Icones ne fonctionne plus, plus de connection
chichi
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
Je viens de récuperer l'ordi da ma mere qui ne repond plus quand on veut ouvrir la messagerie, internet ou Money par exemple !! j'ai dejà fait ccleaner, spybot, sans succes ! de plus avast est desactivé automatiquement ainsi que le pare feu windows !
j'ai fais aussi le rapport combo fix que je vous donne aussi !
windows familiale xp
ComboFix 09-04-24.01 - irene 24/04/2009 14:12.1 - NTFSx86
Lancé depuis: E:\ComboFix.exe
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\irene\Application Data\Microsoft\SystemCertificates\Request
c:\windows\patch.exe
c:\windows\system\oeminfo.ini
c:\windows\system32\ahtn.htm
c:\windows\system32\drivers\ovfsth.sys
c:\windows\system32\ovfsthibphwheextapppboequmkjpqjxtawrqr.dat
c:\windows\system32\ovfsthrbewwjehjlssbynbxidismebjpcmodlb.dat
c:\windows\system32\win32hlp.cnf
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-24 au 2009-4-24 ))))))))))))))))))))))))))))))))))))
.
2009-04-24 09:27 . 2009-04-24 09:27 -------- dc-h--w c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-04-16 07:02 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-16 07:02 . 2009-03-06 14:20 286720 -c----w c:\windows\system32\dllcache\pdh.dll
2009-04-16 07:02 . 2009-02-09 11:23 111104 -c----w c:\windows\system32\dllcache\services.exe
2009-04-16 07:02 . 2009-02-09 10:53 473600 -c----w c:\windows\system32\dllcache\fastprox.dll
2009-04-16 07:02 . 2009-02-09 10:53 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
2009-04-16 07:02 . 2009-02-09 10:53 735744 -c----w c:\windows\system32\dllcache\lsasrv.dll
2009-04-16 07:02 . 2009-02-09 10:53 739840 -c----w c:\windows\system32\dllcache\ntdll.dll
2009-04-16 07:02 . 2009-02-09 10:53 685568 -c----w c:\windows\system32\dllcache\advapi32.dll
2009-04-16 07:02 . 2009-02-09 10:53 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-16 07:00 . 2008-12-16 12:31 354304 -c----w c:\windows\system32\dllcache\winhttp.dll
2009-04-16 07:00 . 2008-04-21 21:15 219136 -c----w c:\windows\system32\dllcache\wordpad.exe
2009-04-13 09:12 . 2009-04-13 09:14 -------- d-----w c:\windows\SxsCaPendDel
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-24 11:19 . 2006-02-27 09:59 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-24 10:27 . 2009-04-24 10:27 -------- d-----w c:\program files\Lavasoft
2009-04-23 16:43 . 2006-11-01 07:38 -------- d-----w c:\program files\eChanblard
2009-04-23 10:37 . 2006-02-27 09:59 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-04-22 08:16 . 2007-02-22 11:40 -------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-04-16 12:52 . 2005-02-16 11:03 78752 ----a-w c:\windows\system32\perfc00C.dat
2009-04-16 12:52 . 2005-02-16 11:03 477522 ----a-w c:\windows\system32\perfh00C.dat
2009-04-13 09:12 . 2008-08-16 08:11 -------- d-----w c:\program files\Windows Live
2009-04-09 19:40 . 2006-03-20 15:13 -------- d-----w c:\documents and settings\irene\Application Data\AdobeUM
2009-03-23 18:26 . 2006-01-27 20:54 -------- d--h--w c:\program files\InstallShield Installation Information
2009-03-23 18:26 . 2009-03-23 18:26 -------- d-----w c:\documents and settings\irene\Application Data\InstallShield
2009-03-23 18:26 . 2006-12-12 13:28 -------- d-----w c:\program files\UBISOFT
2009-03-20 17:05 . 2009-03-20 17:05 -------- d-----w c:\program files\CCleaner
2009-03-19 09:47 . 2009-03-18 16:14 -------- d-----w c:\program files\Microsoft Silverlight
2009-03-18 16:15 . 2006-02-01 16:23 25168 -c--a-w c:\documents and settings\irene\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-03-18 16:14 . 2009-03-18 16:11 -------- d-----w c:\program files\Microsoft
2009-03-18 16:10 . 2009-03-18 16:10 -------- d-----w c:\program files\Windows Live SkyDrive
2009-03-13 08:50 . 2009-03-13 08:50 -------- d-----w c:\program files\Fichiers communs\Windows Live
2009-03-06 14:20 . 2004-08-05 12:00 286720 ----a-w c:\windows\system32\pdh.dll
2009-03-03 00:13 . 2004-08-05 12:00 826368 ----a-w c:\windows\system32\wininet.dll
2009-02-26 11:53 . 2009-02-26 11:53 -------- d-----w c:\documents and settings\All Users\Application Data\IM
2009-02-26 11:52 . 2006-03-13 20:16 -------- d-----w c:\program files\IncrediMail
2009-02-26 11:51 . 2009-02-26 11:51 -------- d-----w c:\documents and settings\All Users\Application Data\IncrediMail
2009-02-20 17:10 . 2004-08-05 12:00 78336 ----a-w c:\windows\system32\ieencode.dll
2009-02-10 17:06 . 2004-08-04 00:48 2068096 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-09 14:05 . 2004-08-05 12:00 1846912 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:24 . 2004-08-05 12:00 2191104 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-09 11:23 . 2004-08-05 12:00 111104 ----a-w c:\windows\system32\services.exe
2009-02-09 10:53 . 2004-08-05 12:00 735744 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 10:53 . 2004-08-05 12:00 739840 ----a-w c:\windows\system32\ntdll.dll
2009-02-09 10:53 . 2004-08-05 12:00 685568 ----a-w c:\windows\system32\advapi32.dll
2009-02-09 10:53 . 2004-08-05 12:00 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-06 17:52 . 2009-02-06 17:52 49504 ----a-w c:\windows\system32\sirenacm.dll
2009-02-06 10:39 . 2004-08-05 12:00 35328 ----a-w c:\windows\system32\sc.exe
2009-02-03 19:58 . 2004-08-05 12:00 56832 ----a-w c:\windows\system32\secur32.dll
2008-10-30 13:17 . 2006-03-07 16:22 24584 -c--a-w c:\documents and settings\irene\Application Data\GDIPFONTCACHEV1.DAT
2006-11-03 09:13 . 2006-11-03 09:04 24584 -c--a-w c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2006-04-03 19:14 . 2006-04-03 19:12 20 -c-h--w c:\documents and settings\All Users\Application Data\PKP_DLec.DAT
2006-02-01 16:23 . 2006-02-01 16:23 128 -c--a-w c:\documents and settings\irene\Local Settings\Application Data\fusioncache.dat
2006-01-27 21:06 . 2006-11-03 09:04 135 -c--a-w c:\documents and settings\Administrateur\Local Settings\Application Data\fusioncache.dat
2008-08-28 11:21 . 2008-08-28 11:21 32768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008082820080829\index.dat
.
------- Sigcheck -------
[-] 2004-08-05 12:00 14336 1BD6C2F707A275CB7C16FD99FE0F31CA c:\windows\$NtServicePackUninstall$\svchost.exe
[-] 2008-04-14 02:34 14336 E4BDF223CD75478BF44567B4D5C2634D c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2004-08-05 12:00 14336 1BD6C2F707A275CB7C16FD99FE0F31CA c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\svchost.exe
[-] 2008-04-14 02:34 14336 E4BDF223CD75478BF44567B4D5C2634D c:\windows\system32\svchost.exe
[-] 2005-03-02 18:20 578048 C34920EB988CE98910BD6B0417F334EB c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2007-03-08 15:50 579072 4D88AAF39ADABFE45958EA1384E2C4FF c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 15:37 578560 753354F594809A9B96F73999B435A533 c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2008-04-14 02:33 579584 E853F84D3CE2FAA2A802E33CF89AC023 c:\windows\ServicePackFiles\i386\user32.dll
[-] 2005-03-02 18:10 578048 0DF75FB73F705B011630159A43D7C354 c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\user32.dll
[-] 2008-04-14 02:33 579584 E853F84D3CE2FAA2A802E33CF89AC023 c:\windows\system32\user32.dll
[-] 2004-08-05 12:00 82944 BC41F51A39D3B255805FDB759B7814AE c:\windows\$NtServicePackUninstall$\ws2_32.dll
[-] 2008-04-14 02:33 82432 FB836F9E62D82904C983AD21296A5D9C c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 02:33 82432 FB836F9E62D82904C983AD21296A5D9C c:\windows\system32\ws2_32.dll
[-] 2005-01-27 17:12 662016 66A10B98F18FD804236AB2D90301DE04 c:\windows\$hf_mig$\KB867282\SP2QFE\wininet.dll
[-] 2005-09-03 00:08 664576 031CA1310E4CB23E5A4F747D763D0B49 c:\windows\$hf_mig$\KB896688\SP2QFE\wininet.dll
[-] 2005-10-21 03:39 665600 D327378CEEF9A141C7352691FC30A0DA c:\windows\$hf_mig$\KB905915\SP2QFE\wininet.dll
[-] 2007-03-23 09:29 823296 375B58A68A016546535A84060092325C c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\wininet.dll
[-] 2007-04-25 08:26 823808 47DDAD237F60729DEA2B9E0E2382B58F c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\wininet.dll
[-] 2007-06-27 14:14 824320 7201D19B81883B57D5FFE8EBB5A83E8B c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\wininet.dll
[-] 2007-08-20 09:49 825344 2DD1B0F579C80562EDCB8848FF7EA9F6 c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll
[-] 2007-10-10 23:22 825344 871AE10D6AE8877E9636AE5017953D52 c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
[-] 2007-12-07 01:42 825344 F4FD487241D3AC291046A22CEBD2CF71 c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
[-] 2008-03-01 12:34 827392 5A0093F59B505C008ED0CEE615563C72 c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
[-] 2008-04-23 07:19 827392 78D3D2B0BE6AD3E6D82CCB115CF74310 c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
[-] 2008-06-23 15:40 827904 52589BAE67DD9859724287372668690B c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
[-] 2008-08-26 09:10 827904 4B0E70D44297877A313045BD059770E1 c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
[-] 2008-10-16 19:33 827904 37D1A1BFE3D9904F2C3D11592456F9C0 c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
[-] 2008-12-20 23:47 827904 4E192082A5FCE9EF19198A24CDEA3442 c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[-] 2009-03-03 00:15 828416 39F71B559A97ED722F939A0EA7235323 c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
[-] 2006-09-14 08:38 668672 B8B6F05885A6F42724E8D6BFEDE6BD3F c:\windows\ie7\wininet.dll
[-] 2006-11-07 20:03 818688 92995334F993E6E49C25C6D02EC04401 c:\windows\ie7updates\KB928090-IE7\wininet.dll
[-] 2007-01-12 08:27 822784 BE43D00D802C92F01C8CC952C6F483F8 c:\windows\ie7updates\KB931768-IE7\wininet.dll
[-] 2007-02-27 13:26 822784 75DE73E328E300CAED5965FAEA2F5D3F c:\windows\ie7updates\KB933566-IE7\wininet.dll
[-] 2007-04-25 07:40 822784 2C138AB59E2FFA06E8952AE656E443C5 c:\windows\ie7updates\KB937143-IE7\wininet.dll
[-] 2007-06-27 13:24 823808 2274862267D7445E7010D9AF826E89C3 c:\windows\ie7updates\KB939653-IE7\wininet.dll
[-] 2007-08-20 09:59 824832 F6DFCEED3A7AA4C9EEB966D3F1ADC70A c:\windows\ie7updates\KB942615-IE7\wininet.dll
[-] 2007-10-10 23:49 824832 BC5119C53BDD48DABC628D448A3BDCCB c:\windows\ie7updates\KB944533-IE7\wininet.dll
[-] 2007-12-07 02:08 824832 4FC90BECE54FAC81B0090B94E27BFB6B c:\windows\ie7updates\KB947864-IE7\wininet.dll
[-] 2008-03-01 12:58 826368 8E027981DDFFA690D456FE18B37415A0 c:\windows\ie7updates\KB950759-IE7\wininet.dll
[-] 2008-04-23 04:16 826368 02D6AABD5F5A32C61478B5CDFE50E4A8 c:\windows\ie7updates\KB953838-IE7\wininet.dll
[-] 2008-06-23 16:28 826368 AC0BD61DC2C64906FBFE50E005FEFA2C c:\windows\ie7updates\KB956390-IE7\wininet.dll
[-] 2008-08-26 08:11 826368 E30CACD98479B36A3DBFA3267BF62DD0 c:\windows\ie7updates\KB958215-IE7\wininet.dll
[-] 2008-10-16 20:18 826368 CFBFA47415E85018E2CDC509E5E3D011 c:\windows\ie7updates\KB961260-IE7\wininet.dll
[-] 2008-12-20 22:47 826368 0551C946E305CEE0A79BA744DC141BFC c:\windows\ie7updates\KB963027-IE7\wininet.dll
[-] 2008-04-14 02:33 670208 4A6E04EA20F48D750D9BFED8600D516B c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2005-10-21 03:41 662528 E41E8FDF62CF20F2E2B16D800D96EB51 c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\wininet.dll
[-] 2009-03-03 00:13 826368 68A2567FDD62AE7E31D8A885C5173EF9 c:\windows\SoftwareDistribution\Download\f4a2c0aaa24852247df21c71c0eb238d\sp3gdr\wininet.dll
[-] 2009-03-03 00:15 828416 39F71B559A97ED722F939A0EA7235323 c:\windows\SoftwareDistribution\Download\f4a2c0aaa24852247df21c71c0eb238d\sp3qfe\wininet.dll
[-] 2009-03-03 00:13 826368 68A2567FDD62AE7E31D8A885C5173EF9 c:\windows\system32\wininet.dll
[-] 2009-03-03 00:13 826368 68A2567FDD62AE7E31D8A885C5173EF9 c:\windows\system32\dllcache\wininet.dll
[-] 2006-01-13 17:07 360448 5562CC0A47B2AEF06D3417B733F3C195 c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[-] 2006-04-20 12:18 360576 B2220C618B42A2212A59D91EBD6FC4B4 c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2007-10-30 16:53 360832 64798ECFA43D78C7178375FCDD16D8C8 c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[-] 2008-06-20 10:44 360960 744E57C99232201AE98C49168B918F48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 11:59 361600 AD978A1B783B5719720CFF204B666C8E c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 10:45 360320 2A5554FC5B1E04E131230E3CE035C3F9 c:\windows\$NtServicePackUninstall$\tcpip.sys
[-] 2008-04-13 19:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2006-01-13 02:28 359808 583E063FDC888CA30D05C2724B0D7EF4 c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\tcpip.sys
[-] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\system32\drivers\tcpip.sys
[-] 2004-08-05 12:00 506368 D2DE785AEAB0BB8CA4C14A8A199DBE4E c:\windows\$NtServicePackUninstall$\winlogon.exe
[-] 2008-04-14 02:34 512000 DD73D6B9F6B4CB630CF35B438B540174 c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2004-08-05 12:00 506368 D2DE785AEAB0BB8CA4C14A8A199DBE4E c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\winlogon.exe
[-] 2008-04-14 02:34 512000 DD73D6B9F6B4CB630CF35B438B540174 c:\windows\system32\winlogon.exe
[-] 2004-08-05 12:00 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\$NtServicePackUninstall$\ndis.sys
[-] 2008-04-13 19:20 182656 1DF7F42665C94B825322FAE71721130D c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2004-08-05 12:00 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\ndis.sys
[-] 2008-04-13 19:20 182656 1DF7F42665C94B825322FAE71721130D c:\windows\system32\drivers\ndis.sys
[-] 2004-08-05 12:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\$NtServicePackUninstall$\ip6fw.sys
[-] 2008-04-13 18:53 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2004-08-05 12:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\ip6fw.sys
[-] 2008-04-13 18:53 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\system32\drivers\ip6fw.sys
[-] 2005-03-02 09:13 2059008 5311776074B6C13F983DC75BAEAC9C0C c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
[-] 2006-12-19 18:45 2061440 8B039EFBE4C9AA23F152FFA0E238B8FA c:\windows\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe
[-] 2007-02-28 16:08 2061440 7A56A64EB50399613587E90292DD2AAB c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
[-] 2009-02-09 11:17 2068224 ED5E20AE4AC5A63A4FF43FFE704A5153 c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 17:26 2068096 755B50949D0DBC0F0136B0DB58765331 c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[-] 2007-02-28 16:02 2059648 A1D5231403329478AE4FE2778C55C77F c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[-] 2009-02-10 17:06 2068096 F751E041E682F53EAF34F7FAEA78994D c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2008-04-14 02:07 2067968 B71A8F101CEFAF82FC5EC16130A54A3F c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2009-02-09 11:50 2059776 663D7167ED065786EC9DCFF2569A39F7 c:\windows\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP2GDR\ntkrnlpa.exe
[-] 2009-02-09 11:42 2065024 0150FE5C1E07F8AE422FEC6C8E8A0C98 c:\windows\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP2QFE\ntkrnlpa.exe
[-] 2009-02-10 17:06 2068096 F751E041E682F53EAF34F7FAEA78994D c:\windows\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP3GDR\ntkrnlpa.exe
[-] 2009-02-09 11:17 2068224 ED5E20AE4AC5A63A4FF43FFE704A5153 c:\windows\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP3QFE\ntkrnlpa.exe
[-] 2005-03-02 18:07 2058880 73FA9C95D235844A36968C7852C7DBDD c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\ntkrnlpa.exe
[-] 2009-02-10 17:06 2068096 F751E041E682F53EAF34F7FAEA78994D c:\windows\system32\ntkrnlpa.exe
[-] 2009-02-10 17:06 2068096 F751E041E682F53EAF34F7FAEA78994D c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2005-03-02 18:13 2181632 3E2A0A4A0C0B19FC113618A9562A3B2A c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[-] 2006-12-19 18:45 2184064 1F3FA2065E6E043A1D82A487B5DA309C c:\windows\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe
[-] 2007-02-28 16:08 2184192 8E244108562E0E452EB68DFF64CB08A9 c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
[-] 2009-02-10 17:16 2191232 BEF458B8424553279E95E250D1E0CE7E c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2008-08-14 17:26 2191232 D79210549BBF09B7638E860440504299 c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[-] 2007-02-28 16:02 2182400 7D6D19AAC51A4325F6039F083C22303C c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[-] 2009-02-09 11:24 2191104 AB896577F35CF5FED7A9F87D3C3205ED c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2008-04-14 02:08 2191104 099D639DA1EF6968D4E41795BB507E6B c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2009-02-09 11:50 2182528 4183ED119200F8520F5E834498AFB927 c:\windows\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP2GDR\ntoskrnl.exe
[-] 2009-02-09 11:43 2188160 B55AA66BC9269BC5257B915FFDAA790B c:\windows\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP2QFE\ntoskrnl.exe
[-] 2009-02-09 11:24 2191104 AB896577F35CF5FED7A9F87D3C3205ED c:\windows\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP3GDR\ntoskrnl.exe
[-] 2009-02-10 17:16 2191232 BEF458B8424553279E95E250D1E0CE7E c:\windows\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP3QFE\ntoskrnl.exe
[-] 2005-03-02 18:08 2181376 63729DD0F2AAE36CC52B89C05505146C c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\ntoskrnl.exe
[-] 2009-02-09 11:24 2191104 AB896577F35CF5FED7A9F87D3C3205ED c:\windows\system32\ntoskrnl.exe
[-] 2009-02-09 11:24 2191104 AB896577F35CF5FED7A9F87D3C3205ED c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2008-04-14 02:34 1037824 F2317622D29F9FF0F88AEECD5F60F0DD c:\windows\explorer.exe
[-] 2007-06-13 13:10 1037312 B795475444D6D57A572C14B9E1A29839 c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2007-06-13 13:22 1037312 D0288319660EDCFED07C7E74C4EA38A5 c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2008-04-14 02:34 1037824 F2317622D29F9FF0F88AEECD5F60F0DD c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2004-08-05 12:00 1036288 4C33E5B9A6197B6ED215F6CFBA0A2DAA c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\explorer.exe
[-] 2009-02-09 11:16 111104 62789101F9C2401ED598AA2CDE7450C0 c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2004-08-05 12:00 108544 732E0B1ABAACE15D80EC19056B0A2AF9 c:\windows\$NtServicePackUninstall$\services.exe
[-] 2008-04-14 02:34 109056 54CB50058851D95E56EC70D09F70857F c:\windows\ServicePackFiles\i386\services.exe
[-] 2009-02-09 10:08 111104 9D6BF82FE50D55F20F8E10E0F6653886 c:\windows\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP2GDR\services.exe
[-] 2009-02-09 09:53 111104 51A24094F076961A7FF73E5F7E991D68 c:\windows\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP2QFE\services.exe
[-] 2009-02-09 11:23 111104 C3FB1D70CB88722267949694BA51759E c:\windows\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP3GDR\services.exe
[-] 2009-02-09 11:16 111104 62789101F9C2401ED598AA2CDE7450C0 c:\windows\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP3QFE\services.exe
[-] 2004-08-05 12:00 108544 732E0B1ABAACE15D80EC19056B0A2AF9 c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\services.exe
[-] 2009-02-09 11:23 111104 C3FB1D70CB88722267949694BA51759E c:\windows\system32\services.exe
[-] 2009-02-09 11:23 111104 C3FB1D70CB88722267949694BA51759E c:\windows\system32\dllcache\services.exe
[-] 2004-08-05 12:00 13312 9F3744A5C6F49291A7A685040A013399 c:\windows\$NtServicePackUninstall$\lsass.exe
[-] 2008-04-14 02:34 13312 91E6024D6D4DCDECDB36C43ECF9BBECB c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2004-08-05 12:00 13312 9F3744A5C6F49291A7A685040A013399 c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\lsass.exe
[-] 2008-04-14 02:34 13312 91E6024D6D4DCDECDB36C43ECF9BBECB c:\windows\system32\lsass.exe
[-] 2004-08-05 12:00 15360 5584247B568C2E53934873F4B655FE6A c:\windows\$NtServicePackUninstall$\ctfmon.exe
[-] 2008-04-14 02:33 15360 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2004-08-05 12:00 15360 5584247B568C2E53934873F4B655FE6A c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\ctfmon.exe
[-] 2008-04-14 02:33 15360 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 c:\windows\system32\ctfmon.exe
[-] 2005-06-11 00:17 57856 AD3D9D191AEA7B5445FE1D82FFBB4788 c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 23:53 57856 DA81EC57ACD4CDC3D4C51CF3D409AF9F c:\windows\$NtServicePackUninstall$\spoolsv.exe
[-] 2008-04-14 02:34 57856 460E4CE148BD07218DA0B6A3D31885A9 c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2005-06-10 23:53 57856 DA81EC57ACD4CDC3D4C51CF3D409AF9F c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\spoolsv.exe
[-] 2008-04-14 02:34 57856 460E4CE148BD07218DA0B6A3D31885A9 c:\windows\system32\spoolsv.exe
[-] 2004-08-05 12:00 25088 D6D65EA32B190401B57EDB6706F29669 c:\windows\$NtServicePackUninstall$\userinit.exe
[-] 2008-04-14 02:34 26624 E74DDB12188C2FF57A78624DBF7332FC c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2004-08-05 12:00 25088 D6D65EA32B190401B57EDB6706F29669 c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\userinit.exe
[-] 2008-04-14 02:34 26624 E74DDB12188C2FF57A78624DBF7332FC c:\windows\system32\userinit.exe
[-] 2008-04-14 02:34 26624 E74DDB12188C2FF57A78624DBF7332FC c:\windows\system32\dllcache\userinit.exe
[-] 2004-08-05 12:00 297984 7D521B8CF926459E270D18C559323815 c:\windows\$NtServicePackUninstall$\termsrv.dll
[-] 2008-04-14 02:33 297984 710BC85A8C22626EE094439E3EA0D38C c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 02:33 297984 710BC85A8C22626EE094439E3EA0D38C c:\windows\system32\termsrv.dll
[-] 2006-07-05 10:58 1050112 FB85EF2A6713E3A58A497E093626B93C c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2007-04-16 16:11 1051136 62E3F0E9ABFCBCEE62C51546F622C455 c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[-] 2009-03-21 14:00 1056768 C3AF0EEE26B59484E674673E3016AAB7 c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2007-04-16 15:53 1049600 6F1FE2AE7B22EB9CED1BFF533C9455EA c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2008-04-14 02:33 1054720 3AC8886DFA5AB641417DF4D3B7F5512E c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2009-03-21 14:07 1054720 98F08549604D090B6B2514AF845F329F c:\windows\SoftwareDistribution\Download\149dffda614674463c33ccf79c4404f3\sp3gdr\kernel32.dll
[-] 2009-03-21 14:00 1056768 C3AF0EEE26B59484E674673E3016AAB7 c:\windows\SoftwareDistribution\Download\149dffda614674463c33ccf79c4404f3\sp3qfe\kernel32.dll
[-] 2006-07-05 10:56 1049088 CE4AF1FA47A29ADF97CB107775CE395C c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\kernel32.dll
[-] 2009-03-21 14:07 1054720 98F08549604D090B6B2514AF845F329F c:\windows\system32\kernel32.dll
[-] 2009-03-21 14:07 1054720 98F08549604D090B6B2514AF845F329F c:\windows\system32\dllcache\kernel32.dll
[-] 2004-08-05 12:00 17408 B02E4DDBE0E98F42F3B61292DDB3A104 c:\windows\$NtServicePackUninstall$\powrprof.dll
[-] 2008-04-14 02:33 17408 9F2C862E39BF8E8FC51C3F6A6BCEB415 c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 02:33 17408 9F2C862E39BF8E8FC51C3F6A6BCEB415 c:\windows\system32\powrprof.dll
[-] 2004-08-05 12:00 110080 39EE5FAF56260EBB8D77A08F525EBBB4 c:\windows\$NtServicePackUninstall$\imm32.dll
[-] 2008-04-14 02:33 110080 0469B73DB32E5520F342C5E163AA3CCA c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 02:33 110080 0469B73DB32E5520F342C5E163AA3CCA c:\windows\system32\imm32.dll
[-] 2004-08-05 12:00 1548288 ACF04FB3448D2C2CD3A851C138EC8AB6 c:\windows\$NtServicePackUninstall$\sfcfiles.dll
[-] 2008-04-14 02:33 1571840 E17C85D5B5CF477638433B851A98499E c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2004-08-05 12:00 1548288 ACF04FB3448D2C2CD3A851C138EC8AB6 c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\sfcfiles.dll
[-] 2008-04-14 02:33 1571840 E17C85D5B5CF477638433B851A98499E c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\[u]0/uOODBS
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WinZip Quick Pick.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\Messenger\\Msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
S1 aswSP;avast! Self Protection; [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
--- Autres Services/Pilotes en mémoire ---
*Deregistered* - Aavmker4
*Deregistered* - AFD
*Deregistered* - asuskbnt
*Deregistered* - aswFsBlk
*Deregistered* - aswMon2
*Deregistered* - aswSP
*Deregistered* - aswTdi
*Deregistered* - aswUpdSv
*Deregistered* - Ati HotKey Poller
*Deregistered* - ATKKeyboardService
*Deregistered* - audstub
*Deregistered* - Beep
*Deregistered* - Browser
*Deregistered* - Cdfs
*Deregistered* - DcomLaunch
*Deregistered* - Dhcp
*Deregistered* - EIO
*Deregistered* - Fastfat
*Deregistered* - Fips
*Deregistered* - FltMgr
*Deregistered* - Ftdisk
*Deregistered* - Gpc
*Deregistered* - HTTP
*Deregistered* - HTTPFilter
*Deregistered* - IpNat
*Deregistered* - IPSec
*Deregistered* - JavaQuickStarterService
*Deregistered* - KSecDD
*Deregistered* - lanmanserver
*Deregistered* - lanmanworkstation
*Deregistered* - LmHosts
*Deregistered* - mnmdd
*Deregistered* - MountMgr
*Deregistered* - MRxDAV
*Deregistered* - MRxSmb
*Deregistered* - Msfs
*Deregistered* - mssmbios
*Deregistered* - Mup
*Deregistered* - NDIS
*Deregistered* - NdisTapi
*Deregistered* - Ndisuio
*Deregistered* - NdisWan
*Deregistered* - NDProxy
*Deregistered* - NetBIOS
*Deregistered* - NetBT
*Deregistered* - Npfs
*Deregistered* - Ntfs
*Deregistered* - Null
*Deregistered* - PartMgr
*Deregistered* - PptpMiniport
*Deregistered* - PSched
*Deregistered* - RasAcd
*Deregistered* - Rasl2tp
*Deregistered* - RasPppoe
*Deregistered* - Raspti
*Deregistered* - Rdbss
*Deregistered* - RDPCDD
*Deregistered* - seclogon
*Deregistered* - sr
*Deregistered* - Srv
*Deregistered* - SSDPSRV
*Deregistered* - swenum
*Deregistered* - Tcpip
*Deregistered* - TermDD
*Deregistered* - Themes
*Deregistered* - Update
*Deregistered* - UPHClean
*Deregistered* - uphcleanhlp
*Deregistered* - VgaSave
*Deregistered* - VolSnap
*Deregistered* - W32Time
*Deregistered* - Wanarp
*Deregistered* - WebClient
*Deregistered* - WS2IFSL
*Deregistered* - wuauserv
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c41b26ce-e4ff-11db-89e0-0013d4deedfa}]
\Shell\AutoRun\command - E:\InstallTomTomHOME.exe
.
Contenu du dossier 'Tâches planifiées'
2009-04-22 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-22 16:17]
2009-04-22 c:\windows\Tasks\User_Feed_Synchronization-{8E4517A1-51FD-457A-B951-7E9CBE0720D3}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 10:58]
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-24 14:13
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG06.00.00.01WORKSTATION"="932615D34923A6698E24B14597688600C62264B9DCDA77B193C2E6A8C2C63A48F1788C8E79FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E667A6A0AC4980AC7933A2D97226D213B555FEBC9E127BECC74CFE65F34E9B8BA320B1A267F232C0888AAF5E4C4C1EEAC982A51D01F5DE1613890D02DBBF24525EC536C6B86C18CE8E2FD485253BBACDA07F25D096C8C8E46CF59D1DAF37B98BEC713175182FC97CA44BA209DDA613698818E580F50139740320952838FE2208F93CEFE67C71C4F277766F073F517DD8CF02684F58117F76E5F73EECBE5246AEF6F625A7E45E2B6A77FD76EF97F1F6CC87A60EB1FD5A8F30E9A6C2831563B377172565964F13C2325CE1550838359B8606249E7228378177248434DB0DD799F0537E2A68C222F62C9CD50F697638315E67CB472F9E7111B8F12187B87FC6CE3B67ED5124471053CE7743897FAC0F9BBF86231659AB4A9E7671BF94AFC83F4A8A53939CA5E8D88AA36C478F8BB741E7A909E3FCB69D76AEC38555962EC6C1AAAA5C42AF9DB86AF2CAC0B1CEA27948C3AF527A56E1479CE648D50D30705EC130770903158ECAA50774FE87DAADD71483F78D8ADBC6005995C0CC45E40AF52ABE63270FB951B8E063E7737F2AE73C871DBE29672D29223D28FD1A119C62F9D661F145D770901E65CA7F2F0915E3157AAB53569CCC1E0CCB35E232B624B35B9A433D3800EC4C9C7223A88742DB85D2B76D198DE5240E207C72E9C9B1AB8C0C3836F118DEC959D83AF467158121866C7C460606367DB945BC3D1D5C2F47D083E9AE53C18103DE7AE2705036CDEAF2D9FDBC28BF320930E66B959DAA9170B5BEDCC5B4D4A5FBD72E84E58E8AE322AB9AE17B1C7CB3D858F25C1EA0B76F82C6BCB0B700B43FF795A6AECBDF783497E4AE435116C24764EBDBD89F6D49943EE201FB66B20AF522BA9563BB96A9E4FB289CB2B15D5CB08778181B85E06B7E483C93C7D5DDC1A5873F3619F31A09CD66D1EDB133CDD563036023D5DFE9ECE02ADA7F90B0278BDE19EF4439D5E2C8F9509331B891550489F7D87B2AE28E61204D985547C1C65C622C6BFE216780DEAB9971F530A9F7FB816E6B233266E520580524A7507B8A692AF9A42D23531584560443537901CE975B53F622F8651D435883808E86F054B260A066178666D636A3B53863673C01755DF42C017E02F32AA06304A5B55D19756421490804140F35ED3A4FC23F28D1F60206115037FD3EF96A9F5B8E1E1B62384BE0BE52C9701E85C7FD5C933E319243751F80A28B41E4961E9782E8F6AD4CC0DBA989C87A3774F1F5D48AFB136DAA43193B260DD5D9E3AEDB124E5FE6B8091C912943462C449808EF7456A4DE9195A6043985AA68F44CAEF4B6E49D0D04DE1C9AEED525"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(632)
c:\windows\system32\Ati2evxx.dll
.
Heure de fin: 2009-04-24 14:15
ComboFix-quarantined-files.txt 2009-04-24 12:15
Avant-CF: 112 950 886 400 octets libres
Après-CF: 112 940 769 280 octets libres
372 --- E O F --- 2009-04-16 12:30
merci
Je viens de récuperer l'ordi da ma mere qui ne repond plus quand on veut ouvrir la messagerie, internet ou Money par exemple !! j'ai dejà fait ccleaner, spybot, sans succes ! de plus avast est desactivé automatiquement ainsi que le pare feu windows !
j'ai fais aussi le rapport combo fix que je vous donne aussi !
windows familiale xp
ComboFix 09-04-24.01 - irene 24/04/2009 14:12.1 - NTFSx86
Lancé depuis: E:\ComboFix.exe
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\irene\Application Data\Microsoft\SystemCertificates\Request
c:\windows\patch.exe
c:\windows\system\oeminfo.ini
c:\windows\system32\ahtn.htm
c:\windows\system32\drivers\ovfsth.sys
c:\windows\system32\ovfsthibphwheextapppboequmkjpqjxtawrqr.dat
c:\windows\system32\ovfsthrbewwjehjlssbynbxidismebjpcmodlb.dat
c:\windows\system32\win32hlp.cnf
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-24 au 2009-4-24 ))))))))))))))))))))))))))))))))))))
.
2009-04-24 09:27 . 2009-04-24 09:27 -------- dc-h--w c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-04-16 07:02 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-16 07:02 . 2009-03-06 14:20 286720 -c----w c:\windows\system32\dllcache\pdh.dll
2009-04-16 07:02 . 2009-02-09 11:23 111104 -c----w c:\windows\system32\dllcache\services.exe
2009-04-16 07:02 . 2009-02-09 10:53 473600 -c----w c:\windows\system32\dllcache\fastprox.dll
2009-04-16 07:02 . 2009-02-09 10:53 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
2009-04-16 07:02 . 2009-02-09 10:53 735744 -c----w c:\windows\system32\dllcache\lsasrv.dll
2009-04-16 07:02 . 2009-02-09 10:53 739840 -c----w c:\windows\system32\dllcache\ntdll.dll
2009-04-16 07:02 . 2009-02-09 10:53 685568 -c----w c:\windows\system32\dllcache\advapi32.dll
2009-04-16 07:02 . 2009-02-09 10:53 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-16 07:00 . 2008-12-16 12:31 354304 -c----w c:\windows\system32\dllcache\winhttp.dll
2009-04-16 07:00 . 2008-04-21 21:15 219136 -c----w c:\windows\system32\dllcache\wordpad.exe
2009-04-13 09:12 . 2009-04-13 09:14 -------- d-----w c:\windows\SxsCaPendDel
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-24 11:19 . 2006-02-27 09:59 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-24 10:27 . 2009-04-24 10:27 -------- d-----w c:\program files\Lavasoft
2009-04-23 16:43 . 2006-11-01 07:38 -------- d-----w c:\program files\eChanblard
2009-04-23 10:37 . 2006-02-27 09:59 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-04-22 08:16 . 2007-02-22 11:40 -------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-04-16 12:52 . 2005-02-16 11:03 78752 ----a-w c:\windows\system32\perfc00C.dat
2009-04-16 12:52 . 2005-02-16 11:03 477522 ----a-w c:\windows\system32\perfh00C.dat
2009-04-13 09:12 . 2008-08-16 08:11 -------- d-----w c:\program files\Windows Live
2009-04-09 19:40 . 2006-03-20 15:13 -------- d-----w c:\documents and settings\irene\Application Data\AdobeUM
2009-03-23 18:26 . 2006-01-27 20:54 -------- d--h--w c:\program files\InstallShield Installation Information
2009-03-23 18:26 . 2009-03-23 18:26 -------- d-----w c:\documents and settings\irene\Application Data\InstallShield
2009-03-23 18:26 . 2006-12-12 13:28 -------- d-----w c:\program files\UBISOFT
2009-03-20 17:05 . 2009-03-20 17:05 -------- d-----w c:\program files\CCleaner
2009-03-19 09:47 . 2009-03-18 16:14 -------- d-----w c:\program files\Microsoft Silverlight
2009-03-18 16:15 . 2006-02-01 16:23 25168 -c--a-w c:\documents and settings\irene\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-03-18 16:14 . 2009-03-18 16:11 -------- d-----w c:\program files\Microsoft
2009-03-18 16:10 . 2009-03-18 16:10 -------- d-----w c:\program files\Windows Live SkyDrive
2009-03-13 08:50 . 2009-03-13 08:50 -------- d-----w c:\program files\Fichiers communs\Windows Live
2009-03-06 14:20 . 2004-08-05 12:00 286720 ----a-w c:\windows\system32\pdh.dll
2009-03-03 00:13 . 2004-08-05 12:00 826368 ----a-w c:\windows\system32\wininet.dll
2009-02-26 11:53 . 2009-02-26 11:53 -------- d-----w c:\documents and settings\All Users\Application Data\IM
2009-02-26 11:52 . 2006-03-13 20:16 -------- d-----w c:\program files\IncrediMail
2009-02-26 11:51 . 2009-02-26 11:51 -------- d-----w c:\documents and settings\All Users\Application Data\IncrediMail
2009-02-20 17:10 . 2004-08-05 12:00 78336 ----a-w c:\windows\system32\ieencode.dll
2009-02-10 17:06 . 2004-08-04 00:48 2068096 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-09 14:05 . 2004-08-05 12:00 1846912 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:24 . 2004-08-05 12:00 2191104 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-09 11:23 . 2004-08-05 12:00 111104 ----a-w c:\windows\system32\services.exe
2009-02-09 10:53 . 2004-08-05 12:00 735744 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 10:53 . 2004-08-05 12:00 739840 ----a-w c:\windows\system32\ntdll.dll
2009-02-09 10:53 . 2004-08-05 12:00 685568 ----a-w c:\windows\system32\advapi32.dll
2009-02-09 10:53 . 2004-08-05 12:00 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-06 17:52 . 2009-02-06 17:52 49504 ----a-w c:\windows\system32\sirenacm.dll
2009-02-06 10:39 . 2004-08-05 12:00 35328 ----a-w c:\windows\system32\sc.exe
2009-02-03 19:58 . 2004-08-05 12:00 56832 ----a-w c:\windows\system32\secur32.dll
2008-10-30 13:17 . 2006-03-07 16:22 24584 -c--a-w c:\documents and settings\irene\Application Data\GDIPFONTCACHEV1.DAT
2006-11-03 09:13 . 2006-11-03 09:04 24584 -c--a-w c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2006-04-03 19:14 . 2006-04-03 19:12 20 -c-h--w c:\documents and settings\All Users\Application Data\PKP_DLec.DAT
2006-02-01 16:23 . 2006-02-01 16:23 128 -c--a-w c:\documents and settings\irene\Local Settings\Application Data\fusioncache.dat
2006-01-27 21:06 . 2006-11-03 09:04 135 -c--a-w c:\documents and settings\Administrateur\Local Settings\Application Data\fusioncache.dat
2008-08-28 11:21 . 2008-08-28 11:21 32768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008082820080829\index.dat
.
------- Sigcheck -------
[-] 2004-08-05 12:00 14336 1BD6C2F707A275CB7C16FD99FE0F31CA c:\windows\$NtServicePackUninstall$\svchost.exe
[-] 2008-04-14 02:34 14336 E4BDF223CD75478BF44567B4D5C2634D c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2004-08-05 12:00 14336 1BD6C2F707A275CB7C16FD99FE0F31CA c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\svchost.exe
[-] 2008-04-14 02:34 14336 E4BDF223CD75478BF44567B4D5C2634D c:\windows\system32\svchost.exe
[-] 2005-03-02 18:20 578048 C34920EB988CE98910BD6B0417F334EB c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2007-03-08 15:50 579072 4D88AAF39ADABFE45958EA1384E2C4FF c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 15:37 578560 753354F594809A9B96F73999B435A533 c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2008-04-14 02:33 579584 E853F84D3CE2FAA2A802E33CF89AC023 c:\windows\ServicePackFiles\i386\user32.dll
[-] 2005-03-02 18:10 578048 0DF75FB73F705B011630159A43D7C354 c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\user32.dll
[-] 2008-04-14 02:33 579584 E853F84D3CE2FAA2A802E33CF89AC023 c:\windows\system32\user32.dll
[-] 2004-08-05 12:00 82944 BC41F51A39D3B255805FDB759B7814AE c:\windows\$NtServicePackUninstall$\ws2_32.dll
[-] 2008-04-14 02:33 82432 FB836F9E62D82904C983AD21296A5D9C c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 02:33 82432 FB836F9E62D82904C983AD21296A5D9C c:\windows\system32\ws2_32.dll
[-] 2005-01-27 17:12 662016 66A10B98F18FD804236AB2D90301DE04 c:\windows\$hf_mig$\KB867282\SP2QFE\wininet.dll
[-] 2005-09-03 00:08 664576 031CA1310E4CB23E5A4F747D763D0B49 c:\windows\$hf_mig$\KB896688\SP2QFE\wininet.dll
[-] 2005-10-21 03:39 665600 D327378CEEF9A141C7352691FC30A0DA c:\windows\$hf_mig$\KB905915\SP2QFE\wininet.dll
[-] 2007-03-23 09:29 823296 375B58A68A016546535A84060092325C c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\wininet.dll
[-] 2007-04-25 08:26 823808 47DDAD237F60729DEA2B9E0E2382B58F c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\wininet.dll
[-] 2007-06-27 14:14 824320 7201D19B81883B57D5FFE8EBB5A83E8B c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\wininet.dll
[-] 2007-08-20 09:49 825344 2DD1B0F579C80562EDCB8848FF7EA9F6 c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll
[-] 2007-10-10 23:22 825344 871AE10D6AE8877E9636AE5017953D52 c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
[-] 2007-12-07 01:42 825344 F4FD487241D3AC291046A22CEBD2CF71 c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
[-] 2008-03-01 12:34 827392 5A0093F59B505C008ED0CEE615563C72 c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
[-] 2008-04-23 07:19 827392 78D3D2B0BE6AD3E6D82CCB115CF74310 c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
[-] 2008-06-23 15:40 827904 52589BAE67DD9859724287372668690B c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
[-] 2008-08-26 09:10 827904 4B0E70D44297877A313045BD059770E1 c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
[-] 2008-10-16 19:33 827904 37D1A1BFE3D9904F2C3D11592456F9C0 c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
[-] 2008-12-20 23:47 827904 4E192082A5FCE9EF19198A24CDEA3442 c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[-] 2009-03-03 00:15 828416 39F71B559A97ED722F939A0EA7235323 c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
[-] 2006-09-14 08:38 668672 B8B6F05885A6F42724E8D6BFEDE6BD3F c:\windows\ie7\wininet.dll
[-] 2006-11-07 20:03 818688 92995334F993E6E49C25C6D02EC04401 c:\windows\ie7updates\KB928090-IE7\wininet.dll
[-] 2007-01-12 08:27 822784 BE43D00D802C92F01C8CC952C6F483F8 c:\windows\ie7updates\KB931768-IE7\wininet.dll
[-] 2007-02-27 13:26 822784 75DE73E328E300CAED5965FAEA2F5D3F c:\windows\ie7updates\KB933566-IE7\wininet.dll
[-] 2007-04-25 07:40 822784 2C138AB59E2FFA06E8952AE656E443C5 c:\windows\ie7updates\KB937143-IE7\wininet.dll
[-] 2007-06-27 13:24 823808 2274862267D7445E7010D9AF826E89C3 c:\windows\ie7updates\KB939653-IE7\wininet.dll
[-] 2007-08-20 09:59 824832 F6DFCEED3A7AA4C9EEB966D3F1ADC70A c:\windows\ie7updates\KB942615-IE7\wininet.dll
[-] 2007-10-10 23:49 824832 BC5119C53BDD48DABC628D448A3BDCCB c:\windows\ie7updates\KB944533-IE7\wininet.dll
[-] 2007-12-07 02:08 824832 4FC90BECE54FAC81B0090B94E27BFB6B c:\windows\ie7updates\KB947864-IE7\wininet.dll
[-] 2008-03-01 12:58 826368 8E027981DDFFA690D456FE18B37415A0 c:\windows\ie7updates\KB950759-IE7\wininet.dll
[-] 2008-04-23 04:16 826368 02D6AABD5F5A32C61478B5CDFE50E4A8 c:\windows\ie7updates\KB953838-IE7\wininet.dll
[-] 2008-06-23 16:28 826368 AC0BD61DC2C64906FBFE50E005FEFA2C c:\windows\ie7updates\KB956390-IE7\wininet.dll
[-] 2008-08-26 08:11 826368 E30CACD98479B36A3DBFA3267BF62DD0 c:\windows\ie7updates\KB958215-IE7\wininet.dll
[-] 2008-10-16 20:18 826368 CFBFA47415E85018E2CDC509E5E3D011 c:\windows\ie7updates\KB961260-IE7\wininet.dll
[-] 2008-12-20 22:47 826368 0551C946E305CEE0A79BA744DC141BFC c:\windows\ie7updates\KB963027-IE7\wininet.dll
[-] 2008-04-14 02:33 670208 4A6E04EA20F48D750D9BFED8600D516B c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2005-10-21 03:41 662528 E41E8FDF62CF20F2E2B16D800D96EB51 c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\wininet.dll
[-] 2009-03-03 00:13 826368 68A2567FDD62AE7E31D8A885C5173EF9 c:\windows\SoftwareDistribution\Download\f4a2c0aaa24852247df21c71c0eb238d\sp3gdr\wininet.dll
[-] 2009-03-03 00:15 828416 39F71B559A97ED722F939A0EA7235323 c:\windows\SoftwareDistribution\Download\f4a2c0aaa24852247df21c71c0eb238d\sp3qfe\wininet.dll
[-] 2009-03-03 00:13 826368 68A2567FDD62AE7E31D8A885C5173EF9 c:\windows\system32\wininet.dll
[-] 2009-03-03 00:13 826368 68A2567FDD62AE7E31D8A885C5173EF9 c:\windows\system32\dllcache\wininet.dll
[-] 2006-01-13 17:07 360448 5562CC0A47B2AEF06D3417B733F3C195 c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[-] 2006-04-20 12:18 360576 B2220C618B42A2212A59D91EBD6FC4B4 c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2007-10-30 16:53 360832 64798ECFA43D78C7178375FCDD16D8C8 c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[-] 2008-06-20 10:44 360960 744E57C99232201AE98C49168B918F48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 11:59 361600 AD978A1B783B5719720CFF204B666C8E c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 10:45 360320 2A5554FC5B1E04E131230E3CE035C3F9 c:\windows\$NtServicePackUninstall$\tcpip.sys
[-] 2008-04-13 19:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2006-01-13 02:28 359808 583E063FDC888CA30D05C2724B0D7EF4 c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\tcpip.sys
[-] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\system32\drivers\tcpip.sys
[-] 2004-08-05 12:00 506368 D2DE785AEAB0BB8CA4C14A8A199DBE4E c:\windows\$NtServicePackUninstall$\winlogon.exe
[-] 2008-04-14 02:34 512000 DD73D6B9F6B4CB630CF35B438B540174 c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2004-08-05 12:00 506368 D2DE785AEAB0BB8CA4C14A8A199DBE4E c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\winlogon.exe
[-] 2008-04-14 02:34 512000 DD73D6B9F6B4CB630CF35B438B540174 c:\windows\system32\winlogon.exe
[-] 2004-08-05 12:00 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\$NtServicePackUninstall$\ndis.sys
[-] 2008-04-13 19:20 182656 1DF7F42665C94B825322FAE71721130D c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2004-08-05 12:00 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\ndis.sys
[-] 2008-04-13 19:20 182656 1DF7F42665C94B825322FAE71721130D c:\windows\system32\drivers\ndis.sys
[-] 2004-08-05 12:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\$NtServicePackUninstall$\ip6fw.sys
[-] 2008-04-13 18:53 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2004-08-05 12:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\ip6fw.sys
[-] 2008-04-13 18:53 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\system32\drivers\ip6fw.sys
[-] 2005-03-02 09:13 2059008 5311776074B6C13F983DC75BAEAC9C0C c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
[-] 2006-12-19 18:45 2061440 8B039EFBE4C9AA23F152FFA0E238B8FA c:\windows\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe
[-] 2007-02-28 16:08 2061440 7A56A64EB50399613587E90292DD2AAB c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
[-] 2009-02-09 11:17 2068224 ED5E20AE4AC5A63A4FF43FFE704A5153 c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 17:26 2068096 755B50949D0DBC0F0136B0DB58765331 c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[-] 2007-02-28 16:02 2059648 A1D5231403329478AE4FE2778C55C77F c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[-] 2009-02-10 17:06 2068096 F751E041E682F53EAF34F7FAEA78994D c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2008-04-14 02:07 2067968 B71A8F101CEFAF82FC5EC16130A54A3F c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2009-02-09 11:50 2059776 663D7167ED065786EC9DCFF2569A39F7 c:\windows\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP2GDR\ntkrnlpa.exe
[-] 2009-02-09 11:42 2065024 0150FE5C1E07F8AE422FEC6C8E8A0C98 c:\windows\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP2QFE\ntkrnlpa.exe
[-] 2009-02-10 17:06 2068096 F751E041E682F53EAF34F7FAEA78994D c:\windows\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP3GDR\ntkrnlpa.exe
[-] 2009-02-09 11:17 2068224 ED5E20AE4AC5A63A4FF43FFE704A5153 c:\windows\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP3QFE\ntkrnlpa.exe
[-] 2005-03-02 18:07 2058880 73FA9C95D235844A36968C7852C7DBDD c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\ntkrnlpa.exe
[-] 2009-02-10 17:06 2068096 F751E041E682F53EAF34F7FAEA78994D c:\windows\system32\ntkrnlpa.exe
[-] 2009-02-10 17:06 2068096 F751E041E682F53EAF34F7FAEA78994D c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2005-03-02 18:13 2181632 3E2A0A4A0C0B19FC113618A9562A3B2A c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[-] 2006-12-19 18:45 2184064 1F3FA2065E6E043A1D82A487B5DA309C c:\windows\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe
[-] 2007-02-28 16:08 2184192 8E244108562E0E452EB68DFF64CB08A9 c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
[-] 2009-02-10 17:16 2191232 BEF458B8424553279E95E250D1E0CE7E c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2008-08-14 17:26 2191232 D79210549BBF09B7638E860440504299 c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[-] 2007-02-28 16:02 2182400 7D6D19AAC51A4325F6039F083C22303C c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[-] 2009-02-09 11:24 2191104 AB896577F35CF5FED7A9F87D3C3205ED c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2008-04-14 02:08 2191104 099D639DA1EF6968D4E41795BB507E6B c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2009-02-09 11:50 2182528 4183ED119200F8520F5E834498AFB927 c:\windows\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP2GDR\ntoskrnl.exe
[-] 2009-02-09 11:43 2188160 B55AA66BC9269BC5257B915FFDAA790B c:\windows\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP2QFE\ntoskrnl.exe
[-] 2009-02-09 11:24 2191104 AB896577F35CF5FED7A9F87D3C3205ED c:\windows\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP3GDR\ntoskrnl.exe
[-] 2009-02-10 17:16 2191232 BEF458B8424553279E95E250D1E0CE7E c:\windows\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP3QFE\ntoskrnl.exe
[-] 2005-03-02 18:08 2181376 63729DD0F2AAE36CC52B89C05505146C c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\ntoskrnl.exe
[-] 2009-02-09 11:24 2191104 AB896577F35CF5FED7A9F87D3C3205ED c:\windows\system32\ntoskrnl.exe
[-] 2009-02-09 11:24 2191104 AB896577F35CF5FED7A9F87D3C3205ED c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2008-04-14 02:34 1037824 F2317622D29F9FF0F88AEECD5F60F0DD c:\windows\explorer.exe
[-] 2007-06-13 13:10 1037312 B795475444D6D57A572C14B9E1A29839 c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2007-06-13 13:22 1037312 D0288319660EDCFED07C7E74C4EA38A5 c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2008-04-14 02:34 1037824 F2317622D29F9FF0F88AEECD5F60F0DD c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2004-08-05 12:00 1036288 4C33E5B9A6197B6ED215F6CFBA0A2DAA c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\explorer.exe
[-] 2009-02-09 11:16 111104 62789101F9C2401ED598AA2CDE7450C0 c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2004-08-05 12:00 108544 732E0B1ABAACE15D80EC19056B0A2AF9 c:\windows\$NtServicePackUninstall$\services.exe
[-] 2008-04-14 02:34 109056 54CB50058851D95E56EC70D09F70857F c:\windows\ServicePackFiles\i386\services.exe
[-] 2009-02-09 10:08 111104 9D6BF82FE50D55F20F8E10E0F6653886 c:\windows\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP2GDR\services.exe
[-] 2009-02-09 09:53 111104 51A24094F076961A7FF73E5F7E991D68 c:\windows\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP2QFE\services.exe
[-] 2009-02-09 11:23 111104 C3FB1D70CB88722267949694BA51759E c:\windows\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP3GDR\services.exe
[-] 2009-02-09 11:16 111104 62789101F9C2401ED598AA2CDE7450C0 c:\windows\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP3QFE\services.exe
[-] 2004-08-05 12:00 108544 732E0B1ABAACE15D80EC19056B0A2AF9 c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\services.exe
[-] 2009-02-09 11:23 111104 C3FB1D70CB88722267949694BA51759E c:\windows\system32\services.exe
[-] 2009-02-09 11:23 111104 C3FB1D70CB88722267949694BA51759E c:\windows\system32\dllcache\services.exe
[-] 2004-08-05 12:00 13312 9F3744A5C6F49291A7A685040A013399 c:\windows\$NtServicePackUninstall$\lsass.exe
[-] 2008-04-14 02:34 13312 91E6024D6D4DCDECDB36C43ECF9BBECB c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2004-08-05 12:00 13312 9F3744A5C6F49291A7A685040A013399 c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\lsass.exe
[-] 2008-04-14 02:34 13312 91E6024D6D4DCDECDB36C43ECF9BBECB c:\windows\system32\lsass.exe
[-] 2004-08-05 12:00 15360 5584247B568C2E53934873F4B655FE6A c:\windows\$NtServicePackUninstall$\ctfmon.exe
[-] 2008-04-14 02:33 15360 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2004-08-05 12:00 15360 5584247B568C2E53934873F4B655FE6A c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\ctfmon.exe
[-] 2008-04-14 02:33 15360 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 c:\windows\system32\ctfmon.exe
[-] 2005-06-11 00:17 57856 AD3D9D191AEA7B5445FE1D82FFBB4788 c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 23:53 57856 DA81EC57ACD4CDC3D4C51CF3D409AF9F c:\windows\$NtServicePackUninstall$\spoolsv.exe
[-] 2008-04-14 02:34 57856 460E4CE148BD07218DA0B6A3D31885A9 c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2005-06-10 23:53 57856 DA81EC57ACD4CDC3D4C51CF3D409AF9F c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\spoolsv.exe
[-] 2008-04-14 02:34 57856 460E4CE148BD07218DA0B6A3D31885A9 c:\windows\system32\spoolsv.exe
[-] 2004-08-05 12:00 25088 D6D65EA32B190401B57EDB6706F29669 c:\windows\$NtServicePackUninstall$\userinit.exe
[-] 2008-04-14 02:34 26624 E74DDB12188C2FF57A78624DBF7332FC c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2004-08-05 12:00 25088 D6D65EA32B190401B57EDB6706F29669 c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\userinit.exe
[-] 2008-04-14 02:34 26624 E74DDB12188C2FF57A78624DBF7332FC c:\windows\system32\userinit.exe
[-] 2008-04-14 02:34 26624 E74DDB12188C2FF57A78624DBF7332FC c:\windows\system32\dllcache\userinit.exe
[-] 2004-08-05 12:00 297984 7D521B8CF926459E270D18C559323815 c:\windows\$NtServicePackUninstall$\termsrv.dll
[-] 2008-04-14 02:33 297984 710BC85A8C22626EE094439E3EA0D38C c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 02:33 297984 710BC85A8C22626EE094439E3EA0D38C c:\windows\system32\termsrv.dll
[-] 2006-07-05 10:58 1050112 FB85EF2A6713E3A58A497E093626B93C c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2007-04-16 16:11 1051136 62E3F0E9ABFCBCEE62C51546F622C455 c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[-] 2009-03-21 14:00 1056768 C3AF0EEE26B59484E674673E3016AAB7 c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2007-04-16 15:53 1049600 6F1FE2AE7B22EB9CED1BFF533C9455EA c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2008-04-14 02:33 1054720 3AC8886DFA5AB641417DF4D3B7F5512E c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2009-03-21 14:07 1054720 98F08549604D090B6B2514AF845F329F c:\windows\SoftwareDistribution\Download\149dffda614674463c33ccf79c4404f3\sp3gdr\kernel32.dll
[-] 2009-03-21 14:00 1056768 C3AF0EEE26B59484E674673E3016AAB7 c:\windows\SoftwareDistribution\Download\149dffda614674463c33ccf79c4404f3\sp3qfe\kernel32.dll
[-] 2006-07-05 10:56 1049088 CE4AF1FA47A29ADF97CB107775CE395C c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\kernel32.dll
[-] 2009-03-21 14:07 1054720 98F08549604D090B6B2514AF845F329F c:\windows\system32\kernel32.dll
[-] 2009-03-21 14:07 1054720 98F08549604D090B6B2514AF845F329F c:\windows\system32\dllcache\kernel32.dll
[-] 2004-08-05 12:00 17408 B02E4DDBE0E98F42F3B61292DDB3A104 c:\windows\$NtServicePackUninstall$\powrprof.dll
[-] 2008-04-14 02:33 17408 9F2C862E39BF8E8FC51C3F6A6BCEB415 c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 02:33 17408 9F2C862E39BF8E8FC51C3F6A6BCEB415 c:\windows\system32\powrprof.dll
[-] 2004-08-05 12:00 110080 39EE5FAF56260EBB8D77A08F525EBBB4 c:\windows\$NtServicePackUninstall$\imm32.dll
[-] 2008-04-14 02:33 110080 0469B73DB32E5520F342C5E163AA3CCA c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 02:33 110080 0469B73DB32E5520F342C5E163AA3CCA c:\windows\system32\imm32.dll
[-] 2004-08-05 12:00 1548288 ACF04FB3448D2C2CD3A851C138EC8AB6 c:\windows\$NtServicePackUninstall$\sfcfiles.dll
[-] 2008-04-14 02:33 1571840 E17C85D5B5CF477638433B851A98499E c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2004-08-05 12:00 1548288 ACF04FB3448D2C2CD3A851C138EC8AB6 c:\windows\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\backup\sfcfiles.dll
[-] 2008-04-14 02:33 1571840 E17C85D5B5CF477638433B851A98499E c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\[u]0/uOODBS
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WinZip Quick Pick.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\Messenger\\Msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
S1 aswSP;avast! Self Protection; [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
--- Autres Services/Pilotes en mémoire ---
*Deregistered* - Aavmker4
*Deregistered* - AFD
*Deregistered* - asuskbnt
*Deregistered* - aswFsBlk
*Deregistered* - aswMon2
*Deregistered* - aswSP
*Deregistered* - aswTdi
*Deregistered* - aswUpdSv
*Deregistered* - Ati HotKey Poller
*Deregistered* - ATKKeyboardService
*Deregistered* - audstub
*Deregistered* - Beep
*Deregistered* - Browser
*Deregistered* - Cdfs
*Deregistered* - DcomLaunch
*Deregistered* - Dhcp
*Deregistered* - EIO
*Deregistered* - Fastfat
*Deregistered* - Fips
*Deregistered* - FltMgr
*Deregistered* - Ftdisk
*Deregistered* - Gpc
*Deregistered* - HTTP
*Deregistered* - HTTPFilter
*Deregistered* - IpNat
*Deregistered* - IPSec
*Deregistered* - JavaQuickStarterService
*Deregistered* - KSecDD
*Deregistered* - lanmanserver
*Deregistered* - lanmanworkstation
*Deregistered* - LmHosts
*Deregistered* - mnmdd
*Deregistered* - MountMgr
*Deregistered* - MRxDAV
*Deregistered* - MRxSmb
*Deregistered* - Msfs
*Deregistered* - mssmbios
*Deregistered* - Mup
*Deregistered* - NDIS
*Deregistered* - NdisTapi
*Deregistered* - Ndisuio
*Deregistered* - NdisWan
*Deregistered* - NDProxy
*Deregistered* - NetBIOS
*Deregistered* - NetBT
*Deregistered* - Npfs
*Deregistered* - Ntfs
*Deregistered* - Null
*Deregistered* - PartMgr
*Deregistered* - PptpMiniport
*Deregistered* - PSched
*Deregistered* - RasAcd
*Deregistered* - Rasl2tp
*Deregistered* - RasPppoe
*Deregistered* - Raspti
*Deregistered* - Rdbss
*Deregistered* - RDPCDD
*Deregistered* - seclogon
*Deregistered* - sr
*Deregistered* - Srv
*Deregistered* - SSDPSRV
*Deregistered* - swenum
*Deregistered* - Tcpip
*Deregistered* - TermDD
*Deregistered* - Themes
*Deregistered* - Update
*Deregistered* - UPHClean
*Deregistered* - uphcleanhlp
*Deregistered* - VgaSave
*Deregistered* - VolSnap
*Deregistered* - W32Time
*Deregistered* - Wanarp
*Deregistered* - WebClient
*Deregistered* - WS2IFSL
*Deregistered* - wuauserv
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c41b26ce-e4ff-11db-89e0-0013d4deedfa}]
\Shell\AutoRun\command - E:\InstallTomTomHOME.exe
.
Contenu du dossier 'Tâches planifiées'
2009-04-22 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-22 16:17]
2009-04-22 c:\windows\Tasks\User_Feed_Synchronization-{8E4517A1-51FD-457A-B951-7E9CBE0720D3}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 10:58]
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-24 14:13
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG06.00.00.01WORKSTATION"="932615D34923A6698E24B14597688600C62264B9DCDA77B193C2E6A8C2C63A48F1788C8E79FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E667A6A0AC4980AC7933A2D97226D213B555FEBC9E127BECC74CFE65F34E9B8BA320B1A267F232C0888AAF5E4C4C1EEAC982A51D01F5DE1613890D02DBBF24525EC536C6B86C18CE8E2FD485253BBACDA07F25D096C8C8E46CF59D1DAF37B98BEC713175182FC97CA44BA209DDA613698818E580F50139740320952838FE2208F93CEFE67C71C4F277766F073F517DD8CF02684F58117F76E5F73EECBE5246AEF6F625A7E45E2B6A77FD76EF97F1F6CC87A60EB1FD5A8F30E9A6C2831563B377172565964F13C2325CE1550838359B8606249E7228378177248434DB0DD799F0537E2A68C222F62C9CD50F697638315E67CB472F9E7111B8F12187B87FC6CE3B67ED5124471053CE7743897FAC0F9BBF86231659AB4A9E7671BF94AFC83F4A8A53939CA5E8D88AA36C478F8BB741E7A909E3FCB69D76AEC38555962EC6C1AAAA5C42AF9DB86AF2CAC0B1CEA27948C3AF527A56E1479CE648D50D30705EC130770903158ECAA50774FE87DAADD71483F78D8ADBC6005995C0CC45E40AF52ABE63270FB951B8E063E7737F2AE73C871DBE29672D29223D28FD1A119C62F9D661F145D770901E65CA7F2F0915E3157AAB53569CCC1E0CCB35E232B624B35B9A433D3800EC4C9C7223A88742DB85D2B76D198DE5240E207C72E9C9B1AB8C0C3836F118DEC959D83AF467158121866C7C460606367DB945BC3D1D5C2F47D083E9AE53C18103DE7AE2705036CDEAF2D9FDBC28BF320930E66B959DAA9170B5BEDCC5B4D4A5FBD72E84E58E8AE322AB9AE17B1C7CB3D858F25C1EA0B76F82C6BCB0B700B43FF795A6AECBDF783497E4AE435116C24764EBDBD89F6D49943EE201FB66B20AF522BA9563BB96A9E4FB289CB2B15D5CB08778181B85E06B7E483C93C7D5DDC1A5873F3619F31A09CD66D1EDB133CDD563036023D5DFE9ECE02ADA7F90B0278BDE19EF4439D5E2C8F9509331B891550489F7D87B2AE28E61204D985547C1C65C622C6BFE216780DEAB9971F530A9F7FB816E6B233266E520580524A7507B8A692AF9A42D23531584560443537901CE975B53F622F8651D435883808E86F054B260A066178666D636A3B53863673C01755DF42C017E02F32AA06304A5B55D19756421490804140F35ED3A4FC23F28D1F60206115037FD3EF96A9F5B8E1E1B62384BE0BE52C9701E85C7FD5C933E319243751F80A28B41E4961E9782E8F6AD4CC0DBA989C87A3774F1F5D48AFB136DAA43193B260DD5D9E3AEDB124E5FE6B8091C912943462C449808EF7456A4DE9195A6043985AA68F44CAEF4B6E49D0D04DE1C9AEED525"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(632)
c:\windows\system32\Ati2evxx.dll
.
Heure de fin: 2009-04-24 14:15
ComboFix-quarantined-files.txt 2009-04-24 12:15
Avant-CF: 112 950 886 400 octets libres
Après-CF: 112 940 769 280 octets libres
372 --- E O F --- 2009-04-16 12:30
merci
A voir également:
- Icones ne fonctionne plus, plus de connection
- Gmail connection - Guide
- Icones windows - Guide
- Agrandir les icones de la barre des taches - Guide
- Reorganiser icones iphone - Guide
- Connection chromecast - Guide
2 réponses
salut :
*****************************************************
************** Option 1 (Recherche) **************
*****************************************************
Télécharge FindyKill ( de Chiquitine29) sur ton bureau :
! Déconnecte toi et ferme toutes applications en cours !
* Double clique sur "FindyKill.exe" pour lancer l'installation et laisse les paramètres d'instalation par défaut .
* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)
* Double-clique sur le raccourci FindyKill qui est sur ton bureau pour lancer l'outil .
* Au menu principal choisis l'option " F " pour français et tape sur [entrée] .
* Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]
Laisse travailler l'outil et ne touche à rien ...
--> Poste le rapport qui apparait à la fin , sur le forum ...
( le rapport est sauvegardé aussi sous C:\FindyKill.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Aides en images ( Installation )
Aides en images ( Recherche )
*****************************************************
************** Option 1 (Recherche) **************
*****************************************************
Télécharge FindyKill ( de Chiquitine29) sur ton bureau :
! Déconnecte toi et ferme toutes applications en cours !
* Double clique sur "FindyKill.exe" pour lancer l'installation et laisse les paramètres d'instalation par défaut .
* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)
* Double-clique sur le raccourci FindyKill qui est sur ton bureau pour lancer l'outil .
* Au menu principal choisis l'option " F " pour français et tape sur [entrée] .
* Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]
Laisse travailler l'outil et ne touche à rien ...
--> Poste le rapport qui apparait à la fin , sur le forum ...
( le rapport est sauvegardé aussi sous C:\FindyKill.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Aides en images ( Installation )
Aides en images ( Recherche )
*****************************************************
************* Option 2 (Suppression) *************
*****************************************************
! Déconnecte toi et ferme toutes application en cours ( navigateur compris ) .
* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)
* Relance "FindyKill" : au menu principal choisis l'option " F " pour français et tape sur [entrée] .
* Au second menu choisis l'option 2 (suppression) et tape sur [entrée]
* Le pc va redémarrer automatiquement ...
--> le programme va travailler , ne touche à rien ... , ton bureau ne sera pas accessible c est normal !
* Poste le rapport qui apparait à la fin ( le rapport est sauvegardé aussi sous C:\FindyKill.txt )
/!\ Si le Bureau ne réapparait pas, presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tape explorer.exe et valide
Aides en images ( Suppression )
ensuite :
*****************************************************
*************** Option 3 (Uninstal) ****************
*****************************************************
* Relance "FindyKill" : au menu principal choisis l'option " F " et tape sur [entrée] .
* Au second menu choisis l'option 3 et tape sur [entrée] .
* Clique sur ok quand l avertissement apparait.
ensuite :
Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.
! Déconnecte toi et ferme toutes tes applications en cours !
Double-clique sur " RSIT.exe " pour le lancer .
-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .
* Devant l'option "List files/folders created ..." , tu choisis : 2 months
* clique ensuite sur " Continue " pour lancer l'analyse ...
-> laisse faire le scan et ne touche pas au PC ...
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).
Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...
Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum
( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
************* Option 2 (Suppression) *************
*****************************************************
! Déconnecte toi et ferme toutes application en cours ( navigateur compris ) .
* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)
* Relance "FindyKill" : au menu principal choisis l'option " F " pour français et tape sur [entrée] .
* Au second menu choisis l'option 2 (suppression) et tape sur [entrée]
* Le pc va redémarrer automatiquement ...
--> le programme va travailler , ne touche à rien ... , ton bureau ne sera pas accessible c est normal !
* Poste le rapport qui apparait à la fin ( le rapport est sauvegardé aussi sous C:\FindyKill.txt )
/!\ Si le Bureau ne réapparait pas, presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tape explorer.exe et valide
Aides en images ( Suppression )
ensuite :
*****************************************************
*************** Option 3 (Uninstal) ****************
*****************************************************
* Relance "FindyKill" : au menu principal choisis l'option " F " et tape sur [entrée] .
* Au second menu choisis l'option 3 et tape sur [entrée] .
* Clique sur ok quand l avertissement apparait.
ensuite :
Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.
! Déconnecte toi et ferme toutes tes applications en cours !
Double-clique sur " RSIT.exe " pour le lancer .
-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .
* Devant l'option "List files/folders created ..." , tu choisis : 2 months
* clique ensuite sur " Continue " pour lancer l'analyse ...
-> laisse faire le scan et ne touche pas au PC ...
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).
Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...
Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum
( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
############################## [ FindyKill V4.726 ]
############################## [ Processus actifs ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
################## [ Fichiers / Dossiers infectieux ]
################## [ Infected Temp Files ]
################## [ Registre / Clés infectieuses ]
Found ! HKEY_USERS\S-1-5-21-2966917941-2711922362-2477347431-1006\Software\UBISOFT
################## [ Recherche dans supports amovibles]
# Recherche fichiers connus :
################## [ Registre / Mountpoint2 ]
# -> Not found !
################## [ ! Fin du rapport # FindyKill V4.726 ! ]