A voir également:
- Infectée par un virus
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Undisclosed-recipients virus - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Virus informatique - Guide
31 réponses
/!\ ATTENTION SUIVRE SCRUPULEUSEMENT A LA LETTRE CES INDICATIONS/!\
________________________________________________________________
>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
>>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<<
=====================================================
▶ Surtout , pense à l'enregistrement à renommer Combofix en "ton prenom.exe" avant qu'il soit enregistré sur ton disque dur
▶ On va utiliser ComboFix.exe. Rends toi sur cette page web pour obtenir les liens de téléchargement, ainsi que des instructions pour exécuter l'outil:
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
Avant d'utiliser ComboFix :
______________________________________________________________________
>> referme les fenêtres de tous les programmes en cours.
>> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
>>la protection en temps réel de ton Antivirus et de tes Antispywares,
>>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°
▶ !!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!
▶ n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
▶▶ Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
Bonjour ,
Voilà le rapport ( 1/3 ) :
( désolée pour le temps de réponse , je supervise mon déménagement :) )
ComboFix 10-05-05.0D - Coredj 07/05/2010 9:45.1.2 - x86
Microsoft® Windows Vista(TM) Édition Intégrale 6.0.6000.0.1252.33.1036.18.2047.901 [GMT 2:00]
Lancé depuis: c:\users\Coredj\Desktop\Amanda.exe
AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: COMODO Firewall *disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
SP: AntiVir Desktop *disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: COMODO Defense+ *disabled* (Updated) {043803A4-4F86-4ef7-AFC5-F6E02A79969B}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\Coredj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Enregistrement du produit.lnk
c:\windows\System32\taskmgr.exe . . . est infecté!!
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-04-07 au 2010-05-07 ))))))))))))))))))))))))))))))))))))
.
2010-05-05 18:47 . 2010-05-05 18:47 -------- d-----w- C:\Kill'em
2010-05-05 09:50 . 2010-05-05 09:50 -------- d-----w- c:\users\Coredj\AppData\Roaming\TeamViewer
2010-05-05 09:50 . 2010-05-05 09:50 -------- d-----w- c:\users\Coredj\temp
2010-05-04 16:24 . 2010-05-04 16:24 -------- d-----w- c:\users\Coredj\AppData\Local\Apple
2010-05-04 14:23 . 2010-05-04 16:23 -------- d-----w- c:\users\Coredj\AppData\Local\Apple Computer
2010-05-04 09:26 . 2010-05-04 09:26 -------- d-----w- c:\windows\Sun
2010-05-04 09:07 . 2010-05-04 09:07 -------- d-----w- c:\program files\CCleaner
2010-05-03 20:31 . 2010-05-03 20:31 -------- d-----w- c:\program files\CHRYOPROD
2010-05-02 15:34 . 2010-05-02 15:34 -------- d-----w- c:\users\Coredj\AppData\Roaming\MxBoost
2010-05-01 03:26 . 2010-05-01 03:26 -------- d-----w- c:\program files\Winter Fun Pack 2004 for Windows XP
2010-05-01 01:22 . 2010-05-01 01:22 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-05-01 01:21 . 2010-05-01 01:26 -------- d-----w- c:\users\Coredj\AppData\Roaming\DAEMON Tools Lite
2010-05-01 01:21 . 2010-05-01 01:21 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-05-01 01:07 . 2010-05-01 01:07 503864 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2010-05-01 01:07 . 2010-05-01 01:07 35896 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2010-05-01 01:06 . 2010-05-01 01:06 -------- d-----w- c:\program files\Microsoft Xbox 360 Accessories
2010-04-30 02:00 . 2010-04-30 02:00 -------- d-----w- c:\users\Coredj\AppData\Roaming\Logitech
2010-04-30 02:00 . 2010-04-30 02:00 -------- d-----w- c:\users\Coredj\AppData\Roaming\Leadertech
2010-04-30 02:00 . 2010-04-30 02:00 -------- d-----w- c:\programdata\LogiShrd
2010-04-30 01:58 . 2009-07-20 10:25 301656 ----a-w- c:\windows\system32\BtCoreIf.dll
2010-04-30 01:58 . 2009-07-20 10:26 84496 ----a-w- c:\windows\system32\KemXML.dll
2010-04-30 01:58 . 2009-07-20 10:26 117264 ----a-w- c:\windows\system32\KemWnd.dll
2010-04-30 01:58 . 2009-07-20 10:26 145936 ----a-w- c:\windows\system32\KemUtil.dll
2010-04-30 01:58 . 2009-07-20 10:26 170512 ----a-w- c:\windows\system32\kemutb.dll
2010-04-30 01:57 . 2010-04-30 01:57 -------- d-----w- c:\programdata\Logitech
2010-04-30 01:57 . 2010-04-30 02:00 -------- d-----w- c:\program files\Common Files\Logishrd
2010-04-30 01:57 . 2010-04-30 01:57 -------- d-----w- c:\program files\Logitech
2010-04-29 21:26 . 2010-04-29 21:26 6153352 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-04-29 18:55 . 2010-04-29 18:55 37064 ----a-w- c:\users\Coredj\AppData\Local\GDIPFONTCACHEV1.DAT
2010-04-29 12:10 . 2010-05-05 21:17 -------- d-----w- c:\program files\List_Kill'em
2010-04-29 08:59 . 2010-05-06 12:19 -------- d-----w- c:\users\Coredj\Tracing
2010-04-29 07:51 . 2010-04-29 07:51 -------- d-----w- c:\program files\DigiDNA
2010-04-29 07:19 . 2010-05-01 03:25 -------- d-----w- c:\program files\Microsoft
2010-04-29 07:18 . 2010-04-29 07:18 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-04-29 07:18 . 2010-04-29 07:19 -------- d-----w- c:\program files\Windows Live
2010-04-29 07:17 . 2010-04-29 07:17 -------- d-----w- c:\windows\PCHEALTH
2010-04-29 03:35 . 2010-04-30 14:11 -------- d-----w- c:\users\Coredj\AppData\Roaming\DiskAid
2010-04-29 02:21 . 2010-04-29 02:21 -------- d-----w- c:\programdata\ATI
2010-04-29 02:02 . 2010-04-29 02:02 -------- d-----w- c:\users\Coredj\AppData\Roaming\TuneUp Software
2010-04-29 02:01 . 2010-04-29 02:01 -------- d-----w- c:\programdata\TuneUp Software
2010-04-29 02:01 . 2010-04-29 02:01 -------- d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-04-28 10:02 . 2010-04-28 10:02 24936 ----a-w- C:\UsbFix_Upload_Me_PC-de-Coredj.zip
2010-04-28 04:02 . 2010-05-04 08:59 -------- d-----w- c:\program files\Trend Micro
2010-04-28 01:50 . 2010-04-28 01:50 268800 ----a-w- c:\windows\system32\es.dll
2010-04-28 00:20 . 2010-04-28 00:20 -------- d-----w- c:\users\Coredj\AppData\Roaming\Malwarebytes
2010-04-28 00:19 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-28 00:19 . 2010-04-28 00:19 -------- d-----w- c:\programdata\Malwarebytes
2010-04-28 00:19 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-27 21:55 . 2010-04-27 21:55 -------- d-----w- c:\users\Coredj\AppData\Roaming\Lavasoft
2010-04-27 18:39 . 2010-04-27 18:39 653576 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-04-27 05:57 . 2010-04-27 05:57 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-04-27 05:57 . 2010-04-27 05:57 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-04-27 05:57 . 2010-04-27 05:57 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-04-27 05:57 . 2010-04-27 05:57 24064 ----a-w- c:\windows\system32\lpk.dll
2010-04-27 05:57 . 2010-04-27 05:57 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-04-27 05:57 . 2010-04-27 05:57 10240 ----a-w- c:\windows\system32\dciman32.dll
2010-04-27 05:56 . 2010-04-27 05:56 61440 ----a-w- c:\windows\system32\winipsec.dll
2010-04-27 05:56 . 2010-04-27 05:56 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2010-04-27 05:56 . 2010-04-27 05:56 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2010-04-27 05:56 . 2010-04-27 05:56 272896 ----a-w- c:\windows\system32\polstore.dll
2010-04-27 05:55 . 2010-04-27 05:55 84992 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-04-27 05:55 . 2010-04-27 05:55 307200 ----a-w- c:\windows\system32\drivers\srv.sys
2010-04-27 05:53 . 2010-04-27 05:53 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2010-04-27 05:53 . 2010-04-27 05:53 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2010-04-27 05:53 . 2010-04-27 05:53 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2010-04-27 05:53 . 2010-04-27 05:53 19968 ----a-w- c:\windows\system32\ARP.EXE
2010-04-27 05:53 . 2010-04-27 05:53 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2010-04-27 05:53 . 2010-04-27 05:53 15360 ----a-w- c:\windows\system32\netevent.dll
2010-04-27 05:53 . 2010-04-27 05:53 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2010-04-27 05:53 . 2010-04-27 05:53 103936 ----a-w- c:\windows\system32\netiohlp.dll
2010-04-27 05:53 . 2010-04-27 05:53 10240 ----a-w- c:\windows\system32\finger.exe
2010-04-27 05:52 . 2010-04-27 05:52 194560 ----a-w- c:\windows\system32\WebClnt.dll
2010-04-27 05:52 . 2010-04-27 05:52 110080 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2010-04-27 05:50 . 2010-04-27 05:50 123904 ----a-w- c:\windows\system32\L2SecHC.dll
2010-04-27 05:50 . 2010-04-27 05:50 67584 ----a-w- c:\windows\system32\wlanhlp.dll
2010-04-27 05:50 . 2010-04-27 05:50 47104 ----a-w- c:\windows\system32\wlanapi.dll
2010-04-27 05:50 . 2010-04-27 05:50 289280 ----a-w- c:\windows\system32\wlanmsm.dll
2010-04-27 05:50 . 2010-04-27 05:50 502784 ----a-w- c:\windows\system32\wlansvc.dll
2010-04-27 05:50 . 2010-04-27 05:50 299520 ----a-w- c:\windows\system32\wlansec.dll
2010-04-27 05:49 . 2010-04-27 05:49 2048 ----a-w- c:\windows\system32\msxml6r.dll
2010-04-27 05:49 . 2010-04-27 05:49 2048 ----a-w- c:\windows\system32\msxml3r.dll
2010-04-27 05:49 . 2010-04-27 05:49 1406464 ----a-w- c:\windows\system32\msxml6.dll
2010-04-27 05:49 . 2010-04-27 05:49 1260032 ----a-w- c:\windows\system32\msxml3.dll
2010-04-27 05:47 . 2010-04-27 05:47 7680 ----a-w- c:\windows\system32\lsass.exe
2010-04-27 05:47 . 2010-04-27 05:47 72704 ----a-w- c:\windows\system32\secur32.dll
2010-04-27 05:47 . 2010-04-27 05:47 408136 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2010-04-27 05:47 . 2010-04-27 05:47 216576 ----a-w- c:\windows\system32\msv1_0.dll
2010-04-27 05:47 . 2010-04-27 05:47 175104 ----a-w- c:\windows\system32\wdigest.dll
2010-04-27 05:47 . 2010-04-27 05:47 1233920 ----a-w- c:\windows\system32\lsasrv.dll
2010-04-27 05:46 . 2010-04-27 05:46 58368 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-04-27 05:46 . 2010-04-27 05:46 211968 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-04-27 05:46 . 2010-04-27 05:46 102400 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-04-27 05:45 . 2010-04-27 05:45 2855424 ----a-w- c:\windows\system32\mf.dll
2010-04-27 05:45 . 2010-04-27 05:45 98816 ----a-w- c:\windows\system32\mfps.dll
2010-04-27 05:45 . 2010-04-27 05:45 52736 ----a-w- c:\windows\system32\rrinstaller.exe
2010-04-27 05:45 . 2010-04-27 05:45 24576 ----a-w- c:\windows\system32\mfpmp.exe
2010-04-27 05:45 . 2010-04-27 05:45 2048 ----a-w- c:\windows\system32\mferror.dll
2010-04-27 05:43 . 2010-04-27 05:43 3504008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-04-27 05:43 . 2010-04-27 05:43 3470216 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-04-27 05:41 . 2010-04-27 05:41 376832 ----a-w- c:\windows\system32\winhttp.dll
2010-04-27 05:39 . 2010-04-27 05:39 434176 ----a-w- c:\windows\system32\vbscript.dll
2010-04-27 05:38 . 2010-04-27 05:38 71680 ----a-w- c:\windows\system32\atl.dll
2010-04-27 05:37 . 2010-04-27 05:37 297472 ----a-w- c:\windows\system32\gdi32.dll
2010-04-27 05:34 . 2010-04-27 05:34 500736 ----a-w- c:\windows\system32\msdtcprx.dll
2010-04-27 05:34 . 2010-04-27 05:34 30208 ----a-w- c:\windows\system32\xolehlp.dll
2010-04-27 05:32 . 2010-04-27 05:32 156160 ----a-w- c:\windows\system32\wkssvc.dll
2010-04-27 05:31 . 2010-04-27 05:31 116736 ----a-w- c:\windows\system32\aaclient.dll
2010-04-27 05:31 . 2010-04-27 05:31 36352 ----a-w- c:\windows\system32\tsgqec.dll
2010-04-27 05:31 . 2010-04-27 05:31 1871872 ----a-w- c:\windows\system32\mstscax.dll
2010-04-27 05:30 . 2010-04-27 05:30 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2010-04-27 05:27 . 2010-04-27 05:27 86016 ----a-w- c:\windows\system32\icfupgd.dll
2010-04-27 05:27 . 2010-04-27 05:27 63488 ----a-w- c:\windows\system32\drivers\mpsdrv.sys
2010-04-27 05:27 . 2010-04-27 05:27 396800 ----a-w- c:\windows\system32\MPSSVC.dll
2010-04-27 05:27 . 2010-04-27 05:27 392192 ----a-w- c:\windows\system32\FirewallAPI.dll
2010-04-27 05:27 . 2010-04-27 05:27 16896 ----a-w- c:\windows\system32\wfapigp.dll
2010-04-27 05:27 . 2010-04-27 05:27 61952 ----a-w- c:\windows\system32\cmifw.dll
2010-04-27 05:20 . 2010-04-27 05:20 2048 ----a-w- c:\windows\system32\tzres.dll
2010-04-27 05:19 . 2010-04-27 05:19 696832 ----a-w- c:\windows\system32\localspl.dll
2010-04-27 05:15 . 2010-04-27 05:15 2923520 ----a-w- c:\windows\explorer.exe
2010-04-27 05:13 . 2010-04-27 05:13 171520 ----a-w- c:\windows\system32\wintrust.dll
2010-04-27 05:11 . 2010-04-27 05:11 4495360 ----a-w- c:\windows\system32\NlsData0019.dll
2010-04-27 05:09 . 2010-04-27 05:09 549888 ----a-w- c:\windows\system32\rpcss.dll
2010-04-27 05:09 . 2010-04-27 05:09 654336 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2010-04-27 05:09 . 2010-04-27 05:09 247296 ----a-w- c:\windows\system32\wbem\WmiPrvSE.exe
2010-04-27 05:09 . 2010-04-27 05:09 24576 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
Voilà le rapport ( 1/3 ) :
( désolée pour le temps de réponse , je supervise mon déménagement :) )
ComboFix 10-05-05.0D - Coredj 07/05/2010 9:45.1.2 - x86
Microsoft® Windows Vista(TM) Édition Intégrale 6.0.6000.0.1252.33.1036.18.2047.901 [GMT 2:00]
Lancé depuis: c:\users\Coredj\Desktop\Amanda.exe
AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: COMODO Firewall *disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
SP: AntiVir Desktop *disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: COMODO Defense+ *disabled* (Updated) {043803A4-4F86-4ef7-AFC5-F6E02A79969B}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\Coredj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Enregistrement du produit.lnk
c:\windows\System32\taskmgr.exe . . . est infecté!!
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-04-07 au 2010-05-07 ))))))))))))))))))))))))))))))))))))
.
2010-05-05 18:47 . 2010-05-05 18:47 -------- d-----w- C:\Kill'em
2010-05-05 09:50 . 2010-05-05 09:50 -------- d-----w- c:\users\Coredj\AppData\Roaming\TeamViewer
2010-05-05 09:50 . 2010-05-05 09:50 -------- d-----w- c:\users\Coredj\temp
2010-05-04 16:24 . 2010-05-04 16:24 -------- d-----w- c:\users\Coredj\AppData\Local\Apple
2010-05-04 14:23 . 2010-05-04 16:23 -------- d-----w- c:\users\Coredj\AppData\Local\Apple Computer
2010-05-04 09:26 . 2010-05-04 09:26 -------- d-----w- c:\windows\Sun
2010-05-04 09:07 . 2010-05-04 09:07 -------- d-----w- c:\program files\CCleaner
2010-05-03 20:31 . 2010-05-03 20:31 -------- d-----w- c:\program files\CHRYOPROD
2010-05-02 15:34 . 2010-05-02 15:34 -------- d-----w- c:\users\Coredj\AppData\Roaming\MxBoost
2010-05-01 03:26 . 2010-05-01 03:26 -------- d-----w- c:\program files\Winter Fun Pack 2004 for Windows XP
2010-05-01 01:22 . 2010-05-01 01:22 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-05-01 01:21 . 2010-05-01 01:26 -------- d-----w- c:\users\Coredj\AppData\Roaming\DAEMON Tools Lite
2010-05-01 01:21 . 2010-05-01 01:21 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-05-01 01:07 . 2010-05-01 01:07 503864 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2010-05-01 01:07 . 2010-05-01 01:07 35896 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2010-05-01 01:06 . 2010-05-01 01:06 -------- d-----w- c:\program files\Microsoft Xbox 360 Accessories
2010-04-30 02:00 . 2010-04-30 02:00 -------- d-----w- c:\users\Coredj\AppData\Roaming\Logitech
2010-04-30 02:00 . 2010-04-30 02:00 -------- d-----w- c:\users\Coredj\AppData\Roaming\Leadertech
2010-04-30 02:00 . 2010-04-30 02:00 -------- d-----w- c:\programdata\LogiShrd
2010-04-30 01:58 . 2009-07-20 10:25 301656 ----a-w- c:\windows\system32\BtCoreIf.dll
2010-04-30 01:58 . 2009-07-20 10:26 84496 ----a-w- c:\windows\system32\KemXML.dll
2010-04-30 01:58 . 2009-07-20 10:26 117264 ----a-w- c:\windows\system32\KemWnd.dll
2010-04-30 01:58 . 2009-07-20 10:26 145936 ----a-w- c:\windows\system32\KemUtil.dll
2010-04-30 01:58 . 2009-07-20 10:26 170512 ----a-w- c:\windows\system32\kemutb.dll
2010-04-30 01:57 . 2010-04-30 01:57 -------- d-----w- c:\programdata\Logitech
2010-04-30 01:57 . 2010-04-30 02:00 -------- d-----w- c:\program files\Common Files\Logishrd
2010-04-30 01:57 . 2010-04-30 01:57 -------- d-----w- c:\program files\Logitech
2010-04-29 21:26 . 2010-04-29 21:26 6153352 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-04-29 18:55 . 2010-04-29 18:55 37064 ----a-w- c:\users\Coredj\AppData\Local\GDIPFONTCACHEV1.DAT
2010-04-29 12:10 . 2010-05-05 21:17 -------- d-----w- c:\program files\List_Kill'em
2010-04-29 08:59 . 2010-05-06 12:19 -------- d-----w- c:\users\Coredj\Tracing
2010-04-29 07:51 . 2010-04-29 07:51 -------- d-----w- c:\program files\DigiDNA
2010-04-29 07:19 . 2010-05-01 03:25 -------- d-----w- c:\program files\Microsoft
2010-04-29 07:18 . 2010-04-29 07:18 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-04-29 07:18 . 2010-04-29 07:19 -------- d-----w- c:\program files\Windows Live
2010-04-29 07:17 . 2010-04-29 07:17 -------- d-----w- c:\windows\PCHEALTH
2010-04-29 03:35 . 2010-04-30 14:11 -------- d-----w- c:\users\Coredj\AppData\Roaming\DiskAid
2010-04-29 02:21 . 2010-04-29 02:21 -------- d-----w- c:\programdata\ATI
2010-04-29 02:02 . 2010-04-29 02:02 -------- d-----w- c:\users\Coredj\AppData\Roaming\TuneUp Software
2010-04-29 02:01 . 2010-04-29 02:01 -------- d-----w- c:\programdata\TuneUp Software
2010-04-29 02:01 . 2010-04-29 02:01 -------- d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-04-28 10:02 . 2010-04-28 10:02 24936 ----a-w- C:\UsbFix_Upload_Me_PC-de-Coredj.zip
2010-04-28 04:02 . 2010-05-04 08:59 -------- d-----w- c:\program files\Trend Micro
2010-04-28 01:50 . 2010-04-28 01:50 268800 ----a-w- c:\windows\system32\es.dll
2010-04-28 00:20 . 2010-04-28 00:20 -------- d-----w- c:\users\Coredj\AppData\Roaming\Malwarebytes
2010-04-28 00:19 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-28 00:19 . 2010-04-28 00:19 -------- d-----w- c:\programdata\Malwarebytes
2010-04-28 00:19 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-27 21:55 . 2010-04-27 21:55 -------- d-----w- c:\users\Coredj\AppData\Roaming\Lavasoft
2010-04-27 18:39 . 2010-04-27 18:39 653576 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-04-27 05:57 . 2010-04-27 05:57 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-04-27 05:57 . 2010-04-27 05:57 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-04-27 05:57 . 2010-04-27 05:57 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-04-27 05:57 . 2010-04-27 05:57 24064 ----a-w- c:\windows\system32\lpk.dll
2010-04-27 05:57 . 2010-04-27 05:57 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-04-27 05:57 . 2010-04-27 05:57 10240 ----a-w- c:\windows\system32\dciman32.dll
2010-04-27 05:56 . 2010-04-27 05:56 61440 ----a-w- c:\windows\system32\winipsec.dll
2010-04-27 05:56 . 2010-04-27 05:56 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2010-04-27 05:56 . 2010-04-27 05:56 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2010-04-27 05:56 . 2010-04-27 05:56 272896 ----a-w- c:\windows\system32\polstore.dll
2010-04-27 05:55 . 2010-04-27 05:55 84992 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-04-27 05:55 . 2010-04-27 05:55 307200 ----a-w- c:\windows\system32\drivers\srv.sys
2010-04-27 05:53 . 2010-04-27 05:53 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2010-04-27 05:53 . 2010-04-27 05:53 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2010-04-27 05:53 . 2010-04-27 05:53 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2010-04-27 05:53 . 2010-04-27 05:53 19968 ----a-w- c:\windows\system32\ARP.EXE
2010-04-27 05:53 . 2010-04-27 05:53 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2010-04-27 05:53 . 2010-04-27 05:53 15360 ----a-w- c:\windows\system32\netevent.dll
2010-04-27 05:53 . 2010-04-27 05:53 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2010-04-27 05:53 . 2010-04-27 05:53 103936 ----a-w- c:\windows\system32\netiohlp.dll
2010-04-27 05:53 . 2010-04-27 05:53 10240 ----a-w- c:\windows\system32\finger.exe
2010-04-27 05:52 . 2010-04-27 05:52 194560 ----a-w- c:\windows\system32\WebClnt.dll
2010-04-27 05:52 . 2010-04-27 05:52 110080 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2010-04-27 05:50 . 2010-04-27 05:50 123904 ----a-w- c:\windows\system32\L2SecHC.dll
2010-04-27 05:50 . 2010-04-27 05:50 67584 ----a-w- c:\windows\system32\wlanhlp.dll
2010-04-27 05:50 . 2010-04-27 05:50 47104 ----a-w- c:\windows\system32\wlanapi.dll
2010-04-27 05:50 . 2010-04-27 05:50 289280 ----a-w- c:\windows\system32\wlanmsm.dll
2010-04-27 05:50 . 2010-04-27 05:50 502784 ----a-w- c:\windows\system32\wlansvc.dll
2010-04-27 05:50 . 2010-04-27 05:50 299520 ----a-w- c:\windows\system32\wlansec.dll
2010-04-27 05:49 . 2010-04-27 05:49 2048 ----a-w- c:\windows\system32\msxml6r.dll
2010-04-27 05:49 . 2010-04-27 05:49 2048 ----a-w- c:\windows\system32\msxml3r.dll
2010-04-27 05:49 . 2010-04-27 05:49 1406464 ----a-w- c:\windows\system32\msxml6.dll
2010-04-27 05:49 . 2010-04-27 05:49 1260032 ----a-w- c:\windows\system32\msxml3.dll
2010-04-27 05:47 . 2010-04-27 05:47 7680 ----a-w- c:\windows\system32\lsass.exe
2010-04-27 05:47 . 2010-04-27 05:47 72704 ----a-w- c:\windows\system32\secur32.dll
2010-04-27 05:47 . 2010-04-27 05:47 408136 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2010-04-27 05:47 . 2010-04-27 05:47 216576 ----a-w- c:\windows\system32\msv1_0.dll
2010-04-27 05:47 . 2010-04-27 05:47 175104 ----a-w- c:\windows\system32\wdigest.dll
2010-04-27 05:47 . 2010-04-27 05:47 1233920 ----a-w- c:\windows\system32\lsasrv.dll
2010-04-27 05:46 . 2010-04-27 05:46 58368 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-04-27 05:46 . 2010-04-27 05:46 211968 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-04-27 05:46 . 2010-04-27 05:46 102400 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-04-27 05:45 . 2010-04-27 05:45 2855424 ----a-w- c:\windows\system32\mf.dll
2010-04-27 05:45 . 2010-04-27 05:45 98816 ----a-w- c:\windows\system32\mfps.dll
2010-04-27 05:45 . 2010-04-27 05:45 52736 ----a-w- c:\windows\system32\rrinstaller.exe
2010-04-27 05:45 . 2010-04-27 05:45 24576 ----a-w- c:\windows\system32\mfpmp.exe
2010-04-27 05:45 . 2010-04-27 05:45 2048 ----a-w- c:\windows\system32\mferror.dll
2010-04-27 05:43 . 2010-04-27 05:43 3504008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-04-27 05:43 . 2010-04-27 05:43 3470216 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-04-27 05:41 . 2010-04-27 05:41 376832 ----a-w- c:\windows\system32\winhttp.dll
2010-04-27 05:39 . 2010-04-27 05:39 434176 ----a-w- c:\windows\system32\vbscript.dll
2010-04-27 05:38 . 2010-04-27 05:38 71680 ----a-w- c:\windows\system32\atl.dll
2010-04-27 05:37 . 2010-04-27 05:37 297472 ----a-w- c:\windows\system32\gdi32.dll
2010-04-27 05:34 . 2010-04-27 05:34 500736 ----a-w- c:\windows\system32\msdtcprx.dll
2010-04-27 05:34 . 2010-04-27 05:34 30208 ----a-w- c:\windows\system32\xolehlp.dll
2010-04-27 05:32 . 2010-04-27 05:32 156160 ----a-w- c:\windows\system32\wkssvc.dll
2010-04-27 05:31 . 2010-04-27 05:31 116736 ----a-w- c:\windows\system32\aaclient.dll
2010-04-27 05:31 . 2010-04-27 05:31 36352 ----a-w- c:\windows\system32\tsgqec.dll
2010-04-27 05:31 . 2010-04-27 05:31 1871872 ----a-w- c:\windows\system32\mstscax.dll
2010-04-27 05:30 . 2010-04-27 05:30 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2010-04-27 05:27 . 2010-04-27 05:27 86016 ----a-w- c:\windows\system32\icfupgd.dll
2010-04-27 05:27 . 2010-04-27 05:27 63488 ----a-w- c:\windows\system32\drivers\mpsdrv.sys
2010-04-27 05:27 . 2010-04-27 05:27 396800 ----a-w- c:\windows\system32\MPSSVC.dll
2010-04-27 05:27 . 2010-04-27 05:27 392192 ----a-w- c:\windows\system32\FirewallAPI.dll
2010-04-27 05:27 . 2010-04-27 05:27 16896 ----a-w- c:\windows\system32\wfapigp.dll
2010-04-27 05:27 . 2010-04-27 05:27 61952 ----a-w- c:\windows\system32\cmifw.dll
2010-04-27 05:20 . 2010-04-27 05:20 2048 ----a-w- c:\windows\system32\tzres.dll
2010-04-27 05:19 . 2010-04-27 05:19 696832 ----a-w- c:\windows\system32\localspl.dll
2010-04-27 05:15 . 2010-04-27 05:15 2923520 ----a-w- c:\windows\explorer.exe
2010-04-27 05:13 . 2010-04-27 05:13 171520 ----a-w- c:\windows\system32\wintrust.dll
2010-04-27 05:11 . 2010-04-27 05:11 4495360 ----a-w- c:\windows\system32\NlsData0019.dll
2010-04-27 05:09 . 2010-04-27 05:09 549888 ----a-w- c:\windows\system32\rpcss.dll
2010-04-27 05:09 . 2010-04-27 05:09 654336 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2010-04-27 05:09 . 2010-04-27 05:09 247296 ----a-w- c:\windows\system32\wbem\WmiPrvSE.exe
2010-04-27 05:09 . 2010-04-27 05:09 24576 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
Voilà la suite (2/3) :
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-07 07:49 . 2006-11-02 16:03 690594 ----a-w- c:\windows\system32\perfh00C.dat
2010-05-07 07:49 . 2006-11-02 16:03 117366 ----a-w- c:\windows\system32\perfc00C.dat
2010-05-06 13:49 . 2010-04-23 02:19 111447813 ----a-w- c:\windows\DUMP4910.tmp
2010-05-05 21:15 . 2010-04-23 02:19 235666461 ----a-w- c:\windows\DUMP496e.tmp
2010-05-05 21:11 . 2010-04-23 02:19 239078429 ----a-w- c:\windows\DUMP492f.tmp
2010-05-01 01:07 . 2010-05-01 01:07 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_xusb21_01007.Wdf
2010-05-01 01:07 . 2010-05-01 01:07 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-05-01 01:07 . 2010-05-01 01:07 3 ----a-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
2010-04-30 01:59 . 2010-04-30 01:59 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2010-04-30 01:59 . 2010-04-30 01:59 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2010-04-27 21:58 . 2007-06-17 17:27 -------- d-----w- c:\program files\Ad-Aware
2010-04-27 06:01 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2010-04-27 06:01 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-04-27 05:17 . 2010-04-27 05:17 72704 ----a-w- c:\windows\system32\admparse.dll
2010-04-27 05:17 . 2010-04-27 05:17 52736 ----a-w- c:\windows\AppPatch\iebrshim.dll
2010-04-27 05:17 . 2010-04-27 05:17 841216 ----a-w- c:\windows\system32\wininet.dll
2010-04-27 05:17 . 2010-04-27 05:17 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-04-27 05:17 . 2010-04-27 05:17 48128 ----a-w- c:\windows\system32\mshtmler.dll
2010-04-27 05:17 . 2010-04-27 05:17 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2010-04-27 05:17 . 2010-04-27 05:17 56320 ----a-w- c:\windows\system32\iesetup.dll
2010-04-27 05:11 . 2010-04-27 05:11 3464704 ----a-w- c:\windows\system32\NlsData0013.dll
2010-04-27 05:04 . 2010-04-27 05:04 40960 ----a-w- c:\windows\AppPatch\apihex86.dll
2010-04-23 03:24 . 2010-04-23 03:24 -------- d-sh--we c:\programdata\Modèles
2010-04-23 03:24 . 2010-04-23 03:24 -------- d-sh--we c:\programdata\Menu Démarrer
2010-04-07 02:43 . 2010-04-07 02:43 5430272 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2010-04-07 02:16 . 2010-04-07 02:16 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-04-07 02:16 . 2010-04-07 02:16 489472 ----a-w- c:\windows\system32\aticfx32.dll
2010-04-07 02:13 . 2010-04-07 02:13 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-04-07 02:12 . 2010-04-07 02:12 372736 ----a-w- c:\windows\system32\atieclxx.exe
2010-04-07 02:12 . 2010-04-07 02:12 14321664 ----a-w- c:\windows\system32\atioglxx.dll
2010-04-07 02:12 . 2010-04-07 02:12 172032 ----a-w- c:\windows\system32\atiesrxx.exe
2010-04-07 02:10 . 2009-07-15 02:13 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2010-04-07 02:10 . 2009-07-15 02:12 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2010-04-07 02:10 . 2010-04-07 02:10 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2010-04-07 02:10 . 2010-04-07 02:10 11776 ----a-w- c:\windows\system32\atimuixx.dll
2010-04-07 02:10 . 2010-04-07 02:10 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-04-07 02:06 . 2010-04-07 02:06 3164160 ----a-w- c:\windows\system32\atidxx32.dll
2010-04-07 01:46 . 2010-04-07 01:46 50176 ----a-w- c:\windows\system32\coinst.dll
2010-04-07 01:40 . 2009-07-15 01:54 3707904 ----a-w- c:\windows\system32\atiumdag.dll
2010-04-07 01:40 . 2010-04-07 01:40 53248 ----a-w- c:\windows\system32\aticalrt.dll
2010-04-07 01:40 . 2010-04-07 01:40 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-04-07 01:38 . 2010-04-07 01:38 4018176 ----a-w- c:\windows\system32\aticaldd.dll
2010-04-07 01:23 . 2010-04-07 01:23 237568 ----a-w- c:\windows\system32\atiadlxx.dll
2010-04-07 01:23 . 2010-04-07 01:23 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2010-04-07 01:23 . 2010-04-07 01:23 14848 ----a-w- c:\windows\system32\atigktxx.dll
2010-04-07 01:23 . 2010-04-07 01:23 157184 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2010-04-07 01:22 . 2010-04-07 01:22 28160 ----a-w- c:\windows\system32\atiuxpag.dll
2010-04-07 01:22 . 2010-04-07 01:22 20480 ----a-w- c:\windows\system32\atiu9pag.dll
2010-04-07 01:22 . 2010-04-07 01:22 23040 ----a-w- c:\windows\system32\atitmpxx.dll
2010-04-07 01:22 . 2010-04-07 01:22 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-04-07 01:21 . 2009-07-15 01:38 2983936 ----a-w- c:\windows\system32\atiumdva.dll
2010-04-07 01:08 . 2010-04-07 01:08 52224 ----a-w- c:\windows\system32\atimpc32.dll
2010-04-07 01:08 . 2010-04-07 01:08 52224 ----a-w- c:\windows\system32\amdpcom32.dll
2010-04-02 16:09 . 2010-04-02 16:09 2023 ----a-w- c:\windows\system32\atipblag.dat
2010-03-25 23:48 . 2010-03-25 23:48 73000 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.1.0.79\SetupAdmin.exe
2010-03-17 15:06 . 2010-03-17 15:06 202234 ----a-w- c:\windows\system32\atiicdxx.dat
2010-03-09 10:20 . 2010-03-09 10:20 104464 ----a-w- c:\windows\system32\drivers\AtiHdmi.sys
2010-02-12 09:46 . 2010-02-12 09:46 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-02-12 09:46 . 2010-02-12 09:46 107808 ----a-w- c:\windows\system32\dns-sd.exe
2007-06-28 23:32 . 2007-06-13 20:31 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-07 07:49 . 2006-11-02 16:03 690594 ----a-w- c:\windows\system32\perfh00C.dat
2010-05-07 07:49 . 2006-11-02 16:03 117366 ----a-w- c:\windows\system32\perfc00C.dat
2010-05-06 13:49 . 2010-04-23 02:19 111447813 ----a-w- c:\windows\DUMP4910.tmp
2010-05-05 21:15 . 2010-04-23 02:19 235666461 ----a-w- c:\windows\DUMP496e.tmp
2010-05-05 21:11 . 2010-04-23 02:19 239078429 ----a-w- c:\windows\DUMP492f.tmp
2010-05-01 01:07 . 2010-05-01 01:07 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_xusb21_01007.Wdf
2010-05-01 01:07 . 2010-05-01 01:07 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-05-01 01:07 . 2010-05-01 01:07 3 ----a-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
2010-04-30 01:59 . 2010-04-30 01:59 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2010-04-30 01:59 . 2010-04-30 01:59 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2010-04-27 21:58 . 2007-06-17 17:27 -------- d-----w- c:\program files\Ad-Aware
2010-04-27 06:01 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2010-04-27 06:01 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-04-27 05:17 . 2010-04-27 05:17 72704 ----a-w- c:\windows\system32\admparse.dll
2010-04-27 05:17 . 2010-04-27 05:17 52736 ----a-w- c:\windows\AppPatch\iebrshim.dll
2010-04-27 05:17 . 2010-04-27 05:17 841216 ----a-w- c:\windows\system32\wininet.dll
2010-04-27 05:17 . 2010-04-27 05:17 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-04-27 05:17 . 2010-04-27 05:17 48128 ----a-w- c:\windows\system32\mshtmler.dll
2010-04-27 05:17 . 2010-04-27 05:17 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2010-04-27 05:17 . 2010-04-27 05:17 56320 ----a-w- c:\windows\system32\iesetup.dll
2010-04-27 05:11 . 2010-04-27 05:11 3464704 ----a-w- c:\windows\system32\NlsData0013.dll
2010-04-27 05:04 . 2010-04-27 05:04 40960 ----a-w- c:\windows\AppPatch\apihex86.dll
2010-04-23 03:24 . 2010-04-23 03:24 -------- d-sh--we c:\programdata\Modèles
2010-04-23 03:24 . 2010-04-23 03:24 -------- d-sh--we c:\programdata\Menu Démarrer
2010-04-07 02:43 . 2010-04-07 02:43 5430272 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2010-04-07 02:16 . 2010-04-07 02:16 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-04-07 02:16 . 2010-04-07 02:16 489472 ----a-w- c:\windows\system32\aticfx32.dll
2010-04-07 02:13 . 2010-04-07 02:13 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-04-07 02:12 . 2010-04-07 02:12 372736 ----a-w- c:\windows\system32\atieclxx.exe
2010-04-07 02:12 . 2010-04-07 02:12 14321664 ----a-w- c:\windows\system32\atioglxx.dll
2010-04-07 02:12 . 2010-04-07 02:12 172032 ----a-w- c:\windows\system32\atiesrxx.exe
2010-04-07 02:10 . 2009-07-15 02:13 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2010-04-07 02:10 . 2009-07-15 02:12 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2010-04-07 02:10 . 2010-04-07 02:10 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2010-04-07 02:10 . 2010-04-07 02:10 11776 ----a-w- c:\windows\system32\atimuixx.dll
2010-04-07 02:10 . 2010-04-07 02:10 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-04-07 02:06 . 2010-04-07 02:06 3164160 ----a-w- c:\windows\system32\atidxx32.dll
2010-04-07 01:46 . 2010-04-07 01:46 50176 ----a-w- c:\windows\system32\coinst.dll
2010-04-07 01:40 . 2009-07-15 01:54 3707904 ----a-w- c:\windows\system32\atiumdag.dll
2010-04-07 01:40 . 2010-04-07 01:40 53248 ----a-w- c:\windows\system32\aticalrt.dll
2010-04-07 01:40 . 2010-04-07 01:40 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-04-07 01:38 . 2010-04-07 01:38 4018176 ----a-w- c:\windows\system32\aticaldd.dll
2010-04-07 01:23 . 2010-04-07 01:23 237568 ----a-w- c:\windows\system32\atiadlxx.dll
2010-04-07 01:23 . 2010-04-07 01:23 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2010-04-07 01:23 . 2010-04-07 01:23 14848 ----a-w- c:\windows\system32\atigktxx.dll
2010-04-07 01:23 . 2010-04-07 01:23 157184 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2010-04-07 01:22 . 2010-04-07 01:22 28160 ----a-w- c:\windows\system32\atiuxpag.dll
2010-04-07 01:22 . 2010-04-07 01:22 20480 ----a-w- c:\windows\system32\atiu9pag.dll
2010-04-07 01:22 . 2010-04-07 01:22 23040 ----a-w- c:\windows\system32\atitmpxx.dll
2010-04-07 01:22 . 2010-04-07 01:22 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-04-07 01:21 . 2009-07-15 01:38 2983936 ----a-w- c:\windows\system32\atiumdva.dll
2010-04-07 01:08 . 2010-04-07 01:08 52224 ----a-w- c:\windows\system32\atimpc32.dll
2010-04-07 01:08 . 2010-04-07 01:08 52224 ----a-w- c:\windows\system32\amdpcom32.dll
2010-04-02 16:09 . 2010-04-02 16:09 2023 ----a-w- c:\windows\system32\atipblag.dat
2010-03-25 23:48 . 2010-03-25 23:48 73000 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.1.0.79\SetupAdmin.exe
2010-03-17 15:06 . 2010-03-17 15:06 202234 ----a-w- c:\windows\system32\atiicdxx.dat
2010-03-09 10:20 . 2010-03-09 10:20 104464 ----a-w- c:\windows\system32\drivers\AtiHdmi.sys
2010-02-12 09:46 . 2010-02-12 09:46 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-02-12 09:46 . 2010-02-12 09:46 107808 ----a-w- c:\windows\system32\dns-sd.exe
2007-06-28 23:32 . 2007-06-13 20:31 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
Puis la fin ( 3/3 ) :
------- Sigcheck -------
[-] 2007-07-01 . 471100A16C4CD35DEC9558532FB4B4FF . 18944 . . [6.0.6000.16386] . . c:\windows\System32\ctfmon.exe
[-] 2006-11-10 . 921D359C1168867B515C219ACCED9609 . 245248 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-04-27 1232896]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2007-06-13 1006264]
"UberIcon"="c:\program files\UberIcon\UberIcon Manager.exe" [2005-08-12 180224]
"COMODO Internet Security"="e:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-04-23 1800464]
"StartCCC"="e:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-14 98304]
"avgnt"="e:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 718688]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-4-30 813584]
Winter Fun Wallpaper Changer.lnk - c:\windows\Installer\{038A524F-58DB-438A-8391-8F7F0CA14B9E}\Icon038A524F.exe [2010-5-1 14336]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PalTalk.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk
backup=c:\windows\pss\PalTalk.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Coredj\AppData\Local\Google\Update\GoogleUpdate.exe" /c
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="e:\program files\iTunes\iTunesHelper.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiSpywareOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2751909203-2038563907-3353613837-1000]
"EnableNotificationsRef"=dword:00000002
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-05-01 691696]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2010-04-23 130960]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2010-04-23 29520]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-04-07 172032]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;e:\program files\Avira\AntiVir Desktop\sched.exe [2010-04-23 108289]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-04-07 5430272]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-04-07 157184]
.
Contenu du dossier 'Tâches planifiées'
2010-05-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4010582132-2109920345-384629158-1000Core.job
- c:\users\Coredj\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-23 05:40]
2010-05-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4010582132-2109920345-384629158-1000UA.job
- c:\users\Coredj\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-23 05:40]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com/
.
- - - - ORPHELINS SUPPRIMES - - - -
Toolbar-ITBar7Layout - (no file)
Toolbar-ITBar7Position - (no file)
HKLM-Run-CmPCIaudio - cmicnfg3.cpl
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-07 09:56
Windows 6.0.6000 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys dxgkrnl.sys atikmpag.sys atikmdag.sys watchdog.sys tcpip.sys NETIO.SYS nvstor32.sys storport.sys partmgr.sys volmgr.sys fvevol.sys ecache.sys volsnap.sys Ntfs.sys ndis.sys nvmfdx32.sys Wdf01000.sys xusb21.sys cmdguard.sys >>UNKNOWN [0x8E6A2528]<< USBPORT.SYS usbehci.sys inspect.sys rspndr.sys >>UNKNOWN [0x8E6A2528]<< Npfs.SYS >>UNKNOWN [0x8E6A2528]<< >>UNKNOWN [0x8E6A2528]<< >>UNKNOWN [0x8E6A2528]<< >>UNKNOWN [0x8E6A2528]<< >>UNKNOWN [0x8E6A2528]<< >>UNKNOWN [0x8E6A2528]<< >>UNKNOWN [0x8E6A2528]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0x80423d1f
\Driver\ACPI -> acpi.sys @ 0x802329d6
\Driver\atapi -> ataport.SYS @ 0x8079c9ba
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x8219646f
ParseProcedure -> ntkrnlpa.exe @ 0x8219746f
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x8219646f
ParseProcedure -> ntkrnlpa.exe @ 0x8219746f
user & kernel MBR OK
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(864)
c:\windows\system32\guard32.dll
- - - - - - - > 'lsass.exe'(680)
c:\windows\system32\guard32.dll
.
Heure de fin: 2010-05-07 09:59:28
ComboFix-quarantined-files.txt 2010-05-07 07:59
Avant-CF: 9 256 800 256 octets libres
Après-CF: 8 845 737 984 octets libres
- - End Of File - - F4473F9DED8428B00E6D00871AB0FCF5
J ' ajoute que mon antivirus ne se met plus à jour .
------- Sigcheck -------
[-] 2007-07-01 . 471100A16C4CD35DEC9558532FB4B4FF . 18944 . . [6.0.6000.16386] . . c:\windows\System32\ctfmon.exe
[-] 2006-11-10 . 921D359C1168867B515C219ACCED9609 . 245248 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-04-27 1232896]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2007-06-13 1006264]
"UberIcon"="c:\program files\UberIcon\UberIcon Manager.exe" [2005-08-12 180224]
"COMODO Internet Security"="e:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-04-23 1800464]
"StartCCC"="e:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-14 98304]
"avgnt"="e:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 718688]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-4-30 813584]
Winter Fun Wallpaper Changer.lnk - c:\windows\Installer\{038A524F-58DB-438A-8391-8F7F0CA14B9E}\Icon038A524F.exe [2010-5-1 14336]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PalTalk.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk
backup=c:\windows\pss\PalTalk.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Coredj\AppData\Local\Google\Update\GoogleUpdate.exe" /c
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="e:\program files\iTunes\iTunesHelper.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiSpywareOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2751909203-2038563907-3353613837-1000]
"EnableNotificationsRef"=dword:00000002
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-05-01 691696]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2010-04-23 130960]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2010-04-23 29520]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-04-07 172032]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;e:\program files\Avira\AntiVir Desktop\sched.exe [2010-04-23 108289]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-04-07 5430272]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-04-07 157184]
.
Contenu du dossier 'Tâches planifiées'
2010-05-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4010582132-2109920345-384629158-1000Core.job
- c:\users\Coredj\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-23 05:40]
2010-05-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4010582132-2109920345-384629158-1000UA.job
- c:\users\Coredj\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-23 05:40]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com/
.
- - - - ORPHELINS SUPPRIMES - - - -
Toolbar-ITBar7Layout - (no file)
Toolbar-ITBar7Position - (no file)
HKLM-Run-CmPCIaudio - cmicnfg3.cpl
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-07 09:56
Windows 6.0.6000 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys dxgkrnl.sys atikmpag.sys atikmdag.sys watchdog.sys tcpip.sys NETIO.SYS nvstor32.sys storport.sys partmgr.sys volmgr.sys fvevol.sys ecache.sys volsnap.sys Ntfs.sys ndis.sys nvmfdx32.sys Wdf01000.sys xusb21.sys cmdguard.sys >>UNKNOWN [0x8E6A2528]<< USBPORT.SYS usbehci.sys inspect.sys rspndr.sys >>UNKNOWN [0x8E6A2528]<< Npfs.SYS >>UNKNOWN [0x8E6A2528]<< >>UNKNOWN [0x8E6A2528]<< >>UNKNOWN [0x8E6A2528]<< >>UNKNOWN [0x8E6A2528]<< >>UNKNOWN [0x8E6A2528]<< >>UNKNOWN [0x8E6A2528]<< >>UNKNOWN [0x8E6A2528]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0x80423d1f
\Driver\ACPI -> acpi.sys @ 0x802329d6
\Driver\atapi -> ataport.SYS @ 0x8079c9ba
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x8219646f
ParseProcedure -> ntkrnlpa.exe @ 0x8219746f
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x8219646f
ParseProcedure -> ntkrnlpa.exe @ 0x8219746f
user & kernel MBR OK
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(864)
c:\windows\system32\guard32.dll
- - - - - - - > 'lsass.exe'(680)
c:\windows\system32\guard32.dll
.
Heure de fin: 2010-05-07 09:59:28
ComboFix-quarantined-files.txt 2010-05-07 07:59
Avant-CF: 9 256 800 256 octets libres
Après-CF: 8 845 737 984 octets libres
- - End Of File - - F4473F9DED8428B00E6D00871AB0FCF5
J ' ajoute que mon antivirus ne se met plus à jour .
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
lol logique...
Télécharge SF.exe de C_XX
*Double clique sur SF.exe (Exécuter en tant qu'administrateur pour Vista/7) .
*Une fenêtre "cmd" va s'ouvrir .
*Tape taskmgr dans cette fenêtre et [Entrée].
*Patiente pendant la recherche.
*Une fenêtre avec un log.txt va s'afficher.
*Copie/colle ce rapport dans ta prochaine réponse.
?G3?-?@¢??@?(TM)©®?
Télécharge SF.exe de C_XX
*Double clique sur SF.exe (Exécuter en tant qu'administrateur pour Vista/7) .
*Une fenêtre "cmd" va s'ouvrir .
*Tape taskmgr dans cette fenêtre et [Entrée].
*Patiente pendant la recherche.
*Une fenêtre avec un log.txt va s'afficher.
*Copie/colle ce rapport dans ta prochaine réponse.
?G3?-?@¢??@?(TM)©®?
Voilà le rapport demandé :
1. ========================= SEAF 1.0.0.7 - C_XX
2.
3. Commencé à: 00:07:57 le 08/05/2010
4.
5. Valeur(s) recherchée(s):
6.
7. taskmgr
8.
9.
10. ====== Fichier(s) (TC: Date de création, TM: Date de modification, DA, Dernier accès) ======
11.
12. "c:\Windows\winsxs\x86_microsoft-windows-taskmgr_31bf3856ad364e35_6.0.6000.16386_none_122b6d31ac48dff3\taskmgr.exe" [ ----A---- | 206336 ]
13. TC: 02/11/2006,10:47:46 | TM: 14/06/2007,01:09:18 | DA: 01/07/2007,12:44:00
14.
15. =========================
16.
17. "c:\Windows\winsxs\x86_microsoft-windows-taskmgr.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_7728233955211bad\taskmgr.exe.mui" [ ----A---- | 49152 ]
18. TC: 02/11/2006,17:56:48 | TM: 02/11/2006,17:56:48 | DA: 02/11/2006,18:03:28
19.
20. =========================
21.
22. "c:\Windows\winsxs\Manifests\x86_microsoft-windows-taskmgr.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_7728233955211bad.manifest" [ ----A---- | 2476 ]
23. TC: 02/11/2006,17:52:45 | TM: 02/11/2006,17:52:45 | DA: 02/11/2006,17:52:45
24.
25. =========================
26.
27. "c:\Windows\winsxs\Manifests\x86_microsoft-windows-taskmgr_31bf3856ad364e35_6.0.6000.16386_none_122b6d31ac48dff3.manifest" [ ----A---- | 9021 ]
28. TC: 02/11/2006,12:21:48 | TM: 02/11/2006,12:09:13 | DA: 02/11/2006,12:43:39
29.
30. =========================
31.
32. "c:\Windows\System32\taskmgr.exe" [ ----A---- | 206336 ]
33. TC: 02/11/2006,10:47:46 | TM: 14/06/2007,01:09:18 | DA: 01/07/2007,12:44:00
34.
35. =========================
36.
37. "c:\Windows\System32\fr-FR\taskmgr.exe.mui" [ ----A---- | 49152 ]
38. TC: 02/11/2006,17:56:48 | TM: 02/11/2006,17:56:48 | DA: 02/11/2006,18:03:28
39.
40. =========================
41.
42. "c:\Windows\Prefetch\TASKMGR.EXE-4C8500BA.pf" [ ----A---- | 37874 ]
43. TC: 04/05/2010,20:59:38 | TM: 07/05/2010,23:37:36 | DA: 04/05/2010,20:59:38
44.
45. =========================
46.
47. ====== Dossier(s) (TC: Date de création, TM: Date de modification, DA, Dernier accès) ======
48.
49. "c:\Windows\winsxs\x86_microsoft-windows-taskmgr.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_7728233955211bad" [ ----D---- ]
50. TC: 02/11/2006,17:56:49 | TM: 02/11/2006,17:56:49 | DA: 02/11/2006,17:56:49
51.
52. =========================
53.
54. "c:\Windows\winsxs\x86_microsoft-windows-taskmgr_31bf3856ad364e35_6.0.6000.16386_none_122b6d31ac48dff3" [ ----D---- ]
55. TC: 02/11/2006,13:19:05 | TM: 02/11/2006,13:19:05 | DA: 02/11/2006,13:19:05
56.
57. =========================
58.
59. =========================
60.
61. Fin à: 00:08:37 le 08/05/2010 ( E.O.F )
1. ========================= SEAF 1.0.0.7 - C_XX
2.
3. Commencé à: 00:07:57 le 08/05/2010
4.
5. Valeur(s) recherchée(s):
6.
7. taskmgr
8.
9.
10. ====== Fichier(s) (TC: Date de création, TM: Date de modification, DA, Dernier accès) ======
11.
12. "c:\Windows\winsxs\x86_microsoft-windows-taskmgr_31bf3856ad364e35_6.0.6000.16386_none_122b6d31ac48dff3\taskmgr.exe" [ ----A---- | 206336 ]
13. TC: 02/11/2006,10:47:46 | TM: 14/06/2007,01:09:18 | DA: 01/07/2007,12:44:00
14.
15. =========================
16.
17. "c:\Windows\winsxs\x86_microsoft-windows-taskmgr.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_7728233955211bad\taskmgr.exe.mui" [ ----A---- | 49152 ]
18. TC: 02/11/2006,17:56:48 | TM: 02/11/2006,17:56:48 | DA: 02/11/2006,18:03:28
19.
20. =========================
21.
22. "c:\Windows\winsxs\Manifests\x86_microsoft-windows-taskmgr.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_7728233955211bad.manifest" [ ----A---- | 2476 ]
23. TC: 02/11/2006,17:52:45 | TM: 02/11/2006,17:52:45 | DA: 02/11/2006,17:52:45
24.
25. =========================
26.
27. "c:\Windows\winsxs\Manifests\x86_microsoft-windows-taskmgr_31bf3856ad364e35_6.0.6000.16386_none_122b6d31ac48dff3.manifest" [ ----A---- | 9021 ]
28. TC: 02/11/2006,12:21:48 | TM: 02/11/2006,12:09:13 | DA: 02/11/2006,12:43:39
29.
30. =========================
31.
32. "c:\Windows\System32\taskmgr.exe" [ ----A---- | 206336 ]
33. TC: 02/11/2006,10:47:46 | TM: 14/06/2007,01:09:18 | DA: 01/07/2007,12:44:00
34.
35. =========================
36.
37. "c:\Windows\System32\fr-FR\taskmgr.exe.mui" [ ----A---- | 49152 ]
38. TC: 02/11/2006,17:56:48 | TM: 02/11/2006,17:56:48 | DA: 02/11/2006,18:03:28
39.
40. =========================
41.
42. "c:\Windows\Prefetch\TASKMGR.EXE-4C8500BA.pf" [ ----A---- | 37874 ]
43. TC: 04/05/2010,20:59:38 | TM: 07/05/2010,23:37:36 | DA: 04/05/2010,20:59:38
44.
45. =========================
46.
47. ====== Dossier(s) (TC: Date de création, TM: Date de modification, DA, Dernier accès) ======
48.
49. "c:\Windows\winsxs\x86_microsoft-windows-taskmgr.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_7728233955211bad" [ ----D---- ]
50. TC: 02/11/2006,17:56:49 | TM: 02/11/2006,17:56:49 | DA: 02/11/2006,17:56:49
51.
52. =========================
53.
54. "c:\Windows\winsxs\x86_microsoft-windows-taskmgr_31bf3856ad364e35_6.0.6000.16386_none_122b6d31ac48dff3" [ ----D---- ]
55. TC: 02/11/2006,13:19:05 | TM: 02/11/2006,13:19:05 | DA: 02/11/2006,13:19:05
56.
57. =========================
58.
59. =========================
60.
61. Fin à: 00:08:37 le 08/05/2010 ( E.O.F )
bonjour regarde si tu as la possibilité de remplacer :
c:\Windows\System32\taskmgr.exe
par :
c:\Windows\winsxs\x86_microsoft-windows-taskmgr_31bf3856ad364e35_6.0.6000.16386_none_122b6d31ac48dff3\taskmgr.exe
tu recuperes du deuxieme chemin (copier) et tu le colles dans le systeme32 et acceptes la suppression
c:\Windows\System32\taskmgr.exe
par :
c:\Windows\winsxs\x86_microsoft-windows-taskmgr_31bf3856ad364e35_6.0.6000.16386_none_122b6d31ac48dff3\taskmgr.exe
tu recuperes du deuxieme chemin (copier) et tu le colles dans le systeme32 et acceptes la suppression
