Message "warning potential spyware operation&

GeoGeo -
Le sioux Messages postés 4907 Statut Contributeur sécurité - 14 févr. 2008 à 00:57

Bonjour à tous,
comme de nombreuses personnes avant moi j'ai un problème avec ce message "warning potential spyware operation" qui vient toujours me déranger.
Apparement tout le monde a trouver une solution, mais moi j'ai rien compris à la procédure à suivre. Pouvez-vous m'éxpliquer clairement chaques étapes à suivres ?
Merci beaucoup par avance.

Afficher la suite

A voir également:

Message "warning potential spyware operation&
Recuperer message whatsapp supprimé - Guide
Message absence thunderbird - Guide
Message supprimé whatsapp - Guide
Epingler un message whatsapp - Accueil - Messagerie instantanée
Message du pere noel gratuit whatsapp - Accueil - Applis & Sites

65 réponses

Réponse 41 / 65

GeoGeo

Bonjour, en fait j'avais exécuter Combofix via internet parceque votre version ne fonctionnait pas (il me disait qu'elle n'était plus à jour), j'en ai donc pris une autre que j'ai trouvé au bout de plusieurs essais; machinalement, au bout de nombreux essais, j'ai fait "éxecuter" au lieu d"enregistrer". Désolé.

Voilà le rapport Combofix :

ComboFix 08-01-11.1 - Guisse 2008-01-11 18:54:27.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1326 [GMT 1:00]
Running from: C:\Documents and Settings\Guisse\Bureau\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\.exe
C:\WINDOWS\system32\1033\1033.exe
C:\WINDOWS\system32\1036\1036.exe
C:\WINDOWS\system32\restore\restore.exe
C:\WINDOWS\system32\shovth.exe
C:\WINDOWS\system32\system32.exe
C:\WINDOWS\system32\winsn.exe
C:\WINDOWS\system32\winsos.exe
C:\WINDOWS\trayicons.exe
C:\WINDOWS\windisk.dll
C:\WINDOWS\windows.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2007-12-11 to 2008-01-11 ))))))))))))))))))))))))))))))))))))
.

2008-01-11 18:46 . 2008-01-11 18:46 <REP> d-------- C:\WINDOWS\LastGood
2008-01-10 19:11 . 2008-01-10 19:11 <REP> d-------- C:\Program Files\Philips Flat Panel Adjust
2008-01-10 04:23 . 2008-01-10 04:23 268 --ah----- C:\sqmdata09.sqm
2008-01-10 04:23 . 2008-01-10 04:23 244 --ah----- C:\sqmnoopt09.sqm
2008-01-09 19:12 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-12-29 16:44 . 2007-12-29 16:44 <REP> d-------- C:\Documents and Settings\Guisse\Application Data\Webcammax
2007-12-29 16:39 . 2007-12-29 16:39 <REP> d-------- C:\Documents and Settings\Guisse\Application Data\EasySpywareCleaner.com
2007-12-29 16:38 . 2007-12-29 20:25 <REP> d-------- C:\Program Files\EasySpywareCleaner
2007-12-29 15:15 . 2007-12-29 15:15 <REP> d-------- C:\Documents and Settings\Guisse\Application Data\Bitdefender
2007-12-29 15:14 . 2007-12-29 05:25 <REP> d-------- C:\Program Files\BitDefender
2007-12-29 08:22 . 2007-12-29 08:22 <REP> d-------- C:\Program Files\Fichiers communs\snp2std
2007-12-29 08:22 . 2007-12-29 08:22 <REP> d-------- C:\Documents and Settings\Guisse\Application Data\InstallShield
2007-12-29 08:22 . 2007-01-26 16:48 12,028,032 --a------ C:\WINDOWS\system32\drivers\snp2sxp.sys
2007-12-29 08:22 . 2006-09-15 13:21 675,840 --a------ C:\WINDOWS\vsnp2std.exe
2007-12-29 08:22 . 2006-11-29 16:11 258,048 --a------ C:\WINDOWS\tsnp2std.exe
2007-12-29 08:22 . 2006-10-03 14:35 249,856 --a------ C:\WINDOWS\system32\vsnp2std.dll
2007-12-29 08:22 . 2007-02-05 15:25 151,552 --a------ C:\WINDOWS\system32\rsnp2std.dll
2007-12-29 08:22 . 2006-11-16 15:57 77,824 --a------ C:\WINDOWS\system32\csnp2std.dll
2007-12-29 08:22 . 2007-01-25 18:48 25,472 --a------ C:\WINDOWS\system32\drivers\sncamd.sys
2007-12-29 08:22 . 2004-12-09 17:23 15,497 --a------ C:\WINDOWS\snp2std.ini
2007-12-29 08:22 . 2004-12-09 17:23 13,022 --a------ C:\WINDOWS\snp2std.src
2007-12-29 05:28 . 2007-12-29 16:44 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Webcammax
2007-12-29 05:27 . 2007-12-29 16:47 <REP> d-------- C:\Program Files\WebcamMax
2007-12-29 02:55 . 2007-12-29 02:55 <REP> d-------- C:\Program Files\MSECache
2007-12-27 20:25 . 2007-12-27 20:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-12-27 20:23 . 2007-12-27 20:23 <REP> d-------- C:\Program Files\CCleaner
2007-12-27 15:07 . 2007-12-27 15:07 <REP> d-------- C:\Program Files\Wanadoo Edition
2007-12-27 11:44 . 2007-12-27 11:48 <REP> d-------- C:\Program Files\Error Repair Professional
2007-12-26 01:01 . 2007-12-26 01:01 <REP> d-------- C:\Program Files\PC Inspector File Recovery
2007-12-26 01:01 . 2002-02-18 18:40 6,200 --a------ C:\WINDOWS\system32\INT13EXT.VXD
2007-12-25 15:27 . 2007-12-19 15:52 89,088 ---h----- C:\WINDOWS\system32\drivers\drivers.exe
2007-12-25 15:18 . 2007-12-19 15:52 89,088 ---h----- C:\WINDOWS\system\system.exe
2007-12-25 14:50 . 2007-12-25 14:50 <REP> d-------- C:\Program Files\GetData
2007-12-25 14:50 . 2007-12-25 15:23 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-12-25 14:15 . 2007-12-25 14:15 93 -r-hs---- C:\autorun.inf
2007-12-25 12:36 . 2007-12-25 12:37 <REP> d-------- C:\WINDOWS\ERUNT
2007-12-25 08:23 . 2007-12-25 15:33 <REP> d-------- C:\Program Files\REST2514
2007-12-25 06:34 . 2007-12-25 06:34 <REP> d-------- C:\Program Files\AxBx
2007-12-24 19:54 . 2007-12-25 15:58 2,836 --a------ C:\WINDOWS\system32\tmp.reg
2007-12-24 19:52 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-12-24 19:52 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-12-24 19:52 . 2007-12-20 23:11 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe
2007-12-24 19:52 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-12-24 19:52 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-12-24 19:52 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-12-24 19:50 . 2007-12-25 16:04 <REP> d-------- C:\SmitfraudFix
2007-12-24 14:04 . 2007-12-24 14:04 <REP> d-------- C:\Program Files\splus
2007-12-24 14:04 . 2005-10-17 18:13 447,488 --a------ C:\WINDOWS\system32\splus.cpl
2007-12-24 11:30 . 2007-12-24 11:30 <REP> d-------- C:\Program Files\Trend Micro
2007-12-20 22:40 . 2007-12-19 15:52 89,088 ---h----- C:\WINDOWS\system32\config\systemprofile\systemprofile.exe
2007-12-20 22:24 . 2007-12-20 22:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-20 21:31 . 2007-12-19 15:52 89,088 ---hs---- C:\F82EC657.exe
2007-12-20 21:31 . 2007-12-19 15:52 89,088 ---h----- C:\Documents and Settings\Guisse\Guisse.exe
2007-12-19 21:33 . 2007-12-19 21:33 2,359,350 --a------ C:\WINDOWS\BricoPack Wallpaper.bmp
2007-12-19 21:33 . 2007-12-19 21:33 65,203 --a------ C:\WINDOWS\BricoPackUninst.cmd
2007-12-19 21:23 . 2007-12-19 21:33 6,116 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
2007-12-16 13:51 . 2005-06-12 18:29 77,824 --a------ C:\WINDOWS\system32\fmcodec.DLL
2007-12-16 13:29 . 2007-12-16 13:45 171 --a------ C:\WINDOWS\system32\temp_0000_65-20.aok
2007-12-16 13:27 . 2007-12-16 13:27 172 --a------ C:\WINDOWS\system32\test.aok
2007-12-16 13:25 . 2007-12-16 13:26 <REP> d-------- C:\Program Files\Allok Video to FLV Converter
2007-12-16 13:25 . 2004-01-11 08:02 258,048 --a------ C:\WINDOWS\system32\GplMpgDec.ax
2007-12-16 13:25 . 2006-10-24 14:16 242,176 --a------ C:\WINDOWS\system32\fixflash.exe
2007-12-16 13:25 . 2007-04-12 14:19 129,024 --a------ C:\WINDOWS\system32\AVERM.dll
2007-12-16 13:25 . 2006-09-26 13:57 28,672 --a------ C:\WINDOWS\system32\AVEQT.dll
2007-12-15 16:40 . 2007-12-15 16:42 <REP> d-------- C:\Program Files\AdorageI-GfxDatas
2007-12-15 16:31 . 2007-12-15 16:31 51 --a------ C:\WINDOWS\system32\blue.SITENAME
2007-12-15 16:30 . 2007-12-15 17:13 455 --a------ C:\WINDOWS\VFO.VST
2007-12-15 16:29 . 2002-09-24 11:12 2,653,888 --a------ C:\WINDOWS\system32\LTRDG13n.OCX
2007-12-15 16:29 . 2002-09-24 11:12 534,192 --a------ C:\WINDOWS\system32\LTRVW13N.OCX
2007-12-15 16:29 . 2002-09-24 11:12 466,624 --a------ C:\WINDOWS\system32\LTRPR13n.DLL
2007-12-15 16:29 . 2005-07-12 14:25 401,408 --a------ C:\WINDOWS\system32\pvmjpg30.dll
2007-12-15 16:29 . 2002-09-24 11:12 194,248 --a------ C:\WINDOWS\system32\LTRFD13n.DLL
2007-12-15 16:28 . 2006-03-28 23:50 233,472 --a------ C:\WINDOWS\system32\DiskIO.dll
2007-12-15 16:28 . 2002-09-24 11:12 185,856 --a------ C:\WINDOWS\system32\lfpng13s.dll
2007-12-15 16:28 . 2006-03-28 23:45 184,320 --a------ C:\WINDOWS\system32\RALMain.dll
2007-12-15 16:28 . 2004-01-02 13:28 126,976 --------- C:\WINDOWS\system32\AVIPrAx.dll
2007-12-15 16:28 . 2002-09-24 11:12 79,360 --a------ C:\WINDOWS\system32\lfeps13s.dll
2007-12-15 16:28 . 2002-09-24 11:12 74,752 --a------ C:\WINDOWS\system32\lfgif13s.dll
2007-12-15 16:28 . 2001-12-11 23:21 73,728 --------- C:\WINDOWS\system32\MMAviAx.dll
2007-12-15 16:28 . 2003-04-21 16:11 44,544 --a------ C:\WINDOWS\system32\msxml4a.dll
2007-12-15 16:28 . 2005-12-12 16:57 32,768 --------- C:\WINDOWS\system32\MLPagAx.dll
2007-12-15 16:26 . 2003-11-10 17:06 26,624 --------- C:\WINDOWS\system32\PSDrvCheck.JP
2007-12-15 16:26 . 2003-11-10 17:06 26,624 --------- C:\WINDOWS\system32\PSDrvCheck.IT
2007-12-15 16:26 . 2003-11-10 17:06 26,624 --------- C:\WINDOWS\system32\PSDrvCheck.FR
2007-12-15 16:26 . 2003-11-10 17:06 26,624 --------- C:\WINDOWS\system32\PSDrvCheck.ES
2007-12-15 16:26 . 2003-11-10 17:06 26,624 --------- C:\WINDOWS\system32\PSDrvCheck.DE
2007-12-15 16:26 . 2003-11-10 17:06 16,896 --------- C:\WINDOWS\system32\PSDrvCheck.NL
2007-12-15 16:26 . 2003-10-21 10:02 16,896 --------- C:\WINDOWS\system32\PSDrvCheck.KO
2007-12-15 16:23 . 2007-12-15 16:23 <REP> d-------- C:\Program Files\Microsoft SQL Server
2007-12-15 16:23 . 2002-12-17 17:23 33,340 --a------ C:\WINDOWS\system32\dbmsqlgc.dll
2007-12-15 16:23 . 2002-10-20 15:05 24,576 --a------ C:\WINDOWS\system32\dbmsgnet.dll
2007-12-15 16:22 . 2007-12-15 16:22 <REP> d-------- C:\WINDOWS\Cache
2007-12-15 16:22 . 2003-03-19 04:04 765,952 --------- C:\WINDOWS\system32\msvcp71d.dll
2007-12-15 16:22 . 2003-03-19 04:03 544,768 --------- C:\WINDOWS\system32\msvcr71d.dll
2007-12-15 16:07 . 2007-12-15 16:07 <REP> d-------- C:\Program Files\SmartSound Software
2007-12-15 16:07 . 2007-12-15 16:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
2007-12-15 16:04 . 2007-12-29 22:16 <REP> d-------- C:\Program Files\QuickTime
2007-12-15 16:04 . 2007-12-15 16:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-12-15 16:03 . 2007-12-24 13:38 359 --a------ C:\WINDOWS\VFO.INI
2007-12-12 22:45 . 2007-12-21 22:52 122 --a------ C:\WINDOWS\WA.INI

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-06 16:30 --------- d-----w C:\Program Files\InfeStop
2008-12-06 15:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Zabersoft
2008-12-06 15:40 --------- d-----w C:\Program Files\WinHTTrack
2008-12-06 10:36 --------- d-----w C:\Program Files\Spy-Rid
2008-12-06 10:32 --------- d-----w C:\Documents and Settings\Guisse\Application Data\spy-rid.com
2008-12-06 06:17 --------- d-----w C:\Documents and Settings\Guisse\Application Data\InfeStop.com
2008-12-06 01:51 --------- d-----w C:\Documents and Settings\Guisse\Application Data\Azureus
2008-01-11 17:22 --------- d-----w C:\Program Files\eMule
2008-01-10 22:46 --------- d-----w C:\Documents and Settings\Guisse\Application Data\LimeWire
2008-01-10 18:11 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-09 21:49 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-01-09 21:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-12-29 18:39 --------- d-----w C:\Program Files\LimeWire
2007-12-26 08:10 229,376 ------w C:\WINDOWS\system32\cmwatch.exe
2007-12-25 06:50 --------- d-----w C:\Program Files\Google
2007-12-24 15:13 --------- d-----w C:\Program Files\Azureus
2007-12-24 13:51 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-12-24 13:26 --------- d-----w C:\Documents and Settings\Guisse\Application Data\proDAD
2007-12-24 13:24 --------- d-----w C:\Program Files\Moyea
2007-12-24 13:23 --------- d-----w C:\Program Files\Labtec
2007-12-24 13:15 --------- d-----w C:\Program Files\Windows Live
2007-12-24 13:06 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-12-24 12:59 --------- d-----w C:\Program Files\Pinnacle
2007-12-22 06:10 --------- d-----w C:\Program Files\DAEMON Tools SearchBar
2007-12-19 20:41 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-19 20:33 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\srchasst\srchasst.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\srchasst\mui\[u]0[/u]40C\[u]0[/u]40C.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\srchasst\chars\chars.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\Registration\Registration.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\UploadLB\Config\Config.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\UploadLB\Binaries\Binaries.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Remote Assistance.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Unsolicited\Unsolicited.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\Email.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\Common.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Css\Css.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\Common.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\UpdateCtr.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\System.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysinfo.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\graphics.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\47x24pie.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\33x16pie.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\scripts\scripts.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Remote Assistance.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\Server.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\Common.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\Client.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Css\Css.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\Common.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\rc\rc.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\panels\subpanels\subpanels.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\panels\panels.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\NetDiag\NetDiag.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\images\images.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\images\Expando\Expando.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\images\Centers\Centers.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\images\48x48\48x48.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\images\32x32\32x32.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\images\24x24\24x24.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\images\16x16\16x16.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\errors\errors.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\ErrMsg\ErrMsg.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\DVDUpgrd\DVDUpgrd.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\dialogs\dialogs.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\css\css.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\CompatCtr.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\blurbs.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\PackageStore\PackageStore.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Personal_32#040c\Personal_32#040c.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\OfflineCache.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\Logs\Logs.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\Indices\Indices.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\DataColl\DataColl.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\Database\Database.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\Config\Config.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\Config\Cache\Cache.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\PCHealth\HelpCtr\Binaries\Binaries.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\Media\Media.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\java\Packages\Packages.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\java\Packages\Data\Data.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\java\classes\classes.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\Help\Tours\WindowsMediaPlayer\WindowsMediaPlayer.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Video\Video.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Scr\Scr.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Img\WMarks\WMarks.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Img\Img.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Img\Btn\Btn.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Css\Css.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Cnt\Cnt.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Audio\Wav\Wav.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Audio\Audio.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\Help\Tours\mmTour\mmTour.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\Help\Tours\htmlTour\htmlTour.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\Help\Help.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\Cursors\Cursors.exe
2007-12-19 14:52 89,088 ---h--w C:\WINDOWS\AppPatch\AppPatch.exe
2007-12-15 15:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Pinnacle
.
[color=red]Files Infected - Win32.Agent.zb[/color]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\CmWatch.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2005-06-08 07:42 14565376 C:\WINDOWS\RTHDCPL.EXE]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2007-12-26 09:10 344064]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-06-29 00:09 32768]
"CmCardRun"="C:\WINDOWS\system32\CmWatch.exe" [2007-12-26 09:10 229376]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-12-26 09:10 132496]
"LVCOMS"="C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE" [2007-12-26 09:10 135214]
"WebcamMaxMoniter"="C:\Program Files\WebcamMax\wcmmon.exe" [2007-08-01 01:55 450048]
"FixCamera"="C:\WINDOWS\FixCamera.exe" [2007-02-12 14:50 20480]
"tsnp2std"="C:\WINDOWS\tsnp2std.exe" [2006-11-29 16:11 258048]
"snp2std"="C:\WINDOWS\vsnp2std.exe" [2006-09-15 13:21 675840]
"ctfmona"="C:\WINDOWS\system32\ctfmona.exe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"StartUp"="C:\WINDOWS\trayicons.exe" [ ]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 14:39 294400]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Barre d'état système d'ATI CATALYST.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Barre d'état système d'ATI CATALYST.lnk
backup=C:\WINDOWS\pss\Barre d'état système d'ATI CATALYST.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Desktop Search.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Desktop Search.lnk
backup=C:\WINDOWS\pss\Windows Desktop Search.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2007-10-10 19:51 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage]
C:\Program Files\AdVantage\AdVantage.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2006-10-09 10:28 139264 C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
J:\Logiciel\Program Files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eCarteBleue-LPV-P1]
--a------ 2005-12-13 14:39 200704 C:\Program Files\ECB.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
--a------ 2007-02-12 14:50 20480 C:\WINDOWS\FixCamera.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 11:34 5724184 C:\Program Files\Windows Live\Messenger\MsnMsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2006-01-12 15:40 155648 C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
-ra------ 2006-11-24 00:06 487424 C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSearch]
C:\Program Files\DAEMON Tools SearchBar\Search.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSearchWHSE]
C:\Program Files\DAEMON Tools SearchBar\whse.exe

R1 kbfilter;Keyboard Filter Driver;C:\WINDOWS\system32\drivers\kbfilter.sys [2002-10-15 14:48]
R1 moufiltr;Mouse Filter Driver;C:\WINDOWS\system32\drivers\moufiltr.sys [2003-01-23 14:29]
R2 CamthWDM;WebcamMax, WDM Video Capture;C:\WINDOWS\system32\DRIVERS\CamthWDM.sys [2007-01-11 06:39]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2007-11-12 16:27]
R3 UMSSSTOR;C-Media Storage;C:\WINDOWS\system32\DRIVERS\UMSS.SYS [2004-07-13 12:40]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 06:58]
S3 scan;BitDefender Threat Scanner;C:\WINDOWS\System32\svchost.exe [2004-08-20 00:10]
S3 se44bus;Sony Ericsson Device 068 driver (WDM);C:\WINDOWS\system32\DRIVERS\se44bus.sys [2006-11-30 13:58]
S3 se44mdfl;Sony Ericsson Device 068 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se44mdfl.sys [2006-11-30 13:58]
S3 se44mdm;Sony Ericsson Device 068 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se44mdm.sys [2006-11-30 13:58]
S3 se44mgmt;Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se44mgmt.sys [2006-11-30 13:58]
S3 se44nd5;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS);C:\WINDOWS\system32\DRIVERS\se44nd5.sys [2006-11-30 13:58]
S3 se44obex;Sony Ericsson Device 068 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se44obex.sys [2006-11-30 13:58]
S3 se44unic;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM);C:\WINDOWS\system32\DRIVERS\se44unic.sys [2006-11-30 13:58]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD);C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2007-01-26 16:48]
S3 StMp3Rec;Pilote de périphérique de la restauration de lecteur;C:\WINDOWS\system32\Drivers\StMp3Rec.sys [2007-02-15 14:14]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 07:08]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C]
\Shell\AutoRun\command - C:\
\Shell\open\Command - C:\F82EC657.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0aeeb6cf-a50f-11dc-8b50-0013d3a45508}]
\Shell\AutoRun\command - E:\
\Shell\open\Command - D88777EE.exe

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-11 18:57:24
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-11 18:59:40
ComboFix-quarantined-files.txt 2008-01-11 17:59:37
ComboFix2.txt 2008-01-10 03:37:33
.
2008-01-11 02:03:05 --- E O F ---

Fichier C:\WINDOWS\system32\drivers\drivers.exe :

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.1.12.10 2008.01.11 Win-Trojan/Autorun.89088
AntiVir 7.6.0.46 2008.01.11 TR/Crypt.ULPM.Gen
Authentium 4.93.8 2008.01.12 -
Avast 4.7.1098.0 2008.01.12 -
AVG 7.5.0.516 2008.01.12 PSW.Generic5.ADAR
BitDefender 7.2 2008.01.13 Win32.Worm.Autorun.GD
CAT-QuickHeal 9.00 2008.01.12 TrojanPSW.QQPass.aom
ClamAV 0.91.2 2008.01.13 Trojan.Downloader-18693
DrWeb 4.44.0.09170 2008.01.13 Trojan.MulDrop.9985
eSafe 7.0.15.0 2008.01.10 Win32.QQPass.aom
eTrust-Vet 31.3.5451 2008.01.11 Win32/Kalbto.A
Ewido 4.0 2008.01.12 Trojan.QQPass.aom
FileAdvisor 1 2008.01.13 -
Fortinet 3.14.0.0 2008.01.13 -
F-Prot 4.4.2.54 2008.01.13 W32/Trojan2.NYB
F-Secure 6.70.13030.0 2008.01.12 Trojan-PSW.Win32.QQPass.aom
Ikarus T3.1.1.20 2008.01.13 Trojan-PWS.Win32.QQPass.aom
Kaspersky 7.0.0.125 2008.01.13 Trojan-PSW.Win32.QQPass.aom
McAfee 5205 2008.01.11 Downloader.gen.a
Microsoft 1.3109 2008.01.13 PWS:Win32/QQpass.KA
NOD32v2 2787 2008.01.13 Win32/AutoRun.EU
Norman 5.80.02 2008.01.11 W32/QQPass.GXI
Panda 9.0.0.4 2008.01.12 W32/Autorun.IC.worm
Prevx1 V2 2008.01.13 TROJAN.PSW.PM
Rising 20.26.62.00 2008.01.13 -
Sophos 4.24.0 2008.01.13 Mal/Behav-119
Sunbelt 2.2.907.0 2008.01.12 Trojan.Crypt.ULPM.Gen
Symantec 10 2008.01.13 W32.SillyFDC
TheHacker 6.2.9.186 2008.01.11 Trojan/PSW.QQPass.aom
VBA32 3.12.2.5 2008.01.13 Trojan-PSW.Win32.QQPass.aom
VirusBuster 4.3.26:9 2008.01.12 Trojan.PWS.QQPass.ALN
Webwasher-Gateway 6.6.2 2008.01.13 Trojan.Crypt.ULPM.Gen

Information additionnelle
File size: 89088 bytes
MD5: ad24f4f43c7cda75b551451475368885
SHA1: a60d5c160865e4b5b6d4d2b0a1cc0d38df10a865
PEiD: -
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=4F8FB31D00C4E4465C2D01A2F018BD001C08A565

Fichier C:\WINDOWS\system32\temp_0000_65-20.aok :

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.1.12.10 2008.01.11 -
AntiVir 7.6.0.46 2008.01.11 -
Authentium 4.93.8 2008.01.12 -
Avast 4.7.1098.0 2008.01.12 -
AVG 7.5.0.516 2008.01.12 -
BitDefender 7.2 2008.01.13 -
CAT-QuickHeal 9.00 2008.01.12 -
ClamAV 0.91.2 2008.01.13 -
DrWeb 4.44.0.09170 2008.01.13 -
eSafe 7.0.15.0 2008.01.10 -
eTrust-Vet 31.3.5451 2008.01.11 -
Ewido 4.0 2008.01.12 -
FileAdvisor 1 2008.01.13 -
Fortinet 3.14.0.0 2008.01.13 -
F-Prot 4.4.2.54 2008.01.13 -
F-Secure 6.70.13030.0 2008.01.12 -
Ikarus T3.1.1.20 2008.01.13 -
Kaspersky 7.0.0.125 2008.01.13 -
McAfee 5205 2008.01.11 -
Microsoft 1.3109 2008.01.13 -
NOD32v2 2787 2008.01.13 -
Norman 5.80.02 2008.01.11 -
Panda 9.0.0.4 2008.01.12 -
Prevx1 V2 2008.01.13 -
Rising 20.26.62.00 2008.01.13 -
Sophos 4.24.0 2008.01.13 -
Sunbelt 2.2.907.0 2008.01.12 -
Symantec 10 2008.01.13 -
TheHacker 6.2.9.186 2008.01.11 -
VBA32 3.12.2.5 2008.01.13 -
VirusBuster 4.3.26:9 2008.01.12 -
Webwasher-Gateway 6.6.2 2008.01.13 -

Information additionnelle
File size: 171 bytes
MD5: eef8aeb95fb7995c339a5b7b7ffcd8a7
SHA1: e7455ef5258698fe92a417a9f9a4902078d67f5e
PEiD: -

Fichier C:\WINDOWS\WA.INI :

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.1.12.10 2008.01.11 -
AntiVir 7.6.0.46 2008.01.11 -
Authentium 4.93.8 2008.01.12 -
Avast 4.7.1098.0 2008.01.12 -
AVG 7.5.0.516 2008.01.12 -
BitDefender 7.2 2008.01.13 -
CAT-QuickHeal 9.00 2008.01.12 -
ClamAV 0.91.2 2008.01.13 -
DrWeb 4.44.0.09170 2008.01.13 -
eSafe 7.0.15.0 2008.01.10 -
eTrust-Vet 31.3.5451 2008.01.11 -
Ewido 4.0 2008.01.12 -
FileAdvisor 1 2008.01.13 -
Fortinet 3.14.0.0 2008.01.13 -
F-Prot 4.4.2.54 2008.01.13 -
F-Secure 6.70.13030.0 2008.01.12 -
Ikarus T3.1.1.20 2008.01.13 -
Kaspersky 7.0.0.125 2008.01.13 -
McAfee 5205 2008.01.11 -
Microsoft 1.3109 2008.01.13 -
NOD32v2 2787 2008.01.13 -
Norman 5.80.02 2008.01.11 -
Panda 9.0.0.4 2008.01.12 -
Prevx1 V2 2008.01.13 -
Rising 20.26.62.00 2008.01.13 -
Sophos 4.24.0 2008.01.13 -
Sunbelt 2.2.907.0 2008.01.12 -
Symantec 10 2008.01.13 -
TheHacker 6.2.9.186 2008.01.11 -
VBA32 3.12.2.5 2008.01.13 -
VirusBuster 4.3.26:9 2008.01.12 -
Webwasher-Gateway 6.6.2 2008.01.13 -

Information additionnelle
File size: 122 bytes
MD5: 982a7192688afedc5f2634ceaee70c34
SHA1: 886ca64c4de355023cba61a4b8da9f4d7826b205
PEiD: -

Voilà les rapports. Merci encore.

Réponse 42 / 65

Le sioux Messages postés 4907 Statut Contributeur sécurité 496

Bonsoir Geo Geo

ComboFix avec CFScript :

* Sélectionne le texte suivant (en gras) dans son intégralité :

Driver::
drivers

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmona"=-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0aeeb6 cf-a50f-11dc-8b50-0013d3a45508}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage]

File::
C:\WINDOWS\system32\drivers\drivers.exe
C:\sqmdata09.sqm
C:\sqmnoopt09.sqm
C:\Documents and Settings\Guisse\Application Data\EasySpywareCleaner.com
C:\WINDOWS\system\system.exe
C:\autorun.inf
C:\F82EC657.exe
C:\Documents and Settings\Guisse\Guisse.exe
C:\Documents and Settings\Guisse\Application Data\spy-rid.com
C:\Documents and Settings\Guisse\Application Data\InfeStop.com
C:\WINDOWS\system32\config\systemprofile\systemprofile.exe
C:\F82EC657.exe
C:\WINDOWS\srchasst\srchasst.exe
C:\WINDOWS\srchasst\mui\[u]0[/u]40C\[u]0[/u]40C.exe
C:\WINDOWS\srchasst\mui\40C\40C.exe
C:\WINDOWS\srchasst\chars\chars.exe
C:\WINDOWS\Registration\Registration.exe
C:\WINDOWS\PCHealth\UploadLB\Config\Config.exe
C:\WINDOWS\PCHealth\UploadLB\Binaries\Binaries.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Remote Assistance.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Unsolicited\Unsolicited.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\Email.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\Common.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Css\Css.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\Common.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US.exe
C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\UpdateCtr.exe
C:\WINDOWS\PCHealth\HelpCtr\System\System.exe
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysinfo.exe
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\graphics.exe
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\47x24pie .exe
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\33x16pie .exe
C:\WINDOWS\PCHealth\HelpCtr\System\scripts\scripts.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Remote Assistance.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\Server.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\Common.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\Client.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Css\Css.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\Common.exe
C:\WINDOWS\PCHealth\HelpCtr\System\rc\rc.exe
C:\WINDOWS\PCHealth\HelpCtr\System\panels\subpanels\subpanels.exe
C:\WINDOWS\PCHealth\HelpCtr\System\panels\panels.exe
C:\WINDOWS\PCHealth\HelpCtr\System\NetDiag\NetDiag.exe
C:\WINDOWS\PCHealth\HelpCtr\System\images\images.exe
C:\WINDOWS\PCHealth\HelpCtr\System\images\Expando\Expando.exe
C:\WINDOWS\PCHealth\HelpCtr\System\images\Centers\Centers.exe
C:\WINDOWS\PCHealth\HelpCtr\System\images\48x48\48x48.exe
C:\WINDOWS\PCHealth\HelpCtr\System\images\32x32\32x32.exe
C:\WINDOWS\PCHealth\HelpCtr\System\images\24x24\24x24.exe
C:\WINDOWS\PCHealth\HelpCtr\System\images\16x16\16x16.exe
C:\WINDOWS\PCHealth\HelpCtr\System\errors\errors.exe
C:\WINDOWS\PCHealth\HelpCtr\System\ErrMsg\ErrMsg.exe
C:\WINDOWS\PCHealth\HelpCtr\System\DVDUpgrd\DVDUpgrd.exe
C:\WINDOWS\PCHealth\HelpCtr\System\dialogs\dialogs.exe
C:\WINDOWS\PCHealth\HelpCtr\System\css\css.exe
C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\CompatCtr.exe
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\blurbs.exe
C:\WINDOWS\PCHealth\HelpCtr\PackageStore\PackageStore.exe
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Personal_32#040c\Personal_32 #040c.exe
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\OfflineCache.exe
C:\WINDOWS\PCHealth\HelpCtr\Logs\Logs.exe
C:\WINDOWS\PCHealth\HelpCtr\Indices\Indices.exe
C:\WINDOWS\PCHealth\HelpCtr\DataColl\DataColl.exe
C:\WINDOWS\PCHealth\HelpCtr\Database\Database.exe
C:\WINDOWS\PCHealth\HelpCtr\Config\Config.exe
C:\WINDOWS\PCHealth\HelpCtr\Config\Cache\Cache.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\Binaries.exe
C:\WINDOWS\Media\Media.exe
C:\WINDOWS\java\Packages\Packages.exe
C:\WINDOWS\java\Packages\Data\Data.exe
C:\WINDOWS\java\classes\classes.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\WindowsMediaPlayer.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Video\Video.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Scr\Scr.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Img\WMarks\WMarks.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Img\Img.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Img\Btn\Btn.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Css\Css.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Cnt\Cnt.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Audio\Wav\Wav.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Audio\Audio.exe
C:\WINDOWS\Help\Tours\mmTour\mmTour.exe
C:\WINDOWS\Help\Tours\htmlTour\htmlTour.exe
C:\WINDOWS\Help\Help.exe
C:\WINDOWS\Cursors\Cursors.exe
C:\WINDOWS\AppPatch\AppPatch.exe
C:\WINDOWS\java\Packages\R7X3FJ1N.ZIP
C:\WINDOWS\java\Packages\PN335Z7F.ZIP
C:\Program Files\AdVantage\AdVantage.exe

Folder::
C:\Program Files\EasySpywareCleaner
C:\Program Files\AxBx
C:\Program Files\Spy-Rid
C:\Program Files\InfeStop
C:\Program Files\AdVantage\AdVantage.exe

* Copie le texte sélectionné (CTRL+C).
* Ouvre le bloc-notes (programme>Accessoires >bloc-notes).
* Colle le texte copié dans ce bloc-notes (CTRL+V).
* Sauvegarde ce fichier sous le nom de CFScript.txt

Déconnecte toi du net et désactive ton antivirus pour que Combofix puisse s'exécuter normalement

* Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe ( sur ton bureau)

* Une fenêtre bleue va apparaître: au message qui apparaît Type 1 to continue, or 2 to abort , tape 1 puis valide.

* Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

--> Une fois le scan achevé, un rapport va s'afficher : Poste son contenu et un nouveau rapport HijackThis

(Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt )

@ suivre

Réponse 43 / 65

Le sioux Messages postés 4907 Statut Contributeur sécurité 496

Bonsoir Geo geo

Avant de faire la manip poste 42 , peux tu faire ce qui suit et attendre mon "feu vert" pour la manip ci dessus stp.

Télécharge SREng de Smallfrogs :
http://www.kztechs.com/eng/download.html

Extraits tout son contenu sur ton Bureau.
Du dossier sreng2 qui se trouve maintenant sur ton Bureau, double-clique sur SREngPS.exe afin de lancer l'outil
Clique sur Smart Scan

Ensuite, clique sur le bouton [Scan]

Lorsque le scan sera terminé, clique sur le bouton [Save Reports]

Sauvegarde le rapport sur ton Bureau.

Copie/colle le contenu du fichier SREnglLOG.log dans ta prochaine réponse, s'il te plaît.

@ suivre.

Réponse 44 / 65

GeoGeo

Bonjour, j'ai fait ce que vous m'avez demandé, voilà le rapport SREngPS :

[CODE]

2008-01-14,13:30:36

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Home Edition Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan

Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
<MsnMsgr><"C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<RTHDCPL><RTHDCPL.EXE> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<ATIPTA><"C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"> [ATI Technologies, Inc.]
<ATICCC><"C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime> [N/A]
<CmCardRun><C:\WINDOWS\system32\CmWatch.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<SunJavaUpdateSched><"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"> [Sun Microsystems, Inc.]
<LVCOMS><C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE> [Logitech Inc.]
<WebcamMaxMoniter><"C:\Program Files\WebcamMax\wcmmon.exe" /a> []
<FixCamera><C:\WINDOWS\FixCamera.exe> []
<ctfmona><C:\WINDOWS\system32\ctfmona.exe> [N/A]
<winroot><C:\WINDOWS\system32\winsn.exe> []
<VirusKeeper><C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\VirusKeeper.exe> [(Verified)AxBx]
<sis32><C:\WINDOWS\system32\winsos.exe> []
<tsnp2std><C:\WINDOWS\tsnp2std.exe> [SONIX]
<snp2std><C:\WINDOWS\vsnp2std.exe> [Sonix]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{56F9679E-7826-4C84-81F3-532071A8BCC5}><C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
<IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player 6.4><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\mswmp.inf,PerUserStub> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Carnet d'adresses 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<Adobe Reader Speed Launcher><; "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"> [(Verified)"Adobe Systems, Incorporated"]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<AdVantage><; "C:\Program Files\AdVantage\AdVantage.exe"> [N/A]
<BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}><; "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"> [Nero AG]
<DAEMON Tools><; "J:\Logiciel\Program Files\DAEMON Tools\daemon.exe" -lang 1033> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<eCarteBleue-LPV-P1><; "C:\Program Files\ECB.exe" /dontopenmycards> [Orbiscom Ltd. All rights reserved.]
<FixCamera><; C:\WINDOWS\FixCamera.exe> []
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<MsnMsgr><; "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<NeroFilterCheck><; C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe> [Nero AG]
<Sony Ericsson PC Suite><; "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions> []
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<swg><; C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<WhenUSearch><; "C:\Program Files\DAEMON Tools SearchBar\Search.exe"> [N/A]
<WhenUSearchWHSE><; "C:\Program Files\DAEMON Tools SearchBar\whse.exe"> [N/A]

==================================
Startup Folders
[RocketDock]
<C:\Documents and Settings\Guisse\Menu Démarrer\Programmes\Démarrage\RocketDock.lnk --> C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [N/A]><N>
[TransBar]
<C:\Documents and Settings\Guisse\Menu Démarrer\Programmes\Démarrage\TransBar.lnk --> C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [N/A]><N>
[UberIcon]
<C:\Documents and Settings\Guisse\Menu Démarrer\Programmes\Démarrage\UberIcon.lnk --> C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [N/A]><N>
[Y'z Shadow]
<C:\Documents and Settings\Guisse\Menu Démarrer\Programmes\Démarrage\Y'z Shadow.lnk --> C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [N/A]><N>

==================================
Services
[Gestion d'applications / AppMgmt][Stopped/Manual Start]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
<C:\WINDOWS\System32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart][Stopped/Auto Start]
<C:\WINDOWS\system32\ati2sgag.exe><>
[Accès du périphérique d'interface utilisateur / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
<C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe><Macrovision Corporation>
[NBService / NBService][Stopped/Manual Start]
<C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe><Nero AG>
[PCLEPCI / PCLEPCI][Stopped/Auto Start]
<C:\WINDOWS\system32\drivers\pclepci.sys><Pinnacle Systems GmbH>
[Windows Live Setup Service / WLSetupSvc][Stopped/Manual Start]
<"C:\Program Files\Windows Live\installer\WLSetupSvc.exe"><Microsoft Corporation>

==================================
Drivers
[ati2mtag / ati2mtag][Running/Manual Start]
<System32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[BitDefender Firewall NDIS Filter Service / Bdfndisf][Running/Manual Start]
<system32\DRIVERS\bdfndisf.sys><BitDefender SRL>
[WebcamMax, WDM Video Capture / CamthWDM][Running/Auto Start]
<system32\DRIVERS\CamthWDM.sys><YewSoft>
[catchme / catchme][Stopped/Manual Start]
<\??\C:\DOCUME~1\Guisse\LOCALS~1\Temp\catchme.sys><N/A>
[driverhardwarev2 / driverhardwarev2][Stopped/Manual Start]
<\??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys><Ma-Config.com>
[Intel(R) PRO/1000 PCI Express Network Connection Driver / e1express][Running/Manual Start]
<System32\DRIVERS\e1e5132.sys><Intel Corporation>
[GMSIPCI / GMSIPCI][Stopped/Manual Start]
<\??\D:\INSTALL\GMSIPCI.SYS><N/A>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
<System32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
<system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[Pinnacle Marvin Bus / MarvinBus][Running/Manual Start]
<system32\DRIVERS\MarvinBus.sys><Pinnacle Systems GmbH>
[Padus ASPI Shell / pfc][Running/Manual Start]
<system32\drivers\pfc.sys><Padus, Inc.>
[Pilote de liaison parallèle directe / Ptilink][Running/Manual Start]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Sony Ericsson Device 068 driver (WDM) / se44bus][Stopped/Manual Start]
<System32\DRIVERS\se44bus.sys><MCCI>
[Sony Ericsson Device 068 USB WMC Modem Filter / se44mdfl][Stopped/Manual Start]
<System32\DRIVERS\se44mdfl.sys><MCCI>
[Sony Ericsson Device 068 USB WMC Modem Driver / se44mdm][Stopped/Manual Start]
<System32\DRIVERS\se44mdm.sys><MCCI>
[Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM) / se44mgmt][Stopped/Manual Start]
<System32\DRIVERS\se44mgmt.sys><MCCI>
[Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS) / se44nd5][Stopped/Manual Start]
<System32\DRIVERS\se44nd5.sys><MCCI>
[Sony Ericsson Device 068 USB WMC OBEX Interface / se44obex][Stopped/Manual Start]
<System32\DRIVERS\se44obex.sys><MCCI>
[Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM) / se44unic][Stopped/Manual Start]
<System32\DRIVERS\se44unic.sys><MCCI>
[Secdrv / Secdrv][Stopped/Manual Start]
<System32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[USB2.0 PC Camera (SNP2STD) / SNP2STD][Stopped/Manual Start]
<system32\DRIVERS\snp2sxp.sys><>
[sptd / sptd][Running/Boot Start]
<\SystemRoot\System32\Drivers\sptd.sys><N/A>
[Pilote de périphérique de la restauration de lecteur / StMp3Rec][Stopped/Manual Start]
<System32\Drivers\StMp3Rec.sys><Generic>
[C-Media Storage / UMSSSTOR][Running/Manual Start]
<System32\DRIVERS\UMSS.SYS><C-Media Corporation>
[Codec Teletext standard / WSTCODEC][Stopped/Manual Start]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>

==================================
Browser Add-ons
[Aide pour le lien d'Adobe PDF Reader]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[ECarteBleueBrowserHelper Class]
{2E03C0FD-4C48-43A7-9A54-00240C70FF16} <C:\WINDOWS\system32\BhoECart.dll, Orbiscom Ltd. All rights reserved.>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Programme d'aide de l'Assistant de connexion Windows Live]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Java Plug-in 1.6.0_03]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[BlogThisToolbarButton Class]
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} <C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll, Microsoft Corporation>
[WinHTTrackLauncher Class]
{36ECAF82-3300-8F84-092E-AFF36D6C7040} <C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll, >
[&Rechercher]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[]
{e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, N/A>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[QuickTime Object]
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Inc.>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[HardwareDetection Control]
{867E13F2-7F31-44FB-AC97-CD38E0DC46EF} <C:\PROGRA~1\MA-CON~1.COM\HARDWA~1.OCX, Ma-Config.com>
[Java Plug-in 1.6.0_03]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[InetDownload Class]
{A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} <C:\WINDOWS\Downloaded Program Files\WMDownload.dll, Approach Inc.>
[Java Plug-in 1.6.0_02]
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_03]
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_03]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[Microsoft Outlook 8.0 Object Library]
{0006F033-0000-0000-C000-000000000046} <, N/A>
[Microsoft Office Outlook]
{0006F03A-0000-0000-C000-000000000046} <, N/A>
[QuickTime Object]
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\QuickTime\QTPlugin.ocx, Apple Inc.>
[Aide pour le lien d'Adobe PDF Reader]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Web Browser Applet Control]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\System32\msjava.dll, Microsoft Corporation>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\System32\legitcheckcontrol.dll, Microsoft Corporation>
[InformationCardSigninHelper Class]
{19916E01-B44E-4E31-94A4-4696DF46157B} <C:\WINDOWS\system32\icardie.dll, Microsoft Corporation>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\System32\msxml3.dll, N/A>
[ECarteBleueBrowserHelper Class]
{2E03C0FD-4C48-43A7-9A54-00240C70FF16} <C:\WINDOWS\system32\BhoECart.dll, Orbiscom Ltd. All rights reserved.>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\System32\msxml3.dll, N/A>
[Windows Desktop Search Combo Control]
{4E430174-1673-4FF3-BF28-A3B37F6573E7} <C:\Program Files\Windows Desktop Search\wdsShell.dll, Microsoft Corporation>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, Microsoft Corporation>
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[HardwareDetection Control]
{867E13F2-7F31-44FB-AC97-CD38E0DC46EF} <C:\PROGRA~1\MA-CON~1.COM\HARDWA~1.OCX, Ma-Config.com>
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
[XML DOM Document 4.0]
{88D969C0-F192-11D4-A65F-0040963251E5} <c:\WINDOWS\system32\msxml4.dll, Microsoft Corporation>
[XML HTTP 4.0]
{88D969C5-F192-11D4-A65F-0040963251E5} <c:\WINDOWS\system32\msxml4.dll, Microsoft Corporation>
[Programme d'aide de l'Assistant de connexion Windows Live]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[InetDownload Class]
{A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} <C:\WINDOWS\Downloaded Program Files\WMDownload.dll, Approach Inc.>
[RMGetLicense Class]
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Fichiers communs\System\msadc\msadco.dll, Microsoft Corporation>
[AUDIO__MID Moniker Class]
{CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
{CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
{CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Contrôle de l'Assistant de connexion Windows Live]
{D2517915-48CE-4286-970F-921E881B8C5C} <C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[]
{E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} <C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGSC8~1.DLL, Microsoft Corporation>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, N/A>
[XML DOM Document 3.0]
{F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, N/A>
[XML HTTP 3.0]
{F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, N/A>
[XML DOM Document]
{F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, N/A>
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, N/A>
[E&xport to Microsoft Excel]
<res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A>
[E&xporter vers Microsoft Excel]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
Running Processes
[PID: 940 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1008 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1032 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4117]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1076 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
[PID: 1088 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1264 / SYSTEM][C:\WINDOWS\System32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4117]
[C:\WINDOWS\System32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2497]
[PID: 1280 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1356 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1484 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
[C:\WINDOWS\System32\wups2.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]
[PID: 1564 / SERVICE RÉSEAU][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1688 / SERVICE LOCAL][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
[PID: 1904 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.1897.0]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.1897.0]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRVUI.DLL] [Microsoft Corporation, 5.2.3790.120 (srv03_qfe.031205-1652)]
[C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRV.DLL] [Microsoft Corporation, 5.2.3790.184 (srv03_qfe.040410-1236)]
[PID: 356 / Guisse][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4117]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2497]
[PID: 464 / Guisse][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
[C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
[C:\WINDOWS\system32\WPDShServiceObj.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceTypes.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA] [Adobe Systems, Inc., 8.0.0.0]
[C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll] [Nero AG, 2, 0, 0, 8]
[C:\Program Files\Fichiers communs\Ahead\Lib\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Fichiers communs\Ahead\Lib\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Fichiers communs\Ahead\Lib\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MFC71FRA.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 8.1.0.0]
[C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll] [, 1, 0, 0, 1]
[C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll] [Microsoft Corporation, 6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
[C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll] [Nero AG, 2, 6, 6, 0]
[C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\WINDOWS\system32\lameACM.acm] 0.9.1
[PID: 704 / SYSTEM][C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE] [Microsoft Corporation, 7.00.9466]
[C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\1036\mdmui.dll] [Microsoft Corporation, 7.00.9466]
[PID: 796 / Guisse][C:\WINDOWS\RTHDCPL.EXE] [Realtek Semiconductor Corp., 1.1.1.9]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 816 / Guisse][C:\Program Files\ATI Technologies\ATI.ACE\cli.exe] [ATI Technologies Inc., 1.2.2006.283]
[C:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll] [Microsoft Corporation, 1.1.4322.2407]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\windows\microsoft.net\framework\v1.1.4322\mscorlib.dll] [Microsoft Corporation, 1.1.4322.2407]
[c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_d9dd63dd\mscorlib.dll] [N/A, ]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll] [Microsoft Corporation, 1.1.4322.2407]
[c:\program files\ati technologies\ati.ace\log.foundation.dll] [ATI Technologies Inc., 1.2.1957.31892]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSCORJIT.DLL] [Microsoft Corporation, 1.1.4322.2407]
[c:\program files\ati technologies\ati.ace\cli.foundation.dll] [ATI Technologies Inc., 1.2.1957.31892]
[c:\program files\ati technologies\ati.ace\log.foundation.service.dll] [ATI Technologies Inc., 1.2.2006.283]
[c:\program files\ati technologies\ati.ace\log.foundation.shared.dll] [ATI Technologies Inc., 1.2.1957.31919]
[c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll] [Microsoft Corporation, 1.1.4322.2407]
[c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_c9ab94cc\system.dll] [N/A, ]
[c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_ee670409\system.windows.forms.dll] [N/A, ]
[c:\program files\ati technologies\ati.ace\cli.foundation.xmanifestation.dll] [ATI Technologies Inc., 1.2.2006.283]
[c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_c9a1138b\system.xml.dll] [N/A, ]
[c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\program files\ati technologies\ati.ace\cli.component.runtime.dll] [ATI Technologies Inc., 1.2.2006.284]
[c:\program files\ati technologies\ati.ace\aem.foundation.dll] [ATI Technologies Inc., 1.2.1957.31892]
[c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_c1a765cb\system.drawing.dll] [N/A, ]
[c:\windows\assembly\gac\system.windows.forms.resources\1.0.5000.0_fr_b77a5c561934e089\system.windows.forms.resources.dll] [Microsoft Corporation, 1.1.4322.573]
[c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll] [Microsoft Corporation, 1.1.4322.573]
[c:\program files\ati technologies\ati.ace\cli.caste.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.275]
[c:\program files\ati technologies\ati.ace\cli.component.runtime.shared.dll] [ATI Technologies Inc., 1.2.1957.31893]
[c:\program files\ati technologies\ati.ace\cli.caste.graphics.shared.dll] [ATI Technologies Inc., 1.2.1962.23360]
[c:\program files\ati technologies\ati.ace\dem.foundation.dll] [ATI Technologies Inc., 1.2.1957.31892]
[c:\program files\ati technologies\ati.ace\dem.graphics.displaysmanager.shared.dll] [ATI Technologies Inc., 1.2.1957.31892]
[c:\program files\ati technologies\ati.ace\dem.graphics.demosinfo.dll] [ATI Technologies Inc., 1.2.1958.19473]
[c:\program files\ati technologies\ati.ace\dem.graphics.demosadapterinfo.dll] [ATI Technologies Inc., 1.2.1971.31260]
[c:\program files\ati technologies\ati.ace\dem.graphics.dematiadapterinfo.dll] [ATI Technologies Inc., 1.2.1958.19459]
[c:\program files\ati technologies\ati.ace\dem.graphics.demdriversettings.dll] [ATI Technologies Inc., 1.2.1957.31895]
[c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_fr_b77a5c561934e089\mscorlib.resources.dll] [Microsoft Corporation, 1.1.4322.573]
[c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll] [Microsoft Corporation, 1.1.4322.2407]
[c:\program files\ati technologies\ati.ace\atidemgr.dll] [ATI Technologies Inc., 1.2.2006.273]
[c:\program files\ati technologies\ati.ace\dem.graphics.demosmodeinfo.dll] [ATI Technologies Inc., 1.2.1957.31895]
[c:\program files\ati technologies\ati.ace\dem.graphics.dematidisplaysmanagersettings.dll] [ATI Technologies Inc., 1.2.1958.24498]
[c:\program files\ati technologies\ati.ace\dem.graphics.demdisplayscoloursettings.dll] [ATI Technologies Inc., 1.2.1957.31895]
[c:\program files\ati technologies\ati.ace\dem.graphics.demvideooverlaysettings.dll] [ATI Technologies Inc., 1.2.1957.31915]
[c:\program files\ati technologies\ati.ace\dem.graphics.demsmartgartsettings.dll] [ATI Technologies Inc., 1.2.1957.31916]
[c:\program files\ati technologies\ati.ace\dem.graphics.demumaframebuffersettings.dll] [ATI Technologies Inc., 1.2.1957.31917]
[c:\program files\ati technologies\ati.ace\dem.graphics.dempowerplaysettings.dll] [ATI Technologies Inc., 1.2.1957.31921]
[c:\program files\ati technologies\ati.ace\dem.graphics.demoverdrivesettings.dll] [ATI Technologies Inc., 1.2.1957.31921]
[c:\program files\ati technologies\ati.ace\dem.graphics.demoverdrive3settings.dll] [ATI Technologies Inc., 1.2.1957.31919]
[c:\program files\ati technologies\ati.ace\dem.graphics.demdisplaysmanageroptionssettings.dll] [ATI Technologies Inc., 1.2.1957.31917]
[c:\program files\ati technologies\ati.ace\dem.graphics.workstationsettings.dll] [ATI Technologies Inc., 1.2.1957.31920]
[c:\program files\ati technologies\ati.ace\dem.graphics.demdevicecommonsettings.dll] [ATI Technologies Inc., 1.2.1959.26822]
[c:\program files\ati technologies\ati.ace\dem.graphics.demdevicecrtsettings.dll] [ATI Technologies Inc., 1.2.1957.31922]
[c:\program files\ati technologies\ati.ace\dem.graphics.demdevicecomponentvideosettings.dll] [ATI Technologies Inc., 1.2.1957.31894]
[c:\program files\ati technologies\ati.ace\dem.graphics.demdevicetvsettings.dll] [ATI Technologies Inc., 1.2.1957.31922]
[c:\program files\ati technologies\ati.ace\dem.graphics.demdevicedfpsettings.dll] [ATI Technologies Inc., 1.2.1957.31922]
[c:\program files\ati technologies\ati.ace\dem.graphics.demdevicelcdsettings.dll] [ATI Technologies Inc., 1.2.1957.31922]
[c:\program files\ati technologies\ati.ace\dem.graphics.demvpurecoverinfo.dll] [ATI Technologies Inc., 1.2.1957.31917]
[c:\program files\ati technologies\ati.ace\dem.graphics.mmoverlaysettings.dll] [ATI Technologies Inc., 1.2.1957.31916]
[c:\program files\ati technologies\ati.ace\dem.graphics.mmdeintlacingsettings.dll] [ATI Technologies Inc., 1.2.1957.31916]
[c:\program files\ati technologies\ati.ace\dem.graphics.demvideotheatermodesettings.dll] [ATI Technologies Inc., 1.2.1957.31916]
[c:\program files\ati technologies\ati.ace\dem.graphics.demdevicetv2settings.dll] [ATI Technologies Inc., 1.2.1957.31922]
[c:\program files\ati technologies\ati.ace\dem.graphics.demmultivpusettings.dll] [ATI Technologies Inc., 1.2.1962.23369]
[c:\program files\ati technologies\ati.ace\dem.graphics.demdevicecommon2settings.dll] [ATI Technologies Inc., 1.2.1957.31894]
[c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll] [Microsoft Corporation, 1.1.4322.2032]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll] [Microsoft Corporation, 1.1.4322.2032]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\perfcounter.dll] [Microsoft Corporation, 1.1.4322.2032]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_perf.dll] [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll] [Microsoft Corporation, 1.1.4322.2407]
[C:\Program Files\Fichiers communs\Microsoft Shared\office11\mso.dll] [Microsoft Corporation, 11.0.5606]
[c:\program files\ati technologies\ati.ace\cli.aspect.multivpu.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.93]
[c:\program files\ati technologies\ati.ace\cli.aspect.multivpu.graphics.shared.dll] [ATI Technologies Inc., 1.2.1971.30655]
[c:\program files\ati technologies\ati.ace\cli.aspect.radeon3d.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.123]
[c:\program files\ati technologies\ati.ace\cli.aspect.radeon3dlegacy.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.117]
[c:\program files\ati technologies\ati.ace\cli.aspect.radeon3dlegacy.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31915]
[c:\program files\ati technologies\ati.ace\cli.aspect.displayscolour2.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.59]
[c:\program files\ati technologies\ati.ace\cli.aspect.displayscolour2.graphics.shared.dll] [ATI Technologies Inc., 1.2.1963.17646]
[c:\program files\ati technologies\ati.ace\cli.aspect.displayscolour.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.178]
[c:\program files\ati technologies\ati.ace\cli.aspect.displayscolour.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31895]
[c:\program files\ati technologies\ati.ace\cli.aspect.mmvideo.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.148]
[c:\program files\ati technologies\ati.ace\cli.aspect.mmvideo.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31915]
[c:\program files\ati technologies\ati.ace\cli.aspect.videooverlay.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.105]
[c:\program files\ati technologies\ati.ace\cli.aspect.videooverlay.graphics.runtime.shared.dll] [ATI Technologies Inc., 1.2.1957.31918]
[c:\program files\ati technologies\ati.ace\dem.graphics.videooverlay.shared.dll] [ATI Technologies Inc., 1.2.1957.31893]
[c:\program files\ati technologies\ati.ace\cli.aspect.smartgart.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.112]
[c:\program files\ati technologies\ati.ace\cli.aspect.vpurecover.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.101]
[c:\program files\ati technologies\ati.ace\cli.aspect.vpurecover.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31909]
[c:\program files\ati technologies\ati.ace\cli.aspect.workstationconfig.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.97]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecrt.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.225]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecrt2.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.69]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.207]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31918]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd2.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.59]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd2.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31920]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecv.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.218]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecv.graphics.shared.dll] [ATI Technologies Inc., 1.2.1963.25996]
[c:\program files\ati technologies\ati.ace\cli.aspect.customformats.graphics.shared.dll] [ATI Technologies Inc., 1.2.1963.25994]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecv2.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.74]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecv2.graphics.shared.dll] [ATI Technologies Inc., 1.2.1963.25997]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicetv2.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.196]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicetv.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.185]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicedfp.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.213]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicedfp.graphics.shared.dll] [ATI Technologies Inc., 1.2.1963.25999]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicedfp2.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.64]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicedfp2.graphics.shared.dll] [ATI Technologies Inc., 1.2.1963.26001]
[c:\program files\ati technologies\ati.ace\cli.aspect.overdrive3.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.135]
[c:\program files\ati technologies\ati.ace\cli.aspect.overdrive3.graphics.shared.dll] [ATI Technologies Inc., 1.2.1962.20967]
[c:\program files\ati technologies\ati.ace\cli.aspect.overdrive2.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.144]
[c:\program files\ati technologies\ati.ace\cli.aspect.powerplay3.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.130]
[c:\program files\ati technologies\ati.ace\cli.aspect.powerplay3.graphics.shared.dll] [ATI Technologies Inc., 1.2.1975.40191]
[c:\program files\ati technologies\ati.ace\cli.aspect.displaysoptions.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.165]
[c:\program files\ati technologies\ati.ace\cli.aspect.integratedumaframebuffer.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.154]
[c:\program files\ati technologies\ati.ace\cli.aspect.infocentre.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.160]
[c:\program files\ati technologies\ati.ace\cli.aspect.infocentre.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31919]
[c:\program files\ati technologies\ati.ace\cli.aspect.hotkeyshandling.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2006.81]
[c:\program files\ati technologies\ati.ace\cli.aspect.hotkeyshandling.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31908]
[c:\program files\ati technologies\ati.ace\cli.aspect.radeon3d.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31894]
[c:\program files\ati technologies\ati.ace\cli.aspect.deviceproperty.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31894]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecrt.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31921]
[c:\program files\ati technologies\ati.ace\cli.aspect.deviceproperty2.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31893]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicetv.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31919]
[c:\program files\ati technologies\ati.ace\cli.aspect.displaysoptions.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31922]
[c:\program files\ati technologies\ati.ace\apm.foundation.dll] [ATI Technologies Inc., 1.2.1957.31920]
[C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
[C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll] [Microsoft Corporation, 6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[c:\windows\assembly\gac\system.resources\1.0.5000.0_fr_b77a5c561934e089\system.resources.dll] [Microsoft Corporation, 1.1.4322.573]
[PID: 832 / Guisse][C:\WINDOWS\system32\CmWatch.exe] [, 1, 0, 0, 20]
[PID: 1428 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\System32\SG62UUD.DLL] [CANON INC., 0.0.0.5]
[C:\WINDOWS\system32\N067UFW.DLL] [CANON INC., 1.000]
[PID: 1436 / Guisse][C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe] [Sun Microsystems, Inc., 6.0.30.5]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
[PID: 1540 / SYSTEM][C:\WINDOWS\system32\SearchIndexer.exe] [Microsoft Corporation, 6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
[C:\WINDOWS\system32\TQUERY.DLL] [Microsoft Corporation, 6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
[C:\WINDOWS\system32\PROPSYS.dll] [Microsoft Corporation, 6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
[C:\WINDOWS\system32\msstrc.dll] [Microsoft Corporation, 6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
[C:\WINDOWS\system32\mssrch.dll] [Microsoft Corporation, 6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
[C:\WINDOWS\system32\propdefs.dll] [Microsoft Corporation, 6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
[C:\WINDOWS\system32\XmlLite.dll] [Microsoft Corporation, 1.00.1018.0]
[C:\WINDOWS\system32\fr-fr\tQuery.dll.mui] [Microsoft Corporation, 6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
[C:\WINDOWS\system32\msscb.dll] [Microsoft Corporation, 6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
[C:\WINDOWS\system32\mssprxy.dll] [Microsoft Corporation, 6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
[PID: 1604 / Guisse][C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE] [Logitech Inc., 8.1.2.1003]
[PID: 1744 / Guisse][C:\Program Files\WebcamMax\wcmmon.exe] [N/A, ]
[C:\WINDOWS\system32\Msdmo.dll] [, ]
[PID: 1844 / Guisse][C:\WINDOWS\FixCamera.exe] [, 1, 0, 0, 9]
[PID: 1672 / Guisse][C:\WINDOWS\tsnp2std.exe] [SONIX, 1, 1, 3, 8]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[C:\WINDOWS\system32\vsnp2std.dll] [Sonix, 1, 1, 7, 0]
[PID: 376 / Guisse][C:\WINDOWS\vsnp2std.exe] [Sonix, 1, 1, 7, 0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 508 / Guisse][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1452 / Guisse][C:\WINDOWS\system32\shovth.exe] [N/A, ]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
[PID: 3236 / SERVICE LOCAL][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3380 / Guisse][C:\Program Files\ATI Technologies\ATI.ACE\cli.exe] [ATI Technologies Inc., 1.2.2006.283]
[C:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll] [Microsoft Corporation, 1.1.4322.2407]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\windows\microsoft.net\framework\v1.1.4322\mscorlib.dll] [Microsoft Corporation, 1.1.4322.2407]
[c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_d9dd63dd\mscorlib.dll] [N/A, ]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll] [Microsoft Corporation, 1.1.4322.2407]
[c:\program files\ati technologies\ati.ace\log.foundation.dll] [ATI Technologies Inc., 1.2.1957.31892]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSCORJIT.DLL] [Microsoft Corporation, 1.1.4322.2407]
[c:\program files\ati technologies\ati.ace\cli.foundation.dll] [ATI Technologies Inc., 1.2.1957.31892]
[c:\program files\ati technologies\ati.ace\log.foundation.service.dll] [ATI Technologies Inc., 1.2.2006.283]
[c:\program files\ati technologies\ati.ace\log.foundation.shared.dll] [ATI Technologies Inc., 1.2.1957.31919]
[c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll] [Microsoft Corporation, 1.1.4322.2407]
[c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_c9ab94cc\system.dll] [N/A, ]
[c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_ee670409\system.windows.forms.dll] [N/A, ]
[c:\program files\ati technologies\ati.ace\cli.foundation.xmanifestation.dll] [ATI Technologies Inc., 1.2.2006.283]
[c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_c9a1138b\system.xml.dll] [N/A, ]
[c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\program files\ati technologies\ati.ace\cli.component.dashboard.dll] [ATI Technologies Inc., 1.2.2006.286]
[c:\program files\ati technologies\ati.ace\cli.component.dashboard.shared.dll] [ATI Technologies Inc., 1.2.1957.31893]
[c:\program files\ati technologies\ati.ace\cli.component.runtime.dll] [ATI Technologies Inc., 1.2.2006.284]
[c:\program files\ati technologies\ati.ace\cli.caste.graphics.shared.dll] [ATI Technologies Inc., 1.2.1962.23360]
[c:\program files\ati technologies\ati.ace\dem.graphics.displaysmanager.shared.dll] [ATI Technologies Inc., 1.2.1957.31892]
[c:\program files\ati technologies\ati.ace\skinfactory.dll] [ATI Technologies Inc., 1.2.2006.48]
[c:\program files\ati technologies\ati.ace\aem.foundation.dll] [ATI Technologies Inc., 1.2.1957.31892]
[c:\program files\ati technologies\ati.ace\cli.caste.local.dashboard.dll] [ATI Technologies Inc., 1.2.2006.290]
[c:\program files\ati technologies\ati.ace\cli.caste.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.280]
[c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_c1a765cb\system.drawing.dll] [N/A, ]
[c:\program files\ati technologies\ati.ace\cli.aspect.welcome.local.dashboard.dll] [ATI Technologies Inc., 1.2.2006.94]
[c:\program files\ati technologies\ati.ace\cli.aspect.infocentre.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.162]
[c:\program files\ati technologies\ati.ace\cli.aspect.displaysmanager.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.175]
[c:\program files\ati technologies\ati.ace\cli.aspect.displaysoptions.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.167]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecrt.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.228]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\perfcounter.dll] [Microsoft Corporation, 1.1.4322.2032]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_perf.dll] [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll] [Microsoft Corporation, 1.1.4322.2407]
[C:\Program Files\Fichiers communs\Microsoft Shared\office11\mso.dll] [Microsoft Corporation, 11.0.5606]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecrt2.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.71]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.209]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd2.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.60]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecv.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.222]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecv2.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.77]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicetv2.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.203]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicetv.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.192]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicedfp.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.214]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicedfp2.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.65]
[c:\program files\ati technologies\ati.ace\cli.aspect.radeon3d.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.126]
[c:\program files\ati technologies\ati.ace\cli.aspect.radeon3dlegacy.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.120]
[c:\program files\ati technologies\ati.ace\cli.aspect.displayscolour2.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.55]
[c:\program files\ati technologies\ati.ace\cli.aspect.displayscolour.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.182]
[c:\program files\ati technologies\ati.ace\cli.aspect.mmvideo.graphics.dashboard.dll] [ , 1.2.2006.152]
[c:\program files\ati technologies\ati.ace\cli.aspect.videooverlay.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.108]
[c:\program files\ati technologies\ati.ace\cli.aspect.powerplay3.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.131]
[c:\program files\ati technologies\ati.ace\cli.aspect.smartgart.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.114]
[c:\program files\ati technologies\ati.ace\cli.aspect.vpurecover.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.102]
[c:\program files\ati technologies\ati.ace\cli.aspect.workstationconfig.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.98]
[c:\program files\ati technologies\ati.ace\cli.aspect.overdrive3.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.140]
[c:\program files\ati technologies\ati.ace\cli.aspect.overdrive2.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.145]
[c:\program files\ati technologies\ati.ace\cli.aspect.integratedumaframebuffer.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.157]
[c:\program files\ati technologies\ati.ace\cli.aspect.multivpu.graphics.dashboard.dll] [ATI Technologies Inc., 1.2.2006.85]
[c:\program files\ati technologies\ati.ace\cli.aspect.infocentre.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31919]
[c:\program files\ati technologies\ati.ace\cli.aspect.displaysoptions.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31922]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecrt.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31921]
[c:\program files\ati technologies\ati.ace\cli.aspect.deviceproperty.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31894]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecrt2.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31918]
[c:\program files\ati technologies\ati.ace\cli.aspect.deviceproperty2.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31893]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31918]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd2.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31920]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecv.graphics.shared.dll] [ATI Technologies Inc., 1.2.1963.25996]
[c:\program files\ati technologies\ati.ace\cli.aspect.customformats.graphics.shared.dll] [ATI Technologies Inc., 1.2.1963.25994]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecv2.graphics.shared.dll] [ATI Technologies Inc., 1.2.1963.25997]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicetv2.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31910]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicetv.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31919]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicedfp.graphics.shared.dll] [ATI Technologies Inc., 1.2.1963.25999]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicedfp2.graphics.shared.dll] [ATI Technologies Inc., 1.2.1963.26001]
[c:\program files\ati technologies\ati.ace\cli.aspect.radeon3d.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31894]
[c:\program files\ati technologies\ati.ace\cli.aspect.radeon3dlegacy.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31915]
[c:\program files\ati technologies\ati.ace\cli.aspect.displayscolour2.graphics.shared.dll] [ATI Technologies Inc., 1.2.1963.17646]
[c:\program files\ati technologies\ati.ace\cli.aspect.displayscolour.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31895]
[c:\program files\ati technologies\ati.ace\cli.aspect.mmvideo.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31915]
[c:\program files\ati technologies\ati.ace\cli.aspect.videooverlay.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31917]
[c:\program files\ati technologies\ati.ace\cli.aspect.powerplay3.graphics.shared.dll] [ATI Technologies Inc., 1.2.1975.40191]
[c:\program files\ati technologies\ati.ace\cli.aspect.smartgart.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31909]
[c:\program files\ati technologies\ati.ace\cli.aspect.vpurecover.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31909]
[c:\program files\ati technologies\ati.ace\cli.aspect.workstationconfig.graphics.shared.dll] [ATI Technologies Inc., 1.2.1959.15702]
[c:\program files\ati technologies\ati.ace\cli.aspect.overdrive3.graphics.shared.dll] [ATI Technologies Inc., 1.2.1962.20967]
[c:\program files\ati technologies\ati.ace\cli.aspect.overdrive2.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31918]
[c:\program files\ati technologies\ati.ace\cli.aspect.integratedumaframebuffer.graphics.shared.dll] [ATI Technologies Inc., 1.2.1957.31915]
[c:\program files\ati technologies\ati.ace\cli.aspect.multivpu.graphics.shared.dll] [ATI Technologies Inc., 1.2.1971.30655]
[c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_fr_b77a5c561934e089\mscorlib.resources.dll] [Microsoft Corporation, 1.1.4322.573]
[c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll] [Microsoft Corporation, 1.1.4322.2407]
[PID: 3112 / SYSTEM][C:\Program Files\Windows Live\Messenger\usnsvc.exe] [Microsoft Corporation, 8.5.1302.1018]
[C:\Program Files\Windows Live\Messenger\usnsvcps.dll] [Microsoft Corporation, 8.5.1302.1018]
[PID: 3748 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1476 / Guisse][C:\Program Files\eMule\emule.exe] 0.48.0 Unicode
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\Program Files\eMule\lang\fr_FR.dll] 0.48.0
[C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
[PID: 3976 / Guisse][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
[C:\WINDOWS\system32\IEFRAME.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
[C:\WINDOWS\system32\IEUI.dll] [Microsoft Corporation, 7.00.5730.13 (longhorn(wmbla).070711-1130)]
[C:\WINDOWS\system32\xmllite.dll] [Microsoft Corporation, 1.00.1018.0]
[C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
[C:\Program Files\Internet Explorer\ieproxy.dll] [Microsoft Corporation, 7.00.5730.13 (longhorn(wmbla).070711-1130)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 8.0.0.2006102200]
[C:\WINDOWS\system32\BhoECart.dll] [Orbiscom Ltd. All rights reserved., 2, 2, 1, 0, 93]
[C:\WINDOWS\system32\FFECart.dll] [Orbiscom Ltd.
All rights reserved., 3, 0, 0, 6, 17]
[C:\WINDOWS\system32\FFCore.dll] [Orbiscom Ltd.
All rights reserved., 3, 0, 0, 6, 17]
[C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll] [Sun Microsystems, Inc., 6.0.30.5]
[C:\Program Files\Java\jre1.6.0_03\bin\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll] [Microsoft Corporation, 4.200.514.2]
[C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\msidcrl40.dll] [Microsoft Corporation, 4.200.514.2]
[C:\WINDOWS\system32\msfeeds.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
[C:\WINDOWS\system32\ieapfltr.dll] [Microsoft Corporation, 7.0.6000.16461]
[C:\WINDOWS\System32\Macromed\Flash\Flash9d.ocx] [Adobe Systems, Inc., 9,0,47,0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll] [Nero AG, 2, 0, 0, 8]
[C:\Program Files\Fichiers communs\Ahead\Lib\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Fichiers communs\Ahead\Lib\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MFC71FRA.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 8.1.0.0]
[C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA] [Adobe Systems, Inc., 8.0.0.0]
[PID: 3388 / Guisse][C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe] [Microsoft Corporation, 4.200.514.2]
[C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\msidcrl40.dll] [Microsoft Corporation, 4.200.514.2]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
[PID: 2084 / SYSTEM][C:\WINDOWS\system32\SearchProtocolHost.exe] [Microsoft Corporation, 6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
[C:\WINDOWS\system32\TQUERY.DLL] [Microsoft Corporation, 6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
[C:\WINDOWS\system32\PROPSYS.dll] [Microsoft Corporation, 6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
[C:\WINDOWS\system32\msstrc.dll] [Microsoft Corporation, 6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
[C:\WINDOWS\system32\mssph.dll] [Microsoft Corporation, 6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
[C:\WINDOWS\system32\MAPI32.dll] [Microsoft Corporation, 1.0.2536.0 (XPClient.010817-1148)]
[C:\WINDOWS\system32\oeph.dll] [Microsoft Corporation, 6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
[C:\WINDOWS\system32\UNCPH.dll]

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 45 / 65

Le sioux Messages postés 4907 Statut Contributeur sécurité 496

Hello Geo geo

Je regarde cela ce soir l'ami.

Tu peux me tuttoyer. ;-)

@ +

Réponse 46 / 65

GeoGeo

Je viens de remarquer que le raport est pas entier (je pense que le forum ne supportait pas un message aussi long. Donc voilà la suite :

[C:\WINDOWS\system32\UNCPH.dll] [Microsoft Corporation, 6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
[C:\WINDOWS\system32\mssprxy.dll] [Microsoft Corporation, 6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
[PID: 2292 / SERVICE LOCAL][C:\WINDOWS\system32\SearchFilterHost.exe] [Microsoft Corporation, 6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
[C:\WINDOWS\system32\TQUERY.DLL] [Microsoft Corporation, 6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
[C:\WINDOWS\system32\PROPSYS.dll] [Microsoft Corporation, 6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
[C:\WINDOWS\system32\mssprxy.dll] [Microsoft Corporation, 6.0.6000.16431 (vista_gdr(wmbla).070205-1422)]
[PID: 2848 / Guisse][C:\Documents and Settings\Guisse\Bureau\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16574 (vista_gdr.071008-1500)]
[C:\Documents and Settings\Guisse\Bureau\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]

==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
[C:\]
[autorun]
open=
shell\open=Îòêðûòü
shell\open\Command=F82EC657.exe
shell\open\Default=1

==================================
HOSTS File
127.0.0.1 localhost

==================================
Process Privileges Scan
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 464, C:\WINDOWS\EXPLORER.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 816, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 1436, C:\PROGRAM FILES\JAVA\JRE1.6.0_03\BIN\JUSCHED.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 1604, C:\PROGRAM FILES\FICHIERS COMMUNS\LOGITECH\QCDRIVER2\LVCOMS.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 1744, C:\PROGRAM FILES\WEBCAMMAX\WCMMON.EXE]
Special Privilege Enabled: SeDebugPrivilege [PID = 1844, C:\WINDOWS\FIXCAMERA.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 1844, C:\WINDOWS\FIXCAMERA.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 1672, C:\WINDOWS\TSNP2STD.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 376, C:\WINDOWS\VSNP2STD.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 1452, C:\WINDOWS\SYSTEM32\SHOVTH.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 3380, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 1476, C:\PROGRAM FILES\EMULE\EMULE.EXE]

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================

[/CODE]

Merci encore.

Réponse 47 / 65

Le sioux Messages postés 4907 Statut Contributeur sécurité 496

Bonsoir

Peux tu faire la manip poste 42 stp.

Mais ne copie pas .

Driver::
driver

Merci.

@ +

Réponse 48 / 65

GeoGeo

Bonjour, voici le rapport COmbofix :

ComboFix 08-01-11.1 - Guisse 2008-01-15 12:16:30.4 - NTFSx86
Running from: C:\Documents and Settings\Guisse\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Guisse\Bureau\CFScript.txt C:\Documents and Settings\Guisse\Bureau\CFScript.txt
* Created a new restore point

FILE
C:\autorun.inf
C:\Documents and Settings\Guisse\Application Data\EasySpywareCleaner.com
C:\Documents and Settings\Guisse\Application Data\InfeStop.com
C:\Documents and Settings\Guisse\Application Data\spy-rid.com
C:\Documents and Settings\Guisse\Guisse.exe
C:\F82EC657.exe
C:\Program Files\AdVantage\AdVantage.exe
C:\sqmdata09.sqm
C:\sqmnoopt09.sqm
C:\WINDOWS\AppPatch\AppPatch.exe
C:\WINDOWS\Cursors\Cursors.exe
C:\WINDOWS\Help\Help.exe
C:\WINDOWS\Help\Tours\htmlTour\htmlTour.exe
C:\WINDOWS\Help\Tours\mmTour\mmTour.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Audio\Audio.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Audio\Wav\Wav.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Cnt\Cnt.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Css\Css.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Img\Btn\Btn.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Img\Img.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Img\WMarks\WMarks.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Scr\Scr.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Video\Video.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\WindowsMediaPlayer.exe
C:\WINDOWS\java\classes\classes.exe
C:\WINDOWS\java\Packages\Data\Data.exe
C:\WINDOWS\java\Packages\Packages.exe
C:\WINDOWS\java\Packages\PN335Z7F.ZIP
C:\WINDOWS\java\Packages\R7X3FJ1N.ZIP
C:\WINDOWS\Media\Media.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\Binaries.exe
C:\WINDOWS\PCHealth\HelpCtr\Config\Cache\Cache.exe
C:\WINDOWS\PCHealth\HelpCtr\Config\Config.exe
C:\WINDOWS\PCHealth\HelpCtr\Database\Database.exe
C:\WINDOWS\PCHealth\HelpCtr\DataColl\DataColl.exe
C:\WINDOWS\PCHealth\HelpCtr\Indices\Indices.exe
C:\WINDOWS\PCHealth\HelpCtr\Logs\Logs.exe
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\OfflineCache.exe
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Personal_32#040c\Personal_32 #040c.exe
C:\WINDOWS\PCHealth\HelpCtr\PackageStore\PackageStore.exe
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\blurbs.exe
C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\CompatCtr.exe
C:\WINDOWS\PCHealth\HelpCtr\System\css\css.exe
C:\WINDOWS\PCHealth\HelpCtr\System\dialogs\dialogs.exe
C:\WINDOWS\PCHealth\HelpCtr\System\DVDUpgrd\DVDUpgrd.exe
C:\WINDOWS\PCHealth\HelpCtr\System\ErrMsg\ErrMsg.exe
C:\WINDOWS\PCHealth\HelpCtr\System\errors\errors.exe
C:\WINDOWS\PCHealth\HelpCtr\System\images\16x16\16x16.exe
C:\WINDOWS\PCHealth\HelpCtr\System\images\24x24\24x24.exe
C:\WINDOWS\PCHealth\HelpCtr\System\images\32x32\32x32.exe
C:\WINDOWS\PCHealth\HelpCtr\System\images\48x48\48x48.exe
C:\WINDOWS\PCHealth\HelpCtr\System\images\Centers\Centers.exe
C:\WINDOWS\PCHealth\HelpCtr\System\images\Expando\Expando.exe
C:\WINDOWS\PCHealth\HelpCtr\System\images\images.exe
C:\WINDOWS\PCHealth\HelpCtr\System\NetDiag\NetDiag.exe
C:\WINDOWS\PCHealth\HelpCtr\System\panels\panels.exe
C:\WINDOWS\PCHealth\HelpCtr\System\panels\subpanels\subpanels.exe
C:\WINDOWS\PCHealth\HelpCtr\System\rc\rc.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\Common.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Css\Css.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\Client.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\Common.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\Server.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Remote Assistance.exe
C:\WINDOWS\PCHealth\HelpCtr\System\scripts\scripts.exe
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\33x16pie .exe
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\47x24pie .exe
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\graphics.exe
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysinfo.exe
C:\WINDOWS\PCHealth\HelpCtr\System\System.exe
C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\UpdateCtr.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\Common.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Css\Css.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\Common.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\Email.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Unsolicited\Unsolicited.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Remote Assistance.exe
C:\WINDOWS\PCHealth\UploadLB\Binaries\Binaries.exe
C:\WINDOWS\PCHealth\UploadLB\Config\Config.exe
C:\WINDOWS\Registration\Registration.exe
C:\WINDOWS\srchasst\chars\chars.exe
C:\WINDOWS\srchasst\mui\[u]0[/u]40C\[u]0[/u]40C.exe
C:\WINDOWS\srchasst\mui\40C\40C.exe
C:\WINDOWS\srchasst\srchasst.exe
C:\WINDOWS\system\system.exe
C:\WINDOWS\system32\config\systemprofile\systemprofile.exe
C:\WINDOWS\system32\drivers\drivers.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\autorun.inf
C:\Program Files\AxBx
C:\Program Files\EasySpywareCleaner
C:\sqmdata09.sqm
C:\sqmnoopt09.sqm
C:\WINDOWS\java\Packages\PN335Z7F.ZIP
C:\WINDOWS\java\Packages\R7X3FJ1N.ZIP
C:\WINDOWS\W0034_jpg.zip

.
((((((((((((((((((((((((((((( Fichiers créés 2007-12-15 to 2008-01-15 ))))))))))))))))))))))))))))))))))))
.

2008-01-15 10:18 . 2008-01-15 10:18 <REP> d-------- C:\Documents and Settings\Guisse\Application Data\ACD Systems
2008-01-14 22:18 . 2008-01-14 22:18 <REP> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-01-14 22:18 . 2008-01-15 08:00 <REP> d-------- C:\Documents and Settings\Guisse\Application Data\AVG7
2008-01-14 22:17 . 2008-01-15 00:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg7
2008-01-14 22:06 . 2008-01-14 22:06 <REP> d--h----- C:\Program Files\Fichiers communs\Carlson
2008-01-14 22:06 . 2008-01-15 06:13 45,631 --a------ C:\m9w3l6u1g1.exe
2008-01-14 22:06 . 2008-01-14 22:06 42,941 -r-hs---- C:\WINDOWS\servicestub.exe
2008-01-14 18:02 . 2008-01-14 18:02 <REP> d-------- C:\Program Files\Fichiers communs\snp2std
2008-01-14 18:02 . 2008-01-14 18:02 <REP> d-------- C:\Documents and Settings\Guisse\Application Data\InstallShield
2008-01-14 18:02 . 2007-01-26 16:48 12,028,032 --a------ C:\WINDOWS\system32\drivers\snp2sxp.sys
2008-01-14 18:02 . 2006-09-15 13:21 675,840 --a------ C:\WINDOWS\vsnp2std.exe
2008-01-14 18:02 . 2006-11-29 16:11 258,048 --a------ C:\WINDOWS\tsnp2std.exe
2008-01-14 18:02 . 2006-10-03 14:35 249,856 --a------ C:\WINDOWS\system32\vsnp2std.dll
2008-01-14 18:02 . 2007-02-05 15:25 151,552 --a------ C:\WINDOWS\system32\rsnp2std.dll
2008-01-14 18:02 . 2006-11-16 15:57 77,824 --a------ C:\WINDOWS\system32\csnp2std.dll
2008-01-14 18:02 . 2007-01-25 18:48 25,472 --a------ C:\WINDOWS\system32\drivers\sncamd.sys
2008-01-14 18:02 . 2004-12-09 17:23 15,497 --a------ C:\WINDOWS\snp2std.ini
2008-01-14 18:02 . 2004-12-09 17:23 13,022 --a------ C:\WINDOWS\snp2std.src
2008-01-10 19:11 . 2008-01-10 19:11 <REP> d-------- C:\Program Files\Philips Flat Panel Adjust
2008-01-09 19:12 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-12-29 16:44 . 2007-12-29 16:44 <REP> d-------- C:\Documents and Settings\Guisse\Application Data\Webcammax
2007-12-29 16:39 . 2007-12-29 16:39 <REP> d-------- C:\Documents and Settings\Guisse\Application Data\EasySpywareCleaner.com
2007-12-29 15:15 . 2007-12-29 15:15 <REP> d-------- C:\Documents and Settings\Guisse\Application Data\Bitdefender
2007-12-29 15:14 . 2007-12-29 05:25 <REP> d-------- C:\Program Files\BitDefender
2007-12-29 05:28 . 2008-01-13 18:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Webcammax
2007-12-29 05:27 . 2007-12-29 16:47 <REP> d-------- C:\Program Files\WebcamMax
2007-12-29 02:55 . 2007-12-29 02:55 <REP> d-------- C:\Program Files\MSECache
2007-12-27 20:25 . 2008-01-14 22:17 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-12-27 20:23 . 2007-12-27 20:23 <REP> d-------- C:\Program Files\CCleaner
2007-12-27 15:07 . 2007-12-27 15:07 <REP> d-------- C:\Program Files\Wanadoo Edition
2007-12-27 11:44 . 2007-12-27 11:48 <REP> d-------- C:\Program Files\Error Repair Professional
2007-12-26 01:01 . 2007-12-26 01:01 <REP> d-------- C:\Program Files\PC Inspector File Recovery
2007-12-26 01:01 . 2002-02-18 18:40 6,200 --a------ C:\WINDOWS\system32\INT13EXT.VXD
2007-12-25 14:50 . 2007-12-25 14:50 <REP> d-------- C:\Program Files\GetData
2007-12-25 14:50 . 2007-12-25 15:23 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-12-25 12:36 . 2007-12-25 12:37 <REP> d-------- C:\WINDOWS\ERUNT
2007-12-25 08:23 . 2008-01-15 02:26 <REP> d-------- C:\Program Files\REST2514
2007-12-24 19:54 . 2007-12-25 15:58 2,836 --a------ C:\WINDOWS\system32\tmp.reg
2007-12-24 19:52 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-12-24 19:52 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-12-24 19:52 . 2007-12-20 23:11 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe
2007-12-24 19:52 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-12-24 19:52 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-12-24 19:52 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-12-24 19:50 . 2008-01-15 02:26 <REP> d-------- C:\SmitfraudFix
2007-12-24 14:04 . 2007-12-24 14:04 <REP> d-------- C:\Program Files\splus
2007-12-24 14:04 . 2005-10-17 18:13 447,488 --a------ C:\WINDOWS\system32\splus.cpl
2007-12-24 11:30 . 2007-12-24 11:30 <REP> d-------- C:\Program Files\Trend Micro
2007-12-20 22:24 . 2007-12-20 22:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-19 21:33 . 2007-12-19 21:33 2,359,350 --a------ C:\WINDOWS\BricoPack Wallpaper.bmp
2007-12-19 21:33 . 2007-12-19 21:33 65,203 --a------ C:\WINDOWS\BricoPackUninst.cmd
2007-12-19 21:23 . 2007-12-19 21:33 6,116 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
2007-12-16 13:51 . 2005-06-12 18:29 77,824 --a------ C:\WINDOWS\system32\fmcodec.DLL
2007-12-16 13:29 . 2007-12-16 13:45 171 --a------ C:\WINDOWS\system32\temp_0000_65-20.aok
2007-12-16 13:27 . 2007-12-16 13:27 172 --a------ C:\WINDOWS\system32\test.aok
2007-12-16 13:25 . 2007-12-16 13:26 <REP> d-------- C:\Program Files\Allok Video to FLV Converter
2007-12-16 13:25 . 2004-01-11 08:02 258,048 --a------ C:\WINDOWS\system32\GplMpgDec.ax
2007-12-16 13:25 . 2006-10-24 14:16 242,176 --a------ C:\WINDOWS\system32\fixflash.exe
2007-12-16 13:25 . 2007-04-12 14:19 129,024 --a------ C:\WINDOWS\system32\AVERM.dll
2007-12-16 13:25 . 2006-09-26 13:57 28,672 --a------ C:\WINDOWS\system32\AVEQT.dll
2007-12-15 16:40 . 2007-12-15 16:42 <REP> d-------- C:\Program Files\AdorageI-GfxDatas
2007-12-15 16:31 . 2007-12-15 16:31 51 --a------ C:\WINDOWS\system32\blue.SITENAME
2007-12-15 16:30 . 2007-12-15 17:13 455 --a------ C:\WINDOWS\VFO.VST
2007-12-15 16:29 . 2002-09-24 11:12 2,653,888 --a------ C:\WINDOWS\system32\LTRDG13n.OCX
2007-12-15 16:29 . 2002-09-24 11:12 534,192 --a------ C:\WINDOWS\system32\LTRVW13N.OCX
2007-12-15 16:29 . 2002-09-24 11:12 466,624 --a------ C:\WINDOWS\system32\LTRPR13n.DLL
2007-12-15 16:29 . 2005-07-12 14:25 401,408 --a------ C:\WINDOWS\system32\pvmjpg30.dll
2007-12-15 16:29 . 2002-09-24 11:12 194,248 --a------ C:\WINDOWS\system32\LTRFD13n.DLL
2007-12-15 16:28 . 2006-03-28 23:50 233,472 --a------ C:\WINDOWS\system32\DiskIO.dll
2007-12-15 16:28 . 2002-09-24 11:12 185,856 --a------ C:\WINDOWS\system32\lfpng13s.dll
2007-12-15 16:28 . 2006-03-28 23:45 184,320 --a------ C:\WINDOWS\system32\RALMain.dll
2007-12-15 16:28 . 2004-01-02 13:28 126,976 --------- C:\WINDOWS\system32\AVIPrAx.dll
2007-12-15 16:28 . 2002-09-24 11:12 79,360 --a------ C:\WINDOWS\system32\lfeps13s.dll
2007-12-15 16:28 . 2002-09-24 11:12 74,752 --a------ C:\WINDOWS\system32\lfgif13s.dll
2007-12-15 16:28 . 2001-12-11 23:21 73,728 --------- C:\WINDOWS\system32\MMAviAx.dll
2007-12-15 16:28 . 2003-04-21 16:11 44,544 --a------ C:\WINDOWS\system32\msxml4a.dll
2007-12-15 16:28 . 2005-12-12 16:57 32,768 --------- C:\WINDOWS\system32\MLPagAx.dll
2007-12-15 16:26 . 2003-11-10 17:06 26,624 --------- C:\WINDOWS\system32\PSDrvCheck.JP
2007-12-15 16:26 . 2003-11-10 17:06 26,624 --------- C:\WINDOWS\system32\PSDrvCheck.IT
2007-12-15 16:26 . 2003-11-10 17:06 26,624 --------- C:\WINDOWS\system32\PSDrvCheck.FR
2007-12-15 16:26 . 2003-11-10 17:06 26,624 --------- C:\WINDOWS\system32\PSDrvCheck.ES
2007-12-15 16:26 . 2003-11-10 17:06 26,624 --------- C:\WINDOWS\system32\PSDrvCheck.DE
2007-12-15 16:26 . 2003-11-10 17:06 16,896 --------- C:\WINDOWS\system32\PSDrvCheck.NL
2007-12-15 16:26 . 2003-10-21 10:02 16,896 --------- C:\WINDOWS\system32\PSDrvCheck.KO
2007-12-15 16:23 . 2007-12-15 16:23 <REP> d-------- C:\Program Files\Microsoft SQL Server
2007-12-15 16:23 . 2002-12-17 17:23 33,340 --a------ C:\WINDOWS\system32\dbmsqlgc.dll
2007-12-15 16:23 . 2002-10-20 15:05 24,576 --a------ C:\WINDOWS\system32\dbmsgnet.dll
2007-12-15 16:22 . 2007-12-15 16:22 <REP> d-------- C:\WINDOWS\Cache
2007-12-15 16:22 . 2003-03-19 04:04 765,952 --------- C:\WINDOWS\system32\msvcp71d.dll
2007-12-15 16:22 . 2003-03-19 04:03 544,768 --------- C:\WINDOWS\system32\msvcr71d.dll
2007-12-15 16:07 . 2007-12-15 16:07 <REP> d-------- C:\Program Files\SmartSound Software
2007-12-15 16:07 . 2007-12-15 16:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
2007-12-15 16:04 . 2007-12-29 22:16 <REP> d-------- C:\Program Files\QuickTime
2007-12-15 16:04 . 2007-12-15 16:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-12-15 16:03 . 2007-12-24 13:38 359 --a------ C:\WINDOWS\VFO.INI

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-06 15:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Zabersoft
2008-12-06 15:40 --------- d-----w C:\Program Files\WinHTTrack
2008-12-06 10:32 --------- d-----w C:\Documents and Settings\Guisse\Application Data\spy-rid.com
2008-12-06 06:17 --------- d-----w C:\Documents and Settings\Guisse\Application Data\InfeStop.com
2008-01-15 07:51 --------- d-----w C:\Documents and Settings\Guisse\Application Data\LimeWire
2008-01-15 07:49 --------- d-----w C:\Program Files\eMule
2008-01-15 00:28 --------- d-----w C:\Program Files\Alice
2008-01-15 00:28 --------- d-----w C:\Program Files\AdobeAudition 2.0
2008-01-14 17:59 --------- d-----w C:\Documents and Settings\Guisse\Application Data\Azureus
2008-01-14 17:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-09 21:49 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-01-09 21:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-12-29 18:39 --------- d-----w C:\Program Files\LimeWire
2007-12-25 06:50 --------- d-----w C:\Program Files\Google
2007-12-24 15:13 --------- d-----w C:\Program Files\Azureus
2007-12-24 13:51 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-12-24 13:26 --------- d-----w C:\Documents and Settings\Guisse\Application Data\proDAD
2007-12-24 13:24 --------- d-----w C:\Program Files\Moyea
2007-12-24 13:23 --------- d-----w C:\Program Files\Labtec
2007-12-24 13:15 --------- d-----w C:\Program Files\Windows Live
2007-12-24 13:06 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-12-24 12:59 --------- d-----w C:\Program Files\Pinnacle
2007-12-22 06:10 --------- d-----w C:\Program Files\DAEMON Tools SearchBar
2007-12-19 20:41 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-19 20:33 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
2007-12-15 15:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Pinnacle
2007-12-07 22:28 1,594,541 ----a-w C:\WINDOWS\WANEUninstaller.exe
2007-12-07 21:44 --------- d-----w C:\Program Files\Worms 3D
2007-12-03 20:33 --------- d-----w C:\Program Files\OpenOffice.org 2.3
2007-11-30 16:10 --------- d-----w C:\Program Files\Video cache view
2007-11-28 21:56 --------- d-----w C:\Program Files\Fichiers communs\Logitech
2007-11-28 21:55 --------- d-----w C:\Program Files\directx
2007-11-28 21:43 --------- d-----w C:\Program Files\webcamXP
2007-11-28 21:02 4,608 ----a-w C:\WINDOWS\system32\w95inf32.dll
2007-11-27 15:18 --------- d-----w C:\Program Files\CrazyPixels
2007-11-26 18:34 --------- d-----w C:\Program Files\proDAD
2007-11-26 18:19 --------- d-----w C:\Program Files\AdorageI-SAL
2007-11-25 20:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
2007-11-18 07:49 --------- d-----w C:\Documents and Settings\Guisse\Application Data\OpenOffice.org2
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-24 05:26 17,920 ----a-w C:\Documents and Settings\Guisse\Application Data\GDIPFONTCACHEV1.DAT
2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2005-12-13 13:39 200,704 ----a-w C:\Program Files\ECB.exe
2005-12-13 13:38 122 ----a-w C:\Program Files\Config.ini
.
[color=red]Files Infected - Win32.Agent.zb[/color]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
={750fdf0e-2a26-11d1-a3ea-080036587f03}
={4E77131D-3629-431c-9818-C5679DC83E81}
={99FD978C-D287-4F50-827F-B2C658EDA8E7}
={AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}
={920E6DB1-9907-4370-B3A0-BAFC03D81399}
={16F3DD56-1AF5-4347-846D-7C10C4192619}
={2916C86E-86A6-43FE-8112-43ABE6BF8DCC}
={b32a6748-f273-4546-b60a-3c5adc239de5}
={36A21736-36C2-4C11-8ACB-D4136F2B57BD}
={EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD}
={666C7833-A9B6-4AB4-94ED-DC238C81E925}
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"AdVantage"="C:\Program Files\AdVantage\AdVantage.exe" [ ]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-10-09 10:28 139264]
"DAEMON Tools"="J:\Logiciel\Program Files\DAEMON Tools\daemon.exe" [ ]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2005-06-08 07:42 14565376 C:\WINDOWS\RTHDCPL.EXE]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2007-12-26 09:10 344064]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-06-29 00:09 32768]
"CmCardRun"="C:\WINDOWS\system32\CmWatch.exe" [2003-09-16 17:50 229376]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-12-26 09:10 132496]
"LVCOMS"="C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE" [2007-12-26 09:10 135214]
"WebcamMaxMoniter"="C:\Program Files\WebcamMax\wcmmon.exe" [2007-08-01 01:55 450048]
"FixCamera"="C:\WINDOWS\FixCamera.exe" [2007-02-12 14:50 20480]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"eCarteBleue-LPV-P1"="C:\Program Files\ECB.exe" [2005-12-13 14:39 200704]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2006-11-24 00:06 487424]
"tsnp2std"="C:\WINDOWS\tsnp2std.exe" [2006-11-29 16:11 258048]
"snp2std"="C:\WINDOWS\vsnp2std.exe" [2006-09-15 13:21 675840]
"servicestub.exe"="C:\WINDOWS\servicestub.exe" [2008-01-14 22:06 42941]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-01-14 22:17 579072]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-12-29 22:16 286720]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"StartUp"="C:\WINDOWS\trayicons.exe" [ ]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-01-14 22:17 219136]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 14:39 294400]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Barre d'état système d'ATI CATALYST.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Barre d'état système d'ATI CATALYST.lnk
backup=C:\WINDOWS\pss\Barre d'état système d'ATI CATALYST.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Desktop Search.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Desktop Search.lnk
backup=C:\WINDOWS\pss\Windows Desktop Search.lnkCommon Startup

R1 kbfilter;Keyboard Filter Driver;C:\WINDOWS\system32\drivers\kbfilter.sys [2002-10-15 14:48]
R1 moufiltr;Mouse Filter Driver;C:\WINDOWS\system32\drivers\moufiltr.sys [2003-01-23 14:29]
R2 CamthWDM;WebcamMax, WDM Video Capture;C:\WINDOWS\system32\DRIVERS\CamthWDM.sys [2007-01-11 06:39]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2007-11-12 16:27]
R3 UMSSSTOR;C-Media Storage;C:\WINDOWS\system32\DRIVERS\UMSS.SYS [2004-07-13 12:40]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 06:58]
S3 scan;BitDefender Threat Scanner;C:\WINDOWS\System32\svchost.exe [2004-08-20 00:10]
S3 se44bus;Sony Ericsson Device 068 driver (WDM);C:\WINDOWS\system32\DRIVERS\se44bus.sys [2006-11-30 13:58]
S3 se44mdfl;Sony Ericsson Device 068 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se44mdfl.sys [2006-11-30 13:58]
S3 se44mdm;Sony Ericsson Device 068 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se44mdm.sys [2006-11-30 13:58]
S3 se44mgmt;Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se44mgmt.sys [2006-11-30 13:58]
S3 se44nd5;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS);C:\WINDOWS\system32\DRIVERS\se44nd5.sys [2006-11-30 13:58]
S3 se44obex;Sony Ericsson Device 068 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se44obex.sys [2006-11-30 13:58]
S3 se44unic;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM);C:\WINDOWS\system32\DRIVERS\se44unic.sys [2006-11-30 13:58]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD);C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2007-01-26 16:48]
S3 StMp3Rec;Pilote de périphérique de la restauration de lecteur;C:\WINDOWS\system32\Drivers\StMp3Rec.sys [2007-02-15 14:14]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 07:08]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C]
\Shell\AutoRun\command - C:\
\Shell\open\Command - C:\F82EC657.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0aeeb6cf-a50f-11dc-8b50-0013d3a45508}]
\Shell\AutoRun\command - E:\
\Shell\open\Command - D88777EE.exe

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-15 12:20:58
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-15 12:21:58
ComboFix-quarantined-files.txt 2008-01-15 11:21:55
ComboFix2.txt 2008-01-11 17:59:41
ComboFix3.txt 2008-01-10 03:37:33
.
2008-01-11 02:03:05 --- E O F ---

Et un nouveau rapport HijackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:24, on 2008-01-15
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\WINDOWS\system32\CmWatch.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\Program Files\WebcamMax\wcmmon.exe
C:\WINDOWS\FixCamera.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\vsnp2std.exe
C:\WINDOWS\servicestub.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [CmCardRun] C:\WINDOWS\system32\CmWatch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\wcmmon.exe" /a
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] ; "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [eCarteBleue-LPV-P1] ; "C:\Program Files\ECB.exe" /dontopenmycards
O4 - HKLM\..\Run: [NeroFilterCheck] ; C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] ; "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [servicestub.exe] C:\WINDOWS\servicestub.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AdVantage] ; "C:\Program Files\AdVantage\AdVantage.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] ; "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools] ; "J:\Logiciel\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [swg] ; C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [StartUp] C:\WINDOWS\trayicons.exe /optimize speed (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [StartUp] C:\WINDOWS\trayicons.exe /optimize speed (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/downloadcontrol.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys

Réponse 49 / 65

Le sioux Messages postés 4907 Statut Contributeur sécurité 496

Bonsoir

Je bosse ce soir et regarde ça dès que cela me sera possible.

@ bientôt.

Réponse 50 / 65

GeoGeo

Salut Le Sioux, tu a put regarder ?

Réponse 51 / 65

Le sioux Messages postés 4907 Statut Contributeur sécurité 496

Hello Geo geo

Excuse pas beaucoup dispo le sioux ces derniers jours ...

ComboFix avec CFScript :

* Sélectionne le texte suivant (en gras) dans son intégralité :

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"servicestub.exe"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdVantage"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0aeeb6 cf-a50f-11dc-8b50-0013d3a45508}]
File::
C:\m9w3l6u1g1.exe
C:\Documents and Settings\Guisse\Application Data\EasySpywareCleaner.com
C:\WINDOWS\servicestub.exe
C:\Program Files\AdVantage\AdVantage.exe
C:\WINDOWS\trayicons.exe
Folder::
C:\Program Files\AdVantage

* Copie le texte sélectionné (CTRL+C).
* Ouvre le bloc-notes (programme>Accessoires >bloc-notes).
* Colle le texte copié dans ce bloc-notes (CTRL+V).
* Sauvegarde ce fichier sous le nom de CFScript.txt

Déconnecte toi du net et désactive ton antivirus pour que Combofix puisse s'exécuter normalement

* Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe ( sur ton bureau)

* Une fenêtre bleue va apparaître: au message qui apparaît Type 1 to continue, or 2 to abort , tape 1 puis valide.

* Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

--> Une fois le scan achevé, un rapport va s'afficher : Poste son contenu et un nouveau rapport HijackThis

(Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt )

@ suivre

Réponse 52 / 65

GeoGeo

Ok, c'est pâs grave sit t'a pas trop le temps, c'est déjà bien gentil de m'aide, prend le temps qu'il te faut.

Nouveau rapport ComboFix :

ComboFix 08-01-11.1 - Guisse 2008-01-18 9:48:53.5 - NTFSx86
Running from: C:\Documents and Settings\Guisse\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Guisse\Bureau\CFScript.txt C:\Documents and Settings\Guisse\Bureau\CFScript.txt
* Created a new restore point

FILE
C:\Documents and Settings\Guisse\Application Data\EasySpywareCleaner.com
C:\m9w3l6u1g1.exe
C:\Program Files\AdVantage\AdVantage.exe
C:\WINDOWS\servicestub.exe
C:\WINDOWS\trayicons.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\servicestub.exe
C:\WINDOWS\W0034_jpg.zip

.
((((((((((((((((((((((((((((( Fichiers créés 2007-12-18 to 2008-01-18 ))))))))))))))))))))))))))))))))))))
.

2008-01-18 08:57 . 2008-01-18 08:58 154,979 --a------ C:\i2n4r9g1.exe
2008-01-17 14:19 . 2008-01-17 14:19 <REP> d-------- C:\Program Files\Editeur
2008-01-16 23:46 . 2008-01-16 23:46 <REP> d-------- C:\Program Files\Larousse
2008-01-16 19:47 . 2008-01-17 21:18 <REP> d-------- C:\Program Files\LiveKillCleanMessenger
2008-01-16 19:47 . 2008-01-16 19:47 <REP> d-------- C:\Documents and Settings\Guisse\Application Data\Live-Prod
2008-01-16 19:30 . 2008-01-16 19:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-01-15 10:18 . 2008-01-15 10:18 <REP> d-------- C:\Documents and Settings\Guisse\Application Data\ACD Systems
2008-01-14 22:18 . 2008-01-14 22:18 <REP> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-01-14 22:18 . 2008-01-18 08:00 <REP> d-------- C:\Documents and Settings\Guisse\Application Data\AVG7
2008-01-14 22:17 . 2008-01-15 00:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg7
2008-01-14 22:06 . 2008-01-17 23:54 <REP> d--h----- C:\Program Files\Fichiers communs\Carlson
2008-01-14 18:02 . 2008-01-14 18:02 <REP> d-------- C:\Program Files\Fichiers communs\snp2std
2008-01-14 18:02 . 2008-01-14 18:02 <REP> d-------- C:\Documents and Settings\Guisse\Application Data\InstallShield
2008-01-14 18:02 . 2007-01-26 16:48 12,028,032 --a------ C:\WINDOWS\system32\drivers\snp2sxp.sys
2008-01-14 18:02 . 2006-09-15 13:21 675,840 --a------ C:\WINDOWS\vsnp2std.exe
2008-01-14 18:02 . 2006-11-29 16:11 258,048 --a------ C:\WINDOWS\tsnp2std.exe
2008-01-14 18:02 . 2006-10-03 14:35 249,856 --a------ C:\WINDOWS\system32\vsnp2std.dll
2008-01-14 18:02 . 2007-02-05 15:25 151,552 --a------ C:\WINDOWS\system32\rsnp2std.dll
2008-01-14 18:02 . 2006-11-16 15:57 77,824 --a------ C:\WINDOWS\system32\csnp2std.dll
2008-01-14 18:02 . 2007-01-25 18:48 25,472 --a------ C:\WINDOWS\system32\drivers\sncamd.sys
2008-01-14 18:02 . 2004-12-09 17:23 15,497 --a------ C:\WINDOWS\snp2std.ini
2008-01-14 18:02 . 2004-12-09 17:23 13,022 --a------ C:\WINDOWS\snp2std.src
2008-01-10 19:11 . 2008-01-10 19:11 <REP> d-------- C:\Program Files\Philips Flat Panel Adjust
2008-01-09 19:12 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-12-29 16:44 . 2007-12-29 16:44 <REP> d-------- C:\Documents and Settings\Guisse\Application Data\Webcammax
2007-12-29 16:39 . 2007-12-29 16:39 <REP> d-------- C:\Documents and Settings\Guisse\Application Data\EasySpywareCleaner.com
2007-12-29 15:15 . 2007-12-29 15:15 <REP> d-------- C:\Documents and Settings\Guisse\Application Data\Bitdefender
2007-12-29 15:14 . 2007-12-29 05:25 <REP> d-------- C:\Program Files\BitDefender
2007-12-29 05:28 . 2008-01-13 18:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Webcammax
2007-12-29 05:27 . 2007-12-29 16:47 <REP> d-------- C:\Program Files\WebcamMax
2007-12-29 02:55 . 2007-12-29 02:55 <REP> d-------- C:\Program Files\MSECache
2007-12-27 20:25 . 2008-01-14 22:17 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-12-27 20:23 . 2007-12-27 20:23 <REP> d-------- C:\Program Files\CCleaner
2007-12-27 15:07 . 2007-12-27 15:07 <REP> d-------- C:\Program Files\Wanadoo Edition
2007-12-27 11:44 . 2007-12-27 11:48 <REP> d-------- C:\Program Files\Error Repair Professional
2007-12-26 01:01 . 2007-12-26 01:01 <REP> d-------- C:\Program Files\PC Inspector File Recovery
2007-12-26 01:01 . 2002-02-18 18:40 6,200 --a------ C:\WINDOWS\system32\INT13EXT.VXD
2007-12-25 14:50 . 2007-12-25 14:50 <REP> d-------- C:\Program Files\GetData
2007-12-25 14:50 . 2007-12-25 15:23 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-12-25 12:36 . 2007-12-25 12:37 <REP> d-------- C:\WINDOWS\ERUNT
2007-12-25 08:23 . 2008-01-15 02:26 <REP> d-------- C:\Program Files\REST2514
2007-12-24 19:54 . 2007-12-25 15:58 2,836 --a------ C:\WINDOWS\system32\tmp.reg
2007-12-24 19:52 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-12-24 19:52 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-12-24 19:52 . 2007-12-20 23:11 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe
2007-12-24 19:52 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-12-24 19:52 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-12-24 19:52 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-12-24 19:50 . 2008-01-15 02:26 <REP> d-------- C:\SmitfraudFix
2007-12-24 14:04 . 2007-12-24 14:04 <REP> d-------- C:\Program Files\splus
2007-12-24 14:04 . 2005-10-17 18:13 447,488 --a------ C:\WINDOWS\system32\splus.cpl
2007-12-24 11:30 . 2007-12-24 11:30 <REP> d-------- C:\Program Files\Trend Micro
2007-12-20 22:24 . 2007-12-20 22:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-19 21:33 . 2007-12-19 21:33 2,359,350 --a------ C:\WINDOWS\BricoPack Wallpaper.bmp
2007-12-19 21:33 . 2007-12-19 21:33 65,203 --a------ C:\WINDOWS\BricoPackUninst.cmd
2007-12-19 21:23 . 2007-12-19 21:33 6,116 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-06 15:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Zabersoft
2008-12-06 15:40 --------- d-----w C:\Program Files\WinHTTrack
2008-12-06 10:32 --------- d-----w C:\Documents and Settings\Guisse\Application Data\spy-rid.com
2008-12-06 06:17 --------- d-----w C:\Documents and Settings\Guisse\Application Data\InfeStop.com
2008-01-18 08:01 --------- d-----w C:\Documents and Settings\Guisse\Application Data\Azureus
2008-01-18 04:38 --------- d-----w C:\Program Files\eMule
2008-01-17 08:57 --------- d-----w C:\Documents and Settings\Guisse\Application Data\LimeWire
2008-01-16 22:46 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-16 18:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-16 17:03 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-01-16 16:11 --------- d-----w C:\Program Files\Windows Live
2008-01-15 00:28 --------- d-----w C:\Program Files\Alice
2008-01-15 00:28 --------- d-----w C:\Program Files\AdobeAudition 2.0
2008-01-09 21:49 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-12-29 21:16 --------- d-----w C:\Program Files\QuickTime
2007-12-29 18:39 --------- d-----w C:\Program Files\LimeWire
2007-12-25 06:50 --------- d-----w C:\Program Files\Google
2007-12-24 15:13 --------- d-----w C:\Program Files\Azureus
2007-12-24 13:51 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-12-24 13:26 --------- d-----w C:\Documents and Settings\Guisse\Application Data\proDAD
2007-12-24 13:24 --------- d-----w C:\Program Files\Moyea
2007-12-24 13:23 --------- d-----w C:\Program Files\Labtec
2007-12-24 13:06 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-12-24 12:59 --------- d-----w C:\Program Files\Pinnacle
2007-12-22 06:10 --------- d-----w C:\Program Files\DAEMON Tools SearchBar
2007-12-19 20:33 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
2007-12-16 12:26 --------- d-----w C:\Program Files\Allok Video to FLV Converter
2007-12-15 15:42 --------- d-----w C:\Program Files\AdorageI-GfxDatas
2007-12-15 15:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Pinnacle
2007-12-15 15:23 --------- d-----w C:\Program Files\Microsoft SQL Server
2007-12-15 15:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
2007-12-15 15:07 --------- d-----w C:\Program Files\SmartSound Software
2007-12-15 15:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-12-07 22:28 1,594,541 ----a-w C:\WINDOWS\WANEUninstaller.exe
2007-12-07 21:44 --------- d-----w C:\Program Files\Worms 3D
2007-12-03 20:33 --------- d-----w C:\Program Files\OpenOffice.org 2.3
2007-11-30 16:10 --------- d-----w C:\Program Files\Video cache view
2007-11-28 21:56 --------- d-----w C:\Program Files\Fichiers communs\Logitech
2007-11-28 21:55 --------- d-----w C:\Program Files\directx
2007-11-28 21:43 --------- d-----w C:\Program Files\webcamXP
2007-11-28 21:02 4,608 ----a-w C:\WINDOWS\system32\w95inf32.dll
2007-11-27 15:18 --------- d-----w C:\Program Files\CrazyPixels
2007-11-26 18:34 --------- d-----w C:\Program Files\proDAD
2007-11-26 18:19 --------- d-----w C:\Program Files\AdorageI-SAL
2007-11-25 20:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
2007-11-18 07:49 --------- d-----w C:\Documents and Settings\Guisse\Application Data\OpenOffice.org2
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-24 05:26 17,920 ----a-w C:\Documents and Settings\Guisse\Application Data\GDIPFONTCACHEV1.DAT
2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2005-12-13 13:39 200,704 ----a-w C:\Program Files\ECB.exe
2005-12-13 13:38 122 ----a-w C:\Program Files\Config.ini
.
[color=red]Files Infected - Win32.Agent.zb[/color]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
.

((((((((((((((((((((((((((((( snapshot@2008-01-10_ 4.35.51.31 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-10-17 01:04:25 68,608 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-01-16 18:30:40 68,608 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2007-10-17 01:04:36 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-01-16 18:31:01 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2007-10-17 01:04:36 4,308,992 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-01-16 18:31:02 4,308,992 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2007-10-17 01:04:38 482,304 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-01-16 18:31:05 482,304 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2007-10-17 01:04:33 2,902,016 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2008-01-16 18:30:52 2,902,016 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2007-10-17 01:04:20 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-01-16 18:30:30 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2007-10-17 01:04:20 114,176 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2008-01-16 18:30:30 114,176 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2007-10-17 01:04:44 260,096 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2008-01-16 18:31:18 260,096 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2007-10-17 01:04:29 5,156,864 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-01-16 18:30:47 5,156,864 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2007-10-17 01:04:24 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-01-16 18:30:38 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2007-10-17 01:04:19 507,904 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2008-01-16 18:30:28 507,904 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2007-10-17 01:04:21 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-01-16 18:30:32 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2007-10-17 01:04:35 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-01-16 18:30:56 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2007-10-17 01:04:35 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-01-16 18:30:57 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2007-10-17 01:04:35 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-01-16 18:30:59 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2007-10-17 01:04:22 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2008-01-16 18:30:34 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2007-10-17 01:04:23 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2008-01-16 18:30:35 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2007-10-17 01:04:23 647,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2008-01-16 18:30:36 647,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2007-10-17 01:04:24 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2008-01-16 18:30:37 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2007-10-17 01:04:21 749,568 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-01-16 18:30:33 749,568 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2007-10-17 01:04:46 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-01-16 18:31:21 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2007-10-17 01:04:46 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2008-01-16 18:31:20 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2007-10-17 01:04:17 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-01-16 18:30:25 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2007-10-17 01:04:45 667,648 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-01-16 18:31:19 667,648 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2007-10-17 01:04:47 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2008-01-16 18:31:22 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2007-10-17 01:04:19 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-01-16 18:30:28 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2007-10-17 01:04:18 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-01-16 18:30:26 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2007-10-17 01:04:18 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-01-16 18:30:27 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2007-10-17 01:04:41 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2008-01-16 18:31:12 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2007-10-17 01:04:25 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-01-16 18:30:41 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2007-10-17 01:04:42 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2008-01-16 18:31:13 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2007-10-17 01:04:39 716,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2008-01-16 18:31:06 716,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2007-10-17 01:04:20 888,832 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2008-01-16 18:30:31 888,832 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2007-10-17 01:04:34 5,001,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-01-16 18:30:54 5,001,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2007-10-17 01:04:27 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2008-01-16 18:30:43 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2007-10-17 01:04:26 397,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-01-16 18:30:41 397,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2007-10-17 01:04:27 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-01-16 18:30:44 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2007-10-17 01:04:43 577,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-01-16 18:31:16 577,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2007-10-17 01:04:39 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-01-16 18:31:08 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2007-10-17 01:04:44 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-01-16 18:31:17 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2007-10-17 01:04:40 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-01-16 18:31:10 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2007-10-17 01:04:41 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-01-16 18:31:11 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2007-10-17 01:04:25 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-01-16 18:30:39 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2007-10-17 01:04:28 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-01-16 18:30:46 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2007-10-17 01:04:44 835,584 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-01-16 18:31:18 835,584 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2007-10-17 01:04:30 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-01-16 18:30:48 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2007-10-17 01:04:30 823,296 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-01-16 18:30:49 823,296 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2007-10-17 01:04:31 5,152,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-01-16 18:30:50 5,152,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2007-10-17 01:04:32 2,027,520 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2008-01-16 18:30:51 2,027,520 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2007-10-17 01:04:42 2,940,928 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-01-16 18:31:15 2,940,928 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2000-08-31 07:00:00 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
+ 2008-01-18 08:48:25 233,472 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-01-18 08:48:25 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-01-18 08:48:25 233,472 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000003\NTUSER.DAT
+ 2008-01-18 08:48:25 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000004\UsrClass.dat
+ 2008-01-18 08:48:26 6,107,136 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000005\ntuser.dat
+ 2008-01-18 08:48:26 204,800 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000006\UsrClass.dat
+ 2008-01-16 22:46:01 32,768 ----a-r C:\WINDOWS\Installer\{716E0306-8318-4364-8B8F-0CC4E9376BAC}\icon.exe
- 2008-01-09 21:49:45 29,926 ----a-r C:\WINDOWS\Installer\{BADF6744-3787-48F6-B8C9-4C4995401D65}\MsblIco.Exe
+ 2008-01-16 16:56:46 29,926 ----a-r C:\WINDOWS\Installer\{BADF6744-3787-48F6-B8C9-4C4995401D65}\MsblIco.Exe
- 2005-09-23 05:28:52 72,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2005-09-23 06:28:52 72,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe
- 2005-09-23 05:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_diasymreader.dll
- 2005-09-23 05:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_iehost.dll
+ 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_iehost.dll
- 2005-09-23 05:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
- 2005-09-23 05:29:04 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_microsoft.vsa.vb.codedomprocessor.dll
+ 2005-09-23 06:29:04 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_microsoft.vsa.vb.codedomprocessor.dll
- 2005-09-23 05:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_mscordbi.dll
- 2005-09-23 05:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_mscorrc.dll
- 2005-09-23 05:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_mscorsec.dll
- 2005-09-23 05:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_system.configuration.install.dll
- 2005-09-23 05:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_system.data.dll
+ 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_system.data.dll
- 2005-09-23 05:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
- 2005-09-23 05:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_VsaVb7rt.dll
+ 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_VsaVb7rt.dll
- 2005-09-23 05:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_wminet_utils.dll
- 2005-09-23 05:28:52 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll
+ 2005-09-23 06:28:52 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll
- 2005-09-23 05:28:56 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2005-09-23 06:28:56 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
- 2005-09-23 05:28:58 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2005-09-23 06:28:58 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
- 2005-09-23 05:28:56 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\SharedReg12.dll
+ 2005-09-23 06:28:56 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\SharedReg12.dll
- 2005-09-23 05:28:52 86,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2005-09-23 06:28:52 86,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
- 2005-09-23 05:28:36 18,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2005-09-23 06:28:36 18,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
- 2005-09-23 05:28:42 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2005-09-23 06:28:42 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
- 2005-09-23 05:28:44 4,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2005-09-23 06:28:44 4,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
- 2005-09-23 05:29:04 183,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2005-09-23 06:29:04 183,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
- 2005-09-23 05:28:28 208,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2005-09-23 06:28:28 208,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
- 2005-09-23 05:28:56 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2005-09-23 06:28:56 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
- 2005-09-23 05:28:58 138,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2005-09-23 06:28:58 138,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
- 2005-09-23 05:28:36 87,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2005-09-23 06:28:36 87,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll
- 2007-04-13 01:21:18 58,712 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2007-04-13 02:21:18 58,712 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
- 2005-09-23 05:28:32 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2005-09-23 06:28:32 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
- 2007-04-13 01:20:52 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2007-04-13 02:20:52 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
- 2007-04-13 01:20:52 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2007-04-13 02:20:52 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
- 2007-04-13 01:20:52 23,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2007-04-13 02:20:52 23,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
- 2007-04-13 01:20:50 75,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2007-04-13 02:20:50 75,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
- 2005-09-23 05:28:32 13,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2005-09-23 06:28:32 13,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
- 2007-04-13 01:20:52 32,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2007-04-13 02:20:52 32,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
- 2005-09-23 05:28:32 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2005-09-23 06:28:32 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
- 2007-04-13 01:20:52 33,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2007-04-13 02:20:52 33,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
- 2007-04-13 01:20:52 32,600 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2007-04-13 02:20:52 32,600 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
- 2007-04-13 01:20:52 507,904 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2007-04-13 02:20:52 507,904 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2005-09-23 05:28:56 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2005-09-23 06:28:56 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
- 2007-04-13 01:21:16 88,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2007-04-13 02:21:16 88,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
- 2005-09-23 05:28:42 76,984 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2005-09-23 06:28:42 76,984 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe
- 2005-09-23 05:28:42 1,144,832 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2005-09-23 06:28:42 1,144,832 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
- 2005-09-23 05:28:42 13,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2005-09-23 06:28:42 13,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
- 2005-09-23 05:28:58 17,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2005-09-23 06:28:58 17,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
- 2005-09-23 05:28:56 68,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2005-09-23 06:28:56 68,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
- 2005-09-23 05:28:44 31,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2005-09-23 06:28:44 31,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
- 2005-09-23 05:28:38 52,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2005-09-23 06:28:38 52,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
- 2007-04-13 01:20:58 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2007-04-13 02:20:58 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
- 2005-09-23 05:29:12 547,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
+ 2005-09-23 06:29:12 547,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
- 2005-09-23 05:28:56 788,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2005-09-23 06:28:56 788,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
- 2005-09-23 05:28:50 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2005-09-23 06:28:50 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll
- 2007-04-13 01:21:16 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2007-04-13 02:21:16 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
- 2005-09-23 05:28:56 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2005-09-23 06:28:56 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
- 2005-09-23 05:28:56 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2005-09-23 06:28:56 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
- 2005-09-23 05:28:56 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2005-09-23 06:28:56 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
- 2007-04-13 01:21:16 228,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2007-04-13 02:21:16 228,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
- 2007-04-13 01:21:16 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2007-04-13 02:21:16 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2005-09-23 05:28:56 55,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2005-09-23 06:28:56 55,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
- 2005-09-23 05:28:56 72,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2005-09-23 06:28:56 72,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
- 2005-09-23 05:28:48 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2005-09-23 06:28:48 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe
- 2005-09-23 05:01:16 609,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
+ 2005-09-23 06:01:16 609,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
- 2005-09-23 04:29:48 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1025.dll
+ 2005-09-23 05:29:48 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1025.dll
- 2005-09-23 04:32:24 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1028.dll
+ 2005-09-23 05:32:24 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1028.dll
- 2005-09-23 04:34:10 82,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1029.dll
+ 2005-09-23 05:34:10 82,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1029.dll
- 2005-09-23 04:34:12 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1030.dll
+ 2005-09-23 05:34:12 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1030.dll
- 2005-09-23 04:34:44 85,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1031.dll
+ 2005-09-23 05:34:44 85,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1031.dll
- 2005-09-23 04:36:24 87,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1032.dll
+ 2005-09-23 05:36:24 87,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1032.dll
- 2005-09-23 01:46:14 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1033.dll
+ 2005-09-23 02:46:14 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1033.dll
- 2005-09-23 04:38:26 81,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1035.dll
+ 2005-09-23 05:38:26 81,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1035.dll
- 2005-09-23 04:38:52 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1036.dll
+ 2005-09-23 05:38:52 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1036.dll
- 2005-09-23 04:40:30 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1037.dll
+ 2005-09-23 05:40:30 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1037.dll
- 2005-09-23 04:40:32 83,968 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1038.dll
+ 2005-09-23 05:40:32 83,968 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1038.dll
- 2005-09-23 04:40:56 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1040.dll
+ 2005-09-23 05:40:56 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1040.dll
- 2005-09-23 04:42:58 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1041.dll
+ 2005-09-23 05:42:58 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1041.dll
- 2005-09-23 04:44:58 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1042.dll
+ 2005-09-23 05:44:58 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1042.dll
- 2005-09-23 04:46:38 83,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1043.dll
+ 2005-09-23 05:46:38 83,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1043.dll
- 2005-09-23 04:46:38 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1044.dll
+ 2005-09-23 05:46:38 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1044.dll
- 2005-09-23 04:46:40 83,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1045.dll
+ 2005-09-23 05:46:40 83,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1045.dll
- 2005-09-23 04:47:04 82,432 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1046.dll
+ 2005-09-23 05:47:04 82,432 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1046.dll
- 2005-09-23 04:47:30 82,432 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1049.dll
+ 2005-09-23 05:47:30 82,432 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1049.dll
- 2005-09-23 04:47:32 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1053.dll
+ 2005-09-23 05:47:32 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1053.dll
- 2005-09-23 04:47:32 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1055.dll
+ 2005-09-23 05:47:32 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1055.dll
- 2005-09-23 04:30:18 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.2052.dll
+ 2005-09-23 05:30:18 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.2052.dll
- 2005-09-23 04:47:06 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.2070.dll
+ 2005-09-23 05:47:06 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.2070.dll
- 2005-09-23 04:29:50 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.3076.dll
+ 2005-09-23 05:29:50 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.3076.dll
- 2005-09-23 04:36:48 85,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.3082.dll
+ 2005-09-23 05:36:48 85,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.3082.dll
- 2005-09-23 05:57:06 245,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\unicows.dll
+ 2005-09-23 06:57:06 245,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\unicows.dll
- 2007-04-13 01:21:10 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2007-04-13 02:21:10 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
- 2005-09-23 05:28:48 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2005-09-23 06:28:48 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
- 2007-04-13 01:21:10 647,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2007-04-13 02:21:10 647,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
- 2005-09-23 05:28:48 73,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2005-09-23 06:28:48 73,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
- 2007-04-13 01:21:08 749,568 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2007-04-13 02:21:08 749,568 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
- 2005-09-23 05:29:10 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2005-09-23 06:29:10 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
- 2005-09-23 05:29:10 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2005-09-23 06:29:10 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
- 2005-09-23 05:29:08 667,648 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2005-09-23 06:29:08 667,648 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
- 2005-09-23 05:28:30 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2005-09-23 06:28:30 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
- 2005-09-23 05:29:10 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2005-09-23 06:29:10 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
- 2005-09-23 05:28:30 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2005-09-23 06:28:30 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
- 2005-09-23 05:28:30 12,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2005-09-23 06:28:30 12,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2005-09-23 05:28:30 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2005-09-23 06:28:30 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
- 2007-04-13 01:20:52 87,040 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2007-04-13 02:20:52 87,040 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
- 2005-09-23 05:28:48 69,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2005-09-23 06:28:48 69,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- 2007-04-13 01:21:18 802,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2007-04-13 02:21:18 802,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2005-09-23 05:28:56 73,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2005-09-23 06:28:56 73,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
- 2005-09-23 05:28:56 288,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2005-09-23 06:28:56 288,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
- 2007-04-13 01:21:16 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2007-04-13 02:21:16 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
- 2007-04-13 01:21:16 326,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2007-04-13 02:21:16 326,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
- 2005-09-23 05:28:56 81,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2005-09-23 06:28:56 81,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
- 2007-04-13 01:21:16 4,308,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2007-04-13 02:21:16 4,308,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2007-04-13 01:21:16 102,912 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2007-04-13 02:21:16 102,912 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
- 2005-09-23 05:29:00 330,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2005-09-23 06:29:00 330,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
- 2005-09-23 05:28:56 67,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2005-09-23 06:28:56 67,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
- 2005-09-23 05:28:50 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2005-09-23 06:28:50 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
- 2007-04-13 01:21:18 227,328 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2007-04-13 02:21:18 227,328 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
- 2007-04-13 01:21:18 68,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2007-04-13 02:21:18 68,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
- 2005-09-23 05:28:56 10,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2005-09-23 06:28:56 10,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
- 2007-04-13 01:21:12 5,634,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2007-04-13 02:21:12 5,634,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2005-09-23 05:29:00 22,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\[u]0[/u]409\mscorsecr.dll
+ 2005-09-23 06:29:00 22,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\[u]0[/u]409\mscorsecr.dll
- 2007-04-13 01:21:16 99,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2007-04-13 02:21:16 99,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe
- 2007-04-13 01:21:18 15,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2007-04-13 02:21:18 15,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll
- 2005-09-23 05:28:56 78,336 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
+ 2005-09-23 06:28:56 78,336 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
- 2007-04-13 01:21:12 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2007-04-13 02:21:12 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll
- 2005-09-23 05:28:56 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2005-09-23 06:28:56 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
- 2005-09-23 05:28:56 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2005-09-23 06:28:56 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- 2005-09-23 05:29:02 59,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2005-09-23 06:29:02 59,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
- 2005-09-23 05:28:58 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2005-09-23 06:28:58 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
- 2005-09-23 05:28:56 107,520 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2005-09-23 06:28:56 107,520 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
- 2005-09-23 05:29:00 85,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2005-09-23 06:29:00 85,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
- 2007-04-13 01:21:18 382,464 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2007-04-13 02:21:18 382,464 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2007-04-13 01:21:18 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2007-04-13 02:21:18 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
- 2007-04-13 01:21:18 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2007-04-13 02:21:18 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2005-09-23 05:28:56 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2005-09-23 06:28:56 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2007-04-13 01:21:16 2,902,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2007-04-13 02:21:16 2,902,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
- 2007-04-13 01:21:18 482,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2007-04-13 02:21:18 482,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
- 2007-04-13 01:21:18 716,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2007-04-13 02:21:18 716,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
- 2007-04-13 01:20:58 888,832 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2007-04-13 02:20:58 888,832 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
- 2007-04-13 01:21:16 5,001,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2007-04-13 02:21:16 5,001,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
- 2005-09-23 05:28:56 397,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2005-09-23 06:28:56 397,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
- 2007-04-13 01:21:18 188,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2007-04-13 02:21:18 188,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2007-04-13 01:21:16 2,940,928 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2007-04-13 02:21:16 2,940,928 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2005-09-23 05:28:56 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2005-09-23 06:28:56 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
- 2007-04-13 01:21:16 577,536 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2007-04-13 02:21:16 577,536 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2007-04-13 01:21:16 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2007-04-13 02:21:16 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
- 2007-04-13 01:21:18 47,616 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2007-04-13 02:21:18 47,616 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2007-04-13 01:21:18 114,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2007-04-13 02:21:18 114,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2007-04-13 01:21:16 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2007-04-13 02:21:16 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2005-09-23 05:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2005-09-23 06:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
- 2007-04-13 01:21:16 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2007-04-13 02:21:16 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
- 2005-09-23 05:28:56 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2005-09-23 06:28:56 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
- 2005-09-23 05:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2005-09-23 06:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2005-09-23 05:28:56 114,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2005-09-23 06:28:56 114,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
- 2007-04-13 01:21:18 260,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2007-04-13 02:21:18 260,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
- 2007-04-13 01:21:16 5,156,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2007-04-13 02:21:16 5,156,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
- 2005-09-23 05:28:56 835,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2005-09-23 06:28:56 835,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
- 2005-09-23 05:28:56 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2005-09-23 06:28:56 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
- 2005-09-23 05:28:56 823,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2005-09-23 06:28:56 823,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
- 2007-04-13 01:21:16 5,152,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2007-04-13 02:21:16 5,152,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2007-04-13 01:21:16 2,027,520 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2007-04-13 02:21:16 2,027,520 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
- 2005-09-23 05:28:56 71,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2005-09-23 06:28:56 71,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
- 2007-04-13 01:21:28 1,166,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2007-04-13 02:21:28 1,166,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe
- 2007-04-13 01:20:50 1,330,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2007-04-13 02:20:50 1,330,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
- 2007-04-13 01:20:52 406,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2007-04-13 02:20:52 406,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2005-09-23 05:28:56 28,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2005-09-23 06:28:56 28,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
- 2007-12-29 04:31:30 9,728 ----a-w C:\WINDOWS\system32\BASSMOD.dll
+ 2008-01-13 17:38:26 9,728 ----a-w C:\WINDOWS\system32\BASSMOD.dll
- 2003-05-30 14:27:46 32,768 ----a-w C:\WINDOWS\system32\CmCardRm.dll
+ 2003-05-30 15:27:46 32,768 ----a-w C:\WINDOWS\system32\CmCardRm.dll
- 2003-07-03 12:44:24 212,992 ----a-w C:\WINDOWS\system32\CmCardRm.exe
+ 2003-07-03 13:44:24 212,992 ----a-w C:\WINDOWS\system32\CmCardRm.exe
- 2007-12-26 08:10:24 229,376 ----a-w C:\WINDOWS\system32\cmwatch.exe
+ 2003-09-16 16:50:58 229,376 ----a-w C:\WINDOWS\system32\CmWatch.exe
- 2005-09-23 05:28:38 83,456 ----a-w C:\WINDOWS\system32\dfshim.dll
+ 2005-09-23 06:28:38 83,456 ----a-w C:\WINDOWS\system32\dfshim.dll
+ 2008-01-14 21:17:51 821,856 ----a-w C:\WINDOWS\system32\drivers\avg7core.sys
+ 2008-01-14 21:18:00 4,224 ----a-w C:\WINDOWS\system32\drivers\avg7rsw.sys
+ 2008-01-14 21:18:01 27,776 ----a-w C:\WINDOWS\system32\drivers\avg7rsxp.sys
+ 2008-01-14 21:18:07 10,760 ----a-w C:\WINDOWS\system32\drivers\avgclean.sys
+ 2008-01-14 21:18:07 26,952 ----a-w C:\WINDOWS\system32\drivers\avgmfx86.sys
- 2004-07-13 10:40:22 48,512 ----a-w C:\WINDOWS\system32\drivers\Umss.SYS
+ 2004-07-13 11:40:22 48,512 ----a-w C:\WINDOWS\system32\drivers\Umss.SYS
- 2007-12-29 15:31:06 290,088 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-01-17 09:56:22 294,072 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2007-12-02 23:00:05 18,684,536 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-01-02 18:21:36 17,642,616 ----a-w C:\WINDOWS\system32\MRT.exe
- 2007-04-13 01:21:14 271,360 ----a-w C:\WINDOWS\system32\mscoree.dll
+ 2007-04-13 02:21:14 271,360 ----a-w C:\WINDOWS\system32\mscoree.dll
- 2005-09-23 05:28:52 150,016 ----a-w C:\WINDOWS\system32\mscorier.dll
+ 2005-09-23 06:28:52 150,016 ----a-w C:\WINDOWS\system32\mscorier.dll
- 2005-09-23 05:28:52 74,240 ----a-w C:\WINDOWS\system32\mscories.dll
+ 2005-09-23 06:28:52 74,240 ----a-w C:\WINDOWS\system32\mscories.dll
- 2003-04-21 15:11:38 82,432 ----a-w C:\WINDOWS\system32\msxml4r.dll
+ 2003-04-18 15:29:24 96,256 ----a-w C:\WINDOWS\system32\msxml4r.dll
- 2005-09-23 05:28:56 32,768 ----a-w C:\WINDOWS\system32\netfxperf.dll
+ 2005-09-23 06:28:56 32,768 ----a-w C:\WINDOWS\system32\netfxperf.dll
- 2007-12-24 12:40:10 70,018 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-01-16 18:31:33 70,018 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2007-12-24 12:40:10 92,342 ----a-w C:\WINDOWS\system32\perfc00C.dat
+ 2008-01-16 18:31:33 92,342 ----a-w C:\WINDOWS\system32\perfc00C.dat
- 2007-12-24 12:40:10 418,762 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-01-

Réponse 53 / 65

Le sioux Messages postés 4907 Statut Contributeur sécurité 496

Bonjour Geo geo

Je vois que tu as installé LiveKillCleanMessenger il y a peu. Je vois cela aussi : C:\Program Files\Fichiers communs\Carlson

Why ? Tu as reçu un zip de photos via msn ?

@ suivre

Réponse 54 / 65

GeoGeo

Oui, un virus ! J'arrive pas à l'enlever justement et on ma dit qu'avec LiveCleanMessenger ça irai mieux. Si je supprime C:\Program Files\Fichiers communs\Carlson ça va l'enlever ?

Réponse 55 / 65

Le sioux Messages postés 4907 Statut Contributeur sécurité 496

Re

Pourquoi ne m'en as tu pas parlé ...

MSNFix.zip de !aur3n7

Télécharge MSNFix.zip (de !aur3n7) sur votre bureau:
http://sosvirus.changelog.fr/MSNFix.zip
Décompresse-le (clic droit >> Extraire ici) et double clique sur le fichier MSNFix.bat.
- Exécute l'option R.
-- Si l'infection est détectée, exécutez l'option N.
--- Sauvegarde ce rapport puis faites un copier/coller de ce rapport sur le forum, ainsi qu'un nouveau scan HijackThis. </gras>

Le rapport sera enregistré dans le même dossier que MSNFix sous forme date_heure.txt

Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur en mode normal
Sauvegarder et fermer le rapport pour que Windows termine de se lancer normalement.:

@ suivre.

Réponse 56 / 65

GeoGeo

En fait j'ai reçu ce virus, il me fermait msn quand je parlait et l'ami qui ma passé le virus sans faire exprès ma donné la solution de LiveKill Clean Messenger, après j'avais plus de problème, et là le virus ne m'embettait plus. Donc j'ai pas pensé à t'en parler.
Sinon, en ce moment mon ordi s'amuse à s'étindre tout seul d'un coup, c'est toujours liés au même problème ?

Voici donc le rapport de MSNFix :

MSNFix 1.634

C:\Documents and Settings\Guisse\Bureau\MSNFix
Fix exécuté le 2008-01-18 - 13:26:07.48 By Guisse
mode normal

************************ Recherche les fichiers présents

... C:\DOCUME~1\ALLUSE~1\MENUDM~1\carlton

************************ MSNCHK ***** /!\ beta test /!\

************************ Recherche les dossiers présents

Aucun dossier trouvé

************************ Suppression des fichiers

.. OK ... C:\DOCUME~1\ALLUSE~1\MENUDM~1\carlton

************************ Nettoyage du registre

************************ Fichiers suspects

/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention

[C:\i2n4r9g1.exe] 701BF2AA800BDBAEBACF7DB7BD5AB870
[C:\Program Files\ECB.exe] 82890D031025F792CBB740FE1C5CA82F

[color=#FF0000][b]==>[/b][/color] SVP merci d'envoyer le fichier [b] C:\DOCUME~1\Guisse\Bureau\Upload_Me.zip [/b] sur http://upload.changelog.fr

Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 2008-01-18_132805.51.zip

------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------

Et celui de HijackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:29, on 2008-01-18
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\CmWatch.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\Program Files\WebcamMax\wcmmon.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [CmCardRun] C:\WINDOWS\system32\CmWatch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\wcmmon.exe" /a
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] ; "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [eCarteBleue-LPV-P1] ; "C:\Program Files\ECB.exe" /dontopenmycards
O4 - HKLM\..\Run: [NeroFilterCheck] ; C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] ; "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] ; "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools] ; "J:\Logiciel\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [swg] ; C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [StartUp] C:\WINDOWS\trayicons.exe /optimize speed (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [StartUp] C:\WINDOWS\trayicons.exe /optimize speed (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/downloadcontrol.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys

Réponse 57 / 65

Le sioux Messages postés 4907 Statut Contributeur sécurité 496

Re

Peux tu faire cela stp :

SVP merci d'envoyer le fichier [b] C:\DOCUME~1\Guisse\Bureau\Upload_Me.zip [/b] sur http://upload.changelog.fr

Merci.

Puis :

Je te conseille d'enregistrer la page en format HTLM afin d’appliquer la procédure comme il faut, pour cela :
Avec Internet Explorer 7, presse la touche Alt pour faire apparaître le menu puis :
- clique sur le menu Fichier (en haut à gauche), puis choisis Enregistrer sous...
- dans la boîte de dialogue Enregistrer sous, pour le champ "Enregistrer dans" (en haut), clique sur la flèche de la "liste déroulante" et choisis Bureau; pour le champ "Type", laisse Page Web complète; pour le champ "Nom du fichier", saisis Discussion en cours; termine en cliquant sur Enregistrer
Pour afficher la page (après redémarrage), double-clique sur "Discussion en cours.htm" situé sur le Bureau.
(Note: tu n'auras pas accès à Internet à partir du moment ou te redémarreras en mode sans échec)

Il faut exécuter toutes les étapes, sans interruption, dans l'ordre exact indiqué ci-dessous.
Si un élément te paraît obscur, demande des explications avant de commencer la désinfection

1) Télécharge

OTMoveIt (de Old_Timer) sur ton Bureau.
http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe
N'y touche pas pour le moment.

2) Redémarre en mode sans échec

Regarde ici si besoin avant ici : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.

Ouvre le fichier HTLM sauvegardé sur le Bureau afin de suivre les instructions comme il faut.

3) Lance HijackThis.

Je te conseille d'enregistrer toutes les lignes a fixer puis de copier cette sélection dans un fichier texte sur ton PC pour pouvoir appliquer la procédure correctement.

Lance Hijackthis en double cliquant sur son raccourci sur le Bureau.
Clique sur Scan Only et coche les lignes suivantes :

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] ; "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] ; C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-18\..\Run: [StartUp] C:\WINDOWS\trayicons.exe /optimize speed (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [StartUp] C:\WINDOWS\trayicons.exe /optimize speed (User 'Default user')
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/downloadcontrol.cab

Ferme toutes les autres fenêtres, tous les autres programmes. Pas de connections Internet.
Clique sur Fix Checked puis clique sur OK
Puis ferme hijackthis.

Si certaines lignes sont absentes, signale les en fin de procédure

4) OTMoveIt (de Old_Timer)

Double clique sur OTMoveIt.exe pour le lancer.
Copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :
Paste List of Files/Folders to be moved.

C:\WINDOWS\trayicons.exe
C:\i2n4r9g1.exe
C:\Documents and Settings\Guisse\Application Data\spy-rid.com
C:\Documents and Settings\Guisse\Application Data\InfeStop.com

Clique sur MoveIt! pour lancer la suppression.
Le résultat apparaîtra dans le cadre Results.
Clique sur Exit pour fermer.

Il te sera peut-être demander de redémarrer le PC pour achever la suppression.
si c'est le cas accepte par Yes.

5) Rapports

Fais redémarrer ton PC en mode normal puis poste en réponse :

* Le rapport d’OTMoveIt situé dans C:\_OTMoveIt\MovedFiles (contenu du fichier C:\_OTMoveIt\MovedFiles\********_******.log - les *** sont des chiffres représentant la date et l'heure)
* Un nouveau rapport HijackThis.

@ suivre

Réponse 58 / 65

Utilisateur anonyme

Coucou vous deux,
Je poste juste pour dire que suis impressionné par ce topic....et pour vous souhaiter la bonne journée...

Géogéo : Merci d'avoir un pc vérolé...
Le Sioux : Merci de désinfecter les véroles...

Voilou,
Désolou de mon intrusion...
Merci,
A+

Réponse 59 / 65

Le sioux Messages postés 4907 Statut Contributeur sécurité 496

Hello DIID

On galère un peu tout de même ... ;-)

Bonne journée.

Réponse 60 / 65

GeoGeo

Bonjour, c'est quoi un pc vérolé ?
Pour HijackThis il manquanis le fichier O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

Voici les rapports :

OtMoveIt :

File/Folder C:\WINDOWS\trayicons.exe not found.
C:\i2n4r9g1.exe moved successfully.
C:\Documents and Settings\Guisse\Application Data\spy-rid.com\SpyRid\BrowserObjects moved successfully.
C:\Documents and Settings\Guisse\Application Data\spy-rid.com\SpyRid\Autorun\StartMenuCurrentUser moved successfully.
C:\Documents and Settings\Guisse\Application Data\spy-rid.com\SpyRid\Autorun\StartMenuAllUsers moved successfully.
C:\Documents and Settings\Guisse\Application Data\spy-rid.com\SpyRid\Autorun\HKLMRun\RunOnceEx moved successfully.
C:\Documents and Settings\Guisse\Application Data\spy-rid.com\SpyRid\Autorun\HKLMRun\RunOnce moved successfully.
C:\Documents and Settings\Guisse\Application Data\spy-rid.com\SpyRid\Autorun\HKLMRun moved successfully.
C:\Documents and Settings\Guisse\Application Data\spy-rid.com\SpyRid\Autorun\HKCURun\RunOnceEx moved successfully.
C:\Documents and Settings\Guisse\Application Data\spy-rid.com\SpyRid\Autorun\HKCURun\RunOnce moved successfully.
C:\Documents and Settings\Guisse\Application Data\spy-rid.com\SpyRid\Autorun\HKCURun moved successfully.
C:\Documents and Settings\Guisse\Application Data\spy-rid.com\SpyRid\Autorun moved successfully.
C:\Documents and Settings\Guisse\Application Data\spy-rid.com\SpyRid moved successfully.
C:\Documents and Settings\Guisse\Application Data\spy-rid.com moved successfully.
C:\Documents and Settings\Guisse\Application Data\InfeStop.com\InfeStop\BrowserObjects moved successfully.
C:\Documents and Settings\Guisse\Application Data\InfeStop.com\InfeStop\Autorun\StartMenuCurrentUser moved successfully.
C:\Documents and Settings\Guisse\Application Data\InfeStop.com\InfeStop\Autorun\StartMenuAllUsers moved successfully.
C:\Documents and Settings\Guisse\Application Data\InfeStop.com\InfeStop\Autorun\HKLMRun\RunOnceEx moved successfully.
C:\Documents and Settings\Guisse\Application Data\InfeStop.com\InfeStop\Autorun\HKLMRun\RunOnce moved successfully.
C:\Documents and Settings\Guisse\Application Data\InfeStop.com\InfeStop\Autorun\HKLMRun moved successfully.
C:\Documents and Settings\Guisse\Application Data\InfeStop.com\InfeStop\Autorun\HKCURun\RunOnceEx moved successfully.
C:\Documents and Settings\Guisse\Application Data\InfeStop.com\InfeStop\Autorun\HKCURun\RunOnce moved successfully.
C:\Documents and Settings\Guisse\Application Data\InfeStop.com\InfeStop\Autorun\HKCURun moved successfully.
C:\Documents and Settings\Guisse\Application Data\InfeStop.com\InfeStop\Autorun moved successfully.
C:\Documents and Settings\Guisse\Application Data\InfeStop.com\InfeStop moved successfully.
C:\Documents and Settings\Guisse\Application Data\InfeStop.com moved successfully.

Created on 01-20-2008 13:50:40

Et HijackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:25, on 2008-01-20
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\CmWatch.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\Program Files\WebcamMax\wcmmon.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [CmCardRun] C:\WINDOWS\system32\CmWatch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\wcmmon.exe" /a
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [eCarteBleue-LPV-P1] ; "C:\Program Files\ECB.exe" /dontopenmycards
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] ; "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] ; "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools] ; "J:\Logiciel\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [swg] ; C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys

Discussions similaires

SMS message vocal arnaque ?

Signification de ^^

Ca veut dire quoi ^^

Diff message

Message "warning potential spyware operation&

65 réponses

Votre réponse

Discussions similaires

Newsletters