Page internet ne s'ouvre pas en mode normal

salma -
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité - 7 juil. 2008 à 12:53

Bonjour,
Voila j'ai un probleme avec ma connexion internet, la page passe un temps fou à se charger d'ailleurs elle ne charge meme pas, en mode sans echec la connexion se passe trés bien (rapide).
Je ne comprends pas la cause. Je vous en prie aidez moi.
VOICI le rapport Hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 21:36, on 2008-06-30
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {018B27FF-E05F-4CB5-8763-540CB3FD457A} - C:\WINDOWS\system32\geBrpppm.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {03911DE4-E10B-4917-9894-EF1038CD104A} - C:\WINDOWS\system32\rqRJDtSj.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9352FD23-F873-40A9-B127-6B752B6308BC} - C:\WINDOWS\system32\cbXRIawT.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: {101afcd7-257c-a8aa-3ce4-cc6da96cc5ae} - {ea5cc69a-d6cc-4ec3-aa8a-c7527dcfa101} - C:\WINDOWS\system32\jqmpyh.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [1c1f6341] rundll32.exe "C:\WINDOWS\system32\tfldhwpj.dll",b
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BM1f2c50dd] Rundll32.exe "C:\WINDOWS\system32\rpgimabv.dll",s
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\RunOnce: [SpybotDeletingA4079] command /c del "C:\WINDOWS\system32\rqRJDtSj.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8282] cmd /c del "C:\WINDOWS\system32\rqRJDtSj.dll_old"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB2250] command /c del "C:\WINDOWS\system32\rqRJDtSj.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4311] cmd /c del "C:\WINDOWS\system32\rqRJDtSj.dll_old"
O4 - Global Startup: MA521 Configuration Utility.lnk = C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: geBrpppm - C:\WINDOWS\SYSTEM32\geBrpppm.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

Afficher la suite

A voir également:

Page internet ne s'ouvre pas en mode normal
Mode avion - Guide
Supprimer page word - Guide
Comment traduire une page internet - Guide
Mode sécurisé - Guide
Mode d'emploi - Guide

20 réponses

Réponse 1 / 20

ep44 Messages postés 7432 Statut Contributeur 3

Bonsoir

plusieurs infections sur ton rapport

Télécharge Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!

=> /!\déconnecte toi d'internet et ferme toutes tes applications./!\

=>/!\ désactive tes protections (antivirus, parefeu,antispyware) provisoirement et seulement le temps de l'utilisation de ComboFix,/!\

=> Double-clic sur combofix,

=> /!\Ne touche à rien tant que le scan n'est pas terminé.Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi./!\

=> Attends que combofix ait terminé, un rapport sera créé.

=> réactive ton parefeu, ton antivirus, la garde de ton antispyware

=> copie/colle le rapport C:\ComboFix.txt

=> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

salma

Voila le rapport COMBOFIX;;; JE fais quoi maintenant????? Merci pour votre aide!!!! J'attends

ComboFix 08-06-20.4 - salima moulti 2008-06-30 23:02:43.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.490 [GMT 2:00]
Endroit: C:\Documents and Settings\salima moulti\Bureau\ComboFix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\cbXRIawT.dll
C:\WINDOWS\system32\jpwhdlft.ini
C:\WINDOWS\system32\jStDJRqr.ini
C:\WINDOWS\system32\jStDJRqr.ini2
C:\WINDOWS\system32\TwaIRXbc.ini
C:\WINDOWS\system32\TwaIRXbc.ini2
C:\WINDOWS\system32\xioxadqm.ini
.
---- Previous Run -------
.
C:\WINDOWS\BM1f2c50dd.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\bnhtxlqy.ini
C:\WINDOWS\system32\pWHhQqru.ini
C:\WINDOWS\system32\pWHhQqru.ini2
C:\WINDOWS\system32\urqQhHWp.dll

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-28 to 2008-06-30 ))))))))))))))))))))))))))))))))))))
.

2008-06-30 21:28 . 2008-06-30 21:28 103,424 --a------ C:\WINDOWS\system32\vovivqur.dll
2008-06-30 21:28 . 2008-06-30 21:28 103,424 --a------ C:\WINDOWS\system32\jqmpyh.dll
2008-06-30 21:26 . 2008-06-30 21:26 91,136 --a------ C:\WINDOWS\system32\rpgimabv.dll
2008-06-30 10:56 . 2008-06-30 10:56 95 --a------ C:\WINDOWS\wininit.ini
2008-06-30 02:35 . 2008-06-30 10:56 <REP> d-------- C:\Program Files\a-squared Free
2008-06-30 01:31 . 2008-06-30 01:31 <REP> d-------- C:\Program Files\Lavasoft
2008-06-30 01:31 . 2008-06-30 22:08 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Lavasoft
2008-06-30 01:31 . 2008-06-30 01:31 82,432 --a------ C:\WINDOWS\system32\mqdaxoix.dll
2008-06-30 01:29 . 2008-06-30 01:29 103,424 --a------ C:\WINDOWS\system32\irundlbe.dll
2008-06-30 01:29 . 2008-06-30 01:29 103,424 --a------ C:\WINDOWS\system32\blnete.dll
2008-06-30 01:29 . 2008-06-30 01:29 90,624 --a------ C:\WINDOWS\system32\errvqvte.dll
2008-06-30 00:55 . 2008-06-30 00:56 294 ---hs---- C:\WINDOWS\system32\bnhtxlqy.ini
2008-06-30 00:55 . 2008-06-30 00:55 0 --a------ C:\WINDOWS\BM1f2c50dd.xml
2008-06-29 14:25 . 2008-06-29 14:25 <REP> d-------- C:\Program Files\Avira
2008-06-28 20:48 . 2008-06-29 14:09 <REP> d-------- C:\QUARANTINE
2008-06-28 20:29 . 2008-06-28 20:29 103,424 --a------ C:\WINDOWS\system32\ukiube.dll
2008-06-28 20:29 . 2008-06-28 20:29 103,424 --a------ C:\WINDOWS\system32\nyhwmida.dll
2008-06-28 20:27 . 2008-06-28 20:27 <REP> d-------- C:\Program Files\Fichiers communs\Cisco Systems
2008-06-28 20:27 . 2006-12-19 15:06 1,495,552 --a------ C:\WINDOWS\system32\epoPGPsdk.dll
2008-06-28 20:22 . 2008-06-28 20:22 26,112 --a------ C:\WINDOWS\system32\geBrpppm.dll
2008-06-26 20:49 . 2001-08-23 17:04 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-06-26 20:49 . 2001-08-23 17:04 12,288 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2008-06-26 20:48 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-06-26 20:48 . 2001-08-17 22:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-06-25 00:32 . 2008-06-25 00:32 82,928 --a------ C:\IMG_1258.JPG
2008-06-24 19:28 . 2002-11-11 19:52 6,400 --a------ C:\WINDOWS\system32\drivers\pctvvbi.sys
2008-06-24 19:27 . 2001-05-11 12:18 420,240 --a------ C:\WINDOWS\system32\mpg4c32.dll
2008-06-24 19:25 . 2008-06-24 19:25 <REP> d-------- C:\Pinnacle
2008-06-24 19:08 . 2008-06-24 19:10 455 --a------ C:\WINDOWS\VFO.VST
2008-06-24 19:08 . 2008-06-24 19:08 51 --a------ C:\WINDOWS\system32\blue.SITENAME
2008-06-24 19:07 . 2004-08-04 01:54 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-06-24 18:52 . 2004-07-02 16:28 84,992 --a------ C:\WINDOWS\system32\ATL70.DLL
2008-06-24 18:52 . 2008-06-24 19:44 1,196 --a------ C:\WINDOWS\VFO.INI
2008-06-24 18:51 . 2005-02-09 11:59 14,165 --a------ C:\WINDOWS\system32\drivers\Pclepci.sys
2008-06-24 18:46 . 2008-06-24 19:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
2008-06-24 18:44 . 2008-06-24 19:43 <REP> d-------- C:\Program Files\Pinnacle
2008-06-24 18:44 . 2008-06-24 19:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle
2008-06-24 16:40 . 2008-06-24 16:40 <REP> d-------- C:\Program Files\NVIDIA Corporation
2008-06-24 16:40 . 2008-06-24 16:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2008-06-24 16:40 . 2004-10-11 11:28 671,744 --a------ C:\WINDOWS\system32\DolbyHph.dll
2008-06-24 16:40 . 2004-11-12 16:01 60,416 --a------ C:\WINDOWS\system32\DSETUP.dll
2008-06-24 16:40 . 2004-12-13 09:44 14,848 --a------ C:\WINDOWS\system32\drivers\nvndis.sys
2008-06-24 16:40 . 2004-10-11 11:28 9,856 --a------ C:\WINDOWS\system32\drivers\pfc.sys
2008-06-18 12:49 . 2008-06-18 12:49 268 --ah----- C:\sqmdata06.sqm
2008-06-18 12:49 . 2008-06-18 12:49 244 --ah----- C:\sqmnoopt06.sqm
2008-06-15 11:25 . 2008-06-15 11:25 <REP> d-------- C:\Program Files\VintaSoft
2008-06-15 11:10 . 2008-06-15 11:12 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-06-15 10:59 . 2008-03-01 14:58 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-06-15 10:59 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-06-15 10:59 . 2007-03-08 07:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-06-15 10:59 . 2008-03-01 14:58 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-06-15 10:59 . 2008-03-01 14:58 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-06-15 10:59 . 2008-03-01 14:58 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-06-15 10:59 . 2008-03-01 14:58 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-06-15 10:59 . 2008-03-01 14:58 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-06-15 10:59 . 2008-02-22 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-06-13 11:54 . 2008-06-13 11:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-06-13 11:48 . 2008-06-13 11:48 <REP> d-------- C:\Program Files\Yahoo!
2008-06-13 11:48 . 2008-06-13 11:48 <REP> d-------- C:\Program Files\CCleaner
2008-06-12 22:21 . 2008-06-12 22:21 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-06-12 21:27 . 2008-06-12 21:27 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Malwarebytes
2008-06-12 21:27 . 2008-06-12 21:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-11 20:25 . 2008-06-11 20:25 <REP> d-------- C:\WINDOWS\Sun
2008-06-11 16:48 . 2008-06-29 15:01 672 --a------ C:\WINDOWS\system32\tmp.reg
2008-06-11 16:21 . 2008-06-30 21:36 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2008-06-11 15:55 . 2008-06-11 15:55 <REP> d---s---- C:\Documents and Settings\Administrateur\UserData
2008-06-11 15:32 . 2008-06-13 11:49 <REP> d-------- C:\Program Files\Trend Micro
2008-06-11 14:13 . 2008-06-30 02:32 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-06-11 14:13 . 2008-06-30 10:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-11 13:59 . 2008-06-30 22:01 <REP> d-------- C:\Program Files\RogueRemover FREE
2008-06-11 13:04 . 2008-06-11 15:23 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-06-11 12:59 . 2004-08-03 23:00 28,672 --a------ C:\WINDOWS\system32\drivers\nscirda.sys
2008-06-11 12:59 . 2004-08-03 23:00 28,672 --a--c--- C:\WINDOWS\system32\dllcache\nscirda.sys
2008-06-11 12:38 . 2008-06-11 12:38 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-06-11 12:38 . 2008-06-11 12:38 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-06-11 12:38 . 2008-06-13 11:49 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-06-11 12:22 . 2008-06-11 12:38 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-06-11 12:22 . 2008-06-11 15:55 <REP> d-------- C:\Documents and Settings\Administrateur
2008-06-11 12:16 . 2008-06-11 18:56 <REP> d-------- C:\Program Files\LabelCommand
2008-06-11 11:18 . 2008-06-11 13:33 0 --a------ C:\WINDOWS\system32\ieupdates.exe.tmp
2008-06-11 01:04 . 2008-06-11 01:04 <REP> d-------- C:\Documents and Settings\LocalService\Mes documents
2008-06-10 19:31 . 2008-06-10 19:31 <REP> d-------- C:\MenuGEO
2008-06-10 19:31 . 2008-02-12 08:39 48 --a------ C:\WINDOWS\camsad.ini
2008-06-10 19:24 . 2008-06-10 19:28 <REP> d-------- C:\Program Files\@Last Software
2008-06-10 19:18 . 2008-06-10 19:18 <REP> d-------- C:\WINDOWS\system32\URTTEMP
2008-06-09 10:12 . 2008-06-09 10:12 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\ItsLabel
2008-06-09 10:12 . 2008-06-09 10:12 22 --a------ C:\WINDOWS\system32\ati64hl2.stb
2008-06-08 20:58 . 2008-06-09 22:11 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\DivX
2008-06-08 20:55 . 2008-06-24 19:44 <REP> d-------- C:\Program Files\DivX
2008-06-08 20:54 . 2008-06-08 20:54 <REP> d-------- C:\Program Files\EoRezo
2008-06-08 20:54 . 2008-06-11 17:50 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\EoRezo
2008-06-08 18:27 . 2008-06-08 18:27 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Talkback
2008-06-08 18:27 . 2008-06-08 18:27 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-08 18:22 . 2008-06-10 21:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-06-06 01:03 . 2008-06-17 22:43 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\dvdcss
2008-06-04 21:26 . 2008-06-04 21:26 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Nokia Multimedia Player
2008-06-04 21:06 . 2008-06-04 21:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-06-04 21:03 . 2008-06-04 21:03 <REP> d-------- C:\Program Files\DIFX
2008-06-04 21:03 . 2008-06-04 21:26 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Nokia
2008-06-04 21:02 . 2008-06-04 21:02 <REP> d-------- C:\Program Files\PC Connectivity Solution
2008-06-04 21:02 . 2008-06-04 21:02 <REP> d-------- C:\Program Files\Nokia
2008-06-04 21:02 . 2008-06-04 21:02 <REP> d-------- C:\Program Files\Fichiers communs\PCSuite
2008-06-04 21:02 . 2008-06-04 21:02 <REP> d-------- C:\Program Files\Fichiers communs\Nokia
2008-06-04 21:02 . 2008-06-04 21:08 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\PC Suite
2008-06-04 21:02 . 2007-02-22 10:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-06-04 21:02 . 2007-02-22 10:15 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-06-04 21:02 . 2007-02-22 10:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-06-04 21:02 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-06-04 21:02 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-06-04 21:02 . 2007-02-22 10:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-06-04 21:01 . 2008-06-04 21:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Installations
2008-06-04 16:19 . 2008-06-04 16:19 <REP> d-------- C:\Live!Cam
2008-06-04 14:08 . 2008-06-04 14:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-04 00:58 . 2008-06-04 00:58 268 --ah----- C:\sqmdata05.sqm
2008-06-04 00:58 . 2008-06-04 00:58 244 --ah----- C:\sqmnoopt05.sqm
2008-06-03 23:16 . 2008-06-03 23:16 <REP> d-------- C:\Program Files\DNA
2008-06-03 23:16 . 2008-06-03 23:16 <REP> d-------- C:\Program Files\BitTorrent
2008-06-03 23:16 . 2008-06-30 23:11 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\DNA
2008-06-03 23:16 . 2008-06-28 20:14 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\BitTorrent
2008-06-03 22:17 . 2008-06-25 15:47 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\LimeWire
2008-06-03 21:49 . 2008-06-03 21:50 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2008-06-03 21:45 . 2008-06-04 00:59 <REP> d-------- C:\Documents and Settings\salima moulti\Contacts
2008-06-03 21:27 . 2008-06-03 21:27 <REP> d-------- C:\Program Files\Sun
2008-06-03 21:27 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-06-03 21:25 . 2008-06-03 21:27 <REP> d-------- C:\Program Files\Java

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-30 19:36 --------- d-----w C:\Program Files\Hijackthis Version Française
2008-06-27 11:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-06-24 17:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-02 15:50 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-06-02 15:47 --------- d-----w C:\Program Files\epson
2008-06-02 12:40 --------- d-----w C:\Program Files\MSBuild
2008-06-02 12:40 --------- d-----w C:\Program Files\Microsoft Works
2008-06-02 12:23 --------- d-----w C:\Program Files\Synaptics
2008-06-02 12:22 --------- d-----w C:\Program Files\Intel
2008-06-02 12:21 --------- d-----w C:\Program Files\AvRack
2008-06-02 12:21 --------- d-----w C:\Program Files\Avance Sound Manager
2008-06-02 12:13 --------- d-----w C:\Program Files\microsoft frontpage
2008-06-02 12:08 --------- d-----w C:\Program Files\Services en ligne
2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{018B27FF-E05F-4CB5-8763-540CB3FD457A}]
2008-06-28 20:22 26112 --a------ C:\WINDOWS\system32\geBrpppm.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{03911DE4-E10B-4917-9894-EF1038CD104A}]
C:\WINDOWS\system32\rqRJDtSj.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5CA34395-BD83-4DC2-B2E8-1A7BE446E369}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ea5cc69a-d6cc-4ec3-aa8a-c7527dcfa101}]
2008-06-30 21:28 103424 --a------ C:\WINDOWS\system32\jqmpyh.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:54 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-06-08 18:22 68856]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-06-03 23:16 289088]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"1c1f6341"="C:\WINDOWS\system32\tfldhwpj.dll" [ ]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]
"BM1f2c50dd"="C:\WINDOWS\system32\rpgimabv.dll" [2008-06-30 21:26 91136]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{018B27FF-E05F-4CB5-8763-540CB3FD457A}"= C:\WINDOWS\system32\geBrpppm.dll [2008-06-28 20:22 26112]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\geBrpppm]
geBrpppm.dll 2008-06-28 20:22 26112 C:\WINDOWS\system32\geBrpppm.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
--a------ 2001-09-04 03:24 28672 C:\WINDOWS\system32\Ati2mdxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtiPTA]
--a------ 2002-03-12 04:30 286720 C:\WINDOWS\system32\atiptaxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2004-08-04 01:54 15360 C:\WINDOWS\system32\CTFMON.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX5000 Series]
--a------ 2006-02-14 06:00 131072 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ItsTV]
C:\Program Files\ItsLabel\ItsMedia\ItsTV.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyHunter]
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2008-01-15 20:48 569344 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WLSetupSvc"=3 (0x3)
"usnjsvc"=3 (0x3)
"ServiceLayer"=3 (0x3)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"gusvc"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"aspnet_state"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

S3 pctvvbi;PCTVVBI;C:\WINDOWS\system32\DRIVERS\pctvvbi.sys [2002-11-11 19:52]
S3 rtl8180;%RTL8180.Service.DispName%;C:\WINDOWS\system32\DRIVERS\MA521nd5.SYS [2003-04-16 13:53]
S3 SjyPkt;SjyPkt;C:\WINDOWS\System32\Drivers\SjyPkt.sys [2002-10-02 08:57]
S3 V0260VID;Live! Cam Vista IM;C:\WINDOWS\system32\DRIVERS\V0260Vid.sys [2006-11-04 06:45]

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-06-30 20:46:04 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"

salma

Je vous prie aidez moi, j'attends tjrs votre réponse. je suis vraiment en galère§§§

salma

salut, stp aide moi ..ca fait 2 jours que je suis sur ce forum alors j'ai entendu des vertes et des pas mures mais rien à faire j'ai pas réussi à désinfecter mon pc. ALORS J'ai remis un nouveau rapport hijackthis et j'ai bien lancé combofix mais il n'a pas vraiment résulu le pb. j'attends ta réponse stppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp please!

Réponse 2 / 20

Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537

Bonjour,

pour avancer ep44,

remets un rapport Hijackthis.

salma

Bon ben voila je remets un rapport hijackthis ici , j'espere avoir un réponse.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:43, on 2008-07-01
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [1c1f6341] rundll32.exe "C:\WINDOWS\system32\icfjbsiv.dll",b
O4 - HKLM\..\Run: [BM1f2c50dd] Rundll32.exe "C:\WINDOWS\system32\tflvnbso.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Global Startup: MA521 Configuration Utility.lnk = C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

Réponse 3 / 20

Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537

Re,

tu as un rapport de Malwarebytes' Anti-Malware ?

Si oui, poste le.

____________

As tu essayé de redémarrer en mode normal ?

Si non fais le. Si impossible, reste en mode sans échec avec prise en charge réseau.

___________

Dans les 2 cas :

Télécharge DSS (Deckard's System Scanner de Deckard) sur ton Bureau à partir de ce lien :

http://www.techsupportforum.com/sectools/Deckard/dss.exe

Choisis "enregistrer" et "Bureau" comme emplacement.

Ferme toutes les applications en cours (très important, sinon l'ordi peut planter).

Double-clique sur dss.exe pour lancer l'outil.

S'il ne trouve pas HijackThis, clique sur Oui.

Clique sur OK à chaque fois que cela sera demandé.

L'analyse finie, un fichier texte s'affichera. Poste son contenu dans ta réponse.

Le rapport se trouve ici : C:\Deckard\System Scanner\main.txt.

Réponse 4 / 20

Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537

Re,

fais redémarrer l'ordi pour finir le travail de MBAM.

salma

voila le rapport que tu m'as demandé... JE FAIS KOI MAINTENANT STP

Deckard's System Scanner v20071014.68
Run by salima moulti on 2008-07-01 23:39:53
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
83: 2008-07-01 21:40:06 UTC - RP83 - Deckard's System Scanner Restore Point
82: 2008-07-01 19:34:39 UTC - RP82 - Kaspersky Internet Security 2009 a été supprimé.
81: 2008-07-01 15:00:31 UTC - RP81 - Kaspersky Internet Security 2009 est installé.
80: 2008-07-01 15:00:29 UTC - RP80 - Avira AntiVir Personal - 2008-06-29 14:25
79: 2008-07-01 15:00:28 UTC - RP79 - Supprimé McAfee VirusScan Enterprise

-- First Restore Point --
1: 2008-07-01 14:59:33 UTC - RP1 - Point de vérification système

Backed up registry hives.
Performed disk cleanup.

-- HijackThis (run as salima moulti.exe) ---------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:41, on 2008-07-01
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\salima moulti\Bureau\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\salima moulti.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
O2 - BHO: (no name) - {018B27FF-E05F-4CB5-8763-540CB3FD457A} - C:\WINDOWS\system32\geBrpppm.dll (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {03911DE4-E10B-4917-9894-EF1038CD104A} - (no file)
O2 - BHO: (no name) - {5CA34395-BD83-4DC2-B2E8-1A7BE446E369} - (no file)
O2 - BHO: (no name) - {613D81B7-CCE8-46D6-8B5B-4C296F365F61} - C:\WINDOWS\system32\cbXPhgFV.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9E1841CC-0FC7-4BB2-8821-9BBBFDBF50F9} - C:\WINDOWS\system32\ljJDSKEV.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {ea5cc69a-d6cc-4ec3-aa8a-c7527dcfa101} - (no file)
O2 - BHO: {2e151dbc-657a-c6db-d454-1cb16e3b614f} - {f416b3e6-1bc1-454d-bd6c-a756cbd151e2} - C:\WINDOWS\system32\jogtci.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BM1f2c50dd] Rundll32.exe "C:\WINDOWS\system32\tflvnbso.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Global Startup: MA521 Configuration Utility.lnk = C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O20 - Winlogon Notify: geBrpppm - geBrpppm.dll (file missing)
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 5 / 20

Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537

Re,

J'ai besoin de vérifier un fichier;

Rends toi sur ce site :

https://www.virustotal.com/gui/

Clique sur parcourir et cherche ce fichier : C:\WINDOWS\system32\tflvnbso.dll

Clique sur Send File.

Un rapport va s'élaborer ligne à ligne.

Attends la fin. Il doit comprendre la taille du fichier envoyé.

Sauvegarde le rapport avec le bloc-note.

Copie le dans ta réponse.

Si VirusTotal indique que le fichier a déjà été analysé, cliquer sur le bouton Reanalyse le fichier maintenant

salma

salut voila j'ai fait ce q tu m'as demandé et maintenant?

Fichier tflvnbso.dll reçu le 2008.07.02 19:48:58 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 2/33 (6.07%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: ___.
L'heure estimée de démarrage est entre ___ et ___ .
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Formaté
Impression des résultats Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.

Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.7.2.0 2008.07.02 -
AntiVir 7.8.0.64 2008.07.02 TR/Trash.Gen
Authentium 5.1.0.4 2008.07.02 -
Avast 4.8.1195.0 2008.07.01 -
AVG 7.5.0.516 2008.07.02 -
BitDefender 7.2 2008.07.02 -
CAT-QuickHeal 9.50 2008.07.02 -
ClamAV 0.93.1 2008.07.02 -
DrWeb 4.44.0.09170 2008.07.02 -
eSafe 7.0.17.0 2008.07.02 -
eTrust-Vet 31.6.5920 2008.07.02 -
Ewido 4.0 2008.07.02 -
F-Prot 4.4.4.56 2008.07.02 -
F-Secure 7.60.13501.0 2008.07.01 -
Fortinet 3.14.0.0 2008.07.02 -
GData 2.0.7306.1023 2008.07.02 -
Ikarus T3.1.1.26.0 2008.07.02 -
Kaspersky 7.0.0.125 2008.07.02 -
McAfee 5330 2008.07.02 -
Microsoft None 2008.07.02 -
NOD32v2 3236 2008.07.02 -
Norman 5.80.02 2008.07.02 -
Panda 9.0.0.4 2008.07.02 -
Prevx1 V2 2008.07.02 -
Rising 20.51.22.00 2008.07.02 -
Sophos 4.30.0 2008.07.02 -
Sunbelt 3.1.1509.1 2008.07.02 -
Symantec 10 2008.07.02 -
TheHacker 6.2.96.366 2008.07.02 -
TrendMicro 8.700.0.1004 2008.07.02 -
VBA32 3.12.6.8 2008.07.02 -
VirusBuster 4.5.11.0 2008.07.02 -
Webwasher-Gateway 6.6.2 2008.07.02 Trojan.Trash.Gen
Information additionnelle
File size: 90624 bytes
MD5...: 655b07cb5b2e1003ca2f16c5d3d123e7
SHA1..: 5945fcef96aec4b21a693cdc7ee1f703f93c3d8f
SHA256: 375d1634803eb6b19f99247a9070cf45196e560e89231657ebfebe1f465de832
SHA512: c786ff2bd0ac2b9d69002bf68f94d9e33aba2f100c8424f6a451f17910359a75
509394404847350db5464eb959b68a16631831790bf9d8537db609f2f2049721
PEiD..: -
PEInfo: -

Réponse 6 / 20

ep44 Messages postés 7432 Statut Contributeur 3

Bonsoir salma,

Lyonnais content de te voir ici ;-)

salma attend confirmation de lyonnais avant de suivre l'étape suivante

selectionne ceci

registry::

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{018B27FF-E05F-4CB5-8763-540CB3FD457A}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03911DE4-E10B-4917-9894-EF1038CD104A}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ea5cc69a-d6cc-4ec3-aa8a-c7527dcfa101}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"1c1f6341"=-
"BM1f2c50dd"=-

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"{018B27FF-E05F-4CB5-8763-540CB3FD457A}"=-

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\geBrpppm]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyHunter]

File::
C:\WINDOWS\system32\vovivqur.dll
C:\WINDOWS\system32\jqmpyh.dll
C:\WINDOWS\system32\mqdaxoix.dll
C:\WINDOWS\system32\irundlbe.dll
C:\WINDOWS\system32\blnete.dll
C:\WINDOWS\system32\errvqvte.dll
C:\WINDOWS\system32\bnhtxlqy.ini
C:\WINDOWS\BM1f2c50dd.xml
C:\WINDOWS\system32\ukiube.dll
C:\WINDOWS\system32\nyhwmida.dll
C:\WINDOWS\system32\geBrpppm.dll
C:\sqmdata06.sqm
C:\sqmnoopt06.sqm
C:\WINDOWS\system32\tmp.reg
C:\WINDOWS\system32\ieupdates.exe.tmp
C:\WINDOWS\camsad.ini
C:\sqmdata05.sqm
C:\sqmnoopt05.sqm

* Copie le texte sélectionné (CTRL+C).
* Ouvre le bloc-notes (programme>Accessoires >bloc-notes).
* Veille à ce que Retour à la ligne ne soit pas coché dans Format.
* Colle le texte copié dans ce bloc-notes (CTRL+V).
* Sauvegarde ce fichier sous le nom de CFScript.txt
* Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme ceci
http://img.photobucket.com/albums/v666/sUBs/CFScript.gif
* Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
* Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
* Une fois le scan achevé, un rapport va s'afficher : Poste son contenu.
* Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

ensuite refais un nouveau DSS stp
@+

Réponse 7 / 20

Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537

Bonsoir

merci pour le scan.

Supprime Combofix sur ton bureau, cette version est obsolète;

télécharge combofix (par sUBs) ici :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

et enregistre le sur le Bureau.

déconnecte toi d'internet et ferme toutes tes applications.

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)

Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

registry::

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{018B27FF-E05F-4CB5-8763-540CB3FD457A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03911DE4-E10B-4917-9894-EF1038CD104A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ea5cc69a-d6cc-4ec3-aa8a-c7527dcfa101}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"1c1f6341"=-
"BM1f2c50dd"=-
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"{018B27FF-E05F-4CB5-8763-540CB3FD457A}"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\geBrpppm]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyHunter]

File::
C:\WINDOWS\system32\vovivqur.dll
C:\WINDOWS\system32\jqmpyh.dll
C:\WINDOWS\system32\mqdaxoix.dll
C:\WINDOWS\system32\irundlbe.dll
C:\WINDOWS\system32\blnete.dll
C:\WINDOWS\system32\errvqvte.dll
C:\WINDOWS\system32\bnhtxlqy.ini
C:\WINDOWS\BM1f2c50dd.xml
C:\WINDOWS\system32\ukiube.dll
C:\WINDOWS\system32\nyhwmida.dll
C:\WINDOWS\system32\geBrpppm.dll
C:\sqmdata06.sqm
C:\sqmnoopt06.sqm
C:\WINDOWS\system32\tmp.reg
C:\WINDOWS\system32\ieupdates.exe.tmp
C:\WINDOWS\camsad.ini
C:\sqmdata05.sqm
C:\sqmnoopt05.sqm

Enregistre ce fichier sous le nom CFscript

Fait un glisser/déposer de ce fichier CFscript sur le fichier ComboFix.exe

Clique sur le fichier CFscript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFscrïpt vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

à la fin, il va produire un rapport C:\ComboFix.txt

réactive ton parefeu, ton antivirus, la garde de ton antispyware

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

Tu as un tutoriel complet ici :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

salma

TRés bien j'ai suivi à la lettre tes instructions, voici le rapport combofix.... et maintenant

ComboFix 08-07-01.5 - salima moulti 2008-07-02 20:23:45.4 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.389 [GMT 2:00]
Endroit: C:\Documents and Settings\salima moulti\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\salima moulti\Bureau\CFscript.txt
* Création d'un nouveau point de restauration
* Resident AV is active

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!/b/color

FILE ::
C:\sqmdata05.sqm
C:\sqmdata06.sqm
C:\sqmnoopt05.sqm
C:\sqmnoopt06.sqm
C:\WINDOWS\BM1f2c50dd.xml
C:\WINDOWS\camsad.ini
C:\WINDOWS\system32\blnete.dll
C:\WINDOWS\system32\bnhtxlqy.ini
C:\WINDOWS\system32\errvqvte.dll
C:\WINDOWS\system32\geBrpppm.dll
C:\WINDOWS\system32\ieupdates.exe.tmp
C:\WINDOWS\system32\irundlbe.dll
C:\WINDOWS\system32\jqmpyh.dll
C:\WINDOWS\system32\mqdaxoix.dll
C:\WINDOWS\system32\nyhwmida.dll
C:\WINDOWS\system32\tmp.reg
C:\WINDOWS\system32\ukiube.dll
C:\WINDOWS\system32\vovivqur.dll
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\sqmdata05.sqm
C:\sqmdata06.sqm
C:\sqmnoopt05.sqm
C:\sqmnoopt06.sqm
C:\WINDOWS\BM1f2c50dd.txt
C:\WINDOWS\BM1f2c50dd.xml
C:\WINDOWS\camsad.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\459849
C:\WINDOWS\system32\459849\459849.dll
C:\WINDOWS\system32\bnhtxlqy.ini
C:\WINDOWS\system32\ieupdates.exe.tmp
C:\WINDOWS\system32\jogtci.dll
C:\WINDOWS\system32\myryopcu.ini
C:\WINDOWS\system32\rxhuwpta.dll
C:\WINDOWS\system32\tflvnbso.dll
C:\WINDOWS\system32\tmp.reg
C:\WINDOWS\system32\visbjfci.ini
.
---- Previous Run -------
.
C:\WINDOWS\BM1f2c50dd.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\bnhtxlqy.ini
C:\WINDOWS\system32\cbXRIawT.dll
C:\WINDOWS\system32\jpwhdlft.ini
C:\WINDOWS\system32\jStDJRqr.ini
C:\WINDOWS\system32\jStDJRqr.ini2
C:\WINDOWS\system32\pWHhQqru.ini
C:\WINDOWS\system32\pWHhQqru.ini2
C:\WINDOWS\system32\TwaIRXbc.ini
C:\WINDOWS\system32\TwaIRXbc.ini2
C:\WINDOWS\system32\urqQhHWp.dll
C:\WINDOWS\system32\xioxadqm.ini

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CORE
-------\Legacy_LPTRDCSRV
-------\Legacy_tcpsr
-------\Legacy_TNIDRIVER
-------\Service_TnIDriver

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-02 to 2008-07-02 ))))))))))))))))))))))))))))))))))))
.

2008-07-02 17:35 . 2008-07-02 17:35 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\Application Data\Dealio
2008-07-02 17:25 . 2008-07-02 17:24 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys
2008-07-02 17:25 . 2008-07-02 17:24 298,104 --a------ C:\WINDOWS\system32\imon.dll
2008-07-02 17:25 . 2008-07-02 17:24 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
2008-07-02 17:23 . 2008-07-02 19:09 <REP> d-------- C:\Program Files\Eset
2008-07-02 16:45 . 2008-07-02 17:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2008-07-02 13:09 . 2008-07-02 13:09 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Dealio
2008-07-02 13:06 . 2008-07-02 13:07 <REP> d-------- C:\Program Files\Dealio
2008-07-02 13:02 . 2004-08-04 01:54 578,048 --a------ C:\WINDOWS\system32\oahvoz
2008-07-02 13:02 . 2008-07-02 13:02 27,136 --a------ C:\WINDOWS\system32\head-25-06.exe
2008-07-02 13:02 . 2008-07-02 13:02 2 --a------ C:\471819246
2008-07-02 13:01 . 2008-07-02 13:01 402,010 --a------ C:\Documents and Settings\salima moulti\g49.exe
2008-07-02 13:01 . 2008-07-02 20:32 65,970 --a------ C:\WINDOWS\system32\drivers\a755ad61.sys
2008-07-01 23:39 . 2008-07-01 23:39 <REP> d-------- C:\Deckard
2008-07-01 22:03 . 2008-07-01 22:03 <REP> d-------- C:\Program Files\Alwil Software
2008-07-01 15:46 . 2008-07-01 15:46 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-01 15:46 . 2008-06-28 14:16 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-07-01 15:46 . 2008-06-28 14:16 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-30 10:56 . 2008-06-30 10:56 95 --a------ C:\WINDOWS\wininit.ini
2008-06-30 02:35 . 2008-06-30 10:56 <REP> d-------- C:\Program Files\a-squared Free
2008-06-30 01:31 . 2008-06-30 01:31 <REP> d-------- C:\Program Files\Lavasoft
2008-06-30 01:31 . 2008-06-30 22:08 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Lavasoft
2008-06-28 20:48 . 2008-06-29 14:09 <REP> d-------- C:\QUARANTINE
2008-06-28 20:27 . 2008-06-28 20:27 <REP> d-------- C:\Program Files\Fichiers communs\Cisco Systems
2008-06-28 20:27 . 2006-12-19 15:06 1,495,552 --a------ C:\WINDOWS\system32\epoPGPsdk.dll
2008-06-26 20:49 . 2001-08-23 17:04 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-06-26 20:49 . 2001-08-23 17:04 12,288 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2008-06-26 20:48 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-06-26 20:48 . 2001-08-17 22:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-06-25 00:32 . 2008-06-25 00:32 82,928 --a------ C:\IMG_1258.JPG
2008-06-24 19:28 . 2002-11-11 19:52 6,400 --a------ C:\WINDOWS\system32\drivers\pctvvbi.sys
2008-06-24 19:27 . 2001-05-11 12:18 420,240 --a------ C:\WINDOWS\system32\mpg4c32.dll
2008-06-24 19:25 . 2008-06-24 19:25 <REP> d-------- C:\Pinnacle
2008-06-24 19:08 . 2008-06-24 19:10 455 --a------ C:\WINDOWS\VFO.VST
2008-06-24 19:08 . 2008-06-24 19:08 51 --a------ C:\WINDOWS\system32\blue.SITENAME
2008-06-24 19:07 . 2004-08-04 01:54 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-06-24 18:52 . 2004-07-02 16:28 84,992 --a------ C:\WINDOWS\system32\ATL70.DLL
2008-06-24 18:52 . 2008-06-24 19:44 1,196 --a------ C:\WINDOWS\VFO.INI
2008-06-24 18:51 . 2005-02-09 11:59 14,165 --a------ C:\WINDOWS\system32\drivers\Pclepci.sys
2008-06-24 18:46 . 2008-06-24 19:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
2008-06-24 18:44 . 2008-06-24 19:43 <REP> d-------- C:\Program Files\Pinnacle
2008-06-24 18:44 . 2008-06-24 19:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle
2008-06-24 16:40 . 2008-06-24 16:40 <REP> d-------- C:\Program Files\NVIDIA Corporation
2008-06-24 16:40 . 2008-06-24 16:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2008-06-24 16:40 . 2004-10-11 11:28 671,744 --a------ C:\WINDOWS\system32\DolbyHph.dll
2008-06-24 16:40 . 2004-11-12 16:01 60,416 --a------ C:\WINDOWS\system32\DSETUP.dll
2008-06-24 16:40 . 2004-12-13 09:44 14,848 --a------ C:\WINDOWS\system32\drivers\nvndis.sys
2008-06-24 16:40 . 2004-10-11 11:28 9,856 --a------ C:\WINDOWS\system32\drivers\pfc.sys
2008-06-15 11:25 . 2008-06-15 11:25 <REP> d-------- C:\Program Files\VintaSoft
2008-06-15 11:10 . 2008-06-15 11:12 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-06-15 10:59 . 2008-03-01 14:58 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-06-15 10:59 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-06-15 10:59 . 2007-03-08 07:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-06-15 10:59 . 2008-03-01 14:58 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-06-15 10:59 . 2008-03-01 14:58 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-06-15 10:59 . 2008-03-01 14:58 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-06-15 10:59 . 2008-03-01 14:58 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-06-15 10:59 . 2008-03-01 14:58 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-06-15 10:59 . 2008-02-22 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-06-13 11:54 . 2008-06-13 11:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-06-13 11:48 . 2008-06-13 11:48 <REP> d-------- C:\Program Files\Yahoo!
2008-06-13 11:48 . 2008-06-13 11:48 <REP> d-------- C:\Program Files\CCleaner
2008-06-12 22:21 . 2008-06-12 22:21 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-06-12 21:27 . 2008-06-12 21:27 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Malwarebytes
2008-06-12 21:27 . 2008-06-12 21:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-11 20:25 . 2008-06-11 20:25 <REP> d-------- C:\WINDOWS\Sun
2008-06-11 16:21 . 2008-07-01 14:27 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2008-06-11 15:55 . 2008-06-11 15:55 <REP> d---s---- C:\Documents and Settings\Administrateur\UserData
2008-06-11 15:32 . 2008-07-01 00:45 <REP> d-------- C:\Program Files\Trend Micro
2008-06-11 14:13 . 2008-07-01 17:02 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-06-11 14:13 . 2008-07-01 17:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-11 13:59 . 2008-06-30 22:01 <REP> d-------- C:\Program Files\RogueRemover FREE
2008-06-11 13:04 . 2008-06-11 15:23 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-06-11 12:59 . 2004-08-03 23:00 28,672 --a------ C:\WINDOWS\system32\drivers\nscirda.sys
2008-06-11 12:59 . 2004-08-03 23:00 28,672 --a--c--- C:\WINDOWS\system32\dllcache\nscirda.sys
2008-06-11 12:38 . 2008-06-11 12:38 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-06-11 12:38 . 2008-06-11 12:38 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-06-11 12:38 . 2008-07-02 16:44 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-06-11 12:22 . 2008-06-11 12:38 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-06-11 12:22 . 2008-07-02 16:42 <REP> d-------- C:\Documents and Settings\Administrateur
2008-06-11 12:16 . 2008-06-11 18:56 <REP> d-------- C:\Program Files\LabelCommand
2008-06-11 01:04 . 2008-06-11 01:04 <REP> d-------- C:\Documents and Settings\LocalService\Mes documents
2008-06-10 19:31 . 2008-06-10 19:31 <REP> d-------- C:\MenuGEO
2008-06-10 19:24 . 2008-06-10 19:28 <REP> d-------- C:\Program Files\@Last Software
2008-06-10 19:18 . 2008-06-10 19:18 <REP> d-------- C:\WINDOWS\system32\URTTEMP
2008-06-09 10:12 . 2008-06-09 10:12 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\ItsLabel
2008-06-09 10:12 . 2008-06-09 10:12 22 --a------ C:\WINDOWS\system32\ati64hl2.stb
2008-06-08 20:58 . 2008-06-09 22:11 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\DivX
2008-06-08 20:55 . 2008-06-24 19:44 <REP> d-------- C:\Program Files\DivX
2008-06-08 20:54 . 2008-06-08 20:54 <REP> d-------- C:\Program Files\EoRezo
2008-06-08 20:54 . 2008-06-11 17:50 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\EoRezo
2008-06-08 18:27 . 2008-06-08 18:27 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Talkback
2008-06-08 18:27 . 2008-06-08 18:27 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-08 18:22 . 2008-06-10 21:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-06-06 01:03 . 2008-06-17 22:43 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\dvdcss
2008-06-04 21:26 . 2008-06-04 21:26 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Nokia Multimedia Player
2008-06-04 21:06 . 2008-06-04 21:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-06-04 21:03 . 2008-06-04 21:03 <REP> d-------- C:\Program Files\DIFX
2008-06-04 21:03 . 2008-06-04 21:26 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Nokia
2008-06-04 21:02 . 2008-06-04 21:02 <REP> d-------- C:\Program Files\PC Connectivity Solution
2008-06-04 21:02 . 2008-06-04 21:02 <REP> d-------- C:\Program Files\Nokia
2008-06-04 21:02 . 2008-06-04 21:02 <REP> d-------- C:\Program Files\Fichiers communs\PCSuite
2008-06-04 21:02 . 2008-06-04 21:02 <REP> d-------- C:\Program Files\Fichiers communs\Nokia
2008-06-04 21:02 . 2008-06-04 21:08 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\PC Suite
2008-06-04 21:02 . 2007-02-22 10:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-06-04 21:02 . 2007-02-22 10:15 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-06-04 21:02 . 2007-02-22 10:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-06-04 21:02 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-06-04 21:02 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-06-04 21:02 . 2007-02-22 10:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-06-04 21:01 . 2008-06-04 21:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Installations
2008-06-04 16:19 . 2008-06-04 16:19 <REP> d-------- C:\Live!Cam
2008-06-04 14:08 . 2008-06-04 14:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-03 23:16 . 2008-06-03 23:16 <REP> d-------- C:\Program Files\DNA
2008-06-03 23:16 . 2008-06-03 23:16 <REP> d-------- C:\Program Files\BitTorrent
2008-06-03 23:16 . 2008-07-02 12:58 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\DNA
2008-06-03 23:16 . 2008-07-02 12:13 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\BitTorrent
2008-06-03 22:17 . 2008-06-25 15:47 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\LimeWire
2008-06-03 21:49 . 2008-06-03 21:50 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2008-06-03 21:45 . 2008-06-04 00:59 <REP> d-------- C:\Documents and Settings\salima moulti\Contacts
2008-06-03 21:27 . 2008-06-03 21:27 <REP> d-------- C:\Program Files\Sun
2008-06-03 21:27 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-06-03 21:25 . 2008-06-03 21:27 <REP> d-------- C:\Program Files\Java
2008-06-03 21:21 . 2008-06-03 21:21 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-06-03 21:13 . 2008-06-06 17:58 <REP> d-------- C:\Program Files\LimeWire

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-01 12:27 --------- d-----w C:\Program Files\Hijackthis Version Française
2008-06-27 11:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-06-24 17:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-02 15:50 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-06-02 15:47 --------- d-----w C:\Program Files\epson
2008-06-02 12:40 --------- d-----w C:\Program Files\MSBuild
2008-06-02 12:40 --------- d-----w C:\Program Files\Microsoft Works
2008-06-02 12:23 --------- d-----w C:\Program Files\Synaptics
2008-06-02 12:22 --------- d-----w C:\Program Files\Intel
2008-06-02 12:21 --------- d-----w C:\Program Files\AvRack
2008-06-02 12:21 --------- d-----w C:\Program Files\Avance Sound Manager
2008-06-02 12:13 --------- d-----w C:\Program Files\microsoft frontpage
2008-06-02 12:08 --------- d-----w C:\Program Files\Services en ligne
.

((((((((((((((((((((((((((((( snapshot@2008-06-30_23.19.05.59 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-30 21:12:41 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-07-02 18:29:59 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-07-02 11:09:08 65,536 ----a-r C:\WINDOWS\Installer\{F38E1EF1-BBD6-4743-AF84-021E26B0481C}\ARPPRODUCTICON.exe
- 2008-06-02 12:18:29 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-07-02 16:08:57 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-07-02 15:37:01 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT
- 2008-06-02 12:18:29 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2008-07-02 16:08:57 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2008-07-02 15:36:59 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008070220080703\index.dat
+ 2008-07-02 15:36:26 78,924 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat
- 2008-06-02 12:18:29 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-07-02 16:08:57 49,152 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-07-02 10:13:00 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\NtUser.dat
+ 2008-03-25 03:21:18 2,889,088 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
+ 2008-03-25 03:21:20 218,496 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-07-01 23:10:18 70,264 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:54 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-06-08 18:22 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"au"="C:\Program Files\Dealio\DealioAU.exe" [2007-10-09 12:47 492896]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-07-02 17:24 949376]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ins40.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2004-08-04 01:54 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX5000 Series]
--a------ 2006-02-14 06:00 131072 C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIBVE.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2008-01-15 20:48 569344 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
--a------ 2001-09-04 03:24 28672 C:\WINDOWS\system32\Ati2mdxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtiPTA]
--a------ 2002-03-12 04:30 286720 C:\WINDOWS\system32\atiptaxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WLSetupSvc"=3 (0x3)
"usnjsvc"=3 (0x3)
"ServiceLayer"=3 (0x3)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"gusvc"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"aspnet_state"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R3 V0260VID;Live! Cam Vista IM;C:\WINDOWS\system32\DRIVERS\V0260Vid.sys [2006-11-04 06:45]
S0 ins40;ins40;C:\WINDOWS\system32\Drivers\Ins40.sys []
S3 pctvvbi;PCTVVBI;C:\WINDOWS\system32\DRIVERS\pctvvbi.sys [2002-11-11 19:52]
S3 rtl8180;%RTL8180.Service.DispName%;C:\WINDOWS\system32\DRIVERS\MA521nd5.SYS [2003-04-16 13:53]

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-07-02 17:46:01 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"

salma

Je ne veux pas prendre tout ton temps, stp peux tu juste me dire ce que je dois faire maintenant,, ca fait 4 jours q j'attends pleaaaaaaaaaaaaaaaase.

Réponse 8 / 20

Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537

Re,

1) Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.

2) Télécharge Malwarebytes' Anti-Malware (MBAM) et enregistre le sur ton Bureau à partir de ce lien :

https://www.malwarebytes.com/

3) A la fin du téléchargement, ferme toutes les fenêtres et programmes, y compris celui-ci.

4) Double-clique sur l'icône Download_mbam-setup.exe sur ton bureau pour démarrer le programme d'installation.

5) Pendant l'installation, suis les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet). N'apporte aucune modification aux réglages par défaut et, en fin d'installation, vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware sont cochées.

6) MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse. Comme MBAM se met automatiquement à jour en fin d'installation, clique sur OK pour fermer la boîte de dialogue. La fenêtre principale de MBAM s'affiche :

7) Dans l'onglet analyse, vérifie que "Exécuter un examen complet" est coché et clique sur le bouton Rechercher pour démarrer l'analyse.

8) MBAM analyse ton ordinateur. L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.

9) A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.

10) Si des malwares ont été détectés, leur liste s'affiche.
En cliquant sur Suppression (?) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

11) MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)

12) Ferme MBAM en cliquant sur Quitter.

13) Poste le rapport dans ta réponse

salma

mais j'ai déja fait une analyse avec malwarebytes et à plusieurs reprises
voici le rapport

Malwarebytes' Anti-Malware 1.19
Version de la base de données: 910
Windows 5.1.2600 Service Pack 2

19:09:42 2008-07-02
mbam-log-7-2-2008 (19-09-42).txt

Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 101809
Temps écoulé: 1 hour(s), 34 minute(s), 37 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 7

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tcpsr (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\system32\cbXPhgFV.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\VFghPXbc.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B9FF4CE4-B8B0-467B-83F2-CCB4C95EAD84}\RP86\A0066723.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\{13d7ca20-1892-3a69-82c3-219266f6fa84}.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iifcccd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\core.cache.dsk (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\core.sys (Rootkit.Agent) -> Quarantined and deleted successfully.

Réponse 9 / 20

Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537

Re,

mais j'ai déja fait une analyse avec malwarebytes et à plusieurs reprises

peut être, maisil y avait encore des choses !

Fais redémarrer l'ordi et remets un nouveau rapport DSS.

salma

d'accord, je le fais tout de suite. et je recolle un rapport...merciiiiii

salma

re
voila mon nouvel rapport hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:04, on 2008-07-02
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: DealioBHO Class - {6a87b991-a31f-4130-ae72-6d0c294bf082} - C:\Program Files\Dealio\kb124\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9E1841CC-0FC7-4BB2-8821-9BBBFDBF50F9} - C:\WINDOWS\system32\ljJDSKEV.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb124\Dealio.dll
O4 - HKLM\..\Run: [{F6-63-3E-EE-ZN}] c:\windows\system32\dwdsregt.exe OLI001
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent DNA] -"C:\Program Files\DNA\btdna.exe"
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: Deewoo.lnk = C:\WINDOWS\system32\mwinrtdm.exe
O4 - Startup: TA_Start.lnk = C:\Documents and Settings\salima moulti\Local Settings\temp\DealioKit1-stub-0.exe
O4 - Global Startup: MA521 Configuration Utility.lnk = C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: compare prices with &dealio - C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {e908b145-c847-4e85-b315-07e2e70decf8} - C:\Program Files\Dealio\kb124\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {e908b145-c847-4e85-b315-07e2e70decf8} - C:\Program Files\Dealio\kb124\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: NOD32 Kernel Service (nod32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

salma

re c'est bon je me suis trompée voici le bon rapport DSS:
Deckard's System Scanner v20071014.68
Run by salima moulti on 2008-07-02 22:22:19
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- HijackThis (run as salima moulti.exe) ---------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:22, on 2008-07-02
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\salima moulti\Bureau\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\SALIMA~1.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: DealioBHO Class - {6a87b991-a31f-4130-ae72-6d0c294bf082} - C:\Program Files\Dealio\kb124\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb124\Dealio.dll
O4 - HKLM\..\Run: [{F6-63-3E-EE-ZN}] c:\windows\system32\dwdsregt.exe OLI001
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent DNA] -"C:\Program Files\DNA\btdna.exe"
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: Deewoo.lnk = C:\WINDOWS\system32\mwinrtdm.exe
O4 - Startup: TA_Start.lnk = C:\Documents and Settings\salima moulti\Local Settings\temp\DealioKit1-stub-0.exe
O4 - Global Startup: MA521 Configuration Utility.lnk = C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: compare prices with &dealio - C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {e908b145-c847-4e85-b315-07e2e70decf8} - C:\Program Files\Dealio\kb124\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {e908b145-c847-4e85-b315-07e2e70decf8} - C:\Program Files\Dealio\kb124\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: NOD32 Kernel Service (nod32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

selma

salut lyonnais excuse moi si j'ai pas répondu plutot, je n'avais plus de connexion internet, mais j'espere q tu ne m'as pas oublié. voici le rapport hijackthis et un nouveau combofix

ComboFix 08-07-01.5 - salima moulti 2008-07-05 11:05:40.5 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.499 [GMT 2:00]
Endroit: C:\Documents and Settings\salima moulti\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\salima moulti\Bureau\CFscript.txt
* Création d'un nouveau point de restauration
* Resident AV is active

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

FILE ::
C:\WINDOWS\PSEXESVC.EXE
C:\WINDOWS\system32\perfc00C.dat
C:\WINDOWS\system32\perfh00C.dat
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\salima moulti\Application Data\Dealio
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\as_sidebar.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\blank.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\deal_report.jpg
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\DealioSearch.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\deals-endcap.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\deals-leftcap.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\ebay_login.jpg
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\endcap22-bg.png
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\endcap22-left.png
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\endcap22-right-arrow.png
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\endcap22-right.png
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\err_mainwindow.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\err_sidebar.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\err_toolbar.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\ErrorPageTemplate.css
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\global_scripts.js
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\headerbgthin.jpg
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\help.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\logo.png
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\logo_over.png
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\man_toolbar.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\man_toolbar.js
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\pill_bg.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\post-this-deal.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\post-this-deal_over.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\scripts.js
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\scroller.js
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\search-chevron.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\search_bg_blink.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\separator.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\settings.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\settings_over.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\sidebar.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\steals_bg.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\tab_icon.png
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\tabdata.js
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\tablib.js
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\tabwelcome_en.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\toolbar_background.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\yahoo_search.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\index.1.80.39
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.10.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.109.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.110.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.12.52
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.13.58
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.130.58
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.135.50
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.153.44
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.155.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.156.49
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.16.60
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.161.52
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.178.66
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.184.55
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.188.52
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.189.45
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.196.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.198.56
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.199.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.200.53
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.201.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.202.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.203.71
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.205.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.213.71
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.214.49
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.215.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.216.67
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.217.67
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.218.52
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.219.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.220.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.221.57
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.222.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.223.68
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.226.68
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.227.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.228.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.229.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.23.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.239.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.24.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.240.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.241.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.242.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.243.77
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.244.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.245.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.247.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.248.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.249.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.250.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.251.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.252.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.253.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.254.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.255.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.256.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.257.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.279.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.28.58
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.282.75
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.283.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.284.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.289.67
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.290.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.291.61
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.296.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.297.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.304.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.307.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.308.75
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.31.47
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.310.46
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.311.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.315.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.316.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.317.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.318.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.319.49
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.32.48
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.334.44
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.335.60
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.336.44
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.337.44
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.338.75
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.339.47
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.34.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.340.47
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.341.47
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.349.50
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.35.48
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.350.50
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.351.51
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.352.77
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.353.51
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.354.51
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.357.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.358.52
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.359.52
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.360.53
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.361.54
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.362.68
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.363.58
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.364.54
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.365.53
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.367.56
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.368.58
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.369.55
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.370.80
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.371.56
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.372.57
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.373.55
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.375.56
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.376.57
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.377.55
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.378.65
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.384.58
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.386.71
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.387.59
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.388.59
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.389.59
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.390.60
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.391.78
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.392.60
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.393.60
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.394.60
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.396.61
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.397.61
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.398.60
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.399.60
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.403.61
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.404.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.405.61
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.406.61
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.407.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.408.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.409.61
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.412.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.413.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.414.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.415.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.416.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.417.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.418.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.419.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.420.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.421.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.423.77
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.424.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.425.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.426.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.427.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.428.65
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.429.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.430.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.432.65
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.433.64
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.434.65
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.435.64
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.436.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.437.64
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.438.71
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.439.71
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.440.75
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.442.73
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.443.73
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.444.73
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.445.68
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.446.69
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.450.67
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.451.67
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.452.68
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.453.68
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.454.69
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.456.69
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.457.75
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.458.70
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.459.70
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.460.69
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.462.74
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.463.69
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.464.70
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.465.68
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.468.70
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.469.70
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.470.70
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.471.73
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.472.70
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.478.74
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.479.73
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.480.68
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.481.71
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.482.74
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.49.67
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.50.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.500.71
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.501.74
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.502.71
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.51.69
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.52.72
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.520.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.521.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.522.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.53.51
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.531.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.532.75
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.533.77
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.534.75
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.54.47
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.55.45
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.56.69
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.57.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.58.47
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.591.79
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.592.79
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.593.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.594.77
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.595.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.608.78
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.610.80
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.611.79
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.614.79
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.617.79
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.624.80
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.63.57
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.640.80
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.641.80
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.66.47
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.70.75
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.71.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\temp\_toolbar_tmp_1372_2420_3.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\temp\dealio-14062.log
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\temp\dod_cache.xml
C:\Documents and Settings\salima moulti\Application Data\EoRezo
C:\Documents and Settings\salima moulti\Application Data\EoRezo\cmhost.cyp
C:\Documents and Settings\salima moulti\Application Data\EoRezo\ConfMedia.cyp
C:\Documents and Settings\salima moulti\Application Data\EoRezo\db\cat.cyp
C:\Documents and Settings\salima moulti\Application Data\EoRezo\eoDesktop\config.xml
C:\Documents and Settings\salima moulti\Application Data\EoRezo\eoDesktop\eoDesktop.html
C:\Documents and Settings\salima moulti\Application Data\EoRezo\eoDesktop\userConfig.xml
C:\Documents and Settings\salima moulti\Application Data\EoRezo\host.cyp
C:\Documents and Settings\salima moulti\Application Data\EoRezo\user.cyp
C:\Program Files\EoRezo
C:\Program Files\EoRezo\ConfMedia.cyp
C:\Program Files\EoRezo\EoAdv\EoAdv.dll
C:\Program Files\EoRezo\EoAdv\eoAdv.url
C:\Program Files\EoRezo\EoAdv\tmp\eoRezoBho.dll.2139
C:\Program Files\EoRezo\EoEngine.exe
C:\Program Files\EoRezo\eoEngine.url
C:\Program Files\EoRezo\EoMultiLanguage.dll
C:\Program Files\EoRezo\EoRezoComm.dll
C:\Program Files\EoRezo\EoRezoImg_15.dll
C:\Program Files\EoRezo\EoRezoImg_16.dll
C:\Program Files\EoRezo\EoRezoImg_17.dll
C:\Program Files\EoRezo\EoRezoImg_18.dll
C:\Program Files\EoRezo\EoRezoImg_19.dll
C:\Program Files\EoRezo\EoRezoImg_20.dll
C:\Program Files\EoRezo\EoRezoImg_21.dll
C:\Program Files\EoRezo\EoRezoImg_22.dll
C:\Program Files\EoRezo\EoRezoImg_23.dll
C:\Program Files\EoRezo\EoRezoImg_24.dll
C:\Program Files\EoRezo\EoRezoTools_15.dll
C:\Program Files\EoRezo\EoRezoTools_16.dll
C:\Program Files\EoRezo\EoRezoTools_17.dll
C:\Program Files\EoRezo\EoRezoTools_18.dll
C:\Program Files\EoRezo\EoRezoTools_19.dll
C:\Program Files\EoRezo\EoRezoTools_20.dll
C:\Program Files\EoRezo\EoRezoTools_21.dll
C:\Program Files\EoRezo\EoRezoTools_22.dll
C:\Program Files\EoRezo\EoRezoTools_23.dll
C:\Program Files\EoRezo\EoRezoTools_24.dll
C:\Program Files\EoRezo\EoRezoTools_25.dll
C:\Program Files\EoRezo\FreeImage.dll
C:\Program Files\EoRezo\Host.cyp
C:\Program Files\EoRezo\icon_eo.st.ico
C:\Program Files\EoRezo\lang\ihm_eoclock.xml
C:\Program Files\EoRezo\lang\ihm_eoengine.xml
C:\Program Files\EoRezo\lang\ihm_eonet.xml
C:\Program Files\EoRezo\lang\ihm_eorezotools.xml
C:\Program Files\EoRezo\lang\ihm_eosudoku.xml
C:\Program Files\EoRezo\lang\ihm_eoweather.xml
C:\Program Files\EoRezo\lang\lang_en.xml
C:\Program Files\EoRezo\lang\lang_es.xml
C:\Program Files\EoRezo\lang\lang_fr.xml
C:\Program Files\EoRezo\lang\lang_it.xml
C:\Program Files\EoRezo\MngInstaller.dll
C:\Program Files\EoRezo\unins000.dat
C:\Program Files\EoRezo\unins000.exe
C:\Program Files\EoRezo\user.cyp
C:\QUARANTINE
C:\WINDOWS\PSEXESVC.EXE
C:\WINDOWS\system32\perfc00C.dat
C:\WINDOWS\system32\perfh00C.dat
.
---- Previous Run -------
.
C:\sqmdata05.sqm
C:\sqmdata06.sqm
C:\sqmnoopt05.sqm
C:\sqmnoopt06.sqm
C:\WINDOWS\BM1f2c50dd.txt
C:\WINDOWS\BM1f2c50dd.xml
C:\WINDOWS\camsad.ini
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\459849
C:\WINDOWS\system32\459849\459849.dll
C:\WINDOWS\system32\bnhtxlqy.ini
C:\WINDOWS\system32\cbXRIawT.dll
C:\WINDOWS\system32\ieupdates.exe.tmp
C:\WINDOWS\system32\jogtci.dll
C:\WINDOWS\system32\jpwhdlft.ini
C:\WINDOWS\system32\jStDJRqr.ini
C:\WINDOWS\system32\jStDJRqr.ini2
C:\WINDOWS\system32\myryopcu.ini
C:\WINDOWS\system32\pWHhQqru.ini
C:\WINDOWS\system32\pWHhQqru.ini2
C:\WINDOWS\system32\rxhuwpta.dll
C:\WINDOWS\system32\tflvnbso.dll
C:\WINDOWS\system32\tmp.reg
C:\WINDOWS\system32\TwaIRXbc.ini
C:\WINDOWS\system32\TwaIRXbc.ini2
C:\WINDOWS\system32\urqQhHWp.dll
C:\WINDOWS\system32\visbjfci.ini
C:\WINDOWS\system32\xioxadqm.ini

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CORE
-------\Legacy_LPTRDCSRV
-------\Legacy_tcpsr
-------\Legacy_TNIDRIVER
-------\Service_TnIDriver
-------\Service_npf

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-05 to 2008-07-05 ))))))))))))))))))))))))))))))))))))
.

2008-07-04 15:02 . 2004-03-02 17:37 125,184 --------- C:\WINDOWS\system32\drivers\imagesrv.sys
2008-07-04 15:02 . 2004-03-02 17:37 5,504 --------- C:\WINDOWS\system32\drivers\imagedrv.sys
2008-07-04 15:00 . 2004-07-26 17:16 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll
2008-07-04 15:00 . 2004-07-26 17:16 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll
2008-07-04 15:00 . 2004-07-26 17:16 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll
2008-07-04 15:00 . 2004-07-26 17:16 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll
2008-07-04 15:00 . 2001-07-09 11:50 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2008-07-04 15:00 . 2000-06-26 11:45 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2008-07-04 14:59 . 2008-07-04 14:59 <REP> d-------- C:\Program Files\Fichiers communs\Ahead
2008-07-04 14:59 . 2008-07-04 15:00 <REP> d-------- C:\Program Files\Ahead
2008-07-04 13:26 . 2008-07-04 13:31 <REP> d-------- C:\Program Files\AutoCAD LT 2008
2008-07-04 13:25 . 2008-07-04 13:31 <REP> d-------- C:\Program Files\Fichiers communs\Autodesk Shared
2008-07-04 13:21 . 2008-07-04 13:25 <REP> d-------- C:\Program Files\Autodesk
2008-07-04 12:29 . 2008-07-04 12:29 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Autodesk
2008-07-04 12:29 . 2008-07-04 13:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Autodesk
2008-07-03 01:45 . 2008-07-05 11:22 1,185,824 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-07-03 01:45 . 2008-07-05 11:13 18,056 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-07-03 01:40 . 2008-07-03 01:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-07-03 01:40 . 2008-04-02 21:08 54,672 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
2008-07-03 01:40 . 2008-04-02 21:08 42,384 --a------ C:\WINDOWS\zllsputility_loc040c.dll
2008-07-03 01:40 . 2008-04-02 21:08 21,904 --a------ C:\WINDOWS\system32\imsinstall_loc040c.dll
2008-07-03 01:40 . 2008-04-02 21:08 17,808 --a------ C:\WINDOWS\system32\imslsp_install_loc040c.dll
2008-07-03 01:40 . 2008-07-03 01:43 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-07-03 01:39 . 2008-04-02 21:07 75,248 --a------ C:\WINDOWS\zllsputility.exe
2008-07-03 01:38 . 2008-07-03 01:38 <REP> d-------- C:\Program Files\Zone Labs
2008-07-02 17:35 . 2008-07-02 17:35 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\Application Data\Dealio
2008-07-02 17:25 . 2008-07-02 17:24 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys
2008-07-02 17:25 . 2008-07-02 17:24 298,104 --a------ C:\WINDOWS\system32\imon.dll
2008-07-02 17:25 . 2008-07-02 17:24 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
2008-07-02 17:23 . 2008-07-02 19:09 <REP> d-------- C:\Program Files\Eset
2008-07-02 16:45 . 2008-07-02 17:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2008-07-02 13:02 . 2004-08-04 01:54 578,048 --a------ C:\WINDOWS\system32\oahvoz
2008-07-02 13:02 . 2008-07-02 13:02 27,136 --a------ C:\WINDOWS\system32\head-25-06.exe
2008-07-02 13:02 . 2008-07-02 13:02 2 --a------ C:\471819246
2008-07-02 13:01 . 2008-07-02 13:01 402,010 --a------ C:\Documents and Settings\salima moulti\g49.exe
2008-07-02 13:01 . 2008-07-05 11:22 65,970 --a------ C:\WINDOWS\system32\drivers\a755ad61.sys
2008-07-01 23:39 . 2008-07-01 23:39 <REP> d-------- C:\Deckard
2008-07-01 22:03 . 2008-07-01 22:03 <REP> d-------- C:\Program Files\Alwil Software
2008-07-01 15:46 . 2008-07-01 15:46 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-01 15:46 . 2008-06-28 14:16 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-07-01 15:46 . 2008-06-28 14:16 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-30 10:56 . 2008-06-30 10:56 95 --a------ C:\WINDOWS\wininit.ini
2008-06-30 02:35 . 2008-06-30 10:56 <REP> d-------- C:\Program Files\a-squared Free
2008-06-30 01:31 . 2008-06-30 01:31 <REP> d-------- C:\Program Files\Lavasoft
2008-06-30 01:31 . 2008-06-30 22:08 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Lavasoft
2008-06-28 20:27 . 2008-06-28 20:27 <REP> d-------- C:\Program Files\Fichiers communs\Cisco Systems
2008-06-28 20:27 . 2006-12-19 15:06 1,495,552 --a------ C:\WINDOWS\system32\epoPGPsdk.dll
2008-06-26 20:49 . 2001-08-23 17:04 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-06-26 20:49 . 2001-08-23 17:04 12,288 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2008-06-26 20:48 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-06-26 20:48 . 2001-08-17 22:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-06-25 00:32 . 2008-06-25 00:32 82,928 --a------ C:\IMG_1258.JPG
2008-06-24 19:28 . 2002-11-11 19:52 6,400 --a------ C:\WINDOWS\system32\drivers\pctvvbi.sys
2008-06-24 19:27 . 2001-05-11 12:18 420,240 --a------ C:\WINDOWS\system32\mpg4c32.dll
2008-06-24 19:25 . 2008-06-24 19:25 <REP> d-------- C:\Pinnacle
2008-06-24 19:08 . 2008-06-24 19:10 455 --a------ C:\WINDOWS\VFO.VST
2008-06-24 19:08 . 2008-06-24 19:08 51 --a------ C:\WINDOWS\system32\blue.SITENAME
2008-06-24 19:07 . 2004-08-04 01:54 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-06-24 18:52 . 2004-07-02 16:28 84,992 --a------ C:\WINDOWS\system32\ATL70.DLL
2008-06-24 18:52 . 2008-06-24 19:44 1,196 --a------ C:\WINDOWS\VFO.INI
2008-06-24 18:51 . 2005-02-09 11:59 14,165 --a------ C:\WINDOWS\system32\drivers\Pclepci.sys
2008-06-24 18:46 . 2008-06-24 19:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
2008-06-24 18:44 . 2008-06-24 19:43 <REP> d-------- C:\Program Files\Pinnacle
2008-06-24 18:44 . 2008-06-24 19:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle
2008-06-24 16:40 . 2008-06-24 16:40 <REP> d-------- C:\Program Files\NVIDIA Corporation
2008-06-24 16:40 . 2008-06-24 16:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2008-06-24 16:40 . 2004-10-11 11:28 671,744 --a------ C:\WINDOWS\system32\DolbyHph.dll
2008-06-24 16:40 . 2004-11-12 16:01 60,416 --a------ C:\WINDOWS\system32\DSETUP.dll
2008-06-24 16:40 . 2004-12-13 09:44 14,848 --a------ C:\WINDOWS\system32\drivers\nvndis.sys
2008-06-24 16:40 . 2004-10-11 11:28 9,856 --a------ C:\WINDOWS\system32\drivers\pfc.sys
2008-06-15 11:25 . 2008-06-15 11:25 <REP> d-------- C:\Program Files\VintaSoft
2008-06-15 11:10 . 2008-06-15 11:12 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-06-15 10:59 . 2008-03-01 14:58 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-06-15 10:59 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-06-15 10:59 . 2007-03-08 07:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-06-15 10:59 . 2008-03-01 14:58 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-06-15 10:59 . 2008-03-01 14:58 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-06-15 10:59 . 2008-03-01 14:58 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-06-15 10:59 . 2008-03-01 14:58 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-06-15 10:59 . 2008-03-01 14:58 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-06-15 10:59 . 2008-02-22 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-06-13 11:54 . 2008-06-13 11:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-06-13 11:48 . 2008-06-13 11:48 <REP> d-------- C:\Program Files\Yahoo!
2008-06-13 11:48 . 2008-06-13 11:48 <REP> d-------- C:\Program Files\CCleaner
2008-06-12 22:21 . 2008-06-12 22:21 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-06-12 21:27 . 2008-06-12 21:27 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Malwarebytes
2008-06-12 21:27 . 2008-06-12 21:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-11 20:25 . 2008-06-11 20:25 <REP> d-------- C:\WINDOWS\Sun
2008-06-11 16:21 . 2008-07-04 00:11 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2008-06-11 15:55 . 2008-06-11 15:55 <REP> d---s---- C:\Documents and Settings\Administrateur\UserData
2008-06-11 15:32 . 2008-07-01 00:45 <REP> d-------- C:\Program Files\Trend Micro
2008-06-11 14:13 . 2008-07-01 17:02 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-06-11 14:13 . 2008-07-01 17:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-11 13:59 . 2008-06-30 22:01 <REP> d-------- C:\Program Files\RogueRemover FREE
2008-06-11 13:04 . 2008-06-11 15:23 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-06-11 12:59 . 2004-08-03 23:00 28,672 --a------ C:\WINDOWS\system32\drivers\nscirda.sys
2008-06-11 12:59 . 2004-08-03 23:00 28,672 --a--c--- C:\WINDOWS\system32\dllcache\nscirda.sys
2008-06-11 12:38 . 2008-06-11 12:38 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-06-11 12:38 . 2008-06-11 12:38 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-06-11 12:38 . 2008-07-02 16:44 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-06-11 12:22 . 2008-06-11 12:38 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-06-11 12:22 . 2008-07-02 16:42 <REP> d-------- C:\Documents and Settings\Administrateur
2008-06-11 12:16 . 2008-06-11 18:56 <REP> d-------- C:\Program Files\LabelCommand
2008-06-11 01:04 . 2008-06-11 01:04 <REP> d-------- C:\Documents and Settings\LocalService\Mes documents
2008-06-10 19:31 . 2008-06-10 19:31 <REP> d-------- C:\MenuGEO
2008-06-10 19:24 . 2008-06-10 19:28 <REP> d-------- C:\Program Files\@Last Software
2008-06-10 19:18 . 2008-06-10 19:18 <REP> d-------- C:\WINDOWS\system32\URTTEMP
2008-06-09 10:12 . 2008-06-09 10:12 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\ItsLabel
2008-06-09 10:12 . 2008-06-09 10:12 22 --a------ C:\WINDOWS\system32\ati64hl2.stb
2008-06-08 20:58 . 2008-06-09 22:11 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\DivX
2008-06-08 20:55 . 2008-06-24 19:44 <REP> d-------- C:\Program Files\DivX
2008-06-08 18:27 . 2008-06-08 18:27 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Talkback
2008-06-08 18:27 . 2008-06-08 18:27 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-08 18:22 . 2008-06-10 21:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-06-06 01:03 . 2008-06-17 22:43 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\dvdcss

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-04 23:28 1,378,816 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp
2008-07-04 20:29 1,374,208 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
2008-07-04 20:28 2,376 ----a-w C:\WINDOWS\OEM.tmp
2008-07-04 10:18 --------- d-----w C:\Documents and Settings\salima moulti\Application Data\BitTorrent
2008-07-04 01:07 --------- d-----w C:\Program Files\BitTorrent
2008-07-03 22:11 --------- d-----w C:\Program Files\Hijackthis Version Française
2008-07-02 10:58 --------- d-----w C:\Documents and Settings\salima moulti\Application Data\DNA
2008-07-01 14:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-06-27 11:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-06-25 13:47 --------- d-----w C:\Documents and Settings\salima moulti\Application Data\LimeWire
2008-06-24 23:47 --------- d-----w C:\Documents and Settings\salima moulti\Application Data\vlc
2008-06-24 17:50 --------- d-----w C:\Program Files\adslTV
2008-06-24 17:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-10 17:20 --------- d-----w C:\Program Files\Google
2008-06-06 15:58 --------- d-----w C:\Program Files\LimeWire
2008-06-04 19:26 --------- d-----w C:\Documents and Settings\salima moulti\Application Data\Nokia Multimedia Player
2008-06-04 19:26 --------- d-----w C:\Documents and Settings\salima moulti\Application Data\Nokia
2008-06-04 19:08 --------- d-----w C:\Documents and Settings\salima moulti\Application Data\PC Suite
2008-06-04 19:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite
2008-06-04 19:03 --------- d-----w C:\Program Files\DIFX
2008-06-04 19:02 --------- d-----w C:\Program Files\PC Connectivity Solution
2008-06-04 19:02 --------- d-----w C:\Program Files\Nokia
2008-06-04 19:02 --------- d-----w C:\Program Files\Fichiers communs\PCSuite
2008-06-04 19:02 --------- d-----w C:\Program Files\Fichiers communs\Nokia
2008-06-04 19:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2008-06-04 12:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-03 21:16 --------- d-----w C:\Program Files\DNA
2008-06-03 19:50 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-06-03 19:27 --------- d-----w C:\Program Files\Sun
2008-06-03 19:27 --------- d-----w C:\Program Files\Java
2008-06-03 19:21 --------- d-----w C:\Program Files\Fichiers communs\Java
2008-06-03 10:06 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-06-03 10:03 --------- d-----w C:\Program Files\Windows Live Favorites
2008-06-03 09:56 --------- d-----w C:\Program Files\Windows Live
2008-06-03 09:40 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-06-03 09:36 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-06-03 09:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-06-02 21:06 --------- d-----w C:\Program Files\NETGEAR
2008-06-02 18:16 --------- d-----w C:\Program Files\Ontrack
2008-06-02 18:12 --------- d-----w C:\Program Files\FreeUndelete
2008-06-02 16:08 --------- d-----w C:\Program Files\QuickTime
2008-06-02 16:08 --------- d-----w C:\Program Files\ImTOO
2008-06-02 16:06 --------- d-----w C:\Program Files\VideoLAN
2008-06-02 15:50 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-06-02 15:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\UDL
2008-06-02 15:47 --------- d-----w C:\Program Files\epson
2008-06-02 15:45 --------- d-----w C:\Program Files\ABBYY FineReader 6.0 Sprint
2008-06-02 12:40 --------- d-----w C:\Program Files\MSBuild
2008-06-02 12:40 --------- d-----w C:\Program Files\Microsoft Works
2008-06-02 12:23 --------- d-----w C:\Program Files\Synaptics
2008-06-02 12:22 --------- d-----w C:\Program Files\Intel
2008-06-02 12:21 --------- d-----w C:\Program Files\AvRack
2008-06-02 12:21 --------- d-----w C:\Program Files\Avance Sound Manager
2008-06-02 12:13 --------- d-----w C:\Program Files\microsoft frontpage
2008-06-02 12:08 --------- d-----w C:\Program Files\Services en ligne
.

((((((((((((((((((((((((((((( snapshot@2008-06-30_23.19.05.59 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-07-04 11:24:29 315,392 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_it_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
+ 2008-07-04 11:28:57 820,984 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Autodesk.AutoCAD.Interop.Common\17.0.54.0__eed84259d7cbf30b\Autodesk.AutoCAD.Interop.Common.dll
+ 2008-07-04 11:30:05 1,103,608 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Autodesk.AutoCAD.Interop.Common\17.1.51.0__eed84259d7cbf30b\Autodesk.AutoCAD.Interop.Common.dll
+ 2008-07-04 11:28:58 145,144 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Autodesk.AutoCAD.Interop\17.0.54.0__eed84259d7cbf30b\Autodesk.AutoCAD.Interop.dll
+ 2008-07-04 11:30:06 153,336 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Autodesk.AutoCAD.Interop\17.1.51.0__eed84259d7cbf30b\Autodesk.AutoCAD.Interop.dll
+ 2008-07-04 11:24:44 53,248 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_it_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
+ 2008-07-04 11:24:45 139,264 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_it_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
+ 2008-07-04 11:24:45 10,240 ----a-w C:\WINDOWS\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_it_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
+ 2008-07-04 11:24:31 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.JScript.Resources.dll
+ 2008-07-04 11:24:57 9,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2008-07-04 11:24:56 9,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2008-07-04 11:24:55 61,440 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
+ 2008-07-04 11:24:46 303,104 ----a-w C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.Resources.dll
+ 2008-07-04 11:24:53 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_it_b03f5f7f11d50a3a\sysglobl.resources.dll
+ 2008-07-04 11:24:47 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Configuration.Install.Resources.dll
+ 2008-07-04 11:24:54 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\SYSTEM.CONFIGURATION.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Configuration.resources.dll
+ 2008-07-04 11:24:47 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_it_b77a5c561934e089\System.Data.OracleClient.resources.dll
+ 2008-07-04 11:24:39 327,680 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_it_b77a5c561934e089\System.Data.Resources.dll
+ 2008-07-04 11:24:49 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_it_b77a5c561934e089\system.data.sqlxml.resources.dll
+ 2008-07-04 11:24:30 380,928 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Deployment.resources.dll
+ 2008-07-04 11:24:40 540,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Design.Resources.dll
+ 2008-07-04 11:24:34 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
+ 2008-07-04 11:24:34 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.DirectoryServices.Resources.dll
+ 2008-07-04 11:24:49 6,144 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Drawing.Design.Resources.dll
+ 2008-07-04 11:24:41 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Drawing.Resources.dll
+ 2008-07-04 11:24:32 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.EnterpriseServices.Resources.dll
+ 2008-07-04 11:24:50 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\system.management.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Management.Resources.dll
+ 2008-07-04 11:24:42 61,440 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Messaging.Resources.dll
+ 2008-07-04 11:24:43 204,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_it_b77a5c561934e089\system.Resources.dll
+ 2008-07-04 11:24:51 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_it_b77a5c561934e089\System.Runtime.Remoting.Resources.dll
+ 2008-07-04 11:24:52 11,776 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
+ 2008-07-04 11:24:33 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Security.Resources.dll
+ 2008-07-04 11:24:35 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll
+ 2008-07-04 11:24:52 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_it_b77a5c561934e089\System.Transactions.resources.dll
+ 2008-07-04 11:24:54 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
+ 2008-07-04 11:24:36 598,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Web.Resources.dll
+ 2008-07-04 11:24:37 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Web.Services.Resources.dll
+ 2008-07-04 11:24:38 425,984 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_it_b77a5c561934e089\System.Windows.Forms.Resources.dll
+ 2008-07-04 11:24:39 163,840 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_it_b77a5c561934e089\System.xml.Resources.dll
+ 2008-07-04 11:32:42 1,179,648 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AcLayer\4ea35aba127c7a4787f2b7b3d841f56d\AcLayer.ni.dll
- 2008-06-30 21:12:41 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-07-05 09:14:13 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2007-02-12 07:24:56 114,792 ----a-w C:\WINDOWS\Downloaded Program Files\IDropENU.dll
+ 2007-03-12 12:30:56 114,768 ----a-w C:\WINDOWS\Downloaded Program Files\IDropITA.dll
+ 2008-07-04 11:21:20 4,710 ----a-r C:\WINDOWS\Installer\{5783F2D7-0111-0409-0010-0060B0CE6BBA}\AdPM_icon.exe
+ 2008-07-04 11:21:20 218,272 ----a-r C:\WINDOWS\Installer\{5783F2D7-0111-0409-0010-0060B0CE6BBA}\CMControl.exe
+ 2007-03-07 10:14:48 26,192 ----a-w C:\WINDOWS\Installer\{5783F2D7-0111-0409-0010-0060B0CE6BBA}\CustomRes.dll
+ 2008-07-04 11:31:39 73,728 ----a-r C:\WINDOWS\Installer\{5783F2D7-6009-0410-0002-0060B0CE6BBA}\Acadlt162_icon.exe
+ 2007-03-12 12:30:18 26,192 ----a-w C:\WINDOWS\Installer\{5783F2D7-6009-0410-0002-0060B0CE6BBA}\CustomRes.dll
+ 2007-02-12 08:06:08 267,880 ----a-w C:\WINDOWS\Installer\{5783F2D7-6009-0410-0002-0060B0CE6BBA}\InstBasicUI.dll
+ 2007-03-12 12:30:58 304,720 ----a-w C:\WINDOWS\Installer\{5783F2D7-6009-0410-0002-0060B0CE6BBA}\InstRes.dll
+ 2008-07-04 11:26:06 21,630 ----a-r C:\WINDOWS\Installer\{9A346205-EA92-4406-B1AB-50379DA3F057}\ARPPRODUCTICON.exe
+ 2008-07-04 11:26:06 21,630 ----a-r C:\WINDOWS\Installer\{9A346205-EA92-4406-B1AB-50379DA3F057}\NewShortcut1_9A346205EA924406B1AB50379DA3F057_1.exe
+ 2008-07-04 11:26:06 21,630 ----a-r C:\WINDOWS\Installer\{9A346205-EA92-4406-B1AB-50379DA3F057}\NewShortcut3_9A346205EA924406B1AB50379DA3F057.exe
+ 2008-07-04 10:25:33 65,536 ----a-r C:\WINDOWS\Installer\{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}\ARPPRODUCTICON.exe
+ 2008-07-02 11:09:08 65,536 ----a-r C:\WINDOWS\Installer\{F38E1EF1-BBD6-4743-AF84-021E26B0481C}\ARPPRODUCTICON.exe
+ 2006-01-07 06:53:28 22,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\alinkui.dll
+ 2006-01-07 06:53:30 161,792 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\cscompui.dll
+ 2006-01-07 06:53:30 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\CvtResUI.dll
+ 2006-01-07 06:53:36 212,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\vbc7ui.dll
+ 2006-01-07 06:53:24 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\Vsavb7rtUI.dll
+ 2006-01-07 06:53:38 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\GAC\it\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2006-01-07 06:53:38 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\GAC\it\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2006-01-07 06:53:26 8,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnet_compiler.resources.dll
+ 2006-01-07 06:53:26 82,432 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnet_rc.dll
+ 2006-01-07 06:53:26 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnet_regbrowsers.resources.dll
+ 2006-01-07 06:53:26 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnet_regsql.resources.dll
+ 2006-01-07 06:53:26 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnetmmcext.resources.dll
+ 2006-01-07 06:53:34 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\caspol.resources.dll
+ 2006-01-07 06:53:34 4,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\InstallUtil.resources.dll
+ 2006-01-07 06:53:32 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\JSC.Resources.dll
+ 2006-01-07 06:53:34 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.Build.Engine.resources.dll
+ 2006-01-07 06:53:34 139,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.Build.Tasks.resources.dll
+ 2006-01-07 06:53:34 10,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.Build.Utilities.Resources.dll
+ 2006-01-07 06:53:32 45,056 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.JScript.Resources.dll
+ 2006-01-07 06:53:36 61,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.VisualBasic.resources.dll
+ 2006-01-07 06:53:34 12,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\MSBuild.resources.dll
+ 2006-01-07 06:53:34 303,104 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\mscorlib.Resources.dll
+ 2006-01-07 06:53:34 389,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\mscorrc.dll
+ 2006-01-07 06:53:34 11,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Regasm.resources.dll
+ 2006-01-07 06:53:34 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\ShFusRes.dll
+ 2006-01-07 06:53:34 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\sysglobl.resources.dll
+ 2006-01-07 06:53:34 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Configuration.Install.Resources.dll
+ 2006-01-07 06:53:34 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Configuration.resources.dll
+ 2006-01-07 06:53:34 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Data.OracleClient.resources.dll
+ 2006-01-07 06:53:34 327,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Data.Resources.dll
+ 2006-01-07 06:53:34 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\system.data.sqlxml.resources.dll
+ 2006-01-07 06:53:28 380,928 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Deployment.resources.dll
+ 2006-01-07 06:53:34 540,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Design.Resources.dll
+ 2006-01-07 06:53:34 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.DirectoryServices.Protocols.resources.dll
+ 2006-01-07 06:53:34 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.DirectoryServices.Resources.dll
+ 2006-01-07 06:53:34 6,144 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Drawing.Design.Resources.dll
+ 2006-01-07 06:53:34 24,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Drawing.Resources.dll
+ 2006-01-07 06:53:34 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.EnterpriseServices.Resources.dll
+ 2006-01-07 06:53:34 13,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Management.Resources.dll
+ 2006-01-07 06:53:34 61,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Messaging.Resources.dll
+ 2006-01-07 06:53:34 204,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\system.Resources.dll
+ 2006-01-07 06:53:34 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Runtime.Remoting.Resources.dll
+ 2006-01-07 06:53:34 11,776 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Runtime.Serialization.Formatters.Soap.Resources.dll
+ 2006-01-07 06:53:34 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Security.Resources.dll
+ 2006-01-07 06:53:34 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.ServiceProcess.Resources.dll
+ 2006-01-07 06:53:34 16,384 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Transactions.resources.dll
+ 2006-01-07 06:53:34 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Web.Mobile.resources.dll
+ 2006-01-07 06:53:34 598,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Web.Resources.dll
+ 2006-01-07 06:53:34 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Web.Services.Resources.dll
+ 2006-01-07 06:53:34 425,984 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Windows.Forms.Resources.dll
+ 2006-01-07 06:53:34 163,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.xml.Resources.dll
+ 2005-12-09 08:46:34 609,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - ITA\install.exe
+ 2005-12-09 08:46:34 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - ITA\install.res.1040.dll
+ 2005-12-09 10:26:10 245,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - ITA\unicows.dll
+ 2006-01-07 06:53:34 22,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0410\mscorsecr.dll
+ 2007-02-12 07:38:11 30,312 ----a-w C:\WINDOWS\system32\AcSignExt.dll
+ 2007-03-12 12:28:48 15,952 ----a-w C:\WINDOWS\system32\AcSignExtRes.dll
+ 2007-02-12 07:38:12 44,648 ----a-w C:\WINDOWS\system32\AcSignIcon.dll
+ 2007-02-12 07:38:13 54,376 ----a-w C:\WINDOWS\system32\AcSignOpt.exe
- 2008-06-02 12:18:29 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-07-02 16:08:57 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-07-02 15:37:01 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT
- 2008-06-02 12:18:29 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat <

Réponse 10 / 20

ep44 Messages postés 7432 Statut Contributeur 3

Bonsoir salma

lyonnais à demandé un rapport DSS ;-))

Merci

@+ :-)

salma

c quoi ce rapport DSS, excusez mon inculture.

Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537 > salma

Re,

c'est le rapport que tu obtiens en exécutant le programme DSS.exe que tu as téléchargé sur ton Bureau.

Réponse 11 / 20

Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537

Re,

tu t'infectes au rythme où on te désinfecte :(

Tu sembles ne pas avoir de parefeu contrôlant les connexions sortantes, ce qui est un risque de sécurité.

Si c'est le cas tu as le choix entre ces deux possibilités :

Zone Alarm Tuto et lien de téléchargement ici :
https://www.malekal.com/tutoriel-zonealarm-firewall/

Kerio Tuto et lien de téléchargement ici :
http://www.malekal.com/kerio_firewall.php

Il y en a d'autres que tu peux trouver en ouvrant ce lien :
http://www.malekal.com/menu_tutorials_logiciels.php

Il faut que tu désactives le parefeu de Windows (panneau de configuration, parefeu de Windows) après le téléchargement et avant l'installation (déconnecte toi du Net à ce moment là).

Relance HijackThis.

Choisis Do a scan only

Coche la case devant les lignes suivantes

O2 - BHO: (no name) - {9E1841CC-0FC7-4BB2-8821-9BBBFDBF50F9} - C:\WINDOWS\system32\ljJDSKEV.dll (file missing)
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
Inconnu
O4 - Startup: TA_Start.lnk = C:\Documents and Settings\salima moulti\Local Settings\temp\DealioKit1-stub-0.exe
O9 - Extra button: Dealio - {e908b145-c847-4e85-b315-07e2e70decf8} - C:\Program Files\Dealio\kb124\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {e908b145-c847-4e85-b315-07e2e70decf8} - C:\Program Files\Dealio\kb124\Dealio.dll

Ferme toutes les fenêtres (hormis HijackThis), y compris ton navigateur.

Clique sur fix checked.

Ferme Hijackthis.

Ouvre l'explorateur Windows, cherche :

c:\program files\dealio

clic droit et supprimer.

Fais de même avec :

c:\documents and settings\salima moulti\local settings\temp\dealiokit1-stub-0.exe

_____________

Rends toi sur ce site :

https://www.virustotal.com/gui/

Clique sur parcourir et cherche ce fichier : c:\windows\system32\dwdsregt.exe

Clique sur Send File.

Un rapport va s'élaborer ligne à ligne.

Attends la fin. Il doit comprendre la taille du fichier envoyé.

Sauvegarde le rapport avec le bloc-note.

Copie le dans ta réponse.

Si VirusTotal indique que le fichier a déjà été analysé, cliquer sur le bouton Reanalyse le fichier maintenant

____________________

fais redémarrer l'ordi et poste un nouveau rapport DSS

salma

Bonsoir lyonnais, il est 2h du matin, je dois surement dormir donc j'attends une réponse de toi demain quand tu auras un moment... voila j'ai installé un parfeux, et j'ai fixed les cases que tu m'as indiqué sur hijackthis.
j'ai supprimé le dossier dealio mais par contre je n'ai pas trouvé le fichier c:\windows\system32\dwdsregt.exe donc j'ai pas pu faire d'analyse. j'ai meme fait recherche je ne le trouve tjrs pas.
voici le nouveau rapport DSS
à TOI...........j'attends de tes nouvelles, ca fait 5jours maintenant, vous m'avez bcp aidée et merci infiniment....j'attends ta réponse.

Deckard's System Scanner v20071014.68
Run by salima moulti on 2008-07-03 02:06:25
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- HijackThis (run as salima moulti.exe) ---------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:06, on 2008-07-03
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\salima moulti\Bureau\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\SALIMA~1.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: DealioBHO Class - {6a87b991-a31f-4130-ae72-6d0c294bf082} - C:\Program Files\Dealio\kb124\Dealio.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb124\Dealio.dll (file missing)
O4 - HKLM\..\Run: [{F6-63-3E-EE-ZN}] c:\windows\system32\dwdsregt.exe OLI001
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent DNA] -"C:\Program Files\DNA\btdna.exe"
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: Deewoo.lnk = C:\WINDOWS\system32\mwinrtdm.exe
O4 - Startup: TA_Start.lnk = C:\Documents and Settings\salima moulti\Local Settings\temp\DealioKit1-stub-0.exe
O4 - Global Startup: MA521 Configuration Utility.lnk = C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: compare prices with &dealio - C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: NOD32 Kernel Service (nod32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Réponse 12 / 20

Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537

Bonjour,

pas de chance, je voulais scanner 2 fichiers. L'un est déjà supprimé. J'aurais mieux fait de commencer par l'autre :

Rends toi sur ce site :

https://www.virustotal.com/gui/

Clique sur parcourir et cherche ce fichier : C:\WINDOWS\system32\mwinrtdm.exe

Clique sur Send File.

Un rapport va s'élaborer ligne à ligne.

Attends la fin. Il doit comprendre la taille du fichier envoyé.

Sauvegarde le rapport avec le bloc-note.

Copie le dans ta réponse.

Si VirusTotal indique que le fichier a déjà été analysé, cliquer sur le bouton Reanalyse le fichier maintenant

___________

au passage, comment va l'ordi ?

salma

Bonjour;;;;;;; merci pour ta réponse, je ne trouve pas non plus le fichier C:\WINDOWS\system32\mwinrtdm.exe pourtant j'ai bien cherché.
Mon ordi va bcp mieux.....il s'est rétabli grace à toi.....................................mERCI infiniment, as tu quelques conseils pour ne jamais me mettre encore dans ce pétrin???????????
MERCI loynnais.

Réponse 13 / 20

Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537

Bonjour,

le malade va mieux, mais il n'est pas totalement guéri.

Et je te donnerai des conseils pour minimiser les risques.

Pour le moment, fais ça :

========================================
->Affiche tous les fichiers et dossiers :
clique sur démarrer/panneau de configuration (en affichage classique)/option des dossiers/affichage

[Coche] « afficher les dossiers et fichiers cachés »

[Décoche] la case « Masquer les fichiers protégés du système d'exploitation (recommandé) »

[Décoche] « masquer les extensions dont le type est connu »

Puis fais [appliquer] pour valider les changements.

Et [Ok]
========================================
puis :

Rends toi sur ce site :

https://www.virustotal.com/gui/

Clique sur parcourir et cherche ce fichier : C:\WINDOWS\system32\mwinrtdm.exe

Clique sur Send File.

Un rapport va s'élaborer ligne à ligne.

Attends la fin. Il doit comprendre la taille du fichier envoyé.

Sauvegarde le rapport avec le bloc-note.

Copie le dans ta réponse.

Si VirusTotal indique que le fichier a déjà été analysé, cliquer sur le bouton Reanalyse le fichier maintenant

Pas d'acharnement si tu ne le trouves pas. Car cela veut dire qu'il n'existe plus et que je poursuis son fantôme.

salma

NOn lyonnais tjrs rien, j'ai bien affiché les fichiers cachés et j'ai bien cherché mais rien.....pourquoi poursuivre ce fochier c un virus, si c le cas il a peut etre du etre supprimé par toutes les opérations précédentes,,???? En fait je fais koi pour q mon pc soit totalement guériiiiiiiiiiiiiiiiiiiiiiiiiii......TJRS je m'arrange pour choper des virus;;;;;MERCI LYONNAIS;

salma

slt loynnais , tu n'as pas répondu à mon dernier mesg,,,,, as tu des conseils pour protéger mon pc ?? sachant q ca m'arrive souvent de télécharger des logiciels sur mininova; ET MON PC est il completement rétabli??? merciiiiiiiiiiii à toi

Réponse 14 / 20

Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537

Bonsoir,

Relance HijackThis.

Choisis Do a scan only

Coche la case devant les lignes suivantes

O2 - BHO: DealioBHO Class - {6a87b991-a31f-4130-ae72-6d0c294bf082} - C:\Program Files\Dealio\kb124\Dealio.dll (file missing)
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb124\Dealio.dll (file missing)
O4 - HKLM\..\Run: [{F6-63-3E-EE-ZN}] c:\windows\system32\dwdsregt.exe OLI001
O4 - Startup: Deewoo.lnk = C:\WINDOWS\system32\mwinrtdm.exe
O4 - Startup: TA_Start.lnk = C:\Documents and Settings\salima moulti\Local Settings\temp\DealioKit1-stub-0.exe

Ferme toutes les fenêtres (hormis HijackThis), y compris ton navigateur.

Clique sur fix checked.

Ferme Hijackthis.

Fais redémarrer l'ordi et poste un nouveau rapport DSS

salma

bonsoir lyonnais, voila j'ai fait ce q tu m'as dit et voici le rapport dss aprés redémarrage du pc. Dis moi si j'ai enfin réussi à tout éliminer?? merci à toi... j'attends ta réponse.

Deckard's System Scanner v20071014.68
Run by salima moulti on 2008-07-04 00:20:36
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- HijackThis (run as salima moulti.exe) ---------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:20, on 2008-07-04
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\salima moulti\Bureau\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\SALIMA~1.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent DNA] -"C:\Program Files\DNA\btdna.exe"
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: MA521 Configuration Utility.lnk = C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: compare prices with &dealio - C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: NOD32 Kernel Service (nod32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Réponse 15 / 20

ep44 Messages postés 7432 Statut Contributeur 3

Bonsoir lyonnais, salma

Salma drole de comportement pour une personne qui demande l'aide

http://www.commentcamarche.net/forum/affich 7236501 antivirus xp 2008#1

Réponse 16 / 20

Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537

Bonsoir,

Copie ou imprime les instructions avant

Déconnecte toi d'internet et ferme toutes tes applications.

Désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)

Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

Folder::
C:\Documents and Settings\salima moulti\Application Data\Dealio
C:\QUARANTINE
C:\Documents and Settings\salima moulti\Application Data\EoRezo
C:\Program Files\EoRezo

File::
C:\WINDOWS\PSEXESVC.EXE
C:\WINDOWS\system32\perfh00C.dat
C:\WINDOWS\system32\perfc00C.dat

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]

Enregistre ce fichier sous le nom CFscript

Fait un glisser/déposer de ce fichier CFscript sur le fichier ComboFix.exe

Clique sur le fichier CFscript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFscrïpt vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Réactive ton parefeu, ton antivirus, la garde de ton antispyware

Une fois le scan achevé, un rapport va s'afficher: poste son contenu.

Remets aussi un rapport Hijackthis

Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

Attention : cette manip a été fait pour cet ordi. Tout réutilisation peut endommager sévèrement le système d'exploitation.

salma

salut lyonnais , voila le rapport combofix et plus bas le rapport hijackthis, aprés que j'aie fait ce q tu m'as demandé à la lettre. bien à toi

ComboFix 08-07-01.5 - salima moulti 2008-07-05 11:05:40.5 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.499 [GMT 2:00]
Endroit: C:\Documents and Settings\salima moulti\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\salima moulti\Bureau\CFscript.txt
* Création d'un nouveau point de restauration
* Resident AV is active

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

FILE ::
C:\WINDOWS\PSEXESVC.EXE
C:\WINDOWS\system32\perfc00C.dat
C:\WINDOWS\system32\perfh00C.dat
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\salima moulti\Application Data\Dealio
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\as_sidebar.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\blank.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\deal_report.jpg
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\DealioSearch.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\deals-endcap.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\deals-leftcap.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\ebay_login.jpg
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\endcap22-bg.png
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\endcap22-left.png
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\endcap22-right-arrow.png
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\endcap22-right.png
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\err_mainwindow.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\err_sidebar.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\err_toolbar.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\ErrorPageTemplate.css
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\global_scripts.js
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\headerbgthin.jpg
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\help.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\logo.png
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\logo_over.png
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\man_toolbar.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\man_toolbar.js
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\pill_bg.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\post-this-deal.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\post-this-deal_over.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\scripts.js
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\scroller.js
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\search-chevron.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\search_bg_blink.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\separator.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\settings.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\settings_over.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\sidebar.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\steals_bg.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\tab_icon.png
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\tabdata.js
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\tablib.js
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\tabwelcome_en.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\toolbar_background.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\yahoo_search.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\index.1.80.39
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.10.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.109.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.110.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.12.52
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.13.58
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.130.58
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.135.50
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.153.44
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.155.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.156.49
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.16.60
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.161.52
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.178.66
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.184.55
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.188.52
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.189.45
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.196.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.198.56
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.199.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.200.53
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.201.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.202.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.203.71
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.205.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.213.71
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.214.49
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.215.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.216.67
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.217.67
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.218.52
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.219.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.220.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.221.57
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.222.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.223.68
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.226.68
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.227.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.228.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.229.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.23.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.239.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.24.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.240.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.241.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.242.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.243.77
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.244.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.245.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.247.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.248.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.249.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.250.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.251.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.252.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.253.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.254.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.255.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.256.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.257.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.279.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.28.58
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.282.75
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.283.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.284.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.289.67
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.290.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.291.61
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.296.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.297.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.304.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.307.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.308.75
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.31.47
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.310.46
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.311.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.315.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.316.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.317.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.318.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.319.49
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.32.48
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.334.44
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.335.60
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.336.44
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.337.44
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.338.75
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.339.47
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.34.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.340.47
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.341.47
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.349.50
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.35.48
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.350.50
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.351.51
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.352.77
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.353.51
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.354.51
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.357.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.358.52
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.359.52
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.360.53
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.361.54
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.362.68
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.363.58
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.364.54
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.365.53
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.367.56
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.368.58
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.369.55
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.370.80
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.371.56
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.372.57
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.373.55
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.375.56
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.376.57
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.377.55
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.378.65
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.384.58
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.386.71
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.387.59
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.388.59
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.389.59
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.390.60
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.391.78
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.392.60
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.393.60
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.394.60
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.396.61
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.397.61
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.398.60
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.399.60
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.403.61
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.404.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.405.61
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.406.61
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.407.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.408.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.409.61
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.412.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.413.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.414.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.415.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.416.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.417.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.418.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.419.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.420.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.421.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.423.77
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.424.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.425.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.426.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.427.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.428.65
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.429.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.430.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.432.65
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.433.64
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.434.65
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.435.64
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.436.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.437.64
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.438.71
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.439.71
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.440.75
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.442.73
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.443.73
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.444.73
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.445.68
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.446.69
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.450.67
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.451.67
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.452.68
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.453.68
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.454.69
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.456.69
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.457.75
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.458.70
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.459.70
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.460.69
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.462.74
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.463.69
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.464.70
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.465.68
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.468.70
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.469.70
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.470.70
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.471.73
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.472.70
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.478.74
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.479.73
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.480.68
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.481.71
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.482.74
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.49.67
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.50.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.500.71
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.501.74
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.502.71
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.51.69
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.52.72
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.520.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.521.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.522.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.53.51
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.531.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.532.75
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.533.77
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.534.75
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.54.47
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.55.45
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.56.69
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.57.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.58.47
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.591.79
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.592.79
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.593.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.594.77
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.595.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.608.78
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.610.80
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.611.79
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.614.79
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.617.79
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.624.80
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.63.57
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.640.80
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.641.80
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.66.47
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.70.75
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.71.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\temp\_toolbar_tmp_1372_2420_3.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\temp\dealio-14062.log
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\temp\dod_cache.xml
C:\Documents and Settings\salima moulti\Application Data\EoRezo
C:\Documents and Settings\salima moulti\Application Data\EoRezo\cmhost.cyp
C:\Documents and Settings\salima moulti\Application Data\EoRezo\ConfMedia.cyp
C:\Documents and Settings\salima moulti\Application Data\EoRezo\db\cat.cyp
C:\Documents and Settings\salima moulti\Application Data\EoRezo\eoDesktop\config.xml
C:\Documents and Settings\salima moulti\Application Data\EoRezo\eoDesktop\eoDesktop.html
C:\Documents and Settings\salima moulti\Application Data\EoRezo\eoDesktop\userConfig.xml
C:\Documents and Settings\salima moulti\Application Data\EoRezo\host.cyp
C:\Documents and Settings\salima moulti\Application Data\EoRezo\user.cyp
C:\Program Files\EoRezo
C:\Program Files\EoRezo\ConfMedia.cyp
C:\Program Files\EoRezo\EoAdv\EoAdv.dll
C:\Program Files\EoRezo\EoAdv\eoAdv.url
C:\Program Files\EoRezo\EoAdv\tmp\eoRezoBho.dll.2139
C:\Program Files\EoRezo\EoEngine.exe
C:\Program Files\EoRezo\eoEngine.url
C:\Program Files\EoRezo\EoMultiLanguage.dll
C:\Program Files\EoRezo\EoRezoComm.dll
C:\Program Files\EoRezo\EoRezoImg_15.dll
C:\Program Files\EoRezo\EoRezoImg_16.dll
C:\Program Files\EoRezo\EoRezoImg_17.dll
C:\Program Files\EoRezo\EoRezoImg_18.dll
C:\Program Files\EoRezo\EoRezoImg_19.dll
C:\Program Files\EoRezo\EoRezoImg_20.dll
C:\Program Files\EoRezo\EoRezoImg_21.dll
C:\Program Files\EoRezo\EoRezoImg_22.dll
C:\Program Files\EoRezo\EoRezoImg_23.dll
C:\Program Files\EoRezo\EoRezoImg_24.dll
C:\Program Files\EoRezo\EoRezoTools_15.dll
C:\Program Files\EoRezo\EoRezoTools_16.dll
C:\Program Files\EoRezo\EoRezoTools_17.dll
C:\Program Files\EoRezo\EoRezoTools_18.dll
C:\Program Files\EoRezo\EoRezoTools_19.dll
C:\Program Files\EoRezo\EoRezoTools_20.dll
C:\Program Files\EoRezo\EoRezoTools_21.dll
C:\Program Files\EoRezo\EoRezoTools_22.dll
C:\Program Files\EoRezo\EoRezoTools_23.dll
C:\Program Files\EoRezo\EoRezoTools_24.dll
C:\Program Files\EoRezo\EoRezoTools_25.dll
C:\Program Files\EoRezo\FreeImage.dll
C:\Program Files\EoRezo\Host.cyp
C:\Program Files\EoRezo\icon_eo.st.ico
C:\Program Files\EoRezo\lang\ihm_eoclock.xml
C:\Program Files\EoRezo\lang\ihm_eoengine.xml
C:\Program Files\EoRezo\lang\ihm_eonet.xml
C:\Program Files\EoRezo\lang\ihm_eorezotools.xml
C:\Program Files\EoRezo\lang\ihm_eosudoku.xml
C:\Program Files\EoRezo\lang\ihm_eoweather.xml
C:\Program Files\EoRezo\lang\lang_en.xml
C:\Program Files\EoRezo\lang\lang_es.xml
C:\Program Files\EoRezo\lang\lang_fr.xml
C:\Program Files\EoRezo\lang\lang_it.xml
C:\Program Files\EoRezo\MngInstaller.dll
C:\Program Files\EoRezo\unins000.dat
C:\Program Files\EoRezo\unins000.exe
C:\Program Files\EoRezo\user.cyp
C:\QUARANTINE
C:\WINDOWS\PSEXESVC.EXE
C:\WINDOWS\system32\perfc00C.dat
C:\WINDOWS\system32\perfh00C.dat
.
---- Previous Run -------
.
C:\sqmdata05.sqm
C:\sqmdata06.sqm
C:\sqmnoopt05.sqm
C:\sqmnoopt06.sqm
C:\WINDOWS\BM1f2c50dd.txt
C:\WINDOWS\BM1f2c50dd.xml
C:\WINDOWS\camsad.ini
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\459849
C:\WINDOWS\system32\459849\459849.dll
C:\WINDOWS\system32\bnhtxlqy.ini
C:\WINDOWS\system32\cbXRIawT.dll
C:\WINDOWS\system32\ieupdates.exe.tmp
C:\WINDOWS\system32\jogtci.dll
C:\WINDOWS\system32\jpwhdlft.ini
C:\WINDOWS\system32\jStDJRqr.ini
C:\WINDOWS\system32\jStDJRqr.ini2
C:\WINDOWS\system32\myryopcu.ini
C:\WINDOWS\system32\pWHhQqru.ini
C:\WINDOWS\system32\pWHhQqru.ini2
C:\WINDOWS\system32\rxhuwpta.dll
C:\WINDOWS\system32\tflvnbso.dll
C:\WINDOWS\system32\tmp.reg
C:\WINDOWS\system32\TwaIRXbc.ini
C:\WINDOWS\system32\TwaIRXbc.ini2
C:\WINDOWS\system32\urqQhHWp.dll
C:\WINDOWS\system32\visbjfci.ini
C:\WINDOWS\system32\xioxadqm.ini

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CORE
-------\Legacy_LPTRDCSRV
-------\Legacy_tcpsr
-------\Legacy_TNIDRIVER
-------\Service_TnIDriver
-------\Service_npf

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-05 to 2008-07-05 ))))))))))))))))))))))))))))))))))))
.

2008-07-04 15:02 . 2004-03-02 17:37 125,184 --------- C:\WINDOWS\system32\drivers\imagesrv.sys
2008-07-04 15:02 . 2004-03-02 17:37 5,504 --------- C:\WINDOWS\system32\drivers\imagedrv.sys
2008-07-04 15:00 . 2004-07-26 17:16 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll
2008-07-04 15:00 . 2004-07-26 17:16 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll
2008-07-04 15:00 . 2004-07-26 17:16 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll
2008-07-04 15:00 . 2004-07-26 17:16 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll
2008-07-04 15:00 . 2001-07-09 11:50 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2008-07-04 15:00 . 2000-06-26 11:45 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2008-07-04 14:59 . 2008-07-04 14:59 <REP> d-------- C:\Program Files\Fichiers communs\Ahead
2008-07-04 14:59 . 2008-07-04 15:00 <REP> d-------- C:\Program Files\Ahead
2008-07-04 13:26 . 2008-07-04 13:31 <REP> d-------- C:\Program Files\AutoCAD LT 2008
2008-07-04 13:25 . 2008-07-04 13:31 <REP> d-------- C:\Program Files\Fichiers communs\Autodesk Shared
2008-07-04 13:21 . 2008-07-04 13:25 <REP> d-------- C:\Program Files\Autodesk
2008-07-04 12:29 . 2008-07-04 12:29 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Autodesk
2008-07-04 12:29 . 2008-07-04 13:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Autodesk
2008-07-03 01:45 . 2008-07-05 11:22 1,185,824 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-07-03 01:45 . 2008-07-05 11:13 18,056 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-07-03 01:40 . 2008-07-03 01:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-07-03 01:40 . 2008-04-02 21:08 54,672 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
2008-07-03 01:40 . 2008-04-02 21:08 42,384 --a------ C:\WINDOWS\zllsputility_loc040c.dll
2008-07-03 01:40 . 2008-04-02 21:08 21,904 --a------ C:\WINDOWS\system32\imsinstall_loc040c.dll
2008-07-03 01:40 . 2008-04-02 21:08 17,808 --a------ C:\WINDOWS\system32\imslsp_install_loc040c.dll
2008-07-03 01:40 . 2008-07-03 01:43 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-07-03 01:39 . 2008-04-02 21:07 75,248 --a------ C:\WINDOWS\zllsputility.exe
2008-07-03 01:38 . 2008-07-03 01:38 <REP> d-------- C:\Program Files\Zone Labs
2008-07-02 17:35 . 2008-07-02 17:35 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\Application Data\Dealio
2008-07-02 17:25 . 2008-07-02 17:24 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys
2008-07-02 17:25 . 2008-07-02 17:24 298,104 --a------ C:\WINDOWS\system32\imon.dll
2008-07-02 17:25 . 2008-07-02 17:24 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
2008-07-02 17:23 . 2008-07-02 19:09 <REP> d-------- C:\Program Files\Eset
2008-07-02 16:45 . 2008-07-02 17:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2008-07-02 13:02 . 2004-08-04 01:54 578,048 --a------ C:\WINDOWS\system32\oahvoz
2008-07-02 13:02 . 2008-07-02 13:02 27,136 --a------ C:\WINDOWS\system32\head-25-06.exe
2008-07-02 13:02 . 2008-07-02 13:02 2 --a------ C:\471819246
2008-07-02 13:01 . 2008-07-02 13:01 402,010 --a------ C:\Documents and Settings\salima moulti\g49.exe
2008-07-02 13:01 . 2008-07-05 11:22 65,970 --a------ C:\WINDOWS\system32\drivers\a755ad61.sys
2008-07-01 23:39 . 2008-07-01 23:39 <REP> d-------- C:\Deckard
2008-07-01 22:03 . 2008-07-01 22:03 <REP> d-------- C:\Program Files\Alwil Software
2008-07-01 15:46 . 2008-07-01 15:46 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-01 15:46 . 2008-06-28 14:16 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-07-01 15:46 . 2008-06-28 14:16 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-30 10:56 . 2008-06-30 10:56 95 --a------ C:\WINDOWS\wininit.ini
2008-06-30 02:35 . 2008-06-30 10:56 <REP> d-------- C:\Program Files\a-squared Free
2008-06-30 01:31 . 2008-06-30 01:31 <REP> d-------- C:\Program Files\Lavasoft
2008-06-30 01:31 . 2008-06-30 22:08 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Lavasoft
2008-06-28 20:27 . 2008-06-28 20:27 <REP> d-------- C:\Program Files\Fichiers communs\Cisco Systems
2008-06-28 20:27 . 2006-12-19 15:06 1,495,552 --a------ C:\WINDOWS\system32\epoPGPsdk.dll
2008-06-26 20:49 . 2001-08-23 17:04 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-06-26 20:49 . 2001-08-23 17:04 12,288 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2008-06-26 20:48 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-06-26 20:48 . 2001-08-17 22:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-06-25 00:32 . 2008-06-25 00:32 82,928 --a------ C:\IMG_1258.JPG
2008-06-24 19:28 . 2002-11-11 19:52 6,400 --a------ C:\WINDOWS\system32\drivers\pctvvbi.sys
2008-06-24 19:27 . 2001-05-11 12:18 420,240 --a------ C:\WINDOWS\system32\mpg4c32.dll
2008-06-24 19:25 . 2008-06-24 19:25 <REP> d-------- C:\Pinnacle
2008-06-24 19:08 . 2008-06-24 19:10 455 --a------ C:\WINDOWS\VFO.VST
2008-06-24 19:08 . 2008-06-24 19:08 51 --a------ C:\WINDOWS\system32\blue.SITENAME
2008-06-24 19:07 . 2004-08-04 01:54 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-06-24 18:52 . 2004-07-02 16:28 84,992 --a------ C:\WINDOWS\system32\ATL70.DLL
2008-06-24 18:52 . 2008-06-24 19:44 1,196 --a------ C:\WINDOWS\VFO.INI
2008-06-24 18:51 . 2005-02-09 11:59 14,165 --a------ C:\WINDOWS\system32\drivers\Pclepci.sys
2008-06-24 18:46 . 2008-06-24 19:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
2008-06-24 18:44 . 2008-06-24 19:43 <REP> d-------- C:\Program Files\Pinnacle
2008-06-24 18:44 . 2008-06-24 19:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle
2008-06-24 16:40 . 2008-06-24 16:40 <REP> d-------- C:\Program Files\NVIDIA Corporation
2008-06-24 16:40 . 2008-06-24 16:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2008-06-24 16:40 . 2004-10-11 11:28 671,744 --a------ C:\WINDOWS\system32\DolbyHph.dll
2008-06-24 16:40 . 2004-11-12 16:01 60,416 --a------ C:\WINDOWS\system32\DSETUP.dll
2008-06-24 16:40 . 2004-12-13 09:44 14,848 --a------ C:\WINDOWS\system32\drivers\nvndis.sys
2008-06-24 16:40 . 2004-10-11 11:28 9,856 --a------ C:\WINDOWS\system32\drivers\pfc.sys
2008-06-15 11:25 . 2008-06-15 11:25 <REP> d-------- C:\Program Files\VintaSoft
2008-06-15 11:10 . 2008-06-15 11:12 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-06-15 10:59 . 2008-03-01 14:58 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-06-15 10:59 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-06-15 10:59 . 2007-03-08 07:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-06-15 10:59 . 2008-03-01 14:58 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-06-15 10:59 . 2008-03-01 14:58 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-06-15 10:59 . 2008-03-01 14:58 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-06-15 10:59 . 2008-03-01 14:58 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-06-15 10:59 . 2008-03-01 14:58 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-06-15 10:59 . 2008-02-22 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-06-13 11:54 . 2008-06-13 11:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-06-13 11:48 . 2008-06-13 11:48 <REP> d-------- C:\Program Files\Yahoo!
2008-06-13 11:48 . 2008-06-13 11:48 <REP> d-------- C:\Program Files\CCleaner
2008-06-12 22:21 . 2008-06-12 22:21 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-06-12 21:27 . 2008-06-12 21:27 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Malwarebytes
2008-06-12 21:27 . 2008-06-12 21:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-11 20:25 . 2008-06-11 20:25 <REP> d-------- C:\WINDOWS\Sun
2008-06-11 16:21 . 2008-07-04 00:11 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2008-06-11 15:55 . 2008-06-11 15:55 <REP> d---s---- C:\Documents and Settings\Administrateur\UserData
2008-06-11 15:32 . 2008-07-01 00:45 <REP> d-------- C:\Program Files\Trend Micro
2008-06-11 14:13 . 2008-07-01 17:02 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-06-11 14:13 . 2008-07-01 17:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-11 13:59 . 2008-06-30 22:01 <REP> d-------- C:\Program Files\RogueRemover FREE
2008-06-11 13:04 . 2008-06-11 15:23 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-06-11 12:59 . 2004-08-03 23:00 28,672 --a------ C:\WINDOWS\system32\drivers\nscirda.sys
2008-06-11 12:59 . 2004-08-03 23:00 28,672 --a--c--- C:\WINDOWS\system32\dllcache\nscirda.sys
2008-06-11 12:38 . 2008-06-11 12:38 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-06-11 12:38 . 2008-06-11 12:38 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-06-11 12:38 . 2008-07-02 16:44 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-06-11 12:22 . 2008-06-11 12:38 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-06-11 12:22 . 2008-07-02 16:42 <REP> d-------- C:\Documents and Settings\Administrateur
2008-06-11 12:16 . 2008-06-11 18:56 <REP> d-------- C:\Program Files\LabelCommand
2008-06-11 01:04 . 2008-06-11 01:04 <REP> d-------- C:\Documents and Settings\LocalService\Mes documents
2008-06-10 19:31 . 2008-06-10 19:31 <REP> d-------- C:\MenuGEO
2008-06-10 19:24 . 2008-06-10 19:28 <REP> d-------- C:\Program Files\@Last Software
2008-06-10 19:18 . 2008-06-10 19:18 <REP> d-------- C:\WINDOWS\system32\URTTEMP
2008-06-09 10:12 . 2008-06-09 10:12 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\ItsLabel
2008-06-09 10:12 . 2008-06-09 10:12 22 --a------ C:\WINDOWS\system32\ati64hl2.stb
2008-06-08 20:58 . 2008-06-09 22:11 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\DivX
2008-06-08 20:55 . 2008-06-24 19:44 <REP> d-------- C:\Program Files\DivX
2008-06-08 18:27 . 2008-06-08 18:27 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Talkback
2008-06-08 18:27 . 2008-06-08 18:27 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-08 18:22 . 2008-06-10 21:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-06-06 01:03 . 2008-06-17 22:43 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\dvdcss

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-04 23:28 1,378,816 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp
2008-07-04 20:29 1,374,208 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
2008-07-04 20:28 2,376 ----a-w C:\WINDOWS\OEM.tmp
2008-07-04 10:18 --------- d-----w C:\Documents and Settings\salima moulti\Application Data\BitTorrent
2008-07-04 01:07 --------- d-----w C:\Program Files\BitTorrent
2008-07-03 22:11 --------- d-----w C:\Program Files\Hijackthis Version Française
2008-07-02 10:58 --------- d-----w C:\Documents and Settings\salima moulti\Application Data\DNA
2008-07-01 14:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-06-27 11:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-06-25 13:47 --------- d-----w C:\Documents and Settings\salima moulti\Application Data\LimeWire
2008-06-24 23:47 --------- d-----w C:\Documents and Settings\salima moulti\Application Data\vlc
2008-06-24 17:50 --------- d-----w C:\Program Files\adslTV
2008-06-24 17:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-10 17:20 --------- d-----w C:\Program Files\Google
2008-06-06 15:58 --------- d-----w C:\Program Files\LimeWire
2008-06-04 19:26 --------- d-----w C:\Documents and Settings\salima moulti\Application Data\Nokia Multimedia Player
2008-06-04 19:26 --------- d-----w C:\Documents and Settings\salima moulti\Application Data\Nokia
2008-06-04 19:08 --------- d-----w C:\Documents and Settings\salima moulti\Application Data\PC Suite
2008-06-04 19:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite
2008-06-04 19:03 --------- d-----w C:\Program Files\DIFX
2008-06-04 19:02 --------- d-----w C:\Program Files\PC Connectivity Solution
2008-06-04 19:02 --------- d-----w C:\Program Files\Nokia
2008-06-04 19:02 --------- d-----w C:\Program Files\Fichiers communs\PCSuite
2008-06-04 19:02 --------- d-----w C:\Program Files\Fichiers communs\Nokia
2008-06-04 19:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2008-06-04 12:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-03 21:16 --------- d-----w C:\Program Files\DNA
2008-06-03 19:50 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-06-03 19:27 --------- d-----w C:\Program Files\Sun
2008-06-03 19:27 --------- d-----w C:\Program Files\Java
2008-06-03 19:21 --------- d-----w C:\Program Files\Fichiers communs\Java
2008-06-03 10:06 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-06-03 10:03 --------- d-----w C:\Program Files\Windows Live Favorites
2008-06-03 09:56 --------- d-----w C:\Program Files\Windows Live
2008-06-03 09:40 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-06-03 09:36 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-06-03 09:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-06-02 21:06 --------- d-----w C:\Program Files\NETGEAR
2008-06-02 18:16 --------- d-----w C:\Program Files\Ontrack
2008-06-02 18:12 --------- d-----w C:\Program Files\FreeUndelete
2008-06-02 16:08 --------- d-----w C:\Program Files\QuickTime
2008-06-02 16:08 --------- d-----w C:\Program Files\ImTOO
2008-06-02 16:06 --------- d-----w C:\Program Files\VideoLAN
2008-06-02 15:50 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-06-02 15:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\UDL
2008-06-02 15:47 --------- d-----w C:\Program Files\epson
2008-06-02 15:45 --------- d-----w C:\Program Files\ABBYY FineReader 6.0 Sprint
2008-06-02 12:40 --------- d-----w C:\Program Files\MSBuild
2008-06-02 12:40 --------- d-----w C:\Program Files\Microsoft Works
2008-06-02 12:23 --------- d-----w C:\Program Files\Synaptics
2008-06-02 12:22 --------- d-----w C:\Program Files\Intel
2008-06-02 12:21 --------- d-----w C:\Program Files\AvRack
2008-06-02 12:21 --------- d-----w C:\Program Files\Avance Sound Manager
2008-06-02 12:13 --------- d-----w C:\Program Files\microsoft frontpage
2008-06-02 12:08 --------- d-----w C:\Program Files\Services en ligne
.

((((((((((((((((((((((((((((( snapshot@2008-06-30_23.19.05.59 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-07-04 11:24:29 315,392 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_it_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
+ 2008-07-04 11:28:57 820,984 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Autodesk.AutoCAD.Interop.Common\17.0.54.0__eed84259d7cbf30b\Autodesk.AutoCAD.Interop.Common.dll
+ 2008-07-04 11:30:05 1,103,608 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Autodesk.AutoCAD.Interop.Common\17.1.51.0__eed84259d7cbf30b\Autodesk.AutoCAD.Interop.Common.dll
+ 2008-07-04 11:28:58 145,144 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Autodesk.AutoCAD.Interop\17.0.54.0__eed84259d7cbf30b\Autodesk.AutoCAD.Interop.dll
+ 2008-07-04 11:30:06 153,336 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Autodesk.AutoCAD.Interop\17.1.51.0__eed84259d7cbf30b\Autodesk.AutoCAD.Interop.dll
+ 2008-07-04 11:24:44 53,248 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_it_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
+ 2008-07-04 11:24:45 139,264 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_it_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
+ 2008-07-04 11:24:45 10,240 ----a-w C:\WINDOWS\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_it_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
+ 2008-07-04 11:24:31 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.JScript.Resources.dll
+ 2008-07-04 11:24:57 9,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2008-07-04 11:24:56 9,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2008-07-04 11:24:55 61,440 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
+ 2008-07-04 11:24:46 303,104 ----a-w C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.Resources.dll
+ 2008-07-04 11:24:53 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_it_b03f5f7f11d50a3a\sysglobl.resources.dll
+ 2008-07-04 11:24:47 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Configuration.Install.Resources.dll
+ 2008-07-04 11:24:54 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\SYSTEM.CONFIGURATION.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Configuration.resources.dll
+ 2008-07-04 11:24:47 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_it_b77a5c561934e089\System.Data.OracleClient.resources.dll
+ 2008-07-04 11:24:39 327,680 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_it_b77a5c561934e089\System.Data.Resources.dll
+ 2008-07-04 11:24:49 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_it_b77a5c561934e089\system.data.sqlxml.resources.dll
+ 2008-07-04 11:24:30 380,928 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Deployment.resources.dll
+ 2008-07-04 11:24:40 540,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Design.Resources.dll
+ 2008-07-04 11:24:34 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
+ 2008-07-04 11:24:34 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.DirectoryServices.Resources.dll
+ 2008-07-04 11:24:49 6,144 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Drawing.Design.Resources.dll
+ 2008-07-04 11:24:41 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Drawing.Resources.dll
+ 2008-07-04 11:24:32 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.EnterpriseServices.Resources.dll
+ 2008-07-04 11:24:50 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\system.management.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Management.Resources.dll
+ 2008-07-04 11:24:42 61,440 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Messaging.Resources.dll
+ 2008-07-04 11:24:43 204,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_it_b77a5c561934e089\system.Resources.dll
+ 2008-07-04 11:24:51 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_it_b77a5c561934e089\System.Runtime.Remoting.Resources.dll
+ 2008-07-04 11:24:52 11,776 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
+ 2008-07-04 11:24:33 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Security.Resources.dll
+ 2008-07-04 11:24:35 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll
+ 2008-07-04 11:24:52 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_it_b77a5c561934e089\System.Transactions.resources.dll
+ 2008-07-04 11:24:54 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
+ 2008-07-04 11:24:36 598,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Web.Resources.dll
+ 2008-07-04 11:24:37 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Web.Services.Resources.dll
+ 2008-07-04 11:24:38 425,984 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_it_b77a5c561934e089\System.Windows.Forms.Resources.dll
+ 2008-07-04 11:24:39 163,840 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_it_b77a5c561934e089\System.xml.Resources.dll
+ 2008-07-04 11:32:42 1,179,648 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AcLayer\4ea35aba127c7a4787f2b7b3d841f56d\AcLayer.ni.dll
- 2008-06-30 21:12:41 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-07-05 09:14:13 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2007-02-12 07:24:56 114,792 ----a-w C:\WINDOWS\Downloaded Program Files\IDropENU.dll
+ 2007-03-12 12:30:56 114,768 ----a-w C:\WINDOWS\Downloaded Program Files\IDropITA.dll
+ 2008-07-04 11:21:20 4,710 ----a-r C:\WINDOWS\Installer\{5783F2D7-0111-0409-0010-0060B0CE6BBA}\AdPM_icon.exe
+ 2008-07-04 11:21:20 218,272 ----a-r C:\WINDOWS\Installer\{5783F2D7-0111-0409-0010-0060B0CE6BBA}\CMControl.exe
+ 2007-03-07 10:14:48 26,192 ----a-w C:\WINDOWS\Installer\{5783F2D7-0111-0409-0010-0060B0CE6BBA}\CustomRes.dll
+ 2008-07-04 11:31:39 73,728 ----a-r C:\WINDOWS\Installer\{5783F2D7-6009-0410-0002-0060B0CE6BBA}\Acadlt162_icon.exe
+ 2007-03-12 12:30:18 26,192 ----a-w C:\WINDOWS\Installer\{5783F2D7-6009-0410-0002-0060B0CE6BBA}\CustomRes.dll
+ 2007-02-12 08:06:08 267,880 ----a-w C:\WINDOWS\Installer\{5783F2D7-6009-0410-0002-0060B0CE6BBA}\InstBasicUI.dll
+ 2007-03-12 12:30:58 304,720 ----a-w C:\WINDOWS\Installer\{5783F2D7-6009-0410-0002-0060B0CE6BBA}\InstRes.dll
+ 2008-07-04 11:26:06 21,630 ----a-r C:\WINDOWS\Installer\{9A346205-EA92-4406-B1AB-50379DA3F057}\ARPPRODUCTICON.exe
+ 2008-07-04 11:26:06 21,630 ----a-r C:\WINDOWS\Installer\{9A346205-EA92-4406-B1AB-50379DA3F057}\NewShortcut1_9A346205EA924406B1AB50379DA3F057_1.exe
+ 2008-07-04 11:26:06 21,630 ----a-r C:\WINDOWS\Installer\{9A346205-EA92-4406-B1AB-50379DA3F057}\NewShortcut3_9A346205EA924406B1AB50379DA3F057.exe
+ 2008-07-04 10:25:33 65,536 ----a-r C:\WINDOWS\Installer\{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}\ARPPRODUCTICON.exe
+ 2008-07-02 11:09:08 65,536 ----a-r C:\WINDOWS\Installer\{F38E1EF1-BBD6-4743-AF84-021E26B0481C}\ARPPRODUCTICON.exe
+ 2006-01-07 06:53:28 22,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\alinkui.dll
+ 2006-01-07 06:53:30 161,792 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\cscompui.dll
+ 2006-01-07 06:53:30 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\CvtResUI.dll
+ 2006-01-07 06:53:36 212,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\vbc7ui.dll
+ 2006-01-07 06:53:24 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\Vsavb7rtUI.dll
+ 2006-01-07 06:53:38 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\GAC\it\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2006-01-07 06:53:38 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\GAC\it\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2006-01-07 06:53:26 8,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnet_compiler.resources.dll
+ 2006-01-07 06:53:26 82,432 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnet_rc.dll
+ 2006-01-07 06:53:26 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnet_regbrowsers.resources.dll
+ 2006-01-07 06:53:26 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnet_regsql.resources.dll
+ 2006-01-07 06:53:26 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnetmmcext.resources.dll
+ 2006-01-07 06:53:34 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\caspol.resources.dll
+ 2006-01-07 06:53:34 4,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\InstallUtil.resources.dll
+ 2006-01-07 06:53:32 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\JSC.Resources.dll
+ 2006-01-07 06:53:34 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.Build.Engine.resources.dll
+ 2006-01-07 06:53:34 139,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.Build.Tasks.resources.dll
+ 2006-01-07 06:53:34 10,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.Build.Utilities.Resources.dll
+ 2006-01-07 06:53:32 45,056 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.JScript.Resources.dll
+ 2006-01-07 06:53:36 61,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.VisualBasic.resources.dll
+ 2006-01-07 06:53:34 12,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\MSBuild.resources.dll
+ 2006-01-07 06:53:34 303,104 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\mscorlib.Resources.dll
+ 2006-01-07 06:53:34 389,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\mscorrc.dll
+ 2006-01-07 06:53:34 11,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Regasm.resources.dll
+ 2006-01-07 06:53:34 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\ShFusRes.dll
+ 2006-01-07 06:53:34 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\sysglobl.resources.dll
+ 2006-01-07 06:53:34 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Configuration.Install.Resources.dll
+ 2006-01-07 06:53:34 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Configuration.resources.dll
+ 2006-01-07 06:53:34 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Data.OracleClient.resources.dll
+ 2006-01-07 06:53:34 327,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Data.Resources.dll
+ 2006-01-07 06:53:34 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\system.data.sqlxml.resources.dll
+ 2006-01-07 06:53:28 380,928 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Deployment.resources.dll
+ 2006-01-07 06:53:34 540,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Design.Resources.dll
+ 2006-01-07 06:53:34 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.DirectoryServices.Protocols.resources.dll
+ 2006-01-07 06:53:34 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.DirectoryServices.Resources.dll
+ 2006-01-07 06:53:34 6,144 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Drawing.Design.Resources.dll
+ 2006-01-07 06:53:34 24,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Drawing.Resources.dll
+ 2006-01-07 06:53:34 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.EnterpriseServices.Resources.dll
+ 2006-01-07 06:53:34 13,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Management.Resources.dll
+ 2006-01-07 06:53:34 61,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Messaging.Resources.dll
+ 2006-01-07 06:53:34 204,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\system.Resources.dll
+ 2006-01-07 06:53:34 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Runtime.Remoting.Resources.dll
+ 2006-01-07 06:53:34 11,776 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Runtime.Serialization.Formatters.Soap.Resources.dll
+ 2006-01-07 06:53:34 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Security.Resources.dll
+ 2006-01-07 06:53:34 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.ServiceProcess.Resources.dll
+ 2006-01-07 06:53:34 16,384 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Transactions.resources.dll
+ 2006-01-07 06:53:34 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Web.Mobile.resources.dll
+ 2006-01-07 06:53:34 598,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Web.Resources.dll
+ 2006-01-07 06:53:34 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Web.Services.Resources.dll
+ 2006-01-07 06:53:34 425,984 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Windows.Forms.Resources.dll
+ 2006-01-07 06:53:34 163,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.xml.Resources.dll
+ 2005-12-09 08:46:34 609,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - ITA\install.exe
+ 2005-12-09 08:46:34 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - ITA\install.res.1040.dll
+ 2005-12-09 10:26:10 245,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - ITA\unicows.dll
+ 2006-01-07 06:53:34 22,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0410\mscorsecr.dll
+ 2007-02-12 07:38:11 30,312 ----a-w C:\WINDOWS\system32\AcSignExt.dll
+ 2007-03-12 12:28:48 15,952 ----a-w C:\WINDOWS\system32\AcSignExtRes.dll
+ 2007-02-12 07:38:12 44,648 ----a-w C:\WINDOWS\system32\AcSignIcon.dll
+ 2007-02-12 07:38:13 54,376 ----a-w C:\WINDOWS\system32\AcSignOpt.exe
- 2008-06-02 12:18:29 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-07-02 16:08:57 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-07-02 15:37:01 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT
- 2008-06-02 12:18:29 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2008-07-02 16:08:57 32,768 ----a

Réponse 17 / 20

ep44 Messages postés 7432 Statut Contributeur 3

https://forums.commentcamarche.net/forum/s/m/salma?forum_num=7

??????????

Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537

Bonsoir ep44,

probablement plusieurs personnes différentes.

salma > Lyonnais92 Messages postés 25708 Statut Contributeur sécurité

salut lyonnais
voila le rapport combofix aprés suppression de ce que tu m'as indiqué et plus bas le rapport hijackthis................MERCI 0 TOI lyonnais.

ComboFix 08-07-01.5 - salima moulti 2008-07-05 11:05:40.5 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.499 [GMT 2:00]
Endroit: C:\Documents and Settings\salima moulti\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\salima moulti\Bureau\CFscript.txt
* Création d'un nouveau point de restauration
* Resident AV is active

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

FILE ::
C:\WINDOWS\PSEXESVC.EXE
C:\WINDOWS\system32\perfc00C.dat
C:\WINDOWS\system32\perfh00C.dat
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\salima moulti\Application Data\Dealio
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\as_sidebar.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\blank.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\deal_report.jpg
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\DealioSearch.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\deals-endcap.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\deals-leftcap.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\ebay_login.jpg
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\endcap22-bg.png
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\endcap22-left.png
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\endcap22-right-arrow.png
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\endcap22-right.png
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\err_mainwindow.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\err_sidebar.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\err_toolbar.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\ErrorPageTemplate.css
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\global_scripts.js
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\headerbgthin.jpg
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\help.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\logo.png
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\logo_over.png
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\man_toolbar.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\man_toolbar.js
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\pill_bg.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\post-this-deal.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\post-this-deal_over.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\scripts.js
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\scroller.js
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\search-chevron.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\search_bg_blink.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\separator.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\settings.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\settings_over.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\sidebar.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\steals_bg.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\tab_icon.png
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\tabdata.js
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\tablib.js
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\tabwelcome_en.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\toolbar_background.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\yahoo_search.gif
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\index.1.80.39
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.10.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.109.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.110.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.12.52
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.13.58
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.130.58
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.135.50
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.153.44
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.155.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.156.49
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.16.60
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.161.52
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.178.66
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.184.55
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.188.52
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.189.45
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.196.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.198.56
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.199.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.200.53
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.201.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.202.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.203.71
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.205.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.213.71
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.214.49
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.215.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.216.67
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.217.67
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.218.52
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.219.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.220.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.221.57
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.222.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.223.68
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.226.68
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.227.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.228.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.229.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.23.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.239.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.24.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.240.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.241.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.242.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.243.77
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.244.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.245.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.247.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.248.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.249.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.250.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.251.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.252.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.253.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.254.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.255.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.256.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.257.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.279.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.28.58
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.282.75
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.283.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.284.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.289.67
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.290.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.291.61
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.296.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.297.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.304.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.307.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.308.75
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.31.47
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.310.46
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.311.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.315.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.316.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.317.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.318.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.319.49
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.32.48
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.334.44
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.335.60
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.336.44
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.337.44
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.338.75
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.339.47
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.34.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.340.47
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.341.47
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.349.50
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.35.48
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.350.50
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.351.51
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.352.77
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.353.51
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.354.51
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.357.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.358.52
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.359.52
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.360.53
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.361.54
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.362.68
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.363.58
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.364.54
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.365.53
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.367.56
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.368.58
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.369.55
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.370.80
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.371.56
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.372.57
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.373.55
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.375.56
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.376.57
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.377.55
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.378.65
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.384.58
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.386.71
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.387.59
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.388.59
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.389.59
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.390.60
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.391.78
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.392.60
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.393.60
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.394.60
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.396.61
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.397.61
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.398.60
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.399.60
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.403.61
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.404.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.405.61
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.406.61
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.407.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.408.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.409.61
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.412.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.413.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.414.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.415.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.416.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.417.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.418.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.419.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.420.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.421.62
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.423.77
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.424.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.425.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.426.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.427.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.428.65
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.429.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.430.63
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.432.65
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.433.64
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.434.65
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.435.64
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.436.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.437.64
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.438.71
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.439.71
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.440.75
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.442.73
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.443.73
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.444.73
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.445.68
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.446.69
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.450.67
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.451.67
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.452.68
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.453.68
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.454.69
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.456.69
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.457.75
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.458.70
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.459.70
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.460.69
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.462.74
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.463.69
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.464.70
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.465.68
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.468.70
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.469.70
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.470.70
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.471.73
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.472.70
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.478.74
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.479.73
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.480.68
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.481.71
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.482.74
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.49.67
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.50.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.500.71
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.501.74
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.502.71
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.51.69
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.52.72
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.520.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.521.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.522.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.53.51
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.531.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.532.75
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.533.77
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.534.75
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.54.47
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.55.45
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.56.69
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.57.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.58.47
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.591.79
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.592.79
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.593.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.594.77
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.595.76
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.608.78
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.610.80
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.611.79
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.614.79
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.617.79
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.624.80
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.63.57
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.640.80
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.641.80
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.66.47
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.70.75
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\rules\rules.1.71.43
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\temp\_toolbar_tmp_1372_2420_3.html
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\temp\dealio-14062.log
C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\temp\dod_cache.xml
C:\Documents and Settings\salima moulti\Application Data\EoRezo
C:\Documents and Settings\salima moulti\Application Data\EoRezo\cmhost.cyp
C:\Documents and Settings\salima moulti\Application Data\EoRezo\ConfMedia.cyp
C:\Documents and Settings\salima moulti\Application Data\EoRezo\db\cat.cyp
C:\Documents and Settings\salima moulti\Application Data\EoRezo\eoDesktop\config.xml
C:\Documents and Settings\salima moulti\Application Data\EoRezo\eoDesktop\eoDesktop.html
C:\Documents and Settings\salima moulti\Application Data\EoRezo\eoDesktop\userConfig.xml
C:\Documents and Settings\salima moulti\Application Data\EoRezo\host.cyp
C:\Documents and Settings\salima moulti\Application Data\EoRezo\user.cyp
C:\Program Files\EoRezo
C:\Program Files\EoRezo\ConfMedia.cyp
C:\Program Files\EoRezo\EoAdv\EoAdv.dll
C:\Program Files\EoRezo\EoAdv\eoAdv.url
C:\Program Files\EoRezo\EoAdv\tmp\eoRezoBho.dll.2139
C:\Program Files\EoRezo\EoEngine.exe
C:\Program Files\EoRezo\eoEngine.url
C:\Program Files\EoRezo\EoMultiLanguage.dll
C:\Program Files\EoRezo\EoRezoComm.dll
C:\Program Files\EoRezo\EoRezoImg_15.dll
C:\Program Files\EoRezo\EoRezoImg_16.dll
C:\Program Files\EoRezo\EoRezoImg_17.dll
C:\Program Files\EoRezo\EoRezoImg_18.dll
C:\Program Files\EoRezo\EoRezoImg_19.dll
C:\Program Files\EoRezo\EoRezoImg_20.dll
C:\Program Files\EoRezo\EoRezoImg_21.dll
C:\Program Files\EoRezo\EoRezoImg_22.dll
C:\Program Files\EoRezo\EoRezoImg_23.dll
C:\Program Files\EoRezo\EoRezoImg_24.dll
C:\Program Files\EoRezo\EoRezoTools_15.dll
C:\Program Files\EoRezo\EoRezoTools_16.dll
C:\Program Files\EoRezo\EoRezoTools_17.dll
C:\Program Files\EoRezo\EoRezoTools_18.dll
C:\Program Files\EoRezo\EoRezoTools_19.dll
C:\Program Files\EoRezo\EoRezoTools_20.dll
C:\Program Files\EoRezo\EoRezoTools_21.dll
C:\Program Files\EoRezo\EoRezoTools_22.dll
C:\Program Files\EoRezo\EoRezoTools_23.dll
C:\Program Files\EoRezo\EoRezoTools_24.dll
C:\Program Files\EoRezo\EoRezoTools_25.dll
C:\Program Files\EoRezo\FreeImage.dll
C:\Program Files\EoRezo\Host.cyp
C:\Program Files\EoRezo\icon_eo.st.ico
C:\Program Files\EoRezo\lang\ihm_eoclock.xml
C:\Program Files\EoRezo\lang\ihm_eoengine.xml
C:\Program Files\EoRezo\lang\ihm_eonet.xml
C:\Program Files\EoRezo\lang\ihm_eorezotools.xml
C:\Program Files\EoRezo\lang\ihm_eosudoku.xml
C:\Program Files\EoRezo\lang\ihm_eoweather.xml
C:\Program Files\EoRezo\lang\lang_en.xml
C:\Program Files\EoRezo\lang\lang_es.xml
C:\Program Files\EoRezo\lang\lang_fr.xml
C:\Program Files\EoRezo\lang\lang_it.xml
C:\Program Files\EoRezo\MngInstaller.dll
C:\Program Files\EoRezo\unins000.dat
C:\Program Files\EoRezo\unins000.exe
C:\Program Files\EoRezo\user.cyp
C:\QUARANTINE
C:\WINDOWS\PSEXESVC.EXE
C:\WINDOWS\system32\perfc00C.dat
C:\WINDOWS\system32\perfh00C.dat
.
---- Previous Run -------
.
C:\sqmdata05.sqm
C:\sqmdata06.sqm
C:\sqmnoopt05.sqm
C:\sqmnoopt06.sqm
C:\WINDOWS\BM1f2c50dd.txt
C:\WINDOWS\BM1f2c50dd.xml
C:\WINDOWS\camsad.ini
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\459849
C:\WINDOWS\system32\459849\459849.dll
C:\WINDOWS\system32\bnhtxlqy.ini
C:\WINDOWS\system32\cbXRIawT.dll
C:\WINDOWS\system32\ieupdates.exe.tmp
C:\WINDOWS\system32\jogtci.dll
C:\WINDOWS\system32\jpwhdlft.ini
C:\WINDOWS\system32\jStDJRqr.ini
C:\WINDOWS\system32\jStDJRqr.ini2
C:\WINDOWS\system32\myryopcu.ini
C:\WINDOWS\system32\pWHhQqru.ini
C:\WINDOWS\system32\pWHhQqru.ini2
C:\WINDOWS\system32\rxhuwpta.dll
C:\WINDOWS\system32\tflvnbso.dll
C:\WINDOWS\system32\tmp.reg
C:\WINDOWS\system32\TwaIRXbc.ini
C:\WINDOWS\system32\TwaIRXbc.ini2
C:\WINDOWS\system32\urqQhHWp.dll
C:\WINDOWS\system32\visbjfci.ini
C:\WINDOWS\system32\xioxadqm.ini

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CORE
-------\Legacy_LPTRDCSRV
-------\Legacy_tcpsr
-------\Legacy_TNIDRIVER
-------\Service_TnIDriver
-------\Service_npf

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-05 to 2008-07-05 ))))))))))))))))))))))))))))))))))))
.

2008-07-04 15:02 . 2004-03-02 17:37 125,184 --------- C:\WINDOWS\system32\drivers\imagesrv.sys
2008-07-04 15:02 . 2004-03-02 17:37 5,504 --------- C:\WINDOWS\system32\drivers\imagedrv.sys
2008-07-04 15:00 . 2004-07-26 17:16 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll
2008-07-04 15:00 . 2004-07-26 17:16 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll
2008-07-04 15:00 . 2004-07-26 17:16 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll
2008-07-04 15:00 . 2004-07-26 17:16 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll
2008-07-04 15:00 . 2001-07-09 11:50 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2008-07-04 15:00 . 2000-06-26 11:45 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2008-07-04 14:59 . 2008-07-04 14:59 <REP> d-------- C:\Program Files\Fichiers communs\Ahead
2008-07-04 14:59 . 2008-07-04 15:00 <REP> d-------- C:\Program Files\Ahead
2008-07-04 13:26 . 2008-07-04 13:31 <REP> d-------- C:\Program Files\AutoCAD LT 2008
2008-07-04 13:25 . 2008-07-04 13:31 <REP> d-------- C:\Program Files\Fichiers communs\Autodesk Shared
2008-07-04 13:21 . 2008-07-04 13:25 <REP> d-------- C:\Program Files\Autodesk
2008-07-04 12:29 . 2008-07-04 12:29 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Autodesk
2008-07-04 12:29 . 2008-07-04 13:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Autodesk
2008-07-03 01:45 . 2008-07-05 11:22 1,185,824 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-07-03 01:45 . 2008-07-05 11:13 18,056 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-07-03 01:40 . 2008-07-03 01:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-07-03 01:40 . 2008-04-02 21:08 54,672 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
2008-07-03 01:40 . 2008-04-02 21:08 42,384 --a------ C:\WINDOWS\zllsputility_loc040c.dll
2008-07-03 01:40 . 2008-04-02 21:08 21,904 --a------ C:\WINDOWS\system32\imsinstall_loc040c.dll
2008-07-03 01:40 . 2008-04-02 21:08 17,808 --a------ C:\WINDOWS\system32\imslsp_install_loc040c.dll
2008-07-03 01:40 . 2008-07-03 01:43 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-07-03 01:39 . 2008-04-02 21:07 75,248 --a------ C:\WINDOWS\zllsputility.exe
2008-07-03 01:38 . 2008-07-03 01:38 <REP> d-------- C:\Program Files\Zone Labs
2008-07-02 17:35 . 2008-07-02 17:35 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\Application Data\Dealio
2008-07-02 17:25 . 2008-07-02 17:24 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys
2008-07-02 17:25 . 2008-07-02 17:24 298,104 --a------ C:\WINDOWS\system32\imon.dll
2008-07-02 17:25 . 2008-07-02 17:24 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
2008-07-02 17:23 . 2008-07-02 19:09 <REP> d-------- C:\Program Files\Eset
2008-07-02 16:45 . 2008-07-02 17:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2008-07-02 13:02 . 2004-08-04 01:54 578,048 --a------ C:\WINDOWS\system32\oahvoz
2008-07-02 13:02 . 2008-07-02 13:02 27,136 --a------ C:\WINDOWS\system32\head-25-06.exe
2008-07-02 13:02 . 2008-07-02 13:02 2 --a------ C:\471819246
2008-07-02 13:01 . 2008-07-02 13:01 402,010 --a------ C:\Documents and Settings\salima moulti\g49.exe
2008-07-02 13:01 . 2008-07-05 11:22 65,970 --a------ C:\WINDOWS\system32\drivers\a755ad61.sys
2008-07-01 23:39 . 2008-07-01 23:39 <REP> d-------- C:\Deckard
2008-07-01 22:03 . 2008-07-01 22:03 <REP> d-------- C:\Program Files\Alwil Software
2008-07-01 15:46 . 2008-07-01 15:46 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-01 15:46 . 2008-06-28 14:16 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-07-01 15:46 . 2008-06-28 14:16 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-30 10:56 . 2008-06-30 10:56 95 --a------ C:\WINDOWS\wininit.ini
2008-06-30 02:35 . 2008-06-30 10:56 <REP> d-------- C:\Program Files\a-squared Free
2008-06-30 01:31 . 2008-06-30 01:31 <REP> d-------- C:\Program Files\Lavasoft
2008-06-30 01:31 . 2008-06-30 22:08 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Lavasoft
2008-06-28 20:27 . 2008-06-28 20:27 <REP> d-------- C:\Program Files\Fichiers communs\Cisco Systems
2008-06-28 20:27 . 2006-12-19 15:06 1,495,552 --a------ C:\WINDOWS\system32\epoPGPsdk.dll
2008-06-26 20:49 . 2001-08-23 17:04 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-06-26 20:49 . 2001-08-23 17:04 12,288 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2008-06-26 20:48 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-06-26 20:48 . 2001-08-17 22:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-06-25 00:32 . 2008-06-25 00:32 82,928 --a------ C:\IMG_1258.JPG
2008-06-24 19:28 . 2002-11-11 19:52 6,400 --a------ C:\WINDOWS\system32\drivers\pctvvbi.sys
2008-06-24 19:27 . 2001-05-11 12:18 420,240 --a------ C:\WINDOWS\system32\mpg4c32.dll
2008-06-24 19:25 . 2008-06-24 19:25 <REP> d-------- C:\Pinnacle
2008-06-24 19:08 . 2008-06-24 19:10 455 --a------ C:\WINDOWS\VFO.VST
2008-06-24 19:08 . 2008-06-24 19:08 51 --a------ C:\WINDOWS\system32\blue.SITENAME
2008-06-24 19:07 . 2004-08-04 01:54 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-06-24 18:52 . 2004-07-02 16:28 84,992 --a------ C:\WINDOWS\system32\ATL70.DLL
2008-06-24 18:52 . 2008-06-24 19:44 1,196 --a------ C:\WINDOWS\VFO.INI
2008-06-24 18:51 . 2005-02-09 11:59 14,165 --a------ C:\WINDOWS\system32\drivers\Pclepci.sys
2008-06-24 18:46 . 2008-06-24 19:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
2008-06-24 18:44 . 2008-06-24 19:43 <REP> d-------- C:\Program Files\Pinnacle
2008-06-24 18:44 . 2008-06-24 19:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle
2008-06-24 16:40 . 2008-06-24 16:40 <REP> d-------- C:\Program Files\NVIDIA Corporation
2008-06-24 16:40 . 2008-06-24 16:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2008-06-24 16:40 . 2004-10-11 11:28 671,744 --a------ C:\WINDOWS\system32\DolbyHph.dll
2008-06-24 16:40 . 2004-11-12 16:01 60,416 --a------ C:\WINDOWS\system32\DSETUP.dll
2008-06-24 16:40 . 2004-12-13 09:44 14,848 --a------ C:\WINDOWS\system32\drivers\nvndis.sys
2008-06-24 16:40 . 2004-10-11 11:28 9,856 --a------ C:\WINDOWS\system32\drivers\pfc.sys
2008-06-15 11:25 . 2008-06-15 11:25 <REP> d-------- C:\Program Files\VintaSoft
2008-06-15 11:10 . 2008-06-15 11:12 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-06-15 10:59 . 2008-03-01 14:58 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-06-15 10:59 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-06-15 10:59 . 2007-03-08 07:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-06-15 10:59 . 2008-03-01 14:58 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-06-15 10:59 . 2008-03-01 14:58 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-06-15 10:59 . 2008-03-01 14:58 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-06-15 10:59 . 2008-03-01 14:58 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-06-15 10:59 . 2008-03-01 14:58 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-06-15 10:59 . 2008-02-22 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-06-13 11:54 . 2008-06-13 11:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-06-13 11:48 . 2008-06-13 11:48 <REP> d-------- C:\Program Files\Yahoo!
2008-06-13 11:48 . 2008-06-13 11:48 <REP> d-------- C:\Program Files\CCleaner
2008-06-12 22:21 . 2008-06-12 22:21 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-06-12 21:27 . 2008-06-12 21:27 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Malwarebytes
2008-06-12 21:27 . 2008-06-12 21:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-11 20:25 . 2008-06-11 20:25 <REP> d-------- C:\WINDOWS\Sun
2008-06-11 16:21 . 2008-07-04 00:11 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2008-06-11 15:55 . 2008-06-11 15:55 <REP> d---s---- C:\Documents and Settings\Administrateur\UserData
2008-06-11 15:32 . 2008-07-01 00:45 <REP> d-------- C:\Program Files\Trend Micro
2008-06-11 14:13 . 2008-07-01 17:02 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-06-11 14:13 . 2008-07-01 17:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-11 13:59 . 2008-06-30 22:01 <REP> d-------- C:\Program Files\RogueRemover FREE
2008-06-11 13:04 . 2008-06-11 15:23 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-06-11 12:59 . 2004-08-03 23:00 28,672 --a------ C:\WINDOWS\system32\drivers\nscirda.sys
2008-06-11 12:59 . 2004-08-03 23:00 28,672 --a--c--- C:\WINDOWS\system32\dllcache\nscirda.sys
2008-06-11 12:38 . 2008-06-11 12:38 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-06-11 12:38 . 2008-06-11 12:38 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-06-11 12:38 . 2008-07-02 16:44 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-06-11 12:22 . 2008-06-11 12:38 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-06-11 12:22 . 2008-07-02 16:42 <REP> d-------- C:\Documents and Settings\Administrateur
2008-06-11 12:16 . 2008-06-11 18:56 <REP> d-------- C:\Program Files\LabelCommand
2008-06-11 01:04 . 2008-06-11 01:04 <REP> d-------- C:\Documents and Settings\LocalService\Mes documents
2008-06-10 19:31 . 2008-06-10 19:31 <REP> d-------- C:\MenuGEO
2008-06-10 19:24 . 2008-06-10 19:28 <REP> d-------- C:\Program Files\@Last Software
2008-06-10 19:18 . 2008-06-10 19:18 <REP> d-------- C:\WINDOWS\system32\URTTEMP
2008-06-09 10:12 . 2008-06-09 10:12 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\ItsLabel
2008-06-09 10:12 . 2008-06-09 10:12 22 --a------ C:\WINDOWS\system32\ati64hl2.stb
2008-06-08 20:58 . 2008-06-09 22:11 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\DivX
2008-06-08 20:55 . 2008-06-24 19:44 <REP> d-------- C:\Program Files\DivX
2008-06-08 18:27 . 2008-06-08 18:27 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\Talkback
2008-06-08 18:27 . 2008-06-08 18:27 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-08 18:22 . 2008-06-10 21:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-06-06 01:03 . 2008-06-17 22:43 <REP> d-------- C:\Documents and Settings\salima moulti\Application Data\dvdcss

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-04 23:28 1,378,816 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp
2008-07-04 20:29 1,374,208 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
2008-07-04 20:28 2,376 ----a-w C:\WINDOWS\OEM.tmp
2008-07-04 10:18 --------- d-----w C:\Documents and Settings\salima moulti\Application Data\BitTorrent
2008-07-04 01:07 --------- d-----w C:\Program Files\BitTorrent
2008-07-03 22:11 --------- d-----w C:\Program Files\Hijackthis Version Française
2008-07-02 10:58 --------- d-----w C:\Documents and Settings\salima moulti\Application Data\DNA
2008-07-01 14:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-06-27 11:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-06-25 13:47 --------- d-----w C:\Documents and Settings\salima moulti\Application Data\LimeWire
2008-06-24 23:47 --------- d-----w C:\Documents and Settings\salima moulti\Application Data\vlc
2008-06-24 17:50 --------- d-----w C:\Program Files\adslTV
2008-06-24 17:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-10 17:20 --------- d-----w C:\Program Files\Google
2008-06-06 15:58 --------- d-----w C:\Program Files\LimeWire
2008-06-04 19:26 --------- d-----w C:\Documents and Settings\salima moulti\Application Data\Nokia Multimedia Player
2008-06-04 19:26 --------- d-----w C:\Documents and Settings\salima moulti\Application Data\Nokia
2008-06-04 19:08 --------- d-----w C:\Documents and Settings\salima moulti\Application Data\PC Suite
2008-06-04 19:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite
2008-06-04 19:03 --------- d-----w C:\Program Files\DIFX
2008-06-04 19:02 --------- d-----w C:\Program Files\PC Connectivity Solution
2008-06-04 19:02 --------- d-----w C:\Program Files\Nokia
2008-06-04 19:02 --------- d-----w C:\Program Files\Fichiers communs\PCSuite
2008-06-04 19:02 --------- d-----w C:\Program Files\Fichiers communs\Nokia
2008-06-04 19:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2008-06-04 12:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-03 21:16 --------- d-----w C:\Program Files\DNA
2008-06-03 19:50 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-06-03 19:27 --------- d-----w C:\Program Files\Sun
2008-06-03 19:27 --------- d-----w C:\Program Files\Java
2008-06-03 19:21 --------- d-----w C:\Program Files\Fichiers communs\Java
2008-06-03 10:06 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-06-03 10:03 --------- d-----w C:\Program Files\Windows Live Favorites
2008-06-03 09:56 --------- d-----w C:\Program Files\Windows Live
2008-06-03 09:40 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-06-03 09:36 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-06-03 09:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-06-02 21:06 --------- d-----w C:\Program Files\NETGEAR
2008-06-02 18:16 --------- d-----w C:\Program Files\Ontrack
2008-06-02 18:12 --------- d-----w C:\Program Files\FreeUndelete
2008-06-02 16:08 --------- d-----w C:\Program Files\QuickTime
2008-06-02 16:08 --------- d-----w C:\Program Files\ImTOO
2008-06-02 16:06 --------- d-----w C:\Program Files\VideoLAN
2008-06-02 15:50 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-06-02 15:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\UDL
2008-06-02 15:47 --------- d-----w C:\Program Files\epson
2008-06-02 15:45 --------- d-----w C:\Program Files\ABBYY FineReader 6.0 Sprint
2008-06-02 12:40 --------- d-----w C:\Program Files\MSBuild
2008-06-02 12:40 --------- d-----w C:\Program Files\Microsoft Works
2008-06-02 12:23 --------- d-----w C:\Program Files\Synaptics
2008-06-02 12:22 --------- d-----w C:\Program Files\Intel
2008-06-02 12:21 --------- d-----w C:\Program Files\AvRack
2008-06-02 12:21 --------- d-----w C:\Program Files\Avance Sound Manager
2008-06-02 12:13 --------- d-----w C:\Program Files\microsoft frontpage
2008-06-02 12:08 --------- d-----w C:\Program Files\Services en ligne
.

((((((((((((((((((((((((((((( snapshot@2008-06-30_23.19.05.59 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-07-04 11:24:29 315,392 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_it_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
+ 2008-07-04 11:28:57 820,984 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Autodesk.AutoCAD.Interop.Common\17.0.54.0__eed84259d7cbf30b\Autodesk.AutoCAD.Interop.Common.dll
+ 2008-07-04 11:30:05 1,103,608 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Autodesk.AutoCAD.Interop.Common\17.1.51.0__eed84259d7cbf30b\Autodesk.AutoCAD.Interop.Common.dll
+ 2008-07-04 11:28:58 145,144 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Autodesk.AutoCAD.Interop\17.0.54.0__eed84259d7cbf30b\Autodesk.AutoCAD.Interop.dll
+ 2008-07-04 11:30:06 153,336 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Autodesk.AutoCAD.Interop\17.1.51.0__eed84259d7cbf30b\Autodesk.AutoCAD.Interop.dll
+ 2008-07-04 11:24:44 53,248 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_it_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
+ 2008-07-04 11:24:45 139,264 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_it_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
+ 2008-07-04 11:24:45 10,240 ----a-w C:\WINDOWS\assembly\GAC_MSIL\microsoft.build.utilities.resources\2.0.0.0_it_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
+ 2008-07-04 11:24:31 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.JScript.Resources.dll
+ 2008-07-04 11:24:57 9,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2008-07-04 11:24:56 9,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2008-07-04 11:24:55 61,440 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_it_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
+ 2008-07-04 11:24:46 303,104 ----a-w C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.Resources.dll
+ 2008-07-04 11:24:53 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_it_b03f5f7f11d50a3a\sysglobl.resources.dll
+ 2008-07-04 11:24:47 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Configuration.Install.Resources.dll
+ 2008-07-04 11:24:54 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\SYSTEM.CONFIGURATION.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Configuration.resources.dll
+ 2008-07-04 11:24:47 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_it_b77a5c561934e089\System.Data.OracleClient.resources.dll
+ 2008-07-04 11:24:39 327,680 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_it_b77a5c561934e089\System.Data.Resources.dll
+ 2008-07-04 11:24:49 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_it_b77a5c561934e089\system.data.sqlxml.resources.dll
+ 2008-07-04 11:24:30 380,928 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Deployment.resources.dll
+ 2008-07-04 11:24:40 540,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Design.Resources.dll
+ 2008-07-04 11:24:34 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
+ 2008-07-04 11:24:34 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.DirectoryServices.Resources.dll
+ 2008-07-04 11:24:49 6,144 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Drawing.Design.Resources.dll
+ 2008-07-04 11:24:41 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Drawing.Resources.dll
+ 2008-07-04 11:24:32 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.EnterpriseServices.Resources.dll
+ 2008-07-04 11:24:50 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\system.management.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Management.Resources.dll
+ 2008-07-04 11:24:42 61,440 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Messaging.Resources.dll
+ 2008-07-04 11:24:43 204,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_it_b77a5c561934e089\system.Resources.dll
+ 2008-07-04 11:24:51 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_it_b77a5c561934e089\System.Runtime.Remoting.Resources.dll
+ 2008-07-04 11:24:52 11,776 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
+ 2008-07-04 11:24:33 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Security.Resources.dll
+ 2008-07-04 11:24:35 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll
+ 2008-07-04 11:24:52 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_it_b77a5c561934e089\System.Transactions.resources.dll
+ 2008-07-04 11:24:54 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
+ 2008-07-04 11:24:36 598,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Web.Resources.dll
+ 2008-07-04 11:24:37 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.Web.Services.Resources.dll
+ 2008-07-04 11:24:38 425,984 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_it_b77a5c561934e089\System.Windows.Forms.Resources.dll
+ 2008-07-04 11:24:39 163,840 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_it_b77a5c561934e089\System.xml.Resources.dll
+ 2008-07-04 11:32:42 1,179,648 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AcLayer\4ea35aba127c7a4787f2b7b3d841f56d\AcLayer.ni.dll
- 2008-06-30 21:12:41 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-07-05 09:14:13 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2007-02-12 07:24:56 114,792 ----a-w C:\WINDOWS\Downloaded Program Files\IDropENU.dll
+ 2007-03-12 12:30:56 114,768 ----a-w C:\WINDOWS\Downloaded Program Files\IDropITA.dll
+ 2008-07-04 11:21:20 4,710 ----a-r C:\WINDOWS\Installer\{5783F2D7-0111-0409-0010-0060B0CE6BBA}\AdPM_icon.exe
+ 2008-07-04 11:21:20 218,272 ----a-r C:\WINDOWS\Installer\{5783F2D7-0111-0409-0010-0060B0CE6BBA}\CMControl.exe
+ 2007-03-07 10:14:48 26,192 ----a-w C:\WINDOWS\Installer\{5783F2D7-0111-0409-0010-0060B0CE6BBA}\CustomRes.dll
+ 2008-07-04 11:31:39 73,728 ----a-r C:\WINDOWS\Installer\{5783F2D7-6009-0410-0002-0060B0CE6BBA}\Acadlt162_icon.exe
+ 2007-03-12 12:30:18 26,192 ----a-w C:\WINDOWS\Installer\{5783F2D7-6009-0410-0002-0060B0CE6BBA}\CustomRes.dll
+ 2007-02-12 08:06:08 267,880 ----a-w C:\WINDOWS\Installer\{5783F2D7-6009-0410-0002-0060B0CE6BBA}\InstBasicUI.dll
+ 2007-03-12 12:30:58 304,720 ----a-w C:\WINDOWS\Installer\{5783F2D7-6009-0410-0002-0060B0CE6BBA}\InstRes.dll
+ 2008-07-04 11:26:06 21,630 ----a-r C:\WINDOWS\Installer\{9A346205-EA92-4406-B1AB-50379DA3F057}\ARPPRODUCTICON.exe
+ 2008-07-04 11:26:06 21,630 ----a-r C:\WINDOWS\Installer\{9A346205-EA92-4406-B1AB-50379DA3F057}\NewShortcut1_9A346205EA924406B1AB50379DA3F057_1.exe
+ 2008-07-04 11:26:06 21,630 ----a-r C:\WINDOWS\Installer\{9A346205-EA92-4406-B1AB-50379DA3F057}\NewShortcut3_9A346205EA924406B1AB50379DA3F057.exe
+ 2008-07-04 10:25:33 65,536 ----a-r C:\WINDOWS\Installer\{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}\ARPPRODUCTICON.exe
+ 2008-07-02 11:09:08 65,536 ----a-r C:\WINDOWS\Installer\{F38E1EF1-BBD6-4743-AF84-021E26B0481C}\ARPPRODUCTICON.exe
+ 2006-01-07 06:53:28 22,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\alinkui.dll
+ 2006-01-07 06:53:30 161,792 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\cscompui.dll
+ 2006-01-07 06:53:30 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\CvtResUI.dll
+ 2006-01-07 06:53:36 212,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\vbc7ui.dll
+ 2006-01-07 06:53:24 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1040\Vsavb7rtUI.dll
+ 2006-01-07 06:53:38 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\GAC\it\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2006-01-07 06:53:38 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\GAC\it\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2006-01-07 06:53:26 8,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnet_compiler.resources.dll
+ 2006-01-07 06:53:26 82,432 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnet_rc.dll
+ 2006-01-07 06:53:26 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnet_regbrowsers.resources.dll
+ 2006-01-07 06:53:26 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnet_regsql.resources.dll
+ 2006-01-07 06:53:26 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\aspnetmmcext.resources.dll
+ 2006-01-07 06:53:34 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\caspol.resources.dll
+ 2006-01-07 06:53:34 4,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\InstallUtil.resources.dll
+ 2006-01-07 06:53:32 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\JSC.Resources.dll
+ 2006-01-07 06:53:34 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.Build.Engine.resources.dll
+ 2006-01-07 06:53:34 139,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.Build.Tasks.resources.dll
+ 2006-01-07 06:53:34 10,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.Build.Utilities.Resources.dll
+ 2006-01-07 06:53:32 45,056 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.JScript.Resources.dll
+ 2006-01-07 06:53:36 61,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Microsoft.VisualBasic.resources.dll
+ 2006-01-07 06:53:34 12,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\MSBuild.resources.dll
+ 2006-01-07 06:53:34 303,104 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\mscorlib.Resources.dll
+ 2006-01-07 06:53:34 389,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\mscorrc.dll
+ 2006-01-07 06:53:34 11,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\Regasm.resources.dll
+ 2006-01-07 06:53:34 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\ShFusRes.dll
+ 2006-01-07 06:53:34 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\sysglobl.resources.dll
+ 2006-01-07 06:53:34 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Configuration.Install.Resources.dll
+ 2006-01-07 06:53:34 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Configuration.resources.dll
+ 2006-01-07 06:53:34 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Data.OracleClient.resources.dll
+ 2006-01-07 06:53:34 327,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Data.Resources.dll
+ 2006-01-07 06:53:34 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\system.data.sqlxml.resources.dll
+ 2006-01-07 06:53:28 380,928 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Deployment.resources.dll
+ 2006-01-07 06:53:34 540,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Design.Resources.dll
+ 2006-01-07 06:53:34 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.DirectoryServices.Protocols.resources.dll
+ 2006-01-07 06:53:34 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.DirectoryServices.Resources.dll
+ 2006-01-07 06:53:34 6,144 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Drawing.Design.Resources.dll
+ 2006-01-07 06:53:34 24,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Drawing.Resources.dll
+ 2006-01-07 06:53:34 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.EnterpriseServices.Resources.dll
+ 2006-01-07 06:53:34 13,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Management.Resources.dll
+ 2006-01-07 06:53:34 61,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Messaging.Resources.dll
+ 2006-01-07 06:53:34 204,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\system.Resources.dll
+ 2006-01-07 06:53:34 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Runtime.Remoting.Resources.dll
+ 2006-01-07 06:53:34 11,776 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Runtime.Serialization.Formatters.Soap.Resources.dll
+ 2006-01-07 06:53:34 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Security.Resources.dll
+ 2006-01-07 06:53:34 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.ServiceProcess.Resources.dll
+ 2006-01-07 06:53:34 16,384 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Transactions.resources.dll
+ 2006-01-07 06:53:34 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Web.Mobile.resources.dll
+ 2006-01-07 06:53:34 598,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Web.Resources.dll
+ 2006-01-07 06:53:34 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Web.Services.Resources.dll
+ 2006-01-07 06:53:34 425,984 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.Windows.Forms.Resources.dll
+ 2006-01-07 06:53:34 163,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\it\System.xml.Resources.dll
+ 2005-12-09 08:46:34 609,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - ITA\install.exe
+ 2005-12-09 08:46:34 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - ITA\install.res.1040.dll
+ 2005-12-09 10:26:10 245,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - ITA\unicows.dll
+ 2006-01-07 06:53:34 22,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0410\mscorsecr.dll
+ 2007-02-12 07:38:11 30,312 ----a-w C:\WINDOWS\system32\AcSignExt.dll
+ 2007-03-12 12:28:48 15,952 ----a-w C:\WINDOWS\system32\AcSignExtRes.dll
+ 2007-02-12 07:38:12 44,648 ----a-w C:\WINDOWS\system32\AcSignIcon.dll
+ 2007-02-12 07:38:13 54,376 ----a-w C:\WINDOWS\system32\AcSignOpt.exe
- 2008-06-02 12:18:29 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-07-02 16:08:57 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-07-02 15:37:01 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT
- 2008-06-02 12:18:29 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2008-07-02 1

Réponse 18 / 20

ep44 Messages postés 7432 Statut Contributeur 3

Bonsoir Lyonnais

tu pense ???

Si c'est le cas désolé :-)

@+

salma

bnj;;;;en attendant de terminer ce que tu m'as dit lyonnais je souhaite juste répondre à ep44;;;J'ai déja du mal à résoudre mon propre probleme et tu crois que je vais aller aider les autres....!!!!!!!!!!!!! j'accepte tes excuses.

Réponse 19 / 20

Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537

Bonjour,

on avance.

tu peux mettre la fin du rapport Combofix et un nouveau rapport Hijackthis.

selma

salut lyonnais , désolée de ne pas avoir répondu plutot j'ai perdu ma connexion internet mais la elle remarche. voila ce que tu m'as demandé, merci à toi, en espérant q tu ne m'aies pas oublier.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:38, on 2008-07-07
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe
C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [Pinnacle WebUpdater] "C:\Program Files\Pinnacle\Shared Files\\Programs\WebUpdater\WebUpdater.exe" -s -f=UpdateVersion.xml -url=http://cdn.pinnaclesys.com/SupportFiles
O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent DNA] -"C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [PMCS] "C:\Program Files\Pinnacle\Shared Files\\Programs\MediaCenterService\PMC.Service.Main.exe"
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: MA521 Configuration Utility.lnk = C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: compare prices with &dealio - C:\Documents and Settings\salima moulti\Application Data\Dealio\kb124\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Autodesk Licensing Service (autodesk licensing service) - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: NOD32 Kernel Service (nod32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pinnacle Systems Media Service (pinnaclesys.mediaserver) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Réponse 20 / 20

Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537

Bonjour,

ne poste pas plusieurs fois le rapport.

Plus exactement, il est trop long pour tenir.

poste moi la fin ('après la partie "snapshots").

je regarde ce soir.

Discussions similaires

Comment désactiver le mode sécurisé de la Freebox POP.

Retirer le mode sécurisé sur l'écran de la TV connectée Free

Page internet ne s'ouvre pas en mode normal

20 réponses

Votre réponse

Discussions similaires

Newsletters