rapport hijack de mon pc

Question

Bonjour,
Mon Pc, cette calamitée est d'une lenteur à dégoûter une mamy sur son déambulateur. Voila pourquoi je demande humblement votre aide, pouvez vous me dire si mon pc est infecté, a grande échelle ou non, et si oui comment se débarrasser de ce qui m'ennuie définitivement.
De plus des fausses images viennent remplacer d'autres images sur certains sites m'informant que mon pc est infecté, comment me débarrasser définitivement de ces faux avertissements ? (Les fausses images proviennent apperement de 85.17.166.173)
Sinon pour ce qui est de l'antivirus je me cache derrière avast
Voici le rapport Hijack


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:03:30, on 11/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\WINDOWS\CameraFixer.exe
C:\WINDOWS\vsnpstd.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Jérémie\Bureau\Hijack this\Sanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {0372332D-1B79-4601-8567-BCC3C77242E0} - (no file)
O2 - BHO: (no name) - {045fc303-e551-46e1-a0ff-b620cd8a4e39} - (no file)
O2 - BHO: (no name) - {05CA172A-45FA-4F69-8D65-C6D72619FBFE} - (no file)
O2 - BHO: (no name) - {0ABBC8D7-5FE7-4495-9936-D750691D2B7E} - (no file)
O2 - BHO: (no name) - {19E67DD9-CAA8-41F1-8A93-1ADE25005AD0} - (no file)
O2 - BHO: (no name) - {285C8845-ECBB-40BB-AD46-479AA3619BF7} - (no file)
O2 - BHO: (no name) - {28BC090A-D34F-4CB6-B5BB-8675C38DE525} - (no file)
O2 - BHO: (no name) - {386e186f-5eb0-4394-a27a-e620d5127773} - (no file)
O2 - BHO: (no name) - {3D31482F-7765-4E2F-866D-7B6458047ADF} - (no file)
O2 - BHO: (no name) - {47e89c30-3d55-4f8a-989f-20f240d7d724} - (no file)
O2 - BHO: (no name) - {51617091-06de-439b-b154-a557c3e83737} - (no file)
O2 - BHO: (no name) - {51DA9079-C08B-4749-8E6B-0796F7BC9108} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5567E661-597D-4E55-93D8-0AFC850E2ED4} - (no file)
O2 - BHO: (no name) - {583F70BB-13D9-4E19-80E6-5562B2DAF16E} - (no file)
O2 - BHO: (no name) - {588797eb-0927-42f9-9762-1787961c73b9} - (no file)
O2 - BHO: (no name) - {5AAF23D8-4489-43D8-A064-319D1254ABCA} - (no file)
O2 - BHO: (no name) - {6BC5F384-2557-4915-9FAF-CB5A7C5D80E6} - (no file)
O2 - BHO: (no name) - {732216ae-b3c3-449f-83a8-dd0bac2110c6} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7AC99B8C-414A-4498-8749-F9AEA9C9E90F} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {833431A3-961B-47D9-B18C-34FA6997EABC} - (no file)
O2 - BHO: (no name) - {8EDB5434-20EA-4AD5-AE81-3DDC6F0D8BD2} - (no file)
O2 - BHO: (no name) - {9465A790-1A8B-40B8-B474-30FC589FB572} - (no file)
O2 - BHO: (no name) - {97ADCCE8-8793-4A17-A897-F3D4FDCBCA17} - (no file)
O2 - BHO: {30699ade-1162-66a9-64a4-df6280627289} - {98272608-26fd-4a46-9a66-2611eda99603} - C:\WINDOWS\system32\vmnsfvcp.dll
O2 - BHO: (no name) - {9A4E55CD-50DE-4F12-96CB-79FB5F0C15B3} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {B980CAEE-A098-4EC9-9ACE-2780A79C10CD} - (no file)
O2 - BHO: (no name) - {BDAB8EFD-5096-4A7B-BC5E-7F19F9CC7C25} - (no file)
O2 - BHO: (no name) - {BEFEC126-6D2D-4149-A6A3-664C1CFF7EA8} - (no file)
O2 - BHO: (no name) - {C7C529F9-CF43-4E45-91EC-D8AC0097779B} - (no file)
O2 - BHO: (no name) - {D681FD1A-2225-4C21-BD89-770143D29FD9} - (no file)
O2 - BHO: (no name) - {DC6FC78C-F0A5-45C4-81DD-033040B2BB25} - (no file)
O2 - BHO: (no name) - {DEDF60A2-9DE0-4AA3-9451-8F05E7E511CB} - (no file)
O2 - BHO: (no name) - {EB0C2C7B-3F18-4C79-B3C0-BE42BD7C4795} - (no file)
O2 - BHO: (no name) - {EC93223B-9FBE-4D87-A762-6405DFD9163F} - (no file)
O2 - BHO: (no name) - {FD2347DD-1226-4F2C-827C-D509ADF4A5E6} - (no file)
O2 - BHO: (no name) - {FF2FB8B5-62FC-493F-900A-D7380AFC3098} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe
O4 - HKLM\..\Run: [Norton] C:\Program Files\ASUS\WLAN Card Utilities\NorExec.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [ac04d32f] rundll32.exe "C:\WINDOWS\system32\ariahela.dll",b
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [BMaf37e0b3] Rundll32.exe "C:\WINDOWS\system32\iajuebxj.dll",s
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: Reboot.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{0B47EAD3-2F37-4EDC-ACE1-F068B6CE7F6E}: NameServer = 212.27.32.176,212.27.32.177
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B47EAD3-2F37-4EDC-ACE1-F068B6CE7F6E}: NameServer = 212.27.32.176,212.27.32.177
O20 - Winlogon Notify: gebywuu - gebywuu.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Microsoft Windows TCP Protocol - Unknown owner - C:\WINDOWS\System32\dllcache\wintcps.exe

Utilisateur anonyme · Answer

bonsoir 


télécharges smitfraudfix :

En image :
http://siri.urz.free.fr/Fix/SmitfraudFix.php

tu doubles cliques sur smitfraudfix.cmd et tu choisi l option 5
cela vas générer un rapport.

Copie/colle le rapport sur le forum stp.

cedric241 · Answer

ohhh lalalalalalal !!!!!!!

c est alarmant lol y a du menage a faire voila y a plein de lignes a supprrmé les voici ::

O2 - BHO: (no name) - {0372332D-1B79-4601-8567-BCC3C77242E0} - (no file) 
O2 - BHO: (no name) - {045fc303-e551-46e1-a0ff-b620cd8a4e39} - (no file) 
O2 - BHO: (no name) - {05CA172A-45FA-4F69-8D65-C6D72619FBFE} - (no file) 
O2 - BHO: (no name) - {0ABBC8D7-5FE7-4495-9936-D750691D2B7E} - (no file) 
O2 - BHO: (no name) - {19E67DD9-CAA8-41F1-8A93-1ADE25005AD0} - (no file) 
O2 - BHO: (no name) - {285C8845-ECBB-40BB-AD46-479AA3619BF7} - (no file) 
O2 - BHO: (no name) - {28BC090A-D34F-4CB6-B5BB-8675C38DE525} - (no file) 
O2 - BHO: (no name) - {386e186f-5eb0-4394-a27a-e620d5127773} - (no file) 
O2 - BHO: (no name) - {3D31482F-7765-4E2F-866D-7B6458047ADF} - (no file) 
O2 - BHO: (no name) - {47e89c30-3d55-4f8a-989f-20f240d7d724} - (no file) 
O2 - BHO: (no name) - {51617091-06de-439b-b154-a557c3e83737} - (no file) 
O2 - BHO: (no name) - {51DA9079-C08B-4749-8E6B-0796F7BC9108} - (no file) 


O2 - BHO: (no name) - {5567E661-597D-4E55-93D8-0AFC850E2ED4} - (no file) 
O2 - BHO: (no name) - {583F70BB-13D9-4E19-80E6-5562B2DAF16E} - (no file) 
O2 - BHO: (no name) - {588797eb-0927-42f9-9762-1787961c73b9} - (no file) 
O2 - BHO: (no name) - {5AAF23D8-4489-43D8-A064-319D1254ABCA} - (no file) 
O2 - BHO: (no name) - {6BC5F384-2557-4915-9FAF-CB5A7C5D80E6} - (no file) 
O2 - BHO: (no name) - {732216ae-b3c3-449f-83a8-dd0bac2110c6} - (no file) 


commence par supprimé ces lignes 
pour les supprimé tu les coches ensuite tu clic sur fix checked

apres tu refat un scan et tu me poste le nouveau rapport

L'boiteux · Answer

bonsoir merci de votre reponse si rapide messieurs
Voici le premier rapport smitfraudfix

SmitFraudFix v2.290

Rapport fait à 21:16:02,51, 11/03/2008
Executé à partir de C:\Documents and Settings\J‚r‚mie\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» DNS Avant Fix

Description: ASUS 802.11b/g Network Adapter - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.32.176
DNS Server Search Order: 212.27.32.177

HKLM\SYSTEM\CCS\Services\Tcpip\..\{0B47EAD3-2F37-4EDC-ACE1-F068B6CE7F6E}: NameServer=212.27.32.176,212.27.32.177
HKLM\SYSTEM\CS1\Services\Tcpip\..\{0B47EAD3-2F37-4EDC-ACE1-F068B6CE7F6E}: NameServer=212.27.32.176,212.27.32.177

»»»»»»»»»»»»»»»»»»»»»»»» DNS Après Fix

Description: ASUS 802.11b/g Network Adapter - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.32.176
DNS Server Search Order: 212.27.32.177

HKLM\SYSTEM\CCS\Services\Tcpip\..\{0B47EAD3-2F37-4EDC-ACE1-F068B6CE7F6E}: NameServer=212.27.32.176,212.27.32.177
HKLM\SYSTEM\CS1\Services\Tcpip\..\{0B47EAD3-2F37-4EDC-ACE1-F068B6CE7F6E}: NameServer=212.27.32.176,212.27.32.177





et le rapport hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:25:50, on 11/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\WINDOWS\CameraFixer.exe
C:\WINDOWS\vsnpstd.exe
C:\WINDOWS\system32undll32.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\WINDOWS
otepad.exe
C:\Documents and Settings\Jérémie\Bureau\Hijack this\Sanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7AC99B8C-414A-4498-8749-F9AEA9C9E90F} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {833431A3-961B-47D9-B18C-34FA6997EABC} - (no file)
O2 - BHO: (no name) - {8EDB5434-20EA-4AD5-AE81-3DDC6F0D8BD2} - (no file)
O2 - BHO: (no name) - {9465A790-1A8B-40B8-B474-30FC589FB572} - (no file)
O2 - BHO: (no name) - {97ADCCE8-8793-4A17-A897-F3D4FDCBCA17} - (no file)
O2 - BHO: {30699ade-1162-66a9-64a4-df6280627289} - {98272608-26fd-4a46-9a66-2611eda99603} - C:\WINDOWS\system32\vmnsfvcp.dll
O2 - BHO: (no name) - {9A4E55CD-50DE-4F12-96CB-79FB5F0C15B3} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {B980CAEE-A098-4EC9-9ACE-2780A79C10CD} - (no file)
O2 - BHO: (no name) - {BDAB8EFD-5096-4A7B-BC5E-7F19F9CC7C25} - (no file)
O2 - BHO: (no name) - {BEFEC126-6D2D-4149-A6A3-664C1CFF7EA8} - (no file)
O2 - BHO: (no name) - {C7C529F9-CF43-4E45-91EC-D8AC0097779B} - (no file)
O2 - BHO: (no name) - {D681FD1A-2225-4C21-BD89-770143D29FD9} - (no file)
O2 - BHO: (no name) - {DC6FC78C-F0A5-45C4-81DD-033040B2BB25} - (no file)
O2 - BHO: (no name) - {DEDF60A2-9DE0-4AA3-9451-8F05E7E511CB} - (no file)
O2 - BHO: (no name) - {EB0C2C7B-3F18-4C79-B3C0-BE42BD7C4795} - (no file)
O2 - BHO: (no name) - {EC93223B-9FBE-4D87-A762-6405DFD9163F} - (no file)
O2 - BHO: (no name) - {FD2347DD-1226-4F2C-827C-D509ADF4A5E6} - (no file)
O2 - BHO: (no name) - {FF2FB8B5-62FC-493F-900A-D7380AFC3098} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe
O4 - HKLM\..\Run: [Norton] C:\Program Files\ASUS\WLAN Card Utilities\NorExec.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [ac04d32f] rundll32.exe "C:\WINDOWS\system32\ariahela.dll",b
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [BMaf37e0b3] Rundll32.exe "C:\WINDOWS\system32\iajuebxj.dll",s
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: Reboot.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{0B47EAD3-2F37-4EDC-ACE1-F068B6CE7F6E}: NameServer = 212.27.32.176,212.27.32.177
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B47EAD3-2F37-4EDC-ACE1-F068B6CE7F6E}: NameServer = 212.27.32.176,212.27.32.177
O20 - Winlogon Notify: gebywuu - gebywuu.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Microsoft Windows TCP Protocol - Unknown owner - C:\WINDOWS\System32\dllcache\wintcps.exe

cedric241 · Answer

ok supprime ces lignes ::

O2 - BHO: (no name) - {7AC99B8C-414A-4498-8749-F9AEA9C9E90F} - (no file) 
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) 
O2 - BHO: (no name) - {833431A3-961B-47D9-B18C-34FA6997EABC} - (no file) 
O2 - BHO: (no name) - {8EDB5434-20EA-4AD5-AE81-3DDC6F0D8BD2} - (no file) 
O2 - BHO: (no name) - {9465A790-1A8B-40B8-B474-30FC589FB572} - (no file) 
O2 - BHO: (no name) - {97ADCCE8-8793-4A17-A897-F3D4FDCBCA17} - (no file) 

O2 - BHO: (no name) - {9A4E55CD-50DE-4F12-96CB-79FB5F0C15B3} - (no file) 

O2 - BHO: (no name) - {B980CAEE-A098-4EC9-9ACE-2780A79C10CD} - (no file) 
O2 - BHO: (no name) - {BDAB8EFD-5096-4A7B-BC5E-7F19F9CC7C25} - (no file) 
O2 - BHO: (no name) - {BEFEC126-6D2D-4149-A6A3-664C1CFF7EA8} - (no file) 
O2 - BHO: (no name) - {C7C529F9-CF43-4E45-91EC-D8AC0097779B} - (no file) 
O2 - BHO: (no name) - {D681FD1A-2225-4C21-BD89-770143D29FD9} - (no file) 
O2 - BHO: (no name) - {DC6FC78C-F0A5-45C4-81DD-033040B2BB25} - (no file) 
O2 - BHO: (no name) - {DEDF60A2-9DE0-4AA3-9451-8F05E7E511CB} - (no file) 
O2 - BHO: (no name) - {EB0C2C7B-3F18-4C79-B3C0-BE42BD7C4795} - (no file) 
O2 - BHO: (no name) - {EC93223B-9FBE-4D87-A762-6405DFD9163F} - (no file) 
O2 - BHO: (no name) - {FD2347DD-1226-4F2C-827C-D509ADF4A5E6} - (no file) 
O2 - BHO: (no name) - {FF2FB8B5-62FC-493F-900A-D7380AFC3098} - (no file) 
 
voila pour les supprimé tu les coches ensuite tu clic sur fix checked 

apres tu refait un scan hjackthis et tu me postes le rapport

L'boiteux · Answer

et voila chef :)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:38:09, on 11/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\WINDOWS\CameraFixer.exe
C:\WINDOWS\vsnpstd.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Documents and Settings\Jérémie\Bureau\Hijack this\Sanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: {30699ade-1162-66a9-64a4-df6280627289} - {98272608-26fd-4a46-9a66-2611eda99603} - C:\WINDOWS\system32\vmnsfvcp.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe
O4 - HKLM\..\Run: [Norton] C:\Program Files\ASUS\WLAN Card Utilities\NorExec.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [ac04d32f] rundll32.exe "C:\WINDOWS\system32\ariahela.dll",b
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [BMaf37e0b3] Rundll32.exe "C:\WINDOWS\system32\iajuebxj.dll",s
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: Reboot.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{0B47EAD3-2F37-4EDC-ACE1-F068B6CE7F6E}: NameServer = 212.27.32.176,212.27.32.177
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B47EAD3-2F37-4EDC-ACE1-F068B6CE7F6E}: NameServer = 212.27.32.176,212.27.32.177
O20 - Winlogon Notify: gebywuu - gebywuu.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Microsoft Windows TCP Protocol - Unknown owner - C:\WINDOWS\System32\dllcache\wintcps.exe

Utilisateur anonyme · Answer

ensuite execute combofix



Télécharges ComboFix à partir d'un de ces liens :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
https://forospyware.com
http://www.geekstogo.com/forum/files/file/197-combofix-by-subs/

Et important, enregistre le sur le bureau.

Avant d'utiliser ComboFix :

&#9658; Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

&#9658; Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.


Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

&#9658; Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

&#9658; Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

cedric241 · Answer

bon va s occuper des infections maintenant 

supprimes ces lignes :

O2 - BHO: {30699ade-1162-66a9-64a4-df6280627289} - {98272608-26fd-4a46-9a66-2611eda99603} - C:\WINDOWS\system32\vmnsfvcp.dll 

O4 - Startup: Reboot.exe 

O20 - Winlogon Notify: gebywuu - gebywuu.dll (file missing) 

O23 - Service: Microsoft Windows TCP Protocol - Unknown owner - C:\WINDOWS\System32\dllcache\wintcps.exe 

Voila supprime ces lignes en les cochant et en cliquant sur fix checked 

apres tu poste un nouveau rapport

L'boiteux · Answer

Les 2 rapports

ComboFix 08-03-10.1 - Jérémie 2008-03-11 22:05:47.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.73 [GMT 1:00]
Endroit: C:\Documents and Settings\Jérémie\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\BMaf37e0b3.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\aeijfinl.dll
C:\WINDOWS\system32\alehaira.ini
C:\WINDOWS\system32\ariahela.dll
C:\WINDOWS\system32\bbvmbwox.dll
C:\WINDOWS\system32\beavdvui.dll
C:\WINDOWS\system32\bohqxpnv.dll
C:\WINDOWS\system32\bucjkigf.ini
C:\WINDOWS\system32\cbfaroap.dll
C:\WINDOWS\system32\ctcxdaar.ini
C:\WINDOWS\system32\djcysvps.ini
C:\WINDOWS\system32\dxdrvdxw.dll
C:\WINDOWS\system32\eafkhmrh.ini
C:\WINDOWS\system32\egbpwpdj.dll
C:\WINDOWS\system32\ehhkj.ini
C:\WINDOWS\system32\ehhkj.ini2
C:\WINDOWS\system32\ertdanrr.dll
C:\WINDOWS\system32\eupguxwh.dll
C:\WINDOWS\system32\feiohhvq.ini
C:\WINDOWS\system32\fqqrfouk.dll
C:\WINDOWS\system32\gmrnmsnc.dll
C:\WINDOWS\system32\hgadoulf.dll
C:\WINDOWS\system32\hltucgah.dll
C:\WINDOWS\system32\hmpcwyuh.dll
C:\WINDOWS\system32\iajuebxj.dll
C:\WINDOWS\system32\jhlnvdyy.dll
C:\WINDOWS\system32\jquyjsbm.dll
C:\WINDOWS\system32\jtjkcfjo.dll
C:\WINDOWS\system32\klnpbpvg.dll
C:\WINDOWS\system32\knprudct.ini
C:\WINDOWS\system32\kqgdscjm.ini
C:\WINDOWS\system32\ldsyvrpw.dll
C:\WINDOWS\system32\leedxwqh.dll
C:\WINDOWS\system32\lwjtfufo.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\nplpcgov.ini
C:\WINDOWS\system32\nusdcolo.dll
C:\WINDOWS\system32\ongmmylo.dll
C:\WINDOWS\system32\ovjdjwve.dll
C:\WINDOWS\system32\ovqjiybt.ini
C:\WINDOWS\system32\qetkrphf.dll
C:\WINDOWS\system32\qohrnhov.ini
C:\WINDOWS\system32\qvhhoief.dll
C:\WINDOWS\system32\rlxlddru.dll
C:\WINDOWS\system32\rnppoust.dll
C:\WINDOWS\system32\tcroosid.dll
C:\WINDOWS\system32\tgripdhj.dll
C:\WINDOWS\system32\tpdomffk.dll
C:\WINDOWS\system32\urddlxlr.ini
C:\WINDOWS\system32\vmnsfvcp.dll
C:\WINDOWS\system32\wbelgact.dll
C:\WINDOWS\system32\wbtutydj.dll
C:\WINDOWS\system32\xjegijyj.ini
C:\WINDOWS\system32\yvmabwtt.dll
C:\WINDOWS\system32\yydvnlhj.ini

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\nm

((((((((((((((((((((((((((((( Fichiers créés 2008-02-11 to 2008-03-11 ))))))))))))))))))))))))))))))))))))
.

2008-03-08 04:31 . 2008-03-08 04:31 <REP> d-------- C:\WINDOWS\Sun
2008-03-08 04:30 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-03-08 04:25 . 2008-03-08 04:29 <REP> d-------- C:\Program Files\Java
2008-03-08 04:24 . 2008-03-08 04:24 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-03-07 23:50 . 2008-03-07 23:50 <REP> d-------- C:\VundoFix Backups
2008-03-06 21:41 . 2008-03-06 21:53 <REP> d-------- C:\Program Files\RegCleaner
2008-03-06 17:00 . 2008-03-06 17:00 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb
2008-03-06 17:00 . 2008-03-06 17:00 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb
2008-03-04 20:05 . 2008-03-06 17:00 474 ---hs---- C:\WINDOWS\system32\cjuekynr.ini
2008-03-03 22:35 . 2006-10-04 15:06 1,197,294 -----c--- C:\WINDOWS\system32\dllcache\sysmain.sdb
2008-03-03 22:35 . 2006-10-04 15:06 764,868 -----c--- C:\WINDOWS\system32\dllcache\apph_sp.sdb
2008-03-03 22:35 . 2006-10-04 15:06 217,118 -----c--- C:\WINDOWS\system32\dllcache\apphelp.sdb
2008-03-03 22:29 . 2008-03-05 19:35 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-03-03 22:17 . 2008-03-03 22:17 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-03-03 22:17 . 2008-03-03 22:23 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-03-01 20:17 . 2008-03-03 18:13 474 ---hs---- C:\WINDOWS\system32\fwkpddsn.ini
2008-02-29 20:20 . 2008-03-01 01:00 294 ---hs---- C:\WINDOWS\system32\yrilvuwh.ini
2008-02-28 19:13 . 2008-03-08 12:51 <REP> d-------- C:\Program Files\eMule
2008-02-27 19:15 . 2008-02-27 20:15 774 ---hs---- C:\WINDOWS\system32\hhhgycrr.ini
2008-02-26 19:12 . 2008-02-27 19:12 714 ---hs---- C:\WINDOWS\system32\kbqbjimi.ini
2008-02-24 19:37 . 2008-02-26 19:08 354 ---hs---- C:\WINDOWS\system32\kiycjqjp.ini
2008-02-23 20:53 . 2008-02-23 20:53 95 --a------ C:\WINDOWS\wininit.ini
2008-02-20 18:17 . 2008-02-28 19:37 43,520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2008-02-20 17:58 . 2008-02-20 17:58 <REP> d-------- C:\Program Files\VUGames
2008-02-20 17:44 . 1996-04-09 23:04 175,104 --a------ C:\WINDOWS\HDK3CTNT.DLL
2008-02-20 17:41 . 2008-02-20 17:45 <REP> d-------- C:\sdd53
2008-02-20 17:41 . 2008-02-20 17:41 101 -r-hs---- C:\IO.IDX
2008-02-20 14:49 . 1996-09-29 23:00 29,732 --a------ C:\WINDOWS\system\HYENA.TTF
2008-02-20 14:49 . 2008-02-20 15:18 996 --a------ C:\WINDOWS\7thlevel.ini
2008-02-20 01:55 . 2008-02-20 01:55 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-02-19 16:46 . 2008-02-19 17:43 <REP> d-------- C:\MYSTERE
2008-02-19 16:46 . 2008-02-19 16:46 272,640 --a------ C:\WINDOWS\hppunin.exe
2008-02-19 15:07 . 2008-03-03 00:49 2,258 --a------ C:\WINDOWS\system32\tmp.reg
2008-02-19 15:06 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-02-19 15:06 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-02-19 15:06 . 2008-02-16 19:46 85,504 --a------ C:\WINDOWS\system32\VACFix.exe
2008-02-19 15:06 . 2008-02-08 10:37 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-02-19 15:06 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-02-19 15:06 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-02-19 15:06 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-02-19 13:57 . 2008-02-19 13:57 <REP> d-------- C:\Program Files\Enigma Software Group
2008-02-15 01:40 . 2008-02-15 01:40 <REP> d--h----- C:\WINDOWS\msdownld.tmp
2008-02-15 01:28 . 2008-02-15 01:35 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-02-15 01:13 . 2007-07-01 04:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-02-15 01:13 . 2007-07-01 04:36 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-02-15 01:13 . 2007-12-07 03:08 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-02-15 01:13 . 2007-12-07 03:08 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-02-15 01:13 . 2007-12-07 03:08 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-02-15 01:13 . 2007-12-07 03:08 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-02-15 01:13 . 2007-12-06 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-02-15 01:12 . 2007-12-07 03:08 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-02-15 01:12 . 2007-12-07 03:08 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-02-15 01:12 . 2006-10-27 15:09 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-17 02:02 --------- d-----w C:\Program Files\Google
2008-02-09 10:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-02-09 10:18 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-02-01 17:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-01-30 19:57 --------- d-----w C:\Program Files\Fichiers communs\snpstd
2008-01-30 14:18 --------- d-----w C:\Program Files\Fichiers communs\xing shared
2008-01-30 14:17 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-01-30 14:12 --------- d-----w C:\Program Files\Real
2008-01-28 21:04 --------- d-----w C:\Program Files\MSN Messenger
2008-01-28 19:14 --------- d-----w C:\Program Files\IZArc
2008-01-28 19:06 --------- d-----w C:\Program Files\VIA Technologies, Inc
2008-01-27 21:05 --------- d-----w C:\Program Files\Windows Live
2008-01-27 21:05 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-01-27 20:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-27 20:00 --------- d-----w C:\Program Files\Lavasoft
2008-01-27 20:00 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-01-27 19:31 --------- d-----w C:\Program Files\Trust
2008-01-27 19:27 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-27 19:26 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-01-27 19:22 --------- d-----w C:\Program Files\Fichiers communs\Ahead
2008-01-27 19:21 --------- d-----w C:\Program Files\Ahead
2008-01-27 19:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ahead
2008-01-27 18:58 --------- d-----w C:\Program Files\ASUS
2008-01-27 18:48 --------- d-----w C:\Program Files\ATI Technologies
2008-01-27 18:31 --------- d-----w C:\Program Files\Alwil Software
2008-01-27 18:24 --------- d-----w C:\Program Files\microsoft frontpage
2008-01-27 18:22 --------- d-----w C:\Program Files\Services en ligne
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-22 18:16 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"Control Center"="C:\Program Files\ASUS\WLAN Card Utilities\Center.exe" [2004-02-24 12:17 1448448]
"CameraFixer"="C:\WINDOWS\CameraFixer.exe" [2005-12-06 13:08 20480]
"snpstd"="C:\WINDOWS\vsnpstd.exe" [2005-10-11 13:54 339968]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-01-30 15:13 185896]
"combofix"="C:\WINDOWS\system32\CF7289.exe" [2004-08-19 16:09 400896]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"CTFMON.EXE"=C:\WINDOWS\System32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Norton"=C:\Program Files\ASUS\WLAN Card Utilities\NorExec.exe
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\eMule\\emule.exe"=

R1 VIAPFD;VIAPFD;C:\WINDOWS\system32\Drivers\VIAPFD.SYS [2001-12-18 07:45]
S3 W8100PCI;ASUS 802.11b/g Driver for Windows XP;C:\WINDOWS\system32\DRIVERS\mrv8k51.sys [2003-12-24 12:43]
S4 Microsoft Windows TCP Protocol;Microsoft Windows TCP Protocol;"C:\WINDOWS\System32\dllcache\wintcps.exe" [2008-01-27 21:22]

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-11 22:14:42
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-03-11 22:18:25 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-11 21:18:03
.
2008-03-06 20:04:38 --- E O F ---

hijack this :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:22:00, on 11/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\WINDOWS\CameraFixer.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Jérémie\Bureau\Hijack this\Sanner.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{0B47EAD3-2F37-4EDC-ACE1-F068B6CE7F6E}: NameServer = 212.27.32.176,212.27.32.177
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B47EAD3-2F37-4EDC-ACE1-F068B6CE7F6E}: NameServer = 212.27.32.176,212.27.32.177
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

L'boiteux · Answer

Up

Pour la suite je fais quoi svp ?

cedric241 · Answer

Ton rapport hijackthis est propre et combofix a fait son travail

je te conseil de faire une analyse spybot adware et avast 

normalement ça devrait etre propre 

si y a d autres soucis tiens moi au courant

je te conseil de telecharger tunup utilities 2008 sur ce lien 

https://www.01net.com/telecharger/windows/Utilitaire/optimiseurs_et_tests/fiches/26913.html

fait une maintenace en 1 clic 

voila le code d activation : MAHQF-GBXAS-SWNHH-DGSPS-WLXQB-JLRWC

de plus avec tunup optimise ta connection , ton system sauf l effet visuel

Utilisateur anonyme · Answer

bonjour a vous deux et desoles ! non pas decouragé , problemes de santée !


il reste deux ou trois saletées fait ceci et apres je te laisserais en compagnie de cedric241 ( merci cedric de ton aide) pour le nettoyage 




Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de <gras>CFScript.txt.

Copie le texte en gras : ci-dessous :





registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C59FE87A-E140-4D29-B3E6-C31590CE648F}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
otify\iifggfd]
iifggfd.dll

files::
C:\WINDOWS\system32\cjuekynr.ini
C:\WINDOWS\system32\fwkpddsn.ini
C:\WINDOWS\system32\yrilvuwh.ini
C:\WINDOWS\system32\hhhgycrr.ini
C:\WINDOWS\system32\kbqbjimi.ini
C:\WINDOWS\system32\kiycjqjp.ini






fait Glisser maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

http://serveur1.archive-host.com/membres/up/1366464061/CFScript.gif

Cela va relancer Combofix,

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de rédémarrage, poste quand même les rapports.


amities a vous deux .


Martin .

L'boiteux · Answer

Merci a vous 2, c'est vraiment super de voir des gars dispo comme vous !

Combo fix

ComboFix 08-03-10.1 - Jérémie 2008-03-18 22:43:34.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.33 [GMT 1:00]
Endroit: C:\Documents and Settings\Jérémie\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\JÚrÚmie\Bureau\CFScript.txt

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\27031_winhtb.exe
C:\WINDOWS\system32\Clock.exe
C:\WINDOWS\system32\sex.exe
C:\WINDOWS\system32\sinlly.exe
C:\WINDOWS\system32\WinTcpips.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2008-02-18 to 2008-03-18 ))))))))))))))))))))))))))))))))))))
.

2008-03-17 23:02 . 2008-03-17 23:02 <REP> d-------- C:\Program Files\CDex_170b2
2008-03-17 19:42 . 2008-03-17 22:56 941 --a------ C:\WINDOWS\cdplayer.ini
2008-03-13 18:05 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-03-13 18:05 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-03-13 18:05 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-03-12 20:15 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-03-12 20:10 . 2008-03-12 20:10 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-03-12 20:07 . 2008-03-12 20:08 <REP> d-------- C:\Program Files\Windows Live Toolbar
2008-03-12 20:07 . 2008-03-12 20:07 <REP> d-------- C:\Program Files\Windows Live Favorites
2008-03-12 19:26 . 2008-03-12 19:42 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-03-12 19:24 . 2008-03-12 19:24 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-03-08 04:31 . 2008-03-08 04:31 <REP> d-------- C:\WINDOWS\Sun
2008-03-08 04:30 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-03-08 04:25 . 2008-03-08 04:29 <REP> d-------- C:\Program Files\Java
2008-03-08 04:24 . 2008-03-08 04:24 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-03-07 23:50 . 2008-03-07 23:50 <REP> d-------- C:\VundoFix Backups
2008-03-06 21:41 . 2008-03-06 21:53 <REP> d-------- C:\Program Files\RegCleaner
2008-03-06 17:00 . 2008-03-06 17:00 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb
2008-03-06 17:00 . 2008-03-06 17:00 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb
2008-03-04 20:05 . 2008-03-06 17:00 474 ---hs---- C:\WINDOWS\system32\cjuekynr.ini
2008-03-03 22:35 . 2006-10-04 15:06 1,197,294 -----c--- C:\WINDOWS\system32\dllcache\sysmain.sdb
2008-03-03 22:35 . 2006-10-04 15:06 764,868 -----c--- C:\WINDOWS\system32\dllcache\apph_sp.sdb
2008-03-03 22:35 . 2006-10-04 15:06 217,118 -----c--- C:\WINDOWS\system32\dllcache\apphelp.sdb
2008-03-03 22:29 . 2008-03-05 19:35 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-03-03 22:17 . 2008-03-03 22:17 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-03-03 22:17 . 2008-03-03 22:23 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-03-01 20:17 . 2008-03-03 18:13 474 ---hs---- C:\WINDOWS\system32\fwkpddsn.ini
2008-02-29 20:20 . 2008-03-01 01:00 294 ---hs---- C:\WINDOWS\system32\yrilvuwh.ini
2008-02-28 19:13 . 2008-03-16 20:50 <REP> d-------- C:\Program Files\eMule
2008-02-27 19:15 . 2008-02-27 20:15 774 ---hs---- C:\WINDOWS\system32\hhhgycrr.ini
2008-02-26 19:12 . 2008-02-27 19:12 714 ---hs---- C:\WINDOWS\system32\kbqbjimi.ini
2008-02-24 19:37 . 2008-02-26 19:08 354 ---hs---- C:\WINDOWS\system32\kiycjqjp.ini
2008-02-23 20:53 . 2008-02-23 20:53 95 --a------ C:\WINDOWS\wininit.ini
2008-02-20 18:17 . 2008-02-28 19:37 43,520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2008-02-20 17:58 . 2008-02-20 17:58 <REP> d-------- C:\Program Files\VUGames
2008-02-20 17:44 . 1996-04-09 23:04 175,104 --a------ C:\WINDOWS\HDK3CTNT.DLL
2008-02-20 17:41 . 2008-02-20 17:45 <REP> d-------- C:\sdd53
2008-02-20 17:41 . 2008-02-20 17:41 101 -r-hs---- C:\IO.IDX
2008-02-20 14:49 . 1996-09-29 23:00 29,732 --a------ C:\WINDOWS\system\HYENA.TTF
2008-02-20 14:49 . 2008-02-20 15:18 996 --a------ C:\WINDOWS\7thlevel.ini
2008-02-20 01:55 . 2008-02-20 01:55 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-02-19 16:46 . 2008-02-19 17:43 <REP> d-------- C:\MYSTERE
2008-02-19 16:46 . 2008-02-19 16:46 272,640 --a------ C:\WINDOWS\hppunin.exe
2008-02-19 15:07 . 2008-03-03 00:49 2,258 --a------ C:\WINDOWS\system32\tmp.reg
2008-02-19 15:06 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-02-19 15:06 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-02-19 15:06 . 2008-02-16 19:46 85,504 --a------ C:\WINDOWS\system32\VACFix.exe
2008-02-19 15:06 . 2008-02-08 10:37 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-02-19 15:06 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-02-19 15:06 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-02-19 15:06 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-02-19 13:57 . 2008-02-19 13:57 <REP> d-------- C:\Program Files\Enigma Software Group

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-15 19:19 --------- d-----w C:\Program Files\Windows Live
2008-03-12 18:30 --------- d-----w C:\Program Files\MSN Messenger
2008-02-17 02:02 --------- d-----w C:\Program Files\Google
2008-02-09 10:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-02-09 10:18 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-02-01 17:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-02-01 10:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-01-30 19:57 --------- d-----w C:\Program Files\Fichiers communs\snpstd
2008-01-30 14:18 --------- d-----w C:\Program Files\Fichiers communs\xing shared
2008-01-30 14:17 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-01-30 14:12 --------- d-----w C:\Program Files\Real
2008-01-30 13:48 --------- d-----w C:\Documents and Settings\Jérémie\Application Data\Ahead
2008-01-28 19:14 --------- d-----w C:\Program Files\IZArc
2008-01-28 19:06 --------- d-----w C:\Program Files\VIA Technologies, Inc
2008-01-27 21:05 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-01-27 20:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-27 20:00 --------- d-----w C:\Program Files\Lavasoft
2008-01-27 20:00 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-01-27 19:31 --------- d-----w C:\Program Files\Trust
2008-01-27 19:27 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-27 19:26 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-01-27 19:22 --------- d-----w C:\Program Files\Fichiers communs\Ahead
2008-01-27 19:21 --------- d-----w C:\Program Files\Ahead
2008-01-27 19:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ahead
2008-01-27 18:58 --------- d-----w C:\Program Files\ASUS
2008-01-27 18:48 --------- d-----w C:\Program Files\ATI Technologies
2008-01-27 18:31 --------- d-----w C:\Program Files\Alwil Software
2008-01-27 18:24 --------- d-----w C:\Program Files\microsoft frontpage
2008-01-27 18:22 --------- d-----w C:\Program Files\Services en ligne
.

((((((((((((((((((((((((((((( snapshot@2008-03-11_22.17.27.98 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-03-12 18:49:26 68,608 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-03-12 18:50:15 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-03-12 18:50:18 4,308,992 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-03-12 18:50:22 482,304 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-03-12 18:50:01 2,878,976 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2008-03-12 18:49:07 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-03-12 18:49:07 114,176 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2008-03-12 18:50:42 260,096 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2008-03-12 18:49:39 5,025,792 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-03-12 18:49:21 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-03-12 18:49:05 503,808 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2008-03-12 18:49:11 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-03-12 18:50:09 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-03-12 18:50:12 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-03-12 18:50:14 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-03-12 18:49:14 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2008-03-12 18:49:16 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2008-03-12 18:49:17 647,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2008-03-12 18:49:19 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2008-03-12 18:49:12 745,472 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-03-12 18:50:50 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-03-12 18:50:49 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2008-03-12 18:48:59 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-03-12 18:50:46 667,648 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-03-12 18:50:51 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2008-03-12 18:49:04 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-03-12 18:49:02 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-03-12 18:49:02 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-03-12 18:50:31 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2008-03-12 18:49:27 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-03-12 18:50:33 389,120 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2008-03-12 19:10:24 236,392 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlServerCe\9.0.242.0__89845dcd8080cc91\System.Data.SqlServerCe.dll
+ 2008-03-12 18:50:25 716,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2008-03-12 18:49:09 884,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2008-03-12 18:50:06 5,050,368 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-03-12 18:49:31 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2008-03-12 18:49:29 397,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-03-12 18:49:32 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-03-12 18:50:39 700,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-03-12 18:50:26 368,640 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-03-12 18:50:41 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-03-12 18:50:28 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-03-12 18:50:30 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-03-12 18:49:24 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-03-12 18:49:33 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-03-12 18:50:44 835,584 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-03-12 18:49:42 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-03-12 18:49:44 823,296 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-03-12 18:49:52 5,316,608 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-03-12 18:49:56 2,035,712 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2008-03-12 18:50:36 3,018,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-03-12 19:07:06 26,624 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\745107f4f3a2b04d9dedac0b1f0adb10\Accessibility.ni.dll
+ 2008-03-12 19:09:22 860,160 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\dccaf5be0b88d947a1df5b0fe7d9c156\AspNetMMCExt.ni.dll
+ 2008-03-12 19:19:58 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\a4ac13deff9bb540a0e1dc95f5c8b681\CustomMarshalers.ni.dll
+ 2008-03-12 19:19:56 15,360 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\dfsvc\1342b1efef259d45b70b84cbfb1b747d\dfsvc.ni.exe
+ 2008-03-12 19:20:02 880,640 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\25dffe05164a8b49859fca5e7c3c869b\Microsoft.Build.Engine.ni.dll
+ 2008-03-12 19:20:04 81,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\91f8f023a9dd3a4aa30bf602d35bda07\Microsoft.Build.Framework.ni.dll
+ 2008-03-12 19:20:13 1,691,648 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\[u]0[/u]75d44c4504d03418cfdeef7858260df\Microsoft.Build.Tasks.ni.dll
+ 2008-03-12 19:20:16 163,840 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\6dde09d319b9194a88e111f6c9719c95\Microsoft.Build.Utilities.ni.dll
+ 2008-03-12 19:20:25 1,724,416 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7b3f4197657267419626ed160e463974\Microsoft.VisualBasic.ni.dll
+ 2008-03-12 19:16:40 17,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\7fce38d81dc5f84a8f3f4655caba51e0\Microsoft.VisualC.ni.dll
+ 2008-03-12 18:52:52 11,411,456 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\470113e1d854b54c84ec9f8377397fc2\mscorlib.ni.dll
+ 2008-03-12 19:18:48 167,936 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\[u]0[/u]6a64989ea3c4d4388afb83ff6b90cd3\System.Configuration.Install.ni.dll
+ 2008-03-12 19:15:54 962,560 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\c043aa46e7e67741a3ca9efbb7cdbc69\System.Configuration.ni.dll
+ 2008-03-12 19:18:58 1,183,744 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\1a5e4023eb9c9345b01e72fb040ad0ee\System.Data.OracleClient.ni.dll
+ 2008-03-12 19:16:11 2,703,360 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\7cac074072108c4daec3ce70fa7ed80b\System.Data.SqlXml.ni.dll
+ 2008-03-12 18:56:34 6,688,768 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\f1fa5b7df58261428b9439f1249fff17\System.Data.ni.dll
+ 2008-03-12 19:16:26 1,712,128 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\ff2cf1c08609b642a7d847e195300141\System.Deployment.ni.dll
+ 2008-03-12 18:57:34 10,723,328 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\423dd0cbcc996948a58ec683abf75b4e\System.Design.ni.dll
+ 2008-03-12 19:18:40 512,000 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\379ce7db87ef1c42b3643a031eb0ac18\System.DirectoryServices.Protocols.ni.dll
+ 2008-03-12 19:16:55 1,220,608 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\88c6ef3a3e189040b997ea38116b70bd\System.DirectoryServices.ni.dll
+ 2008-03-12 18:54:06 229,376 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\eb771b395862e74a829419c03db9f439\System.Drawing.Design.ni.dll
+ 2008-03-12 18:54:19 1,626,112 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\b1dc96b46b900c4c9af75b396bfe97be\System.Drawing.ni.dll
+ 2008-03-12 19:16:49 659,456 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\a214627fb8719f41bc2c350c611a0980\System.EnterpriseServices.ni.dll
+ 2008-03-12 19:16:48 294,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\a214627fb8719f41bc2c350c611a0980\System.EnterpriseServices.Wrapper.dll
+ 2008-03-12 19:17:02 815,104 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\df5bfc2c84fe614883d46d82ea9f0308\System.Runtime.Remoting.ni.dll
+ 2008-03-12 19:16:20 339,968 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8b8f734f38c65f4b9ba08af92d5450c7\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2008-03-12 19:16:17 729,088 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\455893c1458f57409921d71465adb18f\System.Security.ni.dll
+ 2008-03-12 19:18:44 233,472 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\[u]0[/u]a1eeb5d5544ab4193d568f76fe04391\System.ServiceProcess.ni.dll
+ 2008-03-12 19:16:44 684,032 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\[u]0[/u]99eeabe8762e24fac4d5230cb1d38a8\System.Transactions.ni.dll
+ 2008-03-12 19:20:41 2,310,144 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\a7031b8c9fd40046b308fb86f400fa56\System.Web.Mobile.ni.dll
+ 2008-03-12 19:18:50 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\1a8fd2df6b11404cb266916a0aaea757\System.Web.RegularExpressions.ni.dll
+ 2008-03-12 19:18:35 1,945,600 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\[u]0[/u]3943072e8ff8446b4014b6cf6b11621\System.Web.Services.ni.dll
+ 2008-03-12 19:18:14 11,808,768 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\2fa71a0281fdfc42b0dff04e54326576\System.Web.ni.dll
+ 2008-03-12 18:55:21 13,107,200 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\63f1f0b953c3b3469c2bd16ba77b2413\System.Windows.Forms.ni.dll
+ 2008-03-12 18:55:56 5,640,192 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\[u]0[/u]983d20db99caa46855e5011c0a11109\System.Xml.ni.dll
+ 2008-03-12 18:53:59 8,093,696 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ad487d0bd4d1e94482c8dee124c5e57c\System.ni.dll
+ 2008-03-12 19:19:39 126,976 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\5b1ef5d5ecd26b4a914cdd04b5ccf282\WindowsLive.Client.ni.dll
+ 2008-03-12 19:15:44 593,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\[u]0[/u]b375f588fabce4381deaa9fcedf5a4f\WindowsLive.Writer.Controls.ni.dll
+ 2008-03-12 19:19:51 155,648 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\15c5c859d42176459123de8f25c3e918\WindowsLive.Writer.FileDestinations.ni.dll
+ 2008-03-12 19:19:48 221,184 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1bf8d80b13ba304ab954649e26a0faaf\WindowsLive.Writer.SpellChecker.ni.dll
+ 2008-03-12 19:19:24 106,496 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1c137b8ce8a1b94da49b70bcbb126683\WindowsLive.Writer.Api.ni.dll
+ 2008-03-12 19:19:12 335,872 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\267e64f2e265244f8be57ec84b2a1622\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2008-03-12 19:19:10 352,256 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\2fa10e8e4d01cb4cb095cac8a20aefe1\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2008-03-12 19:19:09 208,896 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\509b2b0be11622499aa47e8b181b8ee1\WindowsLive.Writer.BrowserControl.ni.dll
+ 2008-03-12 19:15:02 5,480,448 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5e29280e8494274d8dd801b01906747b\WindowsLive.Writer.PostEditor.ni.dll
+ 2008-03-12 19:19:30 1,105,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\60567a42855f4f4a867e348fe7917889\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2008-03-12 19:19:37 835,584 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\79d4ece38ae55f489ea64a931381633a\WindowsLive.Writer.BlogClient.ni.dll
+ 2008-03-12 19:19:03 352,256 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7f2804641e8c9643ad225e60f3752dee\WindowsLive.Writer.Interop.ni.dll
+ 2008-03-12 19:19:43 573,440 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\84895181a29f354ab803cb849cf7efbc\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2008-03-12 19:19:06 516,096 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\9e80c64cc435584599f279473958f500\WindowsLive.Writer.Localization.ni.dll
+ 2008-03-12 19:19:22 118,784 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a32c3dd5a519b14f845d1a32496d34b7\WindowsLive.Writer.Extensibility.ni.dll
+ 2008-03-12 19:19:15 188,416 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a9217e629af41e4493b2733d8a44b7eb\WindowsLive.Writer.HtmlParser.ni.dll
+ 2008-03-12 19:16:37 1,871,872 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c31944eb7b3d944f9848c96aa2bcf4fb\WindowsLive.Writer.CoreServices.ni.dll
+ 2008-03-12 19:19:17 143,360 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c7541617295b8c4aaa1e3b4824e57b79\WindowsLive.Writer.Passport.ni.dll
+ 2008-03-12 19:19:20 278,528 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ddd8c13777b8844e8f23d98790f706c6\WindowsLive.Writer.Mshtml.ni.dll
+ 2008-03-12 19:19:54 655,360 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\13d24e799820f84c947f3f1618378df5\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2008-03-12 19:10:36 41,472 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\48db50da43bb7844be9e552f0d81525a\WindowsLiveWriter.ni.exe
- 2008-01-27 19:07:44 167,936 ----a-r C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\accicons.exe
+ 2008-03-16 23:15:22 167,936 ----a-r C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\accicons.exe
- 2008-01-27 19:07:44 81,920 ----a-r C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\fpicon.exe
+ 2008-03-16 23:15:22 81,920 ----a-r C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\fpicon.exe
- 2008-01-27 19:07:44 34,304 ----a-r C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\misc.exe
+ 2008-03-16 23:15:22 34,304 ----a-r C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\misc.exe
- 2008-01-27 19:07:44 8,192 ----a-r C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\mspicons.exe
+ 2008-03-16 23:15:22 8,192 ----a-r C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\mspicons.exe
- 2008-01-27 19:07:44 3,584 ----a-r C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\opwicon.exe
+ 2008-03-16 23:15:23 3,584 ----a-r C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\opwicon.exe
- 2008-01-27 19:07:44 114,688 ----a-r C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\outicon.exe
+ 2008-03-16 23:15:23 114,688 ----a-r C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\outicon.exe
- 2008-01-27 19:07:44 16,384 ----a-r C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\PEicons.exe
+ 2008-03-16 23:15:22 16,384 ----a-r C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\PEicons.exe
- 2008-01-27 19:07:44 30,720 ----a-r C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\pptico.exe
+ 2008-03-16 23:15:22 30,720 ----a-r C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\pptico.exe
- 2008-01-27 19:07:44 22,528 ----a-r C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\unbndico.exe
+ 2008-03-16 23:15:23 22,528 ----a-r C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\unbndico.exe
- 2008-01-27 19:07:44 45,056 ----a-r C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe
+ 2008-03-16 23:15:22 45,056 ----a-r C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe
- 2008-01-27 19:07:44 90,112 ----a-r C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2008-03-16 23:15:22 90,112 ----a-r C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2008-03-15 19:19:58 123,008 ----a-r C:\WINDOWS\Installer\{A70FA218-6598-4AC9-813D-63597C5DD068}\WLXPhotoGalleryIcon.exe
+ 2008-03-12 18:28:08 29,926 ----a-r C:\WINDOWS\Installer\{BADF6744-3787-48F6-B8C9-4C4995401D65}\MsblIco.Exe
+ 2008-03-12 19:03:21 86,746 ----a-r C:\WINDOWS\Installer\{C514C594-23AA-4F13-A070-DB8BDB27594F}\wlmail.exe
+ 2005-09-23 06:28:52 72,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_iehost.dll
+ 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2005-09-23 06:29:04 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_microsoft.vsa.vb.codedomprocessor.dll
+ 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_system.data.dll
+ 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_VsaVb7rt.dll
+ 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2005-09-23 06:28:52 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll
+ 2005-09-23 06:28:56 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2005-09-23 06:28:58 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2005-09-23 06:28:56 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\SharedReg12.dll
+ 2005-09-23 06:28:52 86,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2005-09-23 06:28:36 18,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2005-09-23 06:28:42 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2005-09-23 06:28:44 4,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2005-09-23 06:29:04 183,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2005-09-23 06:28:28 208,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2005-09-23 06:28:56 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2005-09-23 06:28:58 138,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2005-09-23 06:28:36 87,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2005-09-23 06:28:58 55,488 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2005-09-23 06:28:32 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2005-09-23 06:28:32 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2005-09-23 06:28:32 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2005-09-23 06:28:32 23,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2005-09-23 06:28:32 70,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2005-09-23 06:28:32 13,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2005-09-23 06:28:32 26,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2005-09-23 06:28:32 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2005-09-23 06:28:32 29,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2005-09-23 06:28:32 29,888 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2005-09-23 06:28:32 503,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2005-09-23 06:28:56 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2005-09-23 06:28:56 88,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2005-09-23 06:28:42 76,984 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2005-09-23 06:28:42 1,144,832 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2005-09-23 06:28:42 13,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2005-09-23 06:28:58 17,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2005-09-23 06:28:56 68,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2005-09-23 06:28:44 31,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2005-09-23 06:28:38 52,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2005-09-23 06:28:38 4,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2005-09-23 06:29:12 547,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
+ 2005-09-23 06:28:56 788,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2005-09-23 06:28:50 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2005-09-23 06:28:56 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2005-09-23 06:28:56 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2005-09-23 06:28:56 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2005-09-23 06:28:56 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2005-09-23 06:28:56 224,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2005-09-23 06:28:56 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2005-09-23 06:28:56 55,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2005-09-23 06:28:56 72,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2005-09-23 06:28:48 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2005-09-23 06:01:16 609,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
+ 2005-09-23 05:29:48 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1025.dll
+ 2005-09-23 05:32:24 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1028.dll
+ 2005-09-23 05:34:10 82,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1029.dll
+ 2005-09-23 05:34:12 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1030.dll
+ 2005-09-23 05:34:44 85,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1031.dll
+ 2005-09-23 05:36:24 87,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1032.dll
+ 2005-09-23 02:46:14 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1033.dll
+ 2005-09-23 05:38:26 81,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1035.dll
+ 2005-09-23 05:38:52 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1036.dll
+ 2005-09-23 05:40:30 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1037.dll
+ 2005-09-23 05:40:32 83,968 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1038.dll
+ 2005-09-23 05:40:56 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1040.dll
+ 2005-09-23 05:42:58 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1041.dll
+ 2005-09-23 05:44:58 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1042.dll
+ 2005-09-23 05:46:38 83,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1043.dll
+ 2005-09-23 05:46:38 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1044.dll
+ 2005-09-23 05:46:40 83,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1045.dll
+ 2005-09-23 05:47:04 82,432 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1046.dll
+ 2005-09-23 05:47:30 82,432 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1049.dll
+ 2005-09-23 05:47:32 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1053.dll
+ 2005-09-23 05:47:32 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1055.dll
+ 2005-09-23 05:30:18 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.2052.dll
+ 2005-09-23 05:47:06 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.2070.dll
+ 2005-09-23 05:29:50 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.3076.dll
+ 2005-09-23 05:36:48 85,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.3082.dll
+ 2005-09-23 06:57:06 245,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\unicows.dll
+ 2005-09-23 06:28:48 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2005-09-23 06:28:48 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2005-09-23 06:28:48 647,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2005-09-23 06:28:48 73,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2005-09-23 06:28:48 745,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2005-09-23 06:29:10 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2005-09-23 06:29:10 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2005-09-23 06:29:08 667,648 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2005-09-23 06:28:30 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2005-09-23 06:29:10 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2005-09-23 06:28:30 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2005-09-23 06:28:30 12,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2005-09-23 06:28:30 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2005-09-23 06:28:32 87,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2005-09-23 06:28:48 69,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2005-09-23 06:28:56 800,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2005-09-23 06:28:56 73,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2005-09-23 06:28:56 288,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2005-09-23 06:28:56 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2005-09-23 06:28:56 326,144 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2005-09-23 06:28:56 81,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2005-09-23 06:28:56 4,308,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2005-09-23 06:28:56 102,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2005-09-23 06:29:00 330,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2005-09-23 06:28:56 67,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2005-09-23 06:28:50 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2005-09-23 06:28:56 226,816 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2005-09-23 06:28:56 66,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2005-09-23 06:28:56 10,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2005-09-23 06:28:50 5,615,616 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2005-09-23 06:29:00 22,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\[u]0[/u]409\mscorsecr.dll
+ 2005-09-23 06:28:56 96,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2005-09-23 06:28:56 14,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2005-09-23 06:28:56 78,336 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
+ 2005-09-23 06:28:50 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2005-09-23 06:28:56 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2005-09-23 06:28:56 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2005-09-23 06:29:02 59,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2005-09-23 06:28:58 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2005-09-23 06:28:56 107,520 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2005-09-23 06:29:00 85,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2005-09-23 06:28:56 377,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2005-09-23 06:28:56 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2005-09-23 06:28:58 389,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2005-09-23 06:28:56 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2005-09-23 06:28:56 2,878,976 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2005-09-23 06:28:56 482,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2005-09-23 06:28:56 716,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2005-09-23 06:28:38 884,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2005-09-23 06:28:56 5,050,368 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2005-09-23 06:28:56 397,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2005-09-23 06:28:56 188,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2005-09-23 06:28:56 3,018,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2005-09-23 06:28:56 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2005-09-23 06:28:56 700,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2005-09-23 06:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2005-09-23 06:28:56 47,616 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2005-09-23 06:28:56 114,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2005-09-23 06:28:56 368,640 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2005-09-23 06:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2005-09-23 06:28:56 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2005-09-23 06:28:56 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2005-09-23 06:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2005-09-23 06:28:56 114,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2005-09-23 06:28:56 260,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2005-09-23 06:28:56 5,025,792 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2005-09-23 06:28:56 835,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2005-09-23 06:28:56 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2005-09-23 06:28:56 823,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2005-09-23 06:28:56 5,316,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2005-09-23 06:28:56 2,035,712 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2005-09-23 06:28:56 71,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2005-09-23 06:29:06 1,140,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2005-09-23 06:28:30 1,306,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2005-09-23 06:28:32 298,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2005-09-23 06:28:56 28,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
- 2001-01-22 02:25:24 32,768 ----a-w C:\WINDOWS\system32\ATHPRXY.DLL
+ 2004-01-29 14:08:23 32,768 ----a-w C:\WINDOWS\system32\ATHPRXY.DLL
+ 2005-09-23 06:28:38 83,456 ----a-w C:\WINDOWS\system32\dfshim.dll
- 1999-10-18 02:01:42 1,129,232 ----a-w C:\WINDOWS\system32\FM20.DLL
+ 2003-09-25 11:07:00 1,139,472 ----a-w C:\WINDOWS\system32\FM20.DLL
- 2001-02-21 10:02:06 29,456 ----a-w C:\WINDOWS\system32\FM20FRA.DLL
+ 2003-10-29 13:05:10 28,672 ----a-w C:\WINDOWS\system32\FM20FRA.DLL
+ 2005-09-23 06:28:52 270,848 ----a-w C:\WINDOWS\system32\mscoree.dll
+ 2005-09-23 06:28:52 150,016 ----a-w C:\WINDOWS\system32\mscorier.dll
+ 2005-09-23 06:28:52 74,240 ----a-w C:\WINDOWS\system32\mscories.dll
+ 2005-09-23 06:29:00 6,144 ----a-w C:\WINDOWS\system32\mui\[u]0[/u]409\mscorees.dll
+ 2005-09-23 06:28:56 32,768 ----a-w C:\WINDOWS\system32\netfxperf.dll
- 2008-02-04 17:17:43 40,128 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-03-12 18:57:56 58,732 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-02-04 17:17:43 48,856 ----a-w C:\WINDOWS\system32\perfc00C.dat
+ 2008-03-12 18:57:56 71,488 ----a-w C:\WINDOWS\system32\perfc00C.dat
- 2008-02-04 17:17:43 311,740 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-03-12 18:57:56 392,432 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-02-04 17:17:43 368,076 ----a-w C:\WINDOWS\system32\perfh00C.dat
+ 2008-03-12 18:57:56 458,648 ----a-w C:\WINDOWS\system32\perfh00C.dat
+ 2006-10-24 11:30:20 412,160 ------w C:\WINDOWS\system32\photometadatahandler.dll
- 2007-01-19 11:53:04 51,056 ----a-w C:\WINDOWS\system32\sirenacm.dll
+ 2007-10-18 10:31:46 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
- 2006-09-25 16:58:48 14,640 ------w C:\WINDOWS\system32\spmsg.dll
+ 2006-10-16 15:10:58 14,640 ------w C:\WINDOWS\system32\spmsg.dll
- 2006-09-25 16:58:48 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe
+ 2006-10-16 15:10:58 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe
+ 2006-10-24 11:30:06 716,288 ------w C:\WINDOWS\system32\WindowsCodecs.dll
+ 2006-10-24 11:29:50 352,256 ------w C:\WINDOWS\system32\WindowsCodecsExt.dll
+ 2006-10-24 11:30:00 276,992 ------w C:\WINDOWS\system32\WMPhoto.dll
+ 2008-03-18 21:20:19 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_694.dat
+ 2005-09-23 06:29:16 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll
+ 2005-09-23 06:29:16 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll
+ 2005-09-23 06:29:16 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll
+ 2008-03-12 18:49:07 258,048 ----a-w C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2008-03-12 18:49:07 114,176 ----a-w C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-22 18:16 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"Control Center"="C:\Program Files\ASUS\WLAN Card Utilities\Center.exe" [2004-02-24 12:17 1448448]
"CameraFixer"="C:\WINDOWS\CameraFixer.exe" [2005-12-06 13:08 20480]
"snpstd"="C:\WINDOWS\vsnpstd.exe" [2005-10-11 13:54 339968]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-01-30 15:13 185896]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04 83360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"CTFMON.EXE"=C:\WINDOWS\System32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Norton"=C:\Program Files\ASUS\WLAN Card Utilities\NorExec.exe
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R1 VIAPFD;VIAPFD;C:\WINDOWS\system32\Drivers\VIAPFD.SYS [2001-12-18 07:45]
R3 ASNDIS5;ASNDIS5 Protocol Driver;C:\WINDOWS\system32\ASNDIS5.SYS [2002-09-09 19:54]
R3 W8100PCI;ASUS 802.11b/g Driver for Windows XP;C:\WINDOWS\system32\DRIVERS\mrv8k51.sys [2003-12-24 12:43]

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-18 21:44:55 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-18 22:48:24
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-03-18 22:52:22
ComboFix-quarantined-files.txt 2008-03-18 21:51:47
ComboFix2.txt 2008-03-11 21:18:26
.
2008-03-16 23:15:31 --- E O F ---

Hijack this

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:56:16, on 18/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\WINDOWS\CameraFixer.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Jérémie\Bureau\Hijack this\Sanner.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{0B47EAD3-2F37-4EDC-ACE1-F068B6CE7F6E}: NameServer = 212.27.32.176,212.27.32.177
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B47EAD3-2F37-4EDC-ACE1-F068B6CE7F6E}: NameServer = 212.27.32.176,212.27.32.177
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

Utilisateur anonyme · Answer

bonsoir ca n'as pas fonctionne , fait ceci



télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

Citation :


C:\WINDOWS\system32\cjuekynr.ini
C:\WINDOWS\system32\fwkpddsn.ini
C:\WINDOWS\system32\yrilvuwh.ini
C:\WINDOWS\system32\hhhgycrr.ini
C:\WINDOWS\system32\kbqbjimi.ini
C:\WINDOWS\system32\kiycjqjp.ini




clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
copie et colle le rapport ici
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

L'boiteux · Answer

C:\WINDOWS\system32\cjuekynr.ini moved successfully.
C:\WINDOWS\system32\fwkpddsn.ini moved successfully.
C:\WINDOWS\system32\yrilvuwh.ini moved successfully.
C:\WINDOWS\system32\hhhgycrr.ini moved successfully.
C:\WINDOWS\system32\kbqbjimi.ini moved successfully.
C:\WINDOWS\system32\kiycjqjp.ini moved successfully.
 
OTMoveIt2 by OldTimer - Version 1.0.21 log created on 03182008_231147


Voila ! Au fait question bete, c'est quoi comme type d'infections ?

Utilisateur anonyme · Answer

bonjour celas ressemble a une grosse infections vundo et il y avait aussi des saletées  fait ce nettoyage ,


1) telecharge avg anti spyware et ccleaner


Telecharge AVG anti spywares

http://www.grisoft.com/doc/downloads-products/ww/crp/0?prd=triasw
Installe le puis...Lancer AVG Anti-Spyware.
Clique sur le menu Mise à jour.
Dans le paragraphe Mise à jour manuelle, cliquer sur le bouton Commencer la mise à jour.
Attends la fin de cette mise à jour puis ferme le programme.
Ne pas lancer d'analyse maintenant



Telecharge

-- CCleaner
https://www.ccleaner.com/ccleaner/download
Choisi de préférence la version SLIM-No Toolbar.
Installe-le en prenant soin de décocher les diverses options dont la barre Yahoo et la mise à jour.
Lance CCleaner puis Clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures".
Pour les autres paramètres, laisse-le avec ses réglages par défaut.
Ferme le programme pour l’instant.



2) Redémarre en mode sans échec

Regarde ici avant : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.



Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.

3) Lance AVG Anti-Spyware 7.5

--Réglages

Clique sur le menu Analyse (de la barre d'outils).
Clique sur l'onglet Paramètres.
Dans Comment réagir? clique sur Actions recommandées et choisir Quarantaine.
Dans Comment faire l'analyse ? et dans Programmes potentiellement dangereux, vérifier que toutes les cases soient cochées.
Dans Rapports cocher "générer un rapport après chaque analyse"

-- Scan
Dans l'onglet Analyse
Clique sur Analyse complète du système.
Important : Ne pas ouvrir de fenêtre, ne pas lancer de programme pendant l'exécution de AVG Anti-Spyware, car cela pourrait interférer avec le processus de recherche.
Cliquer sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.(C:\Programfiles\AVG Antispyware 7.5\Reports)
Ensuite
Très important : A la fin de l'analyse, clique sur " Appliquer toutes les actions"

Puis ferme AVG Anti-Spyware.

4) Suppression de fichiers inutiles avec CCleaner

Lance CCleaner en double-cliquant sur son raccourci sur le bureau.
Puis dans le menu Nettoyeur
Clique sur Analyse (laisser travailler cela peut durer longtemps la 1ere fois)
Clique sur le bouton Lancer le nettoyage.
Clique une seconde fois sur le bouton Lancer le nettoyage
clique sur registre cherche et repare les erreurs effectue trois fois la manipe pour que se sois efficace !

5) Rapports

Fais redémarrer le PC en mode normal puis poste en réponse :

* Le rapport d AVG antispyware 7.5 situé ici C:\Programfiles\AVG Antispyware 7.5\Reports

L'boiteux · Answer

Impossible de trouver un rapport de avg alors que j'ai bien fais tout ce qui ai marqué, meme dans le dossier grisoft qui contient avg.
Bref du coup j'ai fais un rapport hijack j'espere que ça ira ! :)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:04:35, on 20/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\WINDOWS\CameraFixer.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Jérémie\Bureau\Hijack this\Sanner.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{0B47EAD3-2F37-4EDC-ACE1-F068B6CE7F6E}: NameServer = 212.27.32.176,212.27.32.177
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B47EAD3-2F37-4EDC-ACE1-F068B6CE7F6E}: NameServer = 212.27.32.176,212.27.32.177
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

Utilisateur anonyme · Answer

bonsoir ce n'est pas grave avg as trouve des trucs ? as tu bien applique toutes les actions a la fin du scan ?

comment se porte ton pc ?

Rapport hijack de mon pc

17 réponses

Votre réponse

Newsletters