1\ADMINI~1.POL\APPLIC~1\WinRAR
[13/09/2002|09:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[23/07/2003|11:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[08/08/2007|18:02] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe
[04/10/2007|21:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
[04/10/2007|21:34] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
[08/12/2008|21:17] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\EPSON
[14/08/2007|19:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[02/03/2008|20:26] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Grisoft
[15/09/2007|11:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[29/07/2008|10:39] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Soulseek
[26/07/2007|22:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[02/03/2008|20:21] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Yahoo! Companion
[15/03/2004|16:05] C:\DOCUME~1\Bessin\APPLIC~1\Adobe
[19/03/2004|10:40] C:\DOCUME~1\Bessin\APPLIC~1\Help
[15/03/2004|10:17] C:\DOCUME~1\Bessin\APPLIC~1\Identities
[19/03/2004|10:39] C:\DOCUME~1\Bessin\APPLIC~1\Microsoft
[23/03/2004|17:31] C:\DOCUME~1\brunel\APPLIC~1\Identities
[23/03/2004|18:00] C:\DOCUME~1\brunel\APPLIC~1\Microsoft
[13/09/2002|09:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[26/07/2007|21:27] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[04/04/2006|15:28] C:\DOCUME~1\dido\APPLIC~1\Adobe
[09/03/2006|16:13] C:\DOCUME~1\dido\APPLIC~1\Help
[09/03/2006|11:44] C:\DOCUME~1\dido\APPLIC~1\Identities
[04/04/2006|15:28] C:\DOCUME~1\dido\APPLIC~1\InterTrust
[09/03/2006|11:45] C:\DOCUME~1\dido\APPLIC~1\Macromedia
[09/03/2006|11:44] C:\DOCUME~1\dido\APPLIC~1\Microsoft
[04/05/2005|13:48] C:\DOCUME~1\diego\APPLIC~1\Adobe
[26/08/2005|08:30] C:\DOCUME~1\diego\APPLIC~1\AdobeUM
[14/04/2005|11:17] C:\DOCUME~1\diego\APPLIC~1\Arcsoft
[05/10/2004|10:32] C:\DOCUME~1\diego\APPLIC~1\Canon
[30/04/2004|09:27] C:\DOCUME~1\diego\APPLIC~1\Help
[12/02/2004|11:20] C:\DOCUME~1\diego\APPLIC~1\ICAClient
[25/08/2005|13:05] C:\DOCUME~1\diego\APPLIC~1\ICOM
[12/02/2004|11:21] C:\DOCUME~1\diego\APPLIC~1\Identities
[18/04/2005|17:12] C:\DOCUME~1\diego\APPLIC~1\InterTrust
[23/11/2004|12:42] C:\DOCUME~1\diego\APPLIC~1\Leadertech
[24/02/2004|17:16] C:\DOCUME~1\diego\APPLIC~1\Macromedia
[03/08/2005|07:57] C:\DOCUME~1\diego\APPLIC~1\Microsoft
[11/08/2005|17:17] C:\DOCUME~1\diego\APPLIC~1\Mozilla
[24/05/2004|16:27] C:\DOCUME~1\diego\APPLIC~1\Quark
[03/08/2005|08:25] C:\DOCUME~1\diego\APPLIC~1\Spybot - Search & Destroy
[29/07/2004|09:05] C:\DOCUME~1\dipietro\APPLIC~1\Adobe
[25/10/2004|11:46] C:\DOCUME~1\dipietro\APPLIC~1\Help
[22/07/2004|09:47] C:\DOCUME~1\dipietro\APPLIC~1\Identities
[05/01/2005|17:43] C:\DOCUME~1\dipietro\APPLIC~1\InterTrust
[24/02/2005|11:22] C:\DOCUME~1\dipietro\APPLIC~1\Macromedia
[04/02/2005|15:45] C:\DOCUME~1\dipietro\APPLIC~1\Microsoft
[06/08/2004|09:24] C:\DOCUME~1\duciel\APPLIC~1\Adobe
[12/08/2004|10:15] C:\DOCUME~1\duciel\APPLIC~1\Help
[31/08/2005|14:27] C:\DOCUME~1\duciel\APPLIC~1\ICOM
[22/07/2004|09:47] C:\DOCUME~1\duciel\APPLIC~1\Identities
[24/02/2005|11:08] C:\DOCUME~1\duciel\APPLIC~1\Macromedia
[06/09/2004|11:59] C:\DOCUME~1\duciel\APPLIC~1\Microsoft
[30/06/2005|12:24] C:\DOCUME~1\ecollet\APPLIC~1\Adobe
[06/07/2006|12:49] C:\DOCUME~1\ecollet\APPLIC~1\Help
[29/07/2004|15:35] C:\DOCUME~1\ecollet\APPLIC~1\Identities
[01/09/2005|09:36] C:\DOCUME~1\ecollet\APPLIC~1\Lavasoft
[31/07/2006|09:56] C:\DOCUME~1\ecollet\APPLIC~1\Microsoft
[07/05/2004|16:33] C:\DOCUME~1\lagache\APPLIC~1\Identities
[07/05/2004|16:33] C:\DOCUME~1\lagache\APPLIC~1\Microsoft
[26/07/2007|21:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[19/11/2003|18:20] C:\DOCUME~1\MORINI~1\APPLIC~1\Adobe
[13/11/2003|18:25] C:\DOCUME~1\MORINI~1\APPLIC~1\Help
[07/11/2003|10:32] C:\DOCUME~1\MORINI~1\APPLIC~1\Identities
[09/01/2004|16:08] C:\DOCUME~1\MORINI~1\APPLIC~1\Macromedia
[26/11/2003|16:30] C:\DOCUME~1\MORINI~1\APPLIC~1\Microsoft
[26/07/2007|21:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[13/09/2004|15:24] C:\DOCUME~1\ouret\APPLIC~1\Adobe
[02/08/2004|13:05] C:\DOCUME~1\ouret\APPLIC~1\Help
[22/07/2004|09:48] C:\DOCUME~1\ouret\APPLIC~1\Identities
[24/02/2005|11:22] C:\DOCUME~1\ouret\APPLIC~1\Macromedia
[22/07/2004|09:48] C:\DOCUME~1\ouret\APPLIC~1\Microsoft
[07/07/2004|15:56] C:\DOCUME~1\raymond\APPLIC~1\Identities
[07/07/2004|15:56] C:\DOCUME~1\raymond\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[03/01/2009 19:17][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[05/01/2009 20:29][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[16/10/2007|14:23] C:\Program Files\AbiSuite2
[13/09/2002|09:11] C:\Program Files\Accessoires
[08/08/2007|18:01] C:\Program Files\Adobe
[17/09/2007|17:51] C:\Program Files\Alwil Software
[06/07/2004|08:58] C:\Program Files\Analog Devices
[04/10/2007|21:38] C:\Program Files\Apple Software Update
[29/07/2008|13:06] C:\Program Files\Audacity
[15/12/2008|09:05] C:\Program Files\BitComet
[15/03/2004|14:43] C:\Program Files\CMAK
[23/10/2006|12:04] C:\Program Files\Common Files
[13/09/2002|09:11] C:\Program Files\ComPlus Applications
[01/09/2005|12:59] C:\Program Files\CUAgent
[03/08/2007|19:23] C:\Program Files\Dell
[13/09/2002|09:22] C:\Program Files\directx
[07/12/2008|13:27] C:\Program Files\epson
[28/12/2008|23:00] C:\Program Files\Everest Poker
[23/07/2003|09:39] C:\Program Files\EXTRA!
[26/07/2007|21:53] C:\Program Files\Fichiers communs
[15/08/2007|12:00] C:\Program Files\Google
[02/03/2008|20:26] C:\Program Files\Grisoft
[07/12/2008|20:38] C:\Program Files\InstallShield Installation Information
[13/09/2002|09:22] C:\Program Files\intel
[27/07/2007|18:39] C:\Program Files\Internet Explorer
[26/07/2007|21:53] C:\Program Files\Inventel
[02/01/2009|01:29] C:\Program Files\Java
[22/04/2008|17:31] C:\Program Files\MarkAny
[26/08/2008|19:45] C:\Program Files\MediaMonkey
[26/07/2007|21:20] C:\Program Files\Messenger
[13/09/2002|09:11] C:\Program Files\microsoft frontpage
[23/07/2003|10:17] C:\Program Files\Microsoft Office
[27/07/2007|18:39] C:\Program Files\Movie Maker
[06/01/2009|21:17] C:\Program Files\Mozilla Firefox
[26/07/2007|21:20] C:\Program Files\MSN
[03/08/2007|19:55] C:\Program Files\MSN Apps
[26/07/2007|21:20] C:\Program Files\MSN Gaming Zone
[15/09/2007|11:50] C:\Program Files\MSN Messenger
[02/09/2007|16:44] C:\Program Files\MSXML 4.0
[02/09/2007|16:52] C:\Program Files\NetMeeting
[23/07/2003|12:32] C:\Program Files\Oracle
[23/07/2003|14:15] C:\Program Files\ORL
[02/10/2008|20:24] C:\Program Files\Outlook Express
[01/01/2009|23:22] C:\Program Files\PhotoFiltre
[14/04/2004|13:59] C:\Program Files\PrintKey2000
[21/09/2007|12:31] C:\Program Files\QuickTime
[27/08/2008|20:25] C:\Program Files\Samsung
[23/09/2007|13:50] C:\Program Files\SecondLife
[26/07/2007|21:56] C:\Program Files\Securitoo
[26/07/2007|21:22] C:\Program Files\Services en ligne
[29/07/2008|10:37] C:\Program Files\Soulseek-Test
[15/03/2004|15:23] C:\Program Files\Symantec
[15/03/2004|15:18] C:\Program Files\Symantec_Client_Security
[15/03/2004|14:43] C:\Program Files\Terminal Services Client
[01/03/2008|12:43] C:\Program Files\Trend Micro
[23/07/2003|08:45] C:\Program Files\Uninstall Information
[22/09/2007|12:56] C:\Program Files\VideoLAN
[05/01/2009|20:32] C:\Program Files\Wanadoo
[03/08/2007|20:35] C:\Program Files\Windows Media Components
[27/07/2007|18:42] C:\Program Files\Windows Media Player
[26/07/2007|21:20] C:\Program Files\Windows NT
[08/08/2007|18:05] C:\Program Files\WindowsUpdate
[22/09/2007|13:10] C:\Program Files\WinRAR
[31/08/2005|14:28] C:\Program Files\WMA
[26/07/2007|21:27] C:\Program Files\xerox
[02/03/2008|20:01] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[26/11/2007|09:28] C:\Program Files\Fichiers communs\Adobe
[24/08/2007|14:40] C:\Program Files\Fichiers communs\InstallShield
[15/09/2007|11:52] C:\Program Files\Fichiers communs\Microsoft Shared
[26/07/2007|21:21] C:\Program Files\Fichiers communs\MSSoap
[13/09/2002|09:11] C:\Program Files\Fichiers communs\ODBC
[25/11/2005|15:09] C:\Program Files\Fichiers communs\SERVICES
[26/07/2007|21:00] C:\Program Files\Fichiers communs\SpeechEngines
[15/03/2004|15:18] C:\Program Files\Fichiers communs\Symantec Shared
[27/07/2007|18:39] C:\Program Files\Fichiers communs\SYSTEM
--------------------\\ Process
( 36 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-06 22:51:30
Windows 5.1.2600 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 65
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\ADMINI~1.POL\Recent\Adobe Photoshop Elements v6.0 (Full Version with Keygen).lnk
[F:6308][D:70]-> C:\DOCUME~1\ADMINI~1.POL\LOCALS~1\Temp
[F:451][D:0]-> C:\DOCUME~1\ADMINI~1.POL\Cookies
[F:9486][D:16]-> C:\DOCUME~1\ADMINI~1.POL\LOCALS~1\TEMPOR~1\content.IE5
[F:3][D:0]-> C:\Recycled
1 - "C:\Lop SD\LopR_1.txt" - 06/01/2009|21:14 - Option : [1]
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
6 janv. 2009 à 23:36
6 janv. 2009 à 23:36
As-tu un message d erreur lorsque tu veux l installer ??
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
oui il y a un message d'erreur qui s'affiche
qui déclare que la clé de produit utilisé n'est pas conforme ou un truc du genre
de plus malgrés la suppréssion de certain fichier le pb persiste
qui déclare que la clé de produit utilisé n'est pas conforme ou un truc du genre
de plus malgrés la suppréssion de certain fichier le pb persiste
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
7 janv. 2009 à 11:16
7 janv. 2009 à 11:16
C est que tu as une version piratée :s
▶ Télécharge malwarebyte's anti-malware
▶ Un tutoriel sera à ta disposition sur mon site pour t'aider à l'utiliser.
▶ Fais la mise à jour du logiciel (elle se fait normalement à l'installation)
▶ Lance une analyse complète en cliquant sur "Exécuter un examen complet"
▶ Sélectionnes les disques que tu veux analyser et cliques sur "Lancer l'examen"
▶ L'analyse peut durer un bon moment.....
▶ Une fois l'analyse terminée, cliques sur "OK" puis sur "Afficher les résultats"
▶ Vérifies que tout est bien coché et cliques sur "Supprimer la sélection" => et ensuite sur "OK"
▶ Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum
* Il se pourrait que certains fichiers devront être supprimés au redémarrage du PC... Faites le en cliquant sur "oui" à la question posée
Et ensuite refais un nouveau rapport hijackthis stp
▶ Télécharge malwarebyte's anti-malware
▶ Un tutoriel sera à ta disposition sur mon site pour t'aider à l'utiliser.
▶ Fais la mise à jour du logiciel (elle se fait normalement à l'installation)
▶ Lance une analyse complète en cliquant sur "Exécuter un examen complet"
▶ Sélectionnes les disques que tu veux analyser et cliques sur "Lancer l'examen"
▶ L'analyse peut durer un bon moment.....
▶ Une fois l'analyse terminée, cliques sur "OK" puis sur "Afficher les résultats"
▶ Vérifies que tout est bien coché et cliques sur "Supprimer la sélection" => et ensuite sur "OK"
▶ Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum
* Il se pourrait que certains fichiers devront être supprimés au redémarrage du PC... Faites le en cliquant sur "oui" à la question posée
Et ensuite refais un nouveau rapport hijackthis stp
bonjour,
je voulez savoir si vous avez une solution en ce qui conserne les mise a jour de mon pc?
voila le rapport que j'ai obtenu:
Malwarebytes' Anti-Malware 1.32
Version de la base de données: 1628
Windows 5.1.2600
07/01/2009 23:59:17
mbam-log-2009-01-07 (23-59-17).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 172210
Temps écoulé: 1 hour(s), 43 minute(s), 56 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 10
Valeur(s) du Registre infectée(s): 7
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 8
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{ffffffff-85a3-452b-b7a8-759ad9b42162} (Spyware.Banker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ffffffff-08df-483c-bd3a-99cbcf44e4dc} (Spyware.Banker) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MRSoft (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WinNt32 (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Service Pack 1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WindowsUpdateManager (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WindowsUpdateManager (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bf (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bk (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\iu (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\WINDOWS\system32\wsnpoem (Trojan.Agent) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\wsnpoem\audio.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wsnpoem\audio.dll.cla (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wsnpoem\video.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ps1.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rc.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WinData.cab (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cmds.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\BM2b0e7707.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
je voulez savoir si vous avez une solution en ce qui conserne les mise a jour de mon pc?
voila le rapport que j'ai obtenu:
Malwarebytes' Anti-Malware 1.32
Version de la base de données: 1628
Windows 5.1.2600
07/01/2009 23:59:17
mbam-log-2009-01-07 (23-59-17).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 172210
Temps écoulé: 1 hour(s), 43 minute(s), 56 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 10
Valeur(s) du Registre infectée(s): 7
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 8
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{ffffffff-85a3-452b-b7a8-759ad9b42162} (Spyware.Banker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ffffffff-08df-483c-bd3a-99cbcf44e4dc} (Spyware.Banker) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MRSoft (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WinNt32 (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Service Pack 1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WindowsUpdateManager (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WindowsUpdateManager (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bf (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bk (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\iu (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\WINDOWS\system32\wsnpoem (Trojan.Agent) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\wsnpoem\audio.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wsnpoem\audio.dll.cla (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wsnpoem\video.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ps1.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rc.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WinData.cab (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cmds.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\BM2b0e7707.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
8 janv. 2009 à 09:26
8 janv. 2009 à 09:26
Bonjour,
si tu as une version piratée de Windows, c'est normal que tu ne saches pas faire les mises à jour... Si tu veux règler ce problème, il va falloir te procurer une licence.
refais un nouveau rapport hijackthis stp
si tu as une version piratée de Windows, c'est normal que tu ne saches pas faire les mises à jour... Si tu veux règler ce problème, il va falloir te procurer une licence.
refais un nouveau rapport hijackthis stp
ok ou puis je trouver cette licence?
voila le rapport d'hijackthis:
ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:03:42, on 08/01/2009
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Explorer.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\drivers\ntndis.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe,
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: (no name) - {60999BAD-E329-4923-82B4-9E78753E3816} - C:\WINDOWS\System32\confms.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [EPSON Stylus DX6000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\WINDOWS\TEMP\E_S1B5.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: FTRTSVC - Unknown owner - C:\WINDOWS\System32\FTRTSVC.exe (file missing)
O23 - Service: gusvc - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ImapiService - Unknown owner - C:\WINDOWS\System32\imapi.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: mnmsrvc - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe (file missing)
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: NetDDE - Unknown owner - C:\WINDOWS\system32\netdde.exe (file missing)
O23 - Service: NetDDEdsdm - Unknown owner - C:\WINDOWS\system32\netdde.exe (file missing)
O23 - Service: RDSessMgr - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Localisateur d'appels de procédure distante (RPC) (RpcLocator) - Unknown owner - C:\WINDOWS\System32\locator.exe (file missing)
O23 - Service: RSVP - Unknown owner - C:\WINDOWS\System32\rsvp.exe (file missing)
O23 - Service: Prise en charge des cartes à puces (SCardDrv) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe (file missing)
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe (file missing)
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe (file missing)
O23 - Service: Infrastructure de pilote-mode utilisateur Windows (UMWdf) - Unknown owner - C:\WINDOWS\System32\wdfmgr.exe (file missing)
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe (file missing)
O23 - Service: VSS - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: WmdmPmSp WmdmPmSpWebClient (WmdmPmSpWebClient) - Unknown owner - C:\WINDOWS\System32\admparsej.exe (file missing)
O23 - Service: WZCSVC WZCSVCSENS (WZCSVCSENS) - Unknown owner - C:\WINDOWS\System32\1028w.exe (file missing)
voila le rapport d'hijackthis:
ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:03:42, on 08/01/2009
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Explorer.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\drivers\ntndis.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe,
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: (no name) - {60999BAD-E329-4923-82B4-9E78753E3816} - C:\WINDOWS\System32\confms.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [EPSON Stylus DX6000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\WINDOWS\TEMP\E_S1B5.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: FTRTSVC - Unknown owner - C:\WINDOWS\System32\FTRTSVC.exe (file missing)
O23 - Service: gusvc - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ImapiService - Unknown owner - C:\WINDOWS\System32\imapi.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: mnmsrvc - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe (file missing)
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: NetDDE - Unknown owner - C:\WINDOWS\system32\netdde.exe (file missing)
O23 - Service: NetDDEdsdm - Unknown owner - C:\WINDOWS\system32\netdde.exe (file missing)
O23 - Service: RDSessMgr - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Localisateur d'appels de procédure distante (RPC) (RpcLocator) - Unknown owner - C:\WINDOWS\System32\locator.exe (file missing)
O23 - Service: RSVP - Unknown owner - C:\WINDOWS\System32\rsvp.exe (file missing)
O23 - Service: Prise en charge des cartes à puces (SCardDrv) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe (file missing)
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe (file missing)
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe (file missing)
O23 - Service: Infrastructure de pilote-mode utilisateur Windows (UMWdf) - Unknown owner - C:\WINDOWS\System32\wdfmgr.exe (file missing)
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe (file missing)
O23 - Service: VSS - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: WmdmPmSp WmdmPmSpWebClient (WmdmPmSpWebClient) - Unknown owner - C:\WINDOWS\System32\admparsej.exe (file missing)
O23 - Service: WZCSVC WZCSVCSENS (WZCSVCSENS) - Unknown owner - C:\WINDOWS\System32\1028w.exe (file missing)
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
8 janv. 2009 à 10:07
8 janv. 2009 à 10:07
au magasin lol
▶ Télécharge Combofix de sUBs
▶ et enregistre le sur le Bureau.
▶ désactive tes protections et ferme toutes tes applications(antivirus, parefeu, garde en temps réel de l'antispyware)
Voici le tutoriel officiel de Bleeping Computer pour savoir l utiliser :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
▶ Je te conseille d'installer la console de récupération !!
ensuite envois le rapport et refais un nouveau rapport hijackthis stp
▶ Télécharge Combofix de sUBs
▶ et enregistre le sur le Bureau.
▶ désactive tes protections et ferme toutes tes applications(antivirus, parefeu, garde en temps réel de l'antispyware)
Voici le tutoriel officiel de Bleeping Computer pour savoir l utiliser :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
▶ Je te conseille d'installer la console de récupération !!
ensuite envois le rapport et refais un nouveau rapport hijackthis stp
bonjour,
voila le rapport combofix
omboFix 09-01-07.02 - Administrateur 2009-01-10 12:47:45.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.0.1252.1.1036.18.510.291 [GMT 1:00]
Lancé depuis: c:\documents and settings\Administrateur.POLICHE-ITEY6KZ\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\cookie1.dat
c:\windows\system32\ds.dat
c:\windows\system32\ohdqrdqr.ini
c:\windows\system32\qqikpeuf.ini
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NTNDIS
-------\Legacy_QANDR
-------\Legacy_WMDMPMSPWEBCLIENT
-------\Legacy_WZCSVCSENS
-------\Service_WmdmPmSpWebClient
-------\Service_WZCSVCSENS
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-10 au 2009-01-10 ))))))))))))))))))))))))))))))))))))
.
2009-01-07 19:17 . 2009-01-07 19:17 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-07 19:17 . 2009-01-07 19:17 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-01-07 19:17 . 2009-01-07 19:17 <REP> d-------- c:\documents and settings\Administrateur.POLICHE-ITEY6KZ\Application Data\Malwarebytes
2009-01-07 19:17 . 2009-01-04 18:38 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-07 19:17 . 2009-01-04 18:38 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-06 21:07 . 2009-01-06 22:53 <REP> d-------- C:\Lop SD
2009-01-02 01:32 . 2009-01-02 20:13 <REP> d-------- c:\documents and settings\Administrateur.POLICHE-ITEY6KZ\Application Data\LimeWire
2009-01-02 01:30 . 2009-01-02 01:29 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-02 01:30 . 2009-01-02 01:29 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-01-02 01:29 . 2009-01-02 01:29 <REP> d-------- c:\program files\Java
2009-01-01 22:59 . 2009-01-01 23:22 <REP> d-------- c:\program files\PhotoFiltre
2009-01-01 22:50 . 2009-01-01 22:59 <REP> d-------- c:\documents and settings\Administrateur.POLICHE-ITEY6KZ\Application Data\VSO
2008-12-25 22:11 . 2008-12-25 22:11 268 --ah----- C:\sqmdata05.sqm
2008-12-25 22:11 . 2008-12-25 22:11 244 --ah----- C:\sqmnoopt05.sqm
2008-12-17 09:14 . 2008-12-17 09:14 268 --ah----- C:\sqmdata04.sqm
2008-12-17 09:14 . 2008-12-17 09:14 244 --ah----- C:\sqmnoopt04.sqm
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-10 11:54 --------- d-----w c:\program files\Wanadoo
2008-12-28 22:00 --------- d-----w c:\program files\Everest Poker
2008-12-15 08:05 --------- d-----w c:\program files\BitComet
2008-12-08 20:17 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\EPSON
2008-12-07 19:38 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-07 12:27 --------- d-----w c:\program files\epson
2007-07-26 20:53 278,528 ----a-w c:\program files\Fichiers communs\FDEUnInstaller.exe
2001-06-21 07:34 271 --sh--w c:\program files\DESKTOP.INI
2001-06-21 07:34 22,115 ---ha-w c:\program files\FOLDER.HTT
.
((((((((((((((((((((((((((((( snapshot@2008-03-08_13.24.30.20 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-02-15 00:00:00 2,504 ----a-w c:\windows\Downloaded Program Files\catalog.dat
+ 2008-02-15 00:00:00 1,957 ----a-w c:\windows\Downloaded Program Files\tinfl.dat
+ 2008-02-28 09:53:26 2,072 ----a-w c:\windows\Downloaded Program Files\vscanmsx.dat
- 2000-08-31 07:00:00 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
- 2000-08-31 07:00:00 163,328 ----a-w c:\windows\erdnt\subs\ERDNT.EXE
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\subs\ERDNT.EXE
+ 2000-08-31 07:00:00 89,504 ----a-w c:\windows\fdsv.exe
+ 2000-08-31 07:00:00 80,412 ----a-w c:\windows\grep.exe
+ 2007-09-02 15:48:31 2,678 ----a-w c:\windows\java\Packages\Data\A0NP75BL.DAT
+ 2007-09-02 15:48:31 2,678 ----a-w c:\windows\java\Packages\Data\DN9B1ZFF.DAT
+ 2007-09-02 15:48:35 2,678 ----a-w c:\windows\java\Packages\Data\RVD3XBLN.DAT
+ 2007-09-02 15:48:31 2,678 ----a-w c:\windows\java\Packages\Data\SXZLVJ5R.DAT
+ 2007-09-02 15:48:31 2,678 ----a-w c:\windows\java\Packages\Data\TJNDV9BB.DAT
- 2000-08-31 07:00:00 28,160 ----a-w c:\windows\Nircmd.exe
+ 2000-08-31 07:00:00 28,672 ----a-w c:\windows\NIRCMD.exe
+ 2007-07-27 17:40:43 2,410 ----a-w c:\windows\PCHealth\HelpCtr\PackageStore\SkuStore.bin
+ 2000-08-31 07:00:00 98,816 ----a-w c:\windows\sed.exe
+ 2000-08-31 07:00:00 161,792 ----a-w c:\windows\SWREG.exe
+ 2000-08-31 07:00:00 136,704 ----a-w c:\windows\SWSC.exe
+ 2000-08-31 07:00:00 212,480 ----a-w c:\windows\SWXCACLS.exe
+ 2001-08-28 14:00:00 2,000 ----a-w c:\windows\system\KEYBOARD.DRV
+ 2001-08-28 14:00:00 2,032 ----a-w c:\windows\system\MOUSE.DRV
+ 2001-08-28 14:00:00 1,744 ----a-w c:\windows\system\SOUND.DRV
+ 2001-08-28 14:00:00 2,176 ----a-w c:\windows\system\VGA.DRV
+ 2008-06-04 14:11:33 48,585 ----a-w c:\windows\system32\1028k.sys
+ 2008-05-31 22:57:20 48,585 ----a-w c:\windows\system32\1028q.sys
- 2007-12-04 13:04:28 837,496 ----a-w c:\windows\system32\aswBoot.exe
+ 2008-11-26 17:21:30 1,236,208 ----a-w c:\windows\system32\aswBoot.exe
+ 2007-12-14 15:19:56 89,088 ------w c:\windows\system32\atl71.dll
- 2007-12-04 12:54:04 95,608 ----a-w c:\windows\system32\AvastSS.scr
+ 2008-11-26 17:15:10 97,480 ----a-w c:\windows\system32\AvastSS.scr
+ 2007-08-14 18:07:18 2,560 ----a-w c:\windows\system32\BitCometRes.dll
- 2007-07-30 17:19:20 92,504 ----a-w c:\windows\system32\cdm.dll
+ 2008-10-16 13:09:44 92,696 ----a-w c:\windows\system32\cdm.dll
- 2008-03-08 12:19:37 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-01-05 19:29:30 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2008-03-08 12:19:37 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2009-01-05 19:29:30 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
- 2008-03-08 12:19:37 49,152 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-01-05 19:29:30 81,920 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2007-07-30 17:19:20 92,504 -c--a-w c:\windows\system32\dllcache\cdm.dll
+ 2008-10-16 13:09:44 92,696 -c--a-w c:\windows\system32\dllcache\cdm.dll
+ 2001-08-28 14:00:00 2,000 -c--a-w c:\windows\system32\dllcache\keyboard.drv
+ 2001-08-28 12:00:00 2,560 -c--a-w c:\windows\system32\dllcache\lz32.dll
+ 2001-08-28 14:00:00 2,032 -c--a-w c:\windows\system32\dllcache\mouse.drv
+ 2001-08-28 12:00:00 2,944 -c--a-w c:\windows\system32\dllcache\null.sys
+ 2001-08-28 14:00:00 1,744 -c--a-w c:\windows\system32\dllcache\sound.drv
+ 2001-08-17 20:53:30 13,824 -c--a-w c:\windows\system32\dllcache\usbscan.sys
- 2001-08-17 20:03:22 21,760 -c--a-w c:\windows\system32\dllcache\usbstor.sys
+ 2001-08-17 21:03:22 21,760 -c--a-w c:\windows\system32\dllcache\usbstor.sys
+ 2001-08-28 14:00:00 2,176 -c--a-w c:\windows\system32\dllcache\vga.drv
+ 2001-08-28 12:00:00 2,864 -c--a-w c:\windows\system32\dllcache\winsock.dll
+ 2001-08-28 12:00:00 2,112 -c--a-w c:\windows\system32\dllcache\winspool.exe
+ 2001-08-28 12:00:00 2,736 -c--a-w c:\windows\system32\dllcache\wowdeb.exe
- 2007-07-30 17:19:16 53,080 -c--a-w c:\windows\system32\dllcache\wuauclt.exe
+ 2008-10-16 13:09:44 51,224 -c--a-w c:\windows\system32\dllcache\wuauclt.exe
- 2007-07-30 17:19:42 1,712,984 -c--a-w c:\windows\system32\dllcache\wuaueng.dll
+ 2008-10-16 13:13:40 1,809,944 -c--a-w c:\windows\system32\dllcache\wuaueng.dll
- 2007-12-04 14:49:02 26,624 ----a-w c:\windows\system32\drivers\aavmker4.sys
+ 2008-11-26 17:15:35 26,944 ----a-w c:\windows\system32\drivers\aavmker4.sys
- 2007-12-04 14:56:02 93,264 ----a-w c:\windows\system32\drivers\aswmon.sys
+ 2008-11-26 17:18:25 93,296 ----a-w c:\windows\system32\drivers\aswmon.sys
- 2007-12-04 14:55:46 94,544 ----a-w c:\windows\system32\drivers\aswmon2.sys
+ 2008-11-26 17:18:18 94,032 ----a-w c:\windows\system32\drivers\aswmon2.sys
- 2007-12-04 14:53:39 23,152 ----a-w c:\windows\system32\drivers\aswRdr.sys
+ 2008-11-26 17:16:29 23,152 ----a-w c:\windows\system32\drivers\aswRdr.sys
+ 2008-11-26 17:17:36 111,184 ----a-w c:\windows\system32\drivers\aswSP.sys
- 2007-12-04 14:51:52 42,912 ----a-w c:\windows\system32\drivers\aswTdi.sys
+ 2008-11-26 17:16:38 50,864 ----a-w c:\windows\system32\drivers\aswTdi.sys
+ 2001-08-28 12:00:00 2,816 ----a-w c:\windows\system32\drivers\drmkaud.sys
+ 2001-08-28 12:00:00 2,944 ----a-w c:\windows\system32\drivers\null.sys
+ 2005-12-22 10:24:50 80,272 ----a-w c:\windows\system32\drivers\sscdbus.sys
+ 2005-12-22 10:24:52 11,877 ----a-w c:\windows\system32\drivers\sscdcm.sys
+ 2005-12-22 10:24:52 11,877 ----a-w c:\windows\system32\drivers\sscdcmnt.sys
+ 2005-12-22 10:24:52 10,864 ----a-w c:\windows\system32\drivers\sscdmdfl.sys
+ 2005-12-22 10:24:52 137,884 ----a-w c:\windows\system32\drivers\sscdmdm.sys
+ 2005-12-22 10:24:54 11,188 ----a-w c:\windows\system32\drivers\sscdwh.sys
+ 2005-12-22 10:24:54 11,188 ----a-w c:\windows\system32\drivers\sscdwhnt.sys
- 2006-07-24 14:05:00 5,632 ----a-w c:\windows\system32\drivers\StarOpen.sys
+ 2008-10-30 22:22:17 5,632 ----a-w c:\windows\system32\drivers\StarOpen.sys
+ 2005-04-08 11:56:56 68,226 ------w c:\windows\system32\drivers\StMp3Rec.sys
+ 2001-08-17 20:53:30 13,824 ----a-w c:\windows\system32\drivers\usbscan.sys
- 2001-08-17 20:03:22 21,760 ----a-w c:\windows\system32\drivers\USBSTOR.SYS
+ 2001-08-17 21:03:22 21,760 ----a-w c:\windows\system32\drivers\USBSTOR.SYS
+ 2004-09-10 19:12:28 49,152 ----a-w c:\windows\system32\E_DCINST.DLL
+ 2006-04-19 01:00:00 62,976 ----a-w c:\windows\system32\E_FD4BBIE.DLL
+ 2006-08-10 01:02:00 75,264 ----a-w c:\windows\system32\E_FLBBIE.DLL
+ 2004-03-03 05:10:00 65,536 ----a-w c:\windows\system32\EPPicMgr.dll
+ 2004-03-03 05:10:00 26,154 ----a-w c:\windows\system32\EPPICPattern1.dat
+ 2004-03-03 05:10:00 27,417 ----a-w c:\windows\system32\EPPICPattern121.dat
+ 2004-03-03 05:10:00 31,053 ----a-w c:\windows\system32\EPPICPattern131.dat
+ 2004-03-03 05:10:00 20,148 ----a-w c:\windows\system32\EPPICPattern2.dat
+ 2004-03-03 05:10:00 24,903 ----a-w c:\windows\system32\EPPICPattern3.dat
+ 2004-03-03 05:10:00 11,811 ----a-w c:\windows\system32\EPPICPattern4.dat
+ 2004-03-03 05:10:00 21,390 ----a-w c:\windows\system32\EPPICPattern5.dat
+ 2004-03-03 05:10:00 4,943 ----a-w c:\windows\system32\EPPICPattern6.dat
+ 2005-05-31 23:20:00 111,932 ----a-w c:\windows\system32\EPPICPrinterDB.dat
+ 2004-03-03 05:10:00 114,688 ----a-w c:\windows\system32\EpPicPrt.dll
+ 2006-10-12 23:00:00 61,952 ----a-w c:\windows\system32\escwiad.dll
+ 2006-12-27 23:00:00 208,896 ----a-w c:\windows\system32\esint7e.dll
+ 2006-12-27 23:00:00 66,560 ----a-w c:\windows\system32\eswia7e.dll
+ 2006-03-09 23:00:00 3,584 ----a-w c:\windows\system32\eswiaml.dll
+ 2009-01-02 00:29:50 144,792 ----a-w c:\windows\system32\java.exe
+ 2009-01-02 00:29:50 144,792 ----a-w c:\windows\system32\javaw.exe
+ 2009-01-02 00:29:50 148,888 ----a-w c:\windows\system32\javaws.exe
+ 2001-08-28 12:00:00 2,000 ----a-w c:\windows\system32\keyboard.drv
+ 2001-08-28 12:00:00 2,560 ----a-w c:\windows\system32\lz32.dll
+ 2008-05-10 01:43:34 3,773,440 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2008-05-10 01:34:46 232,960 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-05-24 17:17:05 82,081 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2007-12-14 15:19:56 118,784 ------w c:\windows\system32\MaDRM.dll
+ 2007-12-14 15:19:56 40,960 ------w c:\windows\system32\MAMACExtract.dll
+ 2007-12-14 15:19:58 974,848 ------w c:\windows\system32\mfc70.dll
+ 2007-12-14 15:19:58 1,046,528 ------w c:\windows\system32\MFC71LU.DLL
+ 2007-12-14 15:19:58 1,047,552 ------w c:\windows\system32\MFC71u.dll
+ 2001-08-28 12:00:00 2,032 ----a-w c:\windows\system32\mouse.drv
+ 2007-12-14 15:19:58 507,904 ------w c:\windows\system32\MSLUP71.dll
+ 2007-12-14 15:19:58 352,256 ------w c:\windows\system32\MSLUR71.dll
+ 2007-12-14 15:19:58 344,064 ------w c:\windows\system32\msvcr70.dll
+ 2007-12-14 15:19:58 44,544 ------w c:\windows\system32\msxml4a.dll
+ 2007-12-14 15:19:56 135,168 ------w c:\windows\system32\muzaf1.dll
+ 2007-12-14 15:19:56 471,040 ------w c:\windows\system32\muzapp.dll
+ 2008-02-22 08:44:28 172,776 ----a-w c:\windows\system32\muzapp.exe
+ 2007-12-14 15:19:56 200,704 ------w c:\windows\system32\muzwmts.dll
+ 2001-08-28 12:00:00 2,656 ----a-w c:\windows\system32\netware.drv
+ 2007-12-14 15:19:56 45,056 ------w c:\windows\system32\Ogg.dll
+ 2007-12-14 15:19:56 237,568 ------w c:\windows\system32\OggDS.dll
- 2007-10-29 16:18:10 39,992 ----a-w c:\windows\system32\perfc009.dat
+ 2008-12-12 21:29:22 39,992 ----a-w c:\windows\system32\perfc009.dat
- 2007-10-29 16:18:10 48,616 ----a-w c:\windows\system32\perfc00C.dat
+ 2008-12-12 21:29:22 48,616 ----a-w c:\windows\system32\perfc00C.dat
- 2007-10-29 16:18:10 311,604 ----a-w c:\windows\system32\perfh009.dat
+ 2008-12-12 21:29:22 311,604 ----a-w c:\windows\system32\perfh009.dat
- 2007-10-29 16:18:10 367,658 ----a-w c:\windows\system32\perfh00C.dat
+ 2008-12-12 21:29:22 367,658 ----a-w c:\windows\system32\perfh00C.dat
+ 2005-06-01 02:10:00 77,824 ----a-w c:\windows\system32\PICEntry.dll
+ 2005-05-31 23:10:00 73,728 ----a-w c:\windows\system32\PICSDK.dll
+ 2005-06-01 03:10:00 495,616 ----a-w c:\windows\system32\PICSDK2.dll
+ 2008-07-18 20:10:20 36,552 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.784\wups.dll
+ 2008-10-16 13:08:58 34,328 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.788\wups.dll
+ 2008-07-18 20:10:40 45,768 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.784\wups2.dll
+ 2008-10-16 13:09:44 43,544 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.788\wups2.dll
+ 2001-08-28 12:00:00 1,744 ----a-w c:\windows\system32\sound.drv
+ 2006-09-22 03:01:00 585,728 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FABRBIE.DLL
+ 2006-09-25 04:01:00 2,898 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FAIFBIE.DAT
+ 2006-09-22 00:10:00 120,320 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FAIRBIE.DLL
+ 2006-09-25 03:06:00 253,952 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FAMDBIE.EXE
+ 2006-03-20 03:01:00 151,552 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FAMTBIE.EXE
+ 2006-11-01 03:02:00 585,728 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FAPRBIE.DLL
+ 2006-03-20 03:02:00 118,784 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FARNBIE.EXE
+ 2006-09-05 02:05:00 126,976 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FASKBIE.DLL
+ 2006-11-14 03:03:00 107,520 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FASRBIE.DLL
+ 2006-09-22 03:01:00 139,264 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FATIBIE.EXE
+ 2006-09-14 00:00:00 20,480 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FAUDBIE.DLL
+ 2006-05-09 05:00:00 32,768 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FBA6BIE.DLL
+ 2006-04-27 04:11:00 167,936 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FBAPBIE.DLL
+ 2006-09-14 00:01:00 155,648 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FBCSBIE.EXE
+ 2006-07-25 05:01:00 33,792 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FBL6BIE.DLL
+ 2006-04-26 00:00:00 36,864 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FBSRBIE.EXE
+ 2006-09-13 03:00:00 450,048 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FCONBIE.DLL
+ 2006-09-26 04:00:00 65,024 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FDSPBIE.DLL
+ 2007-04-10 05:00:00 71,680 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FDSPCAE.DLL
+ 2006-09-21 02:04:00 18,432 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FGRCBIE.DLL
+ 2006-04-19 00:00:00 410,112 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FHBRBIE.DLL
+ 2006-02-10 03:20:00 326,144 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FHM0BIE.DLL
+ 2006-11-09 00:03:00 65,536 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FHSRBIE.DLL
+ 2005-11-30 03:20:00 212,992 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FHT0BIE.DLL
+ 2006-10-16 08:50:00 174,592 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FHUTBIE.DLL
+ 2006-10-16 08:50:00 84,480 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FHUTBIE.EXE
+ 2006-10-25 03:00:00 349,184 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FJBCBIE.DLL
+ 2006-09-29 04:00:00 102,912 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FMAI1BIE.DLL
+ 2006-02-13 03:20:00 60,928 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FMW0BIE.DLL
+ 2005-04-18 17:10:02 258,114 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FOKABIE.DLL
+ 2006-09-06 03:00:00 196,608 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FPREBIE.EXE
+ 2006-10-12 03:00:00 626,688 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FPRUBIE.DLL
+ 2006-05-30 03:20:00 1,630,720 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FSR0BIE.DLL
+ 2006-02-14 03:01:00 456,192 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FUI1BIE.DLL
+ 2006-10-10 05:00:00 883,200 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FUIC1BIE.DLL
+ 2006-11-06 03:03:00 223,232 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FUIRBIE.DLL
+ 2006-04-18 03:00:00 102,400 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_S30RP1.EXE
+ 2006-04-27 04:11:00 167,936 ----a-w c:\windows\system32\spool\drivers\w32x86\3\EBAPI4.DLL
+ 2006-04-19 05:00:00 34,304 ----a-w c:\windows\system32\spool\drivers\w32x86\3\EBPBIDI.DLL
+ 2006-11-21 01:16:00 114,688 ----a-w c:\windows\system32\spool\drivers\w32x86\3\EPSET32.DLL
+ 2005-04-05 23:01:00 6,400 ----a-w c:\windows\system32\spool\drivers\w32x86\3\EPUPDATE.DAT
+ 2006-09-08 05:18:00 723,144 ----a-w c:\windows\system32\spool\drivers\w32x86\3\EPUPDATE.EXE
+ 2006-09-22 03:01:00 585,728 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FABRBIE.DLL
+ 2006-09-25 04:01:00 2,898 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FAIFBIE.DAT
+ 2006-09-22 00:10:00 120,320 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FAIRBIE.DLL
+ 2006-09-25 03:06:00 253,952 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FAMDBIE.EXE
+ 2006-03-20 03:01:00 151,552 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FAMTBIE.EXE
+ 2006-11-01 03:02:00 585,728 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FAPRBIE.DLL
+ 2006-03-20 03:02:00 118,784 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FARNBIE.EXE
+ 2006-09-05 02:05:00 126,976 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FASKBIE.DLL
+ 2006-11-14 03:03:00 107,520 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FASRBIE.DLL
+ 2006-09-22 03:01:00 139,264 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FATIBIE.EXE
+ 2006-09-14 00:00:00 20,480 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FAUDBIE.DLL
+ 2006-05-09 05:00:00 32,768 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FBA6BIE.DLL
+ 2006-04-27 04:11:00 167,936 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FBAPBIE.DLL
+ 2006-09-14 00:01:00 155,648 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FBCSBIE.EXE
+ 2006-07-25 05:01:00 33,792 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FBL6BIE.DLL
+ 2006-04-26 00:00:00 36,864 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FBSRBIE.EXE
+ 2006-09-13 03:00:00 450,048 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FCONBIE.DLL
+ 2006-09-26 04:00:00 65,024 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FDSPBIE.DLL
+ 2006-09-21 02:04:00 18,432 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FGRCBIE.DLL
+ 2006-04-19 00:00:00 410,112 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FHBRBIE.DLL
+ 2006-02-10 03:20:00 326,144 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FHM0BIE.DLL
+ 2006-11-09 00:03:00 65,536 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FHSRBIE.DLL
+ 2005-11-30 03:20:00 212,992 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FHT0BIE.DLL
+ 2006-10-16 08:50:00 174,592 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FHUTBIE.DLL
+ 2006-10-16 08:50:00 84,480 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FHUTBIE.EXE
+ 2006-10-25 03:00:00 349,184 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FJBCBIE.DLL
+ 2006-09-29 04:00:00 102,912 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FMAI1BIE.DLL
+ 2006-02-13 03:20:00 60,928 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FMW0BIE.DLL
+ 2005-04-18 17:10:02 258,114 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FOKABIE.DLL
+ 2006-09-06 03:00:00 196,608 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FPREBIE.EXE
+ 2006-10-12 03:00:00 626,688 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FPRUBIE.DLL
+ 2006-05-30 03:20:00 1,630,720 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FSR0BIE.DLL
+ 2006-02-14 03:01:00 456,192 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FUI1BIE.DLL
+ 2006-10-10 05:00:00 883,200 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FUIC1BIE.DLL
+ 2006-11-06 03:03:00 223,232 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FUIRBIE.DLL
+ 2006-04-18 03:00:00 102,400 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_S30RP1.EXE
+ 2006-04-27 04:11:00 167,936 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\EBAPI4.DLL
+ 2006-04-19 05:00:00 34,304 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\EBPBIDI.DLL
+ 2006-11-21 01:16:00 114,688 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\EPSET32.DLL
+ 2005-04-05 23:01:00 6,400 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\EPUPDATE.DAT
+ 2006-09-08 05:18:00 723,144 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\EPUPDATE.EXE
+ 2005-04-06 00:01:00 6,400 ----a-w c:\windows\system32\spool\drivers\w32x86\EPUPDATE.DAT
+ 2006-11-01 06:18:00 723,128 ----a-w c:\windows\system32\spool\drivers\w32x86\EPUPDATE.EXE
+ 2007-12-14 15:19:56 110,592 ------w c:\windows\system32\tg_dump.dll
+ 2007-12-14 15:19:56 110,592 ------w c:\windows\system32\TG_DUMP0708.DLL
+ 2007-12-14 15:19:58 258,352 ------w c:\windows\system32\unicows.dll
+ 2001-08-28 12:00:00 2,176 ----a-w c:\windows\system32\vga.drv
+ 2007-12-14 15:19:56 188,416 ------w c:\windows\system32\vorbis.dll
+ 2007-12-14 15:19:58 921,600 ------w c:\windows\system32\vorbisenc.dll
+ 2001-08-28 12:00:00 2,864 ----a-w c:\windows\system32\winsock.dll
+ 2001-08-28 12:00:00 2,112 ----a-w c:\windows\system32\winspool.exe
+ 2001-08-28 12:00:00 2,736 ----a-w c:\windows\system32\wowdeb.exe
- 2007-07-30 17:19:36 549,720 ----a-w c:\windows\system32\wuapi.dll
+ 2008-10-16 13:12:20 561,688 ----a-w c:\windows\system32\wuapi.dll
- 2007-07-30 17:19:16 53,080 ----a-w c:\windows\system32\wuauclt.exe
+ 2008-10-16 13:09:44 51,224 ----a-w c:\windows\system32\wuauclt.exe
- 2007-07-30 17:19:42 1,712,984 ----a-w c:\windows\system32\wuaueng.dll
+ 2008-10-16 13:13:40 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
- 2007-07-30 17:19:32 325,976 ----a-w c:\windows\system32\wucltui.dll
+ 2008-10-16 13:12:22 323,608 ----a-w c:\windows\system32\wucltui.dll
- 2007-07-30 17:18:40 33,624 ----a-w c:\windows\system32\wups.dll
+ 2008-10-16 13:08:58 34,328 ----a-w c:\windows\system32\wups.dll
- 2007-07-30 17:19:12 43,352 ----a-w c:\windows\system32\wups2.dll
+ 2008-10-16 13:09:44 43,544 ----a-w c:\windows\system32\wups2.dll
- 2007-07-30 17:19:46 203,096 ----a-w c:\windows\system32\wuweb.dll
+ 2008-10-16 13:13:40 202,776 ----a-w c:\windows\system32\wuweb.dll
+ 2009-01-10 11:52:33 16,384 ----atw c:\windows\TEMP\Perflib_Perfdata_564.dat
+ 2009-01-10 11:52:46 16,384 ----atw c:\windows\TEMP\Perflib_Perfdata_80.dat
+ 2004-07-02 15:02:56 409,600 ----a-w c:\windows\twain_32\escndv\encm.dll
+ 2004-07-02 15:02:56 180,224 ----a-w c:\windows\twain_32\escndv\encmutil.dll
+ 2004-07-02 15:02:56 184,320 ----a-w c:\windows\twain_32\escndv\enll.dll
+ 2004-07-02 15:02:56 167,936 ----a-w c:\windows\twain_32\escndv\enludp.dll
+ 1999-12-07 01:03:00 73,216 ----a-w c:\windows\twain_32\escndv\es006c\ade.dll
+ 1999-04-26 23:17:00 3,136 ----a-w c:\windows\twain_32\escndv\es006c\ade001.bin
+ 2004-07-02 15:02:56 409,600 ----a-w c:\windows\twain_32\escndv\es006c\encm.dll
+ 2004-07-02 15:02:56 180,224 ----a-w c:\windows\twain_32\escndv\es006c\encmutil.dll
+ 2004-07-02 15:02:56 184,320 ----a-w c:\windows\twain_32\escndv\es006c\enll.dll
+ 2004-07-02 15:02:56 167,936 ----a-w c:\windows\twain_32\escndv\es006c\enludp.dll
+ 2006-02-21 23:00:00 188,416 ----a-w c:\windows\twain_32\escndv\es006c\esdevcl.dll
+ 2006-02-21 23:00:00 131,072 ----a-w c:\windows\twain_32\escndv\es006c\esdevif.dll
+ 2005-12-15 23:00:00 49,152 ----a-w c:\windows\twain_32\escndv\es006c\esdscl.dll
+ 2006-10-15 23:00:00 425,984 ----a-w c:\windows\twain_32\escndv\es006c\esdtr.dll
+ 2006-08-29 23:00:00 94,208 ----a-w c:\windows\twain_32\escndv\es006c\esdtr2.dll
+ 2005-09-26 23:00:00 163,840 ----a-w c:\windows\twain_32\escndv\es006c\esfit.dll
+ 2005-09-26 23:00:00 53,248 ----a-w c:\windows\twain_32\escndv\es006c\esicm.dll
+ 2006-07-04 23:00:00 561,152 ----a-w c:\windows\twain_32\escndv\es006c\esimfl.dll
+ 2006-01-22 23:00:00 229,376 ----a-w c:\windows\twain_32\escndv\es006c\esimgctl.dll
+ 2006-07-31 23:00:00 1,658,880 ----a-w c:\windows\twain_32\escndv\es006c\esimgdet.dll
+ 2005-12-15 23:00:00 348,261 ----a-w c:\windows\twain_32\escndv\es006c\esmps.dll
+ 2005-12-15 23:00:00 561,272 ----a-w c:\windows\twain_32\escndv\es006c\esmpsres.dll
+ 2005-04-24 23:00:00 126,976 ----a-w c:\windows\twain_32\escndv\es006c\esnetbg.dll
+ 2006-02-13 23:00:00 3,559,424 ----a-w c:\windows\twain_32\escndv\es006c\esres.dll
+ 2006-02-06 23:00:00 323,584 ----a-w c:\windows\twain_32\escndv\es006c\esscncl.dll
+ 2005-12-15 23:00:00 40,960 ----a-w c:\windows\twain_32\escndv\es006c\estwm.exe
+ 2006-02-20 23:00:00 241,664 ----a-w c:\windows\twain_32\escndv\es006c\estwpmg.dll
+ 2006-02-13 23:00:00 663,552 ----a-w c:\windows\twain_32\escndv\es006c\esui.dll
+ 2005-12-15 23:00:00 122,880 ----a-w c:\windows\twain_32\escndv\es006c\esutwb.dll
+ 2005-12-15 23:00:00 73,728 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\epbmp.dll
+ 2005-12-15 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\epbmpres.dll
+ 2006-02-14 23:00:00 98,304 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\epipd.dll
+ 2005-12-15 23:00:00 147,456 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\epjpg.dll
+ 2005-12-15 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\epjpgres.dll
+ 2005-12-15 23:00:00 90,112 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\epmtf.dll
+ 2005-12-15 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\epmtfres.dll
+ 2006-02-14 23:00:00 102,400 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\eppdf.dll
+ 2006-01-22 23:00:00 49,152 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\eppdfres.dll
+ 2005-12-15 23:00:00 86,016 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\eppij.dll
+ 2005-12-15 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\eppijres.dll
+ 2005-12-15 23:00:00 81,920 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\eppit.dll
+ 2005-12-15 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\eppitres.dll
+ 2005-12-15 23:00:00 90,112 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\eptif.dll
+ 2005-12-15 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\eptifres.dll
+ 2005-08-28 23:00:00 143,360 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\esexf.dll
+ 2005-08-28 23:00:00 98,304 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\espimtif.dll
+ 1999-12-07 01:03:00 73,216 ----a-w c:\windows\twain_32\escndv\es007e\ade.dll
+ 1999-04-26 23:17:00 3,136 ----a-w c:\windows\twain_32\escndv\es007e\ade001.bin
+ 2006-03-09 23:00:00 77,824 ----a-w c:\windows\twain_32\escndv\es007e\esddc.dll
+ 2006-10-23 23:00:00 188,416 ----a-w c:\windows\twain_32\escndv\es007e\esdevcl.dll
+ 2006-10-23 23:00:00 131,072 ----a-w c:\windows\twain_32\escndv\es007e\esdevif.dll
+ 2006-03-07 23:00:00 49,152 ----a-w c:\windows\twain_32\escndv\es007e\esdscl.dll
+ 2006-12-11 23:00:00 425,984 ----a-w c:\windows\twain_32\escndv\es007e\esdtr.dll
+ 2006-08-29 23:00:00 94,208 ----a-w c:\windows\twain_32\escndv\es007e\esdtr2.dll
+ 2006-03-05 23:00:00 172,032 ----a-w c:\windows\twain_32\escndv\es007e\esfit.dll
+ 2005-09-26 23:00:00 53,248 ----a-w c:\windows\twain_32\escndv\es007e\esicm.dll
+ 2006-07-04 23:00:00 561,152 ----a-w c:\windows\twain_32\escndv\es007e\esimfl.dll
+ 2006-10-23 23:00:00 229,376 ----a-w c:\windows\twain_32\escndv\es007e\esimgctl.dll
+ 2006-07-31 23:00:00 1,658,880 ----a-w c:\windows\twain_32\escndv\es007e\esimgdet.dll
+ 2006-10-23 23:00:00 348,267 ----a-w c:\windows\twain_32\escndv\es007e\esmps.dll
+ 2006-12-12 23:00:00 327,680 ----a-w c:\windows\twain_32\escndv\es007e\esscncl.dll
+ 2006-03-07 23:00:00 40,960 ----a-w c:\windows\twain_32\escndv\es007e\estwm.exe
+ 2006-10-23 23:00:00 249,856 ----a-w c:\windows\twain_32\escndv\es007e\estwpmg.dll
+ 2006-12-12 23:00:00 675,840 ----a-w c:\windows\twain_32\escndv\es007e\esui.dll
+ 2006-03-07 23:00:00 126,976 ----a-w c:\windows\twain_32\escndv\es007e\esutwb.dll
+ 2006-05-25 23:00:00 73,728 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\epbmp.dll
+ 2006-02-14 23:00:00 98,304 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\epipd.dll
+ 2006-06-22 23:00:00 151,552 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\epjpg.dll
+ 2006-10-23 23:00:00 94,208 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\epmtf.dll
+ 2006-10-23 23:00:00 102,400 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\eppdf.dll
+ 2006-05-25 23:00:00 86,016 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\eppij.dll
+ 2006-05-25 23:00:00 86,016 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\eppit.dll
+ 2006-06-22 23:00:00 94,208 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\eptif.dll
+ 2005-08-28 23:00:00 143,360 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\esexf.dll
+ 2005-08-28 23:00:00 98,304 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\espimtif.dll
+ 2006-03-07 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\local\epbmpres.dll
+ 2006-03-07 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\local\epjpgres.dll
+ 2006-03-07 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\local\epmtfres.dll
+ 2006-04-16 23:00:00 49,152 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\local\eppdfres.dll
+ 2006-03-07 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\local\eppijres.dll
+ 2006-03-07 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\local\eppitres.dll
+ 2006-03-07 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\local\eptifres.dll
+ 2006-03-07 23:00:00 561,272 ----a-w c:\windows\twain_32\escndv\es007e\local\esmpsres.dll
+ 2006-04-16 23:00:00 3,563,520 ----a-w c:\windows\twain_32\escndv\es007e\local\esres.dll
+ 2006-10-03 23:00:00 182,424 ----a-w c:\windows\twain_32\escndv\escfg.exe
+ 2005-09-19 23:00:00 77,824 ----a-w c:\windows\twain_32\escndv\escfgres.dll
+ 2005-12-15 23:00:00 118,784 ----a-w c:\windows\twain_32\escndv\escndv.exe
+ 2005-12-15 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\escndvrs.dll
+ 2005-04-24 23:00:00 126,976 ----a-w c:\windows\twain_32\escndv\esnetbg.dll
+ 2006-03-07 23:00:00 40,960 ----a-w c:\windows\twain_32\escndv\estwm.exe
+ 2006-03-07 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\local\escndvrs.dll
+ 2000-08-31 07:00:00 49,152 ----a-w c:\windows\VFIND.exe
+ 2000-08-31 07:00:00 68,096 ----a-w c:\windows\zip.exe
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\ctfmon.exe" [2001-08-28 13312]
"WOOKIT"="c:\progra~1\Wanadoo\Shell.exe" [2004-08-23 122880]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-18 68856]
"msnmsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2002-08-20 1511453]
"AdobeUpdater"="c:\program files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe" [2007-03-01 2321600]
"EPSON Stylus DX6000 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE" [2006-09-22 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WOOWATCH"="c:\progra~1\Wanadoo\Watch.exe" [2004-08-23 20480]
"WOOTASKBARICON"="c:\progra~1\Wanadoo\GestMaj.exe" [2004-10-14 32768]
"igfxtray"="c:\windows\System32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\System32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\System32\igfxpers.exe" [2005-09-20 114688]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-09-21 286720]
"!AVG Anti-Spyware"="c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312]
"SMSTray"="c:\program files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-12-14 132624]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-02 136600]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2001-08-28 13312]
c:\documents and settings\dipietro\Menu D‚marrer\Programmes\D‚marrage\
Lotus Notes.LNK - c:\lotus\Notes\notes.exe [2003-07-23 176128]
c:\documents and settings\duciel\Menu D‚marrer\Programmes\D‚marrage\
Lotus Notes.LNK - c:\lotus\Notes\notes.exe [2003-07-23 176128]
c:\documents and settings\lagache\Menu D‚marrer\Programmes\D‚marrage\
Lotus Notes.LNK - c:\lotus\Notes\notes.exe [2003-07-23 176128]
c:\documents and settings\moriniere\Menu D‚marrer\Programmes\D‚marrage\
Lotus Notes.LNK - c:\lotus\Notes\notes.exe [2003-07-23 176128]
c:\documents and settings\ouret\Menu D‚marrer\Programmes\D‚marrage\
Lotus Notes.LNK - c:\lotus\Notes\notes.exe [2003-07-23 176128]
c:\documents and settings\Bessin\Menu D‚marrer\Programmes\D‚marrage\
Lotus Notes.LNK - c:\lotus\Notes\notes.exe [2003-07-23 176128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Nsw61.sys]
@="Driver"
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-03-31 111184]
S0 Nsw61;Nsw61;c:\windows\System32\Drivers\Nsw61.sys --> c:\windows\System32\Drivers\Nsw61.sys [?]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{83D4S7QA-045E-5307-DFC9-5BF14604275F}]
c:\windows\system32\dllcache\windupd.exe /install
.
Contenu du dossier 'Tâches planifiées'
2009-01-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 13:57]
.
- - - - ORPHELINS SUPPRIMES - - - -
BHO-{60999BAD-E329-4923-82B4-9E78753E3816} - c:\windows\System32\confms.dll
HKU-Default-Run-ntfyapp - c:\windows\ntfyapp.exe
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.orange.fr/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
O16 -: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
c:\windows\Downloaded Program Files\DirectAnimation Java Classes.osd
O16 -: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
FF - ProfilePath - c:\documents and settings\Administrateur.POLICHE-ITEY6KZ\Application Data\Mozilla\Firefox\Profiles\rmz4q2be.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-10 12:53:48
Windows 5.1.2600 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(672)
c:\windows\system32\ODBC32.dll
- - - - - - - > 'lsass.exe'(728)
c:\windows\System32\dssenh.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashDisp.exe
c:\progra~1\Wanadoo\TaskBarIcon.exe
.
**************************************************************************
.
Heure de fin: 2009-01-10 12:59:25 - La machine a redémarré [Administrateur]
ComboFix-quarantined-files.txt 2009-01-10 11:58:07
ComboFix2.txt 2008-03-08 12:25:02
Avant-CF: 5 774 152 704 octets libres
Après-CF: 9,671,003,136 octets libres
WinXP_FR_PRO_BF.EXE
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect
multi(0)disk(0)rdisk(0)partition(2)\WINNT="Microsoft Windows 2000 Professionnel" /fastdetect
515 --- E O F --- 2007-09-06 22:11:31
voila le rapport combofix
omboFix 09-01-07.02 - Administrateur 2009-01-10 12:47:45.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.0.1252.1.1036.18.510.291 [GMT 1:00]
Lancé depuis: c:\documents and settings\Administrateur.POLICHE-ITEY6KZ\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\cookie1.dat
c:\windows\system32\ds.dat
c:\windows\system32\ohdqrdqr.ini
c:\windows\system32\qqikpeuf.ini
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NTNDIS
-------\Legacy_QANDR
-------\Legacy_WMDMPMSPWEBCLIENT
-------\Legacy_WZCSVCSENS
-------\Service_WmdmPmSpWebClient
-------\Service_WZCSVCSENS
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-10 au 2009-01-10 ))))))))))))))))))))))))))))))))))))
.
2009-01-07 19:17 . 2009-01-07 19:17 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-07 19:17 . 2009-01-07 19:17 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-01-07 19:17 . 2009-01-07 19:17 <REP> d-------- c:\documents and settings\Administrateur.POLICHE-ITEY6KZ\Application Data\Malwarebytes
2009-01-07 19:17 . 2009-01-04 18:38 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-07 19:17 . 2009-01-04 18:38 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-06 21:07 . 2009-01-06 22:53 <REP> d-------- C:\Lop SD
2009-01-02 01:32 . 2009-01-02 20:13 <REP> d-------- c:\documents and settings\Administrateur.POLICHE-ITEY6KZ\Application Data\LimeWire
2009-01-02 01:30 . 2009-01-02 01:29 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-02 01:30 . 2009-01-02 01:29 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-01-02 01:29 . 2009-01-02 01:29 <REP> d-------- c:\program files\Java
2009-01-01 22:59 . 2009-01-01 23:22 <REP> d-------- c:\program files\PhotoFiltre
2009-01-01 22:50 . 2009-01-01 22:59 <REP> d-------- c:\documents and settings\Administrateur.POLICHE-ITEY6KZ\Application Data\VSO
2008-12-25 22:11 . 2008-12-25 22:11 268 --ah----- C:\sqmdata05.sqm
2008-12-25 22:11 . 2008-12-25 22:11 244 --ah----- C:\sqmnoopt05.sqm
2008-12-17 09:14 . 2008-12-17 09:14 268 --ah----- C:\sqmdata04.sqm
2008-12-17 09:14 . 2008-12-17 09:14 244 --ah----- C:\sqmnoopt04.sqm
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-10 11:54 --------- d-----w c:\program files\Wanadoo
2008-12-28 22:00 --------- d-----w c:\program files\Everest Poker
2008-12-15 08:05 --------- d-----w c:\program files\BitComet
2008-12-08 20:17 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\EPSON
2008-12-07 19:38 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-07 12:27 --------- d-----w c:\program files\epson
2007-07-26 20:53 278,528 ----a-w c:\program files\Fichiers communs\FDEUnInstaller.exe
2001-06-21 07:34 271 --sh--w c:\program files\DESKTOP.INI
2001-06-21 07:34 22,115 ---ha-w c:\program files\FOLDER.HTT
.
((((((((((((((((((((((((((((( snapshot@2008-03-08_13.24.30.20 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-02-15 00:00:00 2,504 ----a-w c:\windows\Downloaded Program Files\catalog.dat
+ 2008-02-15 00:00:00 1,957 ----a-w c:\windows\Downloaded Program Files\tinfl.dat
+ 2008-02-28 09:53:26 2,072 ----a-w c:\windows\Downloaded Program Files\vscanmsx.dat
- 2000-08-31 07:00:00 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
- 2000-08-31 07:00:00 163,328 ----a-w c:\windows\erdnt\subs\ERDNT.EXE
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\subs\ERDNT.EXE
+ 2000-08-31 07:00:00 89,504 ----a-w c:\windows\fdsv.exe
+ 2000-08-31 07:00:00 80,412 ----a-w c:\windows\grep.exe
+ 2007-09-02 15:48:31 2,678 ----a-w c:\windows\java\Packages\Data\A0NP75BL.DAT
+ 2007-09-02 15:48:31 2,678 ----a-w c:\windows\java\Packages\Data\DN9B1ZFF.DAT
+ 2007-09-02 15:48:35 2,678 ----a-w c:\windows\java\Packages\Data\RVD3XBLN.DAT
+ 2007-09-02 15:48:31 2,678 ----a-w c:\windows\java\Packages\Data\SXZLVJ5R.DAT
+ 2007-09-02 15:48:31 2,678 ----a-w c:\windows\java\Packages\Data\TJNDV9BB.DAT
- 2000-08-31 07:00:00 28,160 ----a-w c:\windows\Nircmd.exe
+ 2000-08-31 07:00:00 28,672 ----a-w c:\windows\NIRCMD.exe
+ 2007-07-27 17:40:43 2,410 ----a-w c:\windows\PCHealth\HelpCtr\PackageStore\SkuStore.bin
+ 2000-08-31 07:00:00 98,816 ----a-w c:\windows\sed.exe
+ 2000-08-31 07:00:00 161,792 ----a-w c:\windows\SWREG.exe
+ 2000-08-31 07:00:00 136,704 ----a-w c:\windows\SWSC.exe
+ 2000-08-31 07:00:00 212,480 ----a-w c:\windows\SWXCACLS.exe
+ 2001-08-28 14:00:00 2,000 ----a-w c:\windows\system\KEYBOARD.DRV
+ 2001-08-28 14:00:00 2,032 ----a-w c:\windows\system\MOUSE.DRV
+ 2001-08-28 14:00:00 1,744 ----a-w c:\windows\system\SOUND.DRV
+ 2001-08-28 14:00:00 2,176 ----a-w c:\windows\system\VGA.DRV
+ 2008-06-04 14:11:33 48,585 ----a-w c:\windows\system32\1028k.sys
+ 2008-05-31 22:57:20 48,585 ----a-w c:\windows\system32\1028q.sys
- 2007-12-04 13:04:28 837,496 ----a-w c:\windows\system32\aswBoot.exe
+ 2008-11-26 17:21:30 1,236,208 ----a-w c:\windows\system32\aswBoot.exe
+ 2007-12-14 15:19:56 89,088 ------w c:\windows\system32\atl71.dll
- 2007-12-04 12:54:04 95,608 ----a-w c:\windows\system32\AvastSS.scr
+ 2008-11-26 17:15:10 97,480 ----a-w c:\windows\system32\AvastSS.scr
+ 2007-08-14 18:07:18 2,560 ----a-w c:\windows\system32\BitCometRes.dll
- 2007-07-30 17:19:20 92,504 ----a-w c:\windows\system32\cdm.dll
+ 2008-10-16 13:09:44 92,696 ----a-w c:\windows\system32\cdm.dll
- 2008-03-08 12:19:37 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-01-05 19:29:30 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2008-03-08 12:19:37 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2009-01-05 19:29:30 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
- 2008-03-08 12:19:37 49,152 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-01-05 19:29:30 81,920 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2007-07-30 17:19:20 92,504 -c--a-w c:\windows\system32\dllcache\cdm.dll
+ 2008-10-16 13:09:44 92,696 -c--a-w c:\windows\system32\dllcache\cdm.dll
+ 2001-08-28 14:00:00 2,000 -c--a-w c:\windows\system32\dllcache\keyboard.drv
+ 2001-08-28 12:00:00 2,560 -c--a-w c:\windows\system32\dllcache\lz32.dll
+ 2001-08-28 14:00:00 2,032 -c--a-w c:\windows\system32\dllcache\mouse.drv
+ 2001-08-28 12:00:00 2,944 -c--a-w c:\windows\system32\dllcache\null.sys
+ 2001-08-28 14:00:00 1,744 -c--a-w c:\windows\system32\dllcache\sound.drv
+ 2001-08-17 20:53:30 13,824 -c--a-w c:\windows\system32\dllcache\usbscan.sys
- 2001-08-17 20:03:22 21,760 -c--a-w c:\windows\system32\dllcache\usbstor.sys
+ 2001-08-17 21:03:22 21,760 -c--a-w c:\windows\system32\dllcache\usbstor.sys
+ 2001-08-28 14:00:00 2,176 -c--a-w c:\windows\system32\dllcache\vga.drv
+ 2001-08-28 12:00:00 2,864 -c--a-w c:\windows\system32\dllcache\winsock.dll
+ 2001-08-28 12:00:00 2,112 -c--a-w c:\windows\system32\dllcache\winspool.exe
+ 2001-08-28 12:00:00 2,736 -c--a-w c:\windows\system32\dllcache\wowdeb.exe
- 2007-07-30 17:19:16 53,080 -c--a-w c:\windows\system32\dllcache\wuauclt.exe
+ 2008-10-16 13:09:44 51,224 -c--a-w c:\windows\system32\dllcache\wuauclt.exe
- 2007-07-30 17:19:42 1,712,984 -c--a-w c:\windows\system32\dllcache\wuaueng.dll
+ 2008-10-16 13:13:40 1,809,944 -c--a-w c:\windows\system32\dllcache\wuaueng.dll
- 2007-12-04 14:49:02 26,624 ----a-w c:\windows\system32\drivers\aavmker4.sys
+ 2008-11-26 17:15:35 26,944 ----a-w c:\windows\system32\drivers\aavmker4.sys
- 2007-12-04 14:56:02 93,264 ----a-w c:\windows\system32\drivers\aswmon.sys
+ 2008-11-26 17:18:25 93,296 ----a-w c:\windows\system32\drivers\aswmon.sys
- 2007-12-04 14:55:46 94,544 ----a-w c:\windows\system32\drivers\aswmon2.sys
+ 2008-11-26 17:18:18 94,032 ----a-w c:\windows\system32\drivers\aswmon2.sys
- 2007-12-04 14:53:39 23,152 ----a-w c:\windows\system32\drivers\aswRdr.sys
+ 2008-11-26 17:16:29 23,152 ----a-w c:\windows\system32\drivers\aswRdr.sys
+ 2008-11-26 17:17:36 111,184 ----a-w c:\windows\system32\drivers\aswSP.sys
- 2007-12-04 14:51:52 42,912 ----a-w c:\windows\system32\drivers\aswTdi.sys
+ 2008-11-26 17:16:38 50,864 ----a-w c:\windows\system32\drivers\aswTdi.sys
+ 2001-08-28 12:00:00 2,816 ----a-w c:\windows\system32\drivers\drmkaud.sys
+ 2001-08-28 12:00:00 2,944 ----a-w c:\windows\system32\drivers\null.sys
+ 2005-12-22 10:24:50 80,272 ----a-w c:\windows\system32\drivers\sscdbus.sys
+ 2005-12-22 10:24:52 11,877 ----a-w c:\windows\system32\drivers\sscdcm.sys
+ 2005-12-22 10:24:52 11,877 ----a-w c:\windows\system32\drivers\sscdcmnt.sys
+ 2005-12-22 10:24:52 10,864 ----a-w c:\windows\system32\drivers\sscdmdfl.sys
+ 2005-12-22 10:24:52 137,884 ----a-w c:\windows\system32\drivers\sscdmdm.sys
+ 2005-12-22 10:24:54 11,188 ----a-w c:\windows\system32\drivers\sscdwh.sys
+ 2005-12-22 10:24:54 11,188 ----a-w c:\windows\system32\drivers\sscdwhnt.sys
- 2006-07-24 14:05:00 5,632 ----a-w c:\windows\system32\drivers\StarOpen.sys
+ 2008-10-30 22:22:17 5,632 ----a-w c:\windows\system32\drivers\StarOpen.sys
+ 2005-04-08 11:56:56 68,226 ------w c:\windows\system32\drivers\StMp3Rec.sys
+ 2001-08-17 20:53:30 13,824 ----a-w c:\windows\system32\drivers\usbscan.sys
- 2001-08-17 20:03:22 21,760 ----a-w c:\windows\system32\drivers\USBSTOR.SYS
+ 2001-08-17 21:03:22 21,760 ----a-w c:\windows\system32\drivers\USBSTOR.SYS
+ 2004-09-10 19:12:28 49,152 ----a-w c:\windows\system32\E_DCINST.DLL
+ 2006-04-19 01:00:00 62,976 ----a-w c:\windows\system32\E_FD4BBIE.DLL
+ 2006-08-10 01:02:00 75,264 ----a-w c:\windows\system32\E_FLBBIE.DLL
+ 2004-03-03 05:10:00 65,536 ----a-w c:\windows\system32\EPPicMgr.dll
+ 2004-03-03 05:10:00 26,154 ----a-w c:\windows\system32\EPPICPattern1.dat
+ 2004-03-03 05:10:00 27,417 ----a-w c:\windows\system32\EPPICPattern121.dat
+ 2004-03-03 05:10:00 31,053 ----a-w c:\windows\system32\EPPICPattern131.dat
+ 2004-03-03 05:10:00 20,148 ----a-w c:\windows\system32\EPPICPattern2.dat
+ 2004-03-03 05:10:00 24,903 ----a-w c:\windows\system32\EPPICPattern3.dat
+ 2004-03-03 05:10:00 11,811 ----a-w c:\windows\system32\EPPICPattern4.dat
+ 2004-03-03 05:10:00 21,390 ----a-w c:\windows\system32\EPPICPattern5.dat
+ 2004-03-03 05:10:00 4,943 ----a-w c:\windows\system32\EPPICPattern6.dat
+ 2005-05-31 23:20:00 111,932 ----a-w c:\windows\system32\EPPICPrinterDB.dat
+ 2004-03-03 05:10:00 114,688 ----a-w c:\windows\system32\EpPicPrt.dll
+ 2006-10-12 23:00:00 61,952 ----a-w c:\windows\system32\escwiad.dll
+ 2006-12-27 23:00:00 208,896 ----a-w c:\windows\system32\esint7e.dll
+ 2006-12-27 23:00:00 66,560 ----a-w c:\windows\system32\eswia7e.dll
+ 2006-03-09 23:00:00 3,584 ----a-w c:\windows\system32\eswiaml.dll
+ 2009-01-02 00:29:50 144,792 ----a-w c:\windows\system32\java.exe
+ 2009-01-02 00:29:50 144,792 ----a-w c:\windows\system32\javaw.exe
+ 2009-01-02 00:29:50 148,888 ----a-w c:\windows\system32\javaws.exe
+ 2001-08-28 12:00:00 2,000 ----a-w c:\windows\system32\keyboard.drv
+ 2001-08-28 12:00:00 2,560 ----a-w c:\windows\system32\lz32.dll
+ 2008-05-10 01:43:34 3,773,440 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2008-05-10 01:34:46 232,960 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-05-24 17:17:05 82,081 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2007-12-14 15:19:56 118,784 ------w c:\windows\system32\MaDRM.dll
+ 2007-12-14 15:19:56 40,960 ------w c:\windows\system32\MAMACExtract.dll
+ 2007-12-14 15:19:58 974,848 ------w c:\windows\system32\mfc70.dll
+ 2007-12-14 15:19:58 1,046,528 ------w c:\windows\system32\MFC71LU.DLL
+ 2007-12-14 15:19:58 1,047,552 ------w c:\windows\system32\MFC71u.dll
+ 2001-08-28 12:00:00 2,032 ----a-w c:\windows\system32\mouse.drv
+ 2007-12-14 15:19:58 507,904 ------w c:\windows\system32\MSLUP71.dll
+ 2007-12-14 15:19:58 352,256 ------w c:\windows\system32\MSLUR71.dll
+ 2007-12-14 15:19:58 344,064 ------w c:\windows\system32\msvcr70.dll
+ 2007-12-14 15:19:58 44,544 ------w c:\windows\system32\msxml4a.dll
+ 2007-12-14 15:19:56 135,168 ------w c:\windows\system32\muzaf1.dll
+ 2007-12-14 15:19:56 471,040 ------w c:\windows\system32\muzapp.dll
+ 2008-02-22 08:44:28 172,776 ----a-w c:\windows\system32\muzapp.exe
+ 2007-12-14 15:19:56 200,704 ------w c:\windows\system32\muzwmts.dll
+ 2001-08-28 12:00:00 2,656 ----a-w c:\windows\system32\netware.drv
+ 2007-12-14 15:19:56 45,056 ------w c:\windows\system32\Ogg.dll
+ 2007-12-14 15:19:56 237,568 ------w c:\windows\system32\OggDS.dll
- 2007-10-29 16:18:10 39,992 ----a-w c:\windows\system32\perfc009.dat
+ 2008-12-12 21:29:22 39,992 ----a-w c:\windows\system32\perfc009.dat
- 2007-10-29 16:18:10 48,616 ----a-w c:\windows\system32\perfc00C.dat
+ 2008-12-12 21:29:22 48,616 ----a-w c:\windows\system32\perfc00C.dat
- 2007-10-29 16:18:10 311,604 ----a-w c:\windows\system32\perfh009.dat
+ 2008-12-12 21:29:22 311,604 ----a-w c:\windows\system32\perfh009.dat
- 2007-10-29 16:18:10 367,658 ----a-w c:\windows\system32\perfh00C.dat
+ 2008-12-12 21:29:22 367,658 ----a-w c:\windows\system32\perfh00C.dat
+ 2005-06-01 02:10:00 77,824 ----a-w c:\windows\system32\PICEntry.dll
+ 2005-05-31 23:10:00 73,728 ----a-w c:\windows\system32\PICSDK.dll
+ 2005-06-01 03:10:00 495,616 ----a-w c:\windows\system32\PICSDK2.dll
+ 2008-07-18 20:10:20 36,552 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.784\wups.dll
+ 2008-10-16 13:08:58 34,328 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.788\wups.dll
+ 2008-07-18 20:10:40 45,768 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.784\wups2.dll
+ 2008-10-16 13:09:44 43,544 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.788\wups2.dll
+ 2001-08-28 12:00:00 1,744 ----a-w c:\windows\system32\sound.drv
+ 2006-09-22 03:01:00 585,728 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FABRBIE.DLL
+ 2006-09-25 04:01:00 2,898 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FAIFBIE.DAT
+ 2006-09-22 00:10:00 120,320 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FAIRBIE.DLL
+ 2006-09-25 03:06:00 253,952 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FAMDBIE.EXE
+ 2006-03-20 03:01:00 151,552 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FAMTBIE.EXE
+ 2006-11-01 03:02:00 585,728 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FAPRBIE.DLL
+ 2006-03-20 03:02:00 118,784 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FARNBIE.EXE
+ 2006-09-05 02:05:00 126,976 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FASKBIE.DLL
+ 2006-11-14 03:03:00 107,520 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FASRBIE.DLL
+ 2006-09-22 03:01:00 139,264 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FATIBIE.EXE
+ 2006-09-14 00:00:00 20,480 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FAUDBIE.DLL
+ 2006-05-09 05:00:00 32,768 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FBA6BIE.DLL
+ 2006-04-27 04:11:00 167,936 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FBAPBIE.DLL
+ 2006-09-14 00:01:00 155,648 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FBCSBIE.EXE
+ 2006-07-25 05:01:00 33,792 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FBL6BIE.DLL
+ 2006-04-26 00:00:00 36,864 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FBSRBIE.EXE
+ 2006-09-13 03:00:00 450,048 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FCONBIE.DLL
+ 2006-09-26 04:00:00 65,024 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FDSPBIE.DLL
+ 2007-04-10 05:00:00 71,680 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FDSPCAE.DLL
+ 2006-09-21 02:04:00 18,432 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FGRCBIE.DLL
+ 2006-04-19 00:00:00 410,112 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FHBRBIE.DLL
+ 2006-02-10 03:20:00 326,144 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FHM0BIE.DLL
+ 2006-11-09 00:03:00 65,536 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FHSRBIE.DLL
+ 2005-11-30 03:20:00 212,992 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FHT0BIE.DLL
+ 2006-10-16 08:50:00 174,592 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FHUTBIE.DLL
+ 2006-10-16 08:50:00 84,480 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FHUTBIE.EXE
+ 2006-10-25 03:00:00 349,184 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FJBCBIE.DLL
+ 2006-09-29 04:00:00 102,912 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FMAI1BIE.DLL
+ 2006-02-13 03:20:00 60,928 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FMW0BIE.DLL
+ 2005-04-18 17:10:02 258,114 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FOKABIE.DLL
+ 2006-09-06 03:00:00 196,608 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FPREBIE.EXE
+ 2006-10-12 03:00:00 626,688 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FPRUBIE.DLL
+ 2006-05-30 03:20:00 1,630,720 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FSR0BIE.DLL
+ 2006-02-14 03:01:00 456,192 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FUI1BIE.DLL
+ 2006-10-10 05:00:00 883,200 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FUIC1BIE.DLL
+ 2006-11-06 03:03:00 223,232 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_FUIRBIE.DLL
+ 2006-04-18 03:00:00 102,400 ----a-w c:\windows\system32\spool\drivers\w32x86\3\E_S30RP1.EXE
+ 2006-04-27 04:11:00 167,936 ----a-w c:\windows\system32\spool\drivers\w32x86\3\EBAPI4.DLL
+ 2006-04-19 05:00:00 34,304 ----a-w c:\windows\system32\spool\drivers\w32x86\3\EBPBIDI.DLL
+ 2006-11-21 01:16:00 114,688 ----a-w c:\windows\system32\spool\drivers\w32x86\3\EPSET32.DLL
+ 2005-04-05 23:01:00 6,400 ----a-w c:\windows\system32\spool\drivers\w32x86\3\EPUPDATE.DAT
+ 2006-09-08 05:18:00 723,144 ----a-w c:\windows\system32\spool\drivers\w32x86\3\EPUPDATE.EXE
+ 2006-09-22 03:01:00 585,728 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FABRBIE.DLL
+ 2006-09-25 04:01:00 2,898 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FAIFBIE.DAT
+ 2006-09-22 00:10:00 120,320 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FAIRBIE.DLL
+ 2006-09-25 03:06:00 253,952 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FAMDBIE.EXE
+ 2006-03-20 03:01:00 151,552 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FAMTBIE.EXE
+ 2006-11-01 03:02:00 585,728 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FAPRBIE.DLL
+ 2006-03-20 03:02:00 118,784 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FARNBIE.EXE
+ 2006-09-05 02:05:00 126,976 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FASKBIE.DLL
+ 2006-11-14 03:03:00 107,520 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FASRBIE.DLL
+ 2006-09-22 03:01:00 139,264 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FATIBIE.EXE
+ 2006-09-14 00:00:00 20,480 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FAUDBIE.DLL
+ 2006-05-09 05:00:00 32,768 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FBA6BIE.DLL
+ 2006-04-27 04:11:00 167,936 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FBAPBIE.DLL
+ 2006-09-14 00:01:00 155,648 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FBCSBIE.EXE
+ 2006-07-25 05:01:00 33,792 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FBL6BIE.DLL
+ 2006-04-26 00:00:00 36,864 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FBSRBIE.EXE
+ 2006-09-13 03:00:00 450,048 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FCONBIE.DLL
+ 2006-09-26 04:00:00 65,024 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FDSPBIE.DLL
+ 2006-09-21 02:04:00 18,432 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FGRCBIE.DLL
+ 2006-04-19 00:00:00 410,112 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FHBRBIE.DLL
+ 2006-02-10 03:20:00 326,144 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FHM0BIE.DLL
+ 2006-11-09 00:03:00 65,536 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FHSRBIE.DLL
+ 2005-11-30 03:20:00 212,992 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FHT0BIE.DLL
+ 2006-10-16 08:50:00 174,592 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FHUTBIE.DLL
+ 2006-10-16 08:50:00 84,480 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FHUTBIE.EXE
+ 2006-10-25 03:00:00 349,184 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FJBCBIE.DLL
+ 2006-09-29 04:00:00 102,912 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FMAI1BIE.DLL
+ 2006-02-13 03:20:00 60,928 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FMW0BIE.DLL
+ 2005-04-18 17:10:02 258,114 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FOKABIE.DLL
+ 2006-09-06 03:00:00 196,608 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FPREBIE.EXE
+ 2006-10-12 03:00:00 626,688 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FPRUBIE.DLL
+ 2006-05-30 03:20:00 1,630,720 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FSR0BIE.DLL
+ 2006-02-14 03:01:00 456,192 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FUI1BIE.DLL
+ 2006-10-10 05:00:00 883,200 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FUIC1BIE.DLL
+ 2006-11-06 03:03:00 223,232 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_FUIRBIE.DLL
+ 2006-04-18 03:00:00 102,400 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\E_S30RP1.EXE
+ 2006-04-27 04:11:00 167,936 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\EBAPI4.DLL
+ 2006-04-19 05:00:00 34,304 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\EBPBIDI.DLL
+ 2006-11-21 01:16:00 114,688 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\EPSET32.DLL
+ 2005-04-05 23:01:00 6,400 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\EPUPDATE.DAT
+ 2006-09-08 05:18:00 723,144 ----a-w c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx60003b3f\EPUPDATE.EXE
+ 2005-04-06 00:01:00 6,400 ----a-w c:\windows\system32\spool\drivers\w32x86\EPUPDATE.DAT
+ 2006-11-01 06:18:00 723,128 ----a-w c:\windows\system32\spool\drivers\w32x86\EPUPDATE.EXE
+ 2007-12-14 15:19:56 110,592 ------w c:\windows\system32\tg_dump.dll
+ 2007-12-14 15:19:56 110,592 ------w c:\windows\system32\TG_DUMP0708.DLL
+ 2007-12-14 15:19:58 258,352 ------w c:\windows\system32\unicows.dll
+ 2001-08-28 12:00:00 2,176 ----a-w c:\windows\system32\vga.drv
+ 2007-12-14 15:19:56 188,416 ------w c:\windows\system32\vorbis.dll
+ 2007-12-14 15:19:58 921,600 ------w c:\windows\system32\vorbisenc.dll
+ 2001-08-28 12:00:00 2,864 ----a-w c:\windows\system32\winsock.dll
+ 2001-08-28 12:00:00 2,112 ----a-w c:\windows\system32\winspool.exe
+ 2001-08-28 12:00:00 2,736 ----a-w c:\windows\system32\wowdeb.exe
- 2007-07-30 17:19:36 549,720 ----a-w c:\windows\system32\wuapi.dll
+ 2008-10-16 13:12:20 561,688 ----a-w c:\windows\system32\wuapi.dll
- 2007-07-30 17:19:16 53,080 ----a-w c:\windows\system32\wuauclt.exe
+ 2008-10-16 13:09:44 51,224 ----a-w c:\windows\system32\wuauclt.exe
- 2007-07-30 17:19:42 1,712,984 ----a-w c:\windows\system32\wuaueng.dll
+ 2008-10-16 13:13:40 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
- 2007-07-30 17:19:32 325,976 ----a-w c:\windows\system32\wucltui.dll
+ 2008-10-16 13:12:22 323,608 ----a-w c:\windows\system32\wucltui.dll
- 2007-07-30 17:18:40 33,624 ----a-w c:\windows\system32\wups.dll
+ 2008-10-16 13:08:58 34,328 ----a-w c:\windows\system32\wups.dll
- 2007-07-30 17:19:12 43,352 ----a-w c:\windows\system32\wups2.dll
+ 2008-10-16 13:09:44 43,544 ----a-w c:\windows\system32\wups2.dll
- 2007-07-30 17:19:46 203,096 ----a-w c:\windows\system32\wuweb.dll
+ 2008-10-16 13:13:40 202,776 ----a-w c:\windows\system32\wuweb.dll
+ 2009-01-10 11:52:33 16,384 ----atw c:\windows\TEMP\Perflib_Perfdata_564.dat
+ 2009-01-10 11:52:46 16,384 ----atw c:\windows\TEMP\Perflib_Perfdata_80.dat
+ 2004-07-02 15:02:56 409,600 ----a-w c:\windows\twain_32\escndv\encm.dll
+ 2004-07-02 15:02:56 180,224 ----a-w c:\windows\twain_32\escndv\encmutil.dll
+ 2004-07-02 15:02:56 184,320 ----a-w c:\windows\twain_32\escndv\enll.dll
+ 2004-07-02 15:02:56 167,936 ----a-w c:\windows\twain_32\escndv\enludp.dll
+ 1999-12-07 01:03:00 73,216 ----a-w c:\windows\twain_32\escndv\es006c\ade.dll
+ 1999-04-26 23:17:00 3,136 ----a-w c:\windows\twain_32\escndv\es006c\ade001.bin
+ 2004-07-02 15:02:56 409,600 ----a-w c:\windows\twain_32\escndv\es006c\encm.dll
+ 2004-07-02 15:02:56 180,224 ----a-w c:\windows\twain_32\escndv\es006c\encmutil.dll
+ 2004-07-02 15:02:56 184,320 ----a-w c:\windows\twain_32\escndv\es006c\enll.dll
+ 2004-07-02 15:02:56 167,936 ----a-w c:\windows\twain_32\escndv\es006c\enludp.dll
+ 2006-02-21 23:00:00 188,416 ----a-w c:\windows\twain_32\escndv\es006c\esdevcl.dll
+ 2006-02-21 23:00:00 131,072 ----a-w c:\windows\twain_32\escndv\es006c\esdevif.dll
+ 2005-12-15 23:00:00 49,152 ----a-w c:\windows\twain_32\escndv\es006c\esdscl.dll
+ 2006-10-15 23:00:00 425,984 ----a-w c:\windows\twain_32\escndv\es006c\esdtr.dll
+ 2006-08-29 23:00:00 94,208 ----a-w c:\windows\twain_32\escndv\es006c\esdtr2.dll
+ 2005-09-26 23:00:00 163,840 ----a-w c:\windows\twain_32\escndv\es006c\esfit.dll
+ 2005-09-26 23:00:00 53,248 ----a-w c:\windows\twain_32\escndv\es006c\esicm.dll
+ 2006-07-04 23:00:00 561,152 ----a-w c:\windows\twain_32\escndv\es006c\esimfl.dll
+ 2006-01-22 23:00:00 229,376 ----a-w c:\windows\twain_32\escndv\es006c\esimgctl.dll
+ 2006-07-31 23:00:00 1,658,880 ----a-w c:\windows\twain_32\escndv\es006c\esimgdet.dll
+ 2005-12-15 23:00:00 348,261 ----a-w c:\windows\twain_32\escndv\es006c\esmps.dll
+ 2005-12-15 23:00:00 561,272 ----a-w c:\windows\twain_32\escndv\es006c\esmpsres.dll
+ 2005-04-24 23:00:00 126,976 ----a-w c:\windows\twain_32\escndv\es006c\esnetbg.dll
+ 2006-02-13 23:00:00 3,559,424 ----a-w c:\windows\twain_32\escndv\es006c\esres.dll
+ 2006-02-06 23:00:00 323,584 ----a-w c:\windows\twain_32\escndv\es006c\esscncl.dll
+ 2005-12-15 23:00:00 40,960 ----a-w c:\windows\twain_32\escndv\es006c\estwm.exe
+ 2006-02-20 23:00:00 241,664 ----a-w c:\windows\twain_32\escndv\es006c\estwpmg.dll
+ 2006-02-13 23:00:00 663,552 ----a-w c:\windows\twain_32\escndv\es006c\esui.dll
+ 2005-12-15 23:00:00 122,880 ----a-w c:\windows\twain_32\escndv\es006c\esutwb.dll
+ 2005-12-15 23:00:00 73,728 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\epbmp.dll
+ 2005-12-15 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\epbmpres.dll
+ 2006-02-14 23:00:00 98,304 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\epipd.dll
+ 2005-12-15 23:00:00 147,456 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\epjpg.dll
+ 2005-12-15 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\epjpgres.dll
+ 2005-12-15 23:00:00 90,112 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\epmtf.dll
+ 2005-12-15 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\epmtfres.dll
+ 2006-02-14 23:00:00 102,400 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\eppdf.dll
+ 2006-01-22 23:00:00 49,152 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\eppdfres.dll
+ 2005-12-15 23:00:00 86,016 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\eppij.dll
+ 2005-12-15 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\eppijres.dll
+ 2005-12-15 23:00:00 81,920 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\eppit.dll
+ 2005-12-15 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\eppitres.dll
+ 2005-12-15 23:00:00 90,112 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\eptif.dll
+ 2005-12-15 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\eptifres.dll
+ 2005-08-28 23:00:00 143,360 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\esexf.dll
+ 2005-08-28 23:00:00 98,304 ----a-w c:\windows\twain_32\escndv\es006c\ffmt\espimtif.dll
+ 1999-12-07 01:03:00 73,216 ----a-w c:\windows\twain_32\escndv\es007e\ade.dll
+ 1999-04-26 23:17:00 3,136 ----a-w c:\windows\twain_32\escndv\es007e\ade001.bin
+ 2006-03-09 23:00:00 77,824 ----a-w c:\windows\twain_32\escndv\es007e\esddc.dll
+ 2006-10-23 23:00:00 188,416 ----a-w c:\windows\twain_32\escndv\es007e\esdevcl.dll
+ 2006-10-23 23:00:00 131,072 ----a-w c:\windows\twain_32\escndv\es007e\esdevif.dll
+ 2006-03-07 23:00:00 49,152 ----a-w c:\windows\twain_32\escndv\es007e\esdscl.dll
+ 2006-12-11 23:00:00 425,984 ----a-w c:\windows\twain_32\escndv\es007e\esdtr.dll
+ 2006-08-29 23:00:00 94,208 ----a-w c:\windows\twain_32\escndv\es007e\esdtr2.dll
+ 2006-03-05 23:00:00 172,032 ----a-w c:\windows\twain_32\escndv\es007e\esfit.dll
+ 2005-09-26 23:00:00 53,248 ----a-w c:\windows\twain_32\escndv\es007e\esicm.dll
+ 2006-07-04 23:00:00 561,152 ----a-w c:\windows\twain_32\escndv\es007e\esimfl.dll
+ 2006-10-23 23:00:00 229,376 ----a-w c:\windows\twain_32\escndv\es007e\esimgctl.dll
+ 2006-07-31 23:00:00 1,658,880 ----a-w c:\windows\twain_32\escndv\es007e\esimgdet.dll
+ 2006-10-23 23:00:00 348,267 ----a-w c:\windows\twain_32\escndv\es007e\esmps.dll
+ 2006-12-12 23:00:00 327,680 ----a-w c:\windows\twain_32\escndv\es007e\esscncl.dll
+ 2006-03-07 23:00:00 40,960 ----a-w c:\windows\twain_32\escndv\es007e\estwm.exe
+ 2006-10-23 23:00:00 249,856 ----a-w c:\windows\twain_32\escndv\es007e\estwpmg.dll
+ 2006-12-12 23:00:00 675,840 ----a-w c:\windows\twain_32\escndv\es007e\esui.dll
+ 2006-03-07 23:00:00 126,976 ----a-w c:\windows\twain_32\escndv\es007e\esutwb.dll
+ 2006-05-25 23:00:00 73,728 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\epbmp.dll
+ 2006-02-14 23:00:00 98,304 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\epipd.dll
+ 2006-06-22 23:00:00 151,552 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\epjpg.dll
+ 2006-10-23 23:00:00 94,208 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\epmtf.dll
+ 2006-10-23 23:00:00 102,400 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\eppdf.dll
+ 2006-05-25 23:00:00 86,016 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\eppij.dll
+ 2006-05-25 23:00:00 86,016 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\eppit.dll
+ 2006-06-22 23:00:00 94,208 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\eptif.dll
+ 2005-08-28 23:00:00 143,360 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\esexf.dll
+ 2005-08-28 23:00:00 98,304 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\espimtif.dll
+ 2006-03-07 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\local\epbmpres.dll
+ 2006-03-07 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\local\epjpgres.dll
+ 2006-03-07 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\local\epmtfres.dll
+ 2006-04-16 23:00:00 49,152 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\local\eppdfres.dll
+ 2006-03-07 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\local\eppijres.dll
+ 2006-03-07 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\local\eppitres.dll
+ 2006-03-07 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\es007e\ffmt\local\eptifres.dll
+ 2006-03-07 23:00:00 561,272 ----a-w c:\windows\twain_32\escndv\es007e\local\esmpsres.dll
+ 2006-04-16 23:00:00 3,563,520 ----a-w c:\windows\twain_32\escndv\es007e\local\esres.dll
+ 2006-10-03 23:00:00 182,424 ----a-w c:\windows\twain_32\escndv\escfg.exe
+ 2005-09-19 23:00:00 77,824 ----a-w c:\windows\twain_32\escndv\escfgres.dll
+ 2005-12-15 23:00:00 118,784 ----a-w c:\windows\twain_32\escndv\escndv.exe
+ 2005-12-15 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\escndvrs.dll
+ 2005-04-24 23:00:00 126,976 ----a-w c:\windows\twain_32\escndv\esnetbg.dll
+ 2006-03-07 23:00:00 40,960 ----a-w c:\windows\twain_32\escndv\estwm.exe
+ 2006-03-07 23:00:00 45,056 ----a-w c:\windows\twain_32\escndv\local\escndvrs.dll
+ 2000-08-31 07:00:00 49,152 ----a-w c:\windows\VFIND.exe
+ 2000-08-31 07:00:00 68,096 ----a-w c:\windows\zip.exe
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\ctfmon.exe" [2001-08-28 13312]
"WOOKIT"="c:\progra~1\Wanadoo\Shell.exe" [2004-08-23 122880]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-18 68856]
"msnmsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2002-08-20 1511453]
"AdobeUpdater"="c:\program files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe" [2007-03-01 2321600]
"EPSON Stylus DX6000 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE" [2006-09-22 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WOOWATCH"="c:\progra~1\Wanadoo\Watch.exe" [2004-08-23 20480]
"WOOTASKBARICON"="c:\progra~1\Wanadoo\GestMaj.exe" [2004-10-14 32768]
"igfxtray"="c:\windows\System32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\System32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\System32\igfxpers.exe" [2005-09-20 114688]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-09-21 286720]
"!AVG Anti-Spyware"="c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312]
"SMSTray"="c:\program files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-12-14 132624]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-02 136600]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2001-08-28 13312]
c:\documents and settings\dipietro\Menu D‚marrer\Programmes\D‚marrage\
Lotus Notes.LNK - c:\lotus\Notes\notes.exe [2003-07-23 176128]
c:\documents and settings\duciel\Menu D‚marrer\Programmes\D‚marrage\
Lotus Notes.LNK - c:\lotus\Notes\notes.exe [2003-07-23 176128]
c:\documents and settings\lagache\Menu D‚marrer\Programmes\D‚marrage\
Lotus Notes.LNK - c:\lotus\Notes\notes.exe [2003-07-23 176128]
c:\documents and settings\moriniere\Menu D‚marrer\Programmes\D‚marrage\
Lotus Notes.LNK - c:\lotus\Notes\notes.exe [2003-07-23 176128]
c:\documents and settings\ouret\Menu D‚marrer\Programmes\D‚marrage\
Lotus Notes.LNK - c:\lotus\Notes\notes.exe [2003-07-23 176128]
c:\documents and settings\Bessin\Menu D‚marrer\Programmes\D‚marrage\
Lotus Notes.LNK - c:\lotus\Notes\notes.exe [2003-07-23 176128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Nsw61.sys]
@="Driver"
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-03-31 111184]
S0 Nsw61;Nsw61;c:\windows\System32\Drivers\Nsw61.sys --> c:\windows\System32\Drivers\Nsw61.sys [?]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{83D4S7QA-045E-5307-DFC9-5BF14604275F}]
c:\windows\system32\dllcache\windupd.exe /install
.
Contenu du dossier 'Tâches planifiées'
2009-01-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 13:57]
.
- - - - ORPHELINS SUPPRIMES - - - -
BHO-{60999BAD-E329-4923-82B4-9E78753E3816} - c:\windows\System32\confms.dll
HKU-Default-Run-ntfyapp - c:\windows\ntfyapp.exe
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.orange.fr/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
O16 -: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
c:\windows\Downloaded Program Files\DirectAnimation Java Classes.osd
O16 -: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
FF - ProfilePath - c:\documents and settings\Administrateur.POLICHE-ITEY6KZ\Application Data\Mozilla\Firefox\Profiles\rmz4q2be.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-10 12:53:48
Windows 5.1.2600 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(672)
c:\windows\system32\ODBC32.dll
- - - - - - - > 'lsass.exe'(728)
c:\windows\System32\dssenh.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashDisp.exe
c:\progra~1\Wanadoo\TaskBarIcon.exe
.
**************************************************************************
.
Heure de fin: 2009-01-10 12:59:25 - La machine a redémarré [Administrateur]
ComboFix-quarantined-files.txt 2009-01-10 11:58:07
ComboFix2.txt 2008-03-08 12:25:02
Avant-CF: 5 774 152 704 octets libres
Après-CF: 9,671,003,136 octets libres
WinXP_FR_PRO_BF.EXE
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect
multi(0)disk(0)rdisk(0)partition(2)\WINNT="Microsoft Windows 2000 Professionnel" /fastdetect
515 --- E O F --- 2007-09-06 22:11:31
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
10 janv. 2009 à 13:30
10 janv. 2009 à 13:30
Bonjour,
relance hijackthis en cliquant sur scan only et coches ces lignes stp :
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
puis tu cliques sur fix checked.
ensuite :
▶ Télécharge RegCleaner
▶ Une fois installé, double-clique sur son icône pour l'exécuter
▶ Dans la barre de menu, clique sur Options puis sélectionne Language => Select language
▶ recherche French.rlg et double-clique dessus pour appliquer la langue
▶ Clique ensuite sur Outils dans la barre de menu
▶ Sélectionne Nettoyage du registre => Nettoyeur de registre automatique
▶ RegCleaner va alors lancer le nettoyage automatiquement
▶ Coche ensuite les entrées invalides qui sont apparues dans la fenêtre et clique sur Supprimer sélections => Terminer => Quitter
ensuite :
▶ Télécharge JavaRa.zip
▶ Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
▶ Double-clique sur le répertoire JavaRa obtenu.
▶ Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)
▶ Clique sur Search For Updates.
▶ Sélectionne Update Using jucheck.exe puis clique sur Search.
▶ Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
▶ Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
▶ Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
▶ Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
* Note : le rapport se trouve aussi là : ( C:\JavaRa.log )
▶ Ferme l'application et dis moi si tu as encore des problèmes.
relance hijackthis en cliquant sur scan only et coches ces lignes stp :
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
puis tu cliques sur fix checked.
ensuite :
▶ Télécharge RegCleaner
▶ Une fois installé, double-clique sur son icône pour l'exécuter
▶ Dans la barre de menu, clique sur Options puis sélectionne Language => Select language
▶ recherche French.rlg et double-clique dessus pour appliquer la langue
▶ Clique ensuite sur Outils dans la barre de menu
▶ Sélectionne Nettoyage du registre => Nettoyeur de registre automatique
▶ RegCleaner va alors lancer le nettoyage automatiquement
▶ Coche ensuite les entrées invalides qui sont apparues dans la fenêtre et clique sur Supprimer sélections => Terminer => Quitter
ensuite :
▶ Télécharge JavaRa.zip
▶ Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
▶ Double-clique sur le répertoire JavaRa obtenu.
▶ Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)
▶ Clique sur Search For Updates.
▶ Sélectionne Update Using jucheck.exe puis clique sur Search.
▶ Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
▶ Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
▶ Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
▶ Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
* Note : le rapport se trouve aussi là : ( C:\JavaRa.log )
▶ Ferme l'application et dis moi si tu as encore des problèmes.
merci tout d'abord pour m'avoir aider jusqu'ici car c'est pas mal long
voila le rapport que j'ai obtenu
JavaRa 1.12 Removal Log.
Report follows after line.
------------------------------------
The JavaRa removal process was started on Sat Jan 10 15:12:33 2009
JavaRa 1.12 Removal Log.
Report follows after line.
------------------------------------
The JavaRa removal process was started on Sat Jan 10 15:12:58 2009
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}
voila le rapport que j'ai obtenu
JavaRa 1.12 Removal Log.
Report follows after line.
------------------------------------
The JavaRa removal process was started on Sat Jan 10 15:12:33 2009
JavaRa 1.12 Removal Log.
Report follows after line.
------------------------------------
The JavaRa removal process was started on Sat Jan 10 15:12:58 2009
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
10 janv. 2009 à 15:19
10 janv. 2009 à 15:19
Mais de rien... Est ce que tu as encore des problèmes ??
pour l'instant je constate pas de problème.
j'ai l'impression que mon pc fonctionne bien déjà mieux qu'avant
si j'ai les problèmes qui réa paraissent je posterai à nouveau un commentaire sur le forum
sinon je fermerait la discution
en tout cas merci encore pour cette aide!!!
j'ai l'impression que mon pc fonctionne bien déjà mieux qu'avant
si j'ai les problèmes qui réa paraissent je posterai à nouveau un commentaire sur le forum
sinon je fermerait la discution
en tout cas merci encore pour cette aide!!!
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
10 janv. 2009 à 15:25
10 janv. 2009 à 15:25
Ok... Tu peux faire ceci pour terminer stp :
Pour supprimer toutes les traces des logiciels qui ont servi à traiter les infections spécifiques :
▶ Télécharge Toolscleaner sur ton Bureau
▶ Double-clique sur ToolsCleaner2.exe et laisse le travailler
▶ Clique sur Recherche et laisse le scan se terminer.
▶ Clique sur Suppression pour finaliser.
▶ Tu peux, si tu le souhaites, te servir des Options facultatives.
▶ Clique sur Quitter, pour que le rapport puisse se créer.
▶ Le rapport (TCleaner.txt) se trouve à la racine de votre disque dur (C:\)...colle le dans ta réponse
Désactive et réactive la Restauration du système :
Le fait de faire cette manipulation va supprimer tous les virus qui auraient pu se loger dans les
points de restauration que tu avais créé auparavant.. Il est donc recommandé de la faire :
1 Dans la barre des tâches de Windows, clique sur Démarrer.
2 Clique avec le bouton droit de la souris sur Poste de travail puis clique sur Propriétés.
3 Dans l'onglet Restauration du système, coche "Désactiver la Restauration du système"
4 Clique sur Appliquer.
5 Ensuite décoche "Désactiver la restauration du systeme"
6 clique sur appliquer puis ok
7 vas créer un point de restauration en cliquant sur démarrer => tous les programmes => accessoires =>
outils systeme => restauration du systeme => créer un point de restauration => tu mets un nom
(exemple : après désinfection sur CCM) puis tu valides.
pour XP : Voici un tutoriel en cas de problèmes.
IMPORTANT : lire les quelques liens pour la prévention et la sécurité de votre PC qui se trouvent en bas de la page !!
Pour supprimer toutes les traces des logiciels qui ont servi à traiter les infections spécifiques :
▶ Télécharge Toolscleaner sur ton Bureau
▶ Double-clique sur ToolsCleaner2.exe et laisse le travailler
▶ Clique sur Recherche et laisse le scan se terminer.
▶ Clique sur Suppression pour finaliser.
▶ Tu peux, si tu le souhaites, te servir des Options facultatives.
▶ Clique sur Quitter, pour que le rapport puisse se créer.
▶ Le rapport (TCleaner.txt) se trouve à la racine de votre disque dur (C:\)...colle le dans ta réponse
Désactive et réactive la Restauration du système :
Le fait de faire cette manipulation va supprimer tous les virus qui auraient pu se loger dans les
points de restauration que tu avais créé auparavant.. Il est donc recommandé de la faire :
1 Dans la barre des tâches de Windows, clique sur Démarrer.
2 Clique avec le bouton droit de la souris sur Poste de travail puis clique sur Propriétés.
3 Dans l'onglet Restauration du système, coche "Désactiver la Restauration du système"
4 Clique sur Appliquer.
5 Ensuite décoche "Désactiver la restauration du systeme"
6 clique sur appliquer puis ok
7 vas créer un point de restauration en cliquant sur démarrer => tous les programmes => accessoires =>
outils systeme => restauration du systeme => créer un point de restauration => tu mets un nom
(exemple : après désinfection sur CCM) puis tu valides.
pour XP : Voici un tutoriel en cas de problèmes.
IMPORTANT : lire les quelques liens pour la prévention et la sécurité de votre PC qui se trouvent en bas de la page !!
et voici le rapport hijakthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:10:26, on 10/01/2009
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [EPSON Stylus DX6000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\WINDOWS\TEMP\E_S1B5.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: FTRTSVC - Unknown owner - C:\WINDOWS\System32\FTRTSVC.exe (file missing)
O23 - Service: gusvc - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ImapiService - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: mnmsrvc - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe (file missing)
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: NetDDE - Unknown owner - C:\WINDOWS\system32\netdde.exe (file missing)
O23 - Service: NetDDEdsdm - Unknown owner - C:\WINDOWS\system32\netdde.exe (file missing)
O23 - Service: RDSessMgr - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Localisateur d'appels de procédure distante (RPC) (RpcLocator) - Unknown owner - C:\WINDOWS\System32\locator.exe (file missing)
O23 - Service: RSVP - Unknown owner - C:\WINDOWS\System32\rsvp.exe (file missing)
O23 - Service: Prise en charge des cartes à puces (SCardDrv) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe (file missing)
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe (file missing)
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe (file missing)
O23 - Service: Infrastructure de pilote-mode utilisateur Windows (UMWdf) - Unknown owner - C:\WINDOWS\System32\wdfmgr.exe (file missing)
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe (file missing)
O23 - Service: VSS - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:10:26, on 10/01/2009
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [EPSON Stylus DX6000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\WINDOWS\TEMP\E_S1B5.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: FTRTSVC - Unknown owner - C:\WINDOWS\System32\FTRTSVC.exe (file missing)
O23 - Service: gusvc - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ImapiService - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: mnmsrvc - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe (file missing)
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: NetDDE - Unknown owner - C:\WINDOWS\system32\netdde.exe (file missing)
O23 - Service: NetDDEdsdm - Unknown owner - C:\WINDOWS\system32\netdde.exe (file missing)
O23 - Service: RDSessMgr - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Localisateur d'appels de procédure distante (RPC) (RpcLocator) - Unknown owner - C:\WINDOWS\System32\locator.exe (file missing)
O23 - Service: RSVP - Unknown owner - C:\WINDOWS\System32\rsvp.exe (file missing)
O23 - Service: Prise en charge des cartes à puces (SCardDrv) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe (file missing)
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe (file missing)
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe (file missing)
O23 - Service: Infrastructure de pilote-mode utilisateur Windows (UMWdf) - Unknown owner - C:\WINDOWS\System32\wdfmgr.exe (file missing)
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe (file missing)
O23 - Service: VSS - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
5 janv. 2009 à 22:32
Scan saved at 22:32:24, on 05/01/2009
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Explorer.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\drivers\ntndis.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: (no name) - {60999BAD-E329-4923-82B4-9E78753E3816} - C:\WINDOWS\System32\confms.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [WindowsUpdateManager] C:\WINDOWS\System32\wupdmng.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Service Pack 1] C:\S87ekhV.exe
O4 - HKCU\..\Run: [WindowsUpdateManager] C:\WINDOWS\System32\wupdmng.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [EPSON Stylus DX6000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\WINDOWS\TEMP\E_S1B5.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O20 - Winlogon Notify: WinNt32 - WinNt32.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: FTRTSVC - Unknown owner - C:\WINDOWS\System32\FTRTSVC.exe (file missing)
O23 - Service: gusvc - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ImapiService - Unknown owner - C:\WINDOWS\System32\imapi.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: mnmsrvc - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe (file missing)
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: NetDDE - Unknown owner - C:\WINDOWS\system32\netdde.exe (file missing)
O23 - Service: NetDDEdsdm - Unknown owner - C:\WINDOWS\system32\netdde.exe (file missing)
O23 - Service: RDSessMgr - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Localisateur d'appels de procédure distante (RPC) (RpcLocator) - Unknown owner - C:\WINDOWS\System32\locator.exe (file missing)
O23 - Service: RSVP - Unknown owner - C:\WINDOWS\System32\rsvp.exe (file missing)
O23 - Service: Prise en charge des cartes à puces (SCardDrv) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe (file missing)
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe (file missing)
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe (file missing)
O23 - Service: Infrastructure de pilote-mode utilisateur Windows (UMWdf) - Unknown owner - C:\WINDOWS\System32\wdfmgr.exe (file missing)
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe (file missing)
O23 - Service: VSS - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: WmdmPmSp WmdmPmSpWebClient (WmdmPmSpWebClient) - Unknown owner - C:\WINDOWS\System32\admparsej.exe (file missing)
O23 - Service: WZCSVC WZCSVCSENS (WZCSVCSENS) - Unknown owner - C:\WINDOWS\System32\1028w.exe (file missing)