Virus album photo aider moi!!
gemlees
Messages postés
379
Statut
Membre
-
Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention -
Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention -
Bonjour,bon ma soeur a accepte le virus album photo..bon c vrai ses stupid mes bon moi je le savais quand j'ai désinstaller msn g voulu le re installer rien ne marche sa me demander un dianostique ..alors g utuliser fire fox la sa me dit que le server nexiste plus.. bon alors g fai le truc de msnfix et hijack g le rapport si dessous g si il serais possible de maider sa serais vraiment aimable bon alors merci a++ ps: quand je vais sur google je dois copier/coller le link sinnon sa menvoi sur myfreeze quelque choses pour nimporte quel site merci davance et excuser mon francais je suis pas de france
Logfile of HijackThis v1.99.1
Scan saved at 20:24:24, on 2008-09-20
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Running processes:
D:\WINDOWS.0\System32\smss.exe
D:\WINDOWS.0\system32\winlogon.exe
D:\WINDOWS.0\system32\services.exe
D:\WINDOWS.0\system32\lsass.exe
D:\WINDOWS.0\system32\svchost.exe
D:\WINDOWS.0\System32\svchost.exe
D:\Program Files\Bell\Gestionnaire de securite\Fws.exe
D:\WINDOWS.0\system32\spoolsv.exe
D:\WINDOWS.0\Explorer.EXE
D:\WINDOWS.0\system32\RUNDLL32.EXE
D:\WINDOWS.0\ehome\ehtray.exe
D:\Program Files\Bell\Sympatico Security Advisor\SSA.exe
D:\WINDOWS.0\vVX3000.exe
D:\WINDOWS.0\RTHDCPL.EXE
D:\Program Files\Bell\Gestionnaire de securite\RPS.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
D:\WINDOWS.0\system32\suvas.exe
D:\WINDOWS.0\system32\ctfmon.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Fichiers communs\Authentium\AntiVirus\dvpapi.exe
D:\WINDOWS.0\eHome\ehRecvr.exe
D:\WINDOWS.0\eHome\ehSched.exe
D:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
D:\Program Files\Microsoft LifeCam\MSCamS32.exe
D:\WINDOWS.0\system32\nvsvc32.exe
D:\Program Files\Raxco\PerfectDisk\PDAgent.exe
D:\WINDOWS.0\system32\PnkBstrA.exe
D:\WINDOWS.0\system32\svchost.exe
D:\Program Files\Personal Vault\VaultClientUpgrade.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Raxco\PerfectDisk\PDEngine.exe
D:\Program Files\Bell\Gestionnaire de securite\rpsupdaterR.exe
D:\WINDOWS.0\system32\dllhost.exe
D:\WINDOWS.0\eHome\ehmsas.exe
D:\Program Files\SwiftKit\SwiftKit.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.freeze.com/?AcquisitionID=08f1522d-537e-4b44-bf3e-e25ae5b4daae&s=&ipc=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - D:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PopKill Class - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - D:\Program Files\Bell\Gestionnaire de securite\pkR.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - D:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS.0\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS.0\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ehTray] D:\WINDOWS.0\ehome\ehtray.exe
O4 - HKLM\..\Run: [MotiveReportAgent] "D:\Program Files\Fichiers communs\Motive\McciBootStrapper.exe" /url="-url=file://D:\Program Files\Fichiers communs\Motive\ReportAgent.html" /browsertype=CustomMSIE /browserpath="D:\Program Files\Common Files\Motive\motivebrowser.exe" /hidden
O4 - HKLM\..\Run: [SSA.exe] "D:\Program Files\Bell\Sympatico Security Advisor\SSA.exe" /AUTORUN
O4 - HKLM\..\Run: [-FreedomNeedsReboot] "D:\Program Files\Bell\Gestionnaire de securite\ZkRunOnceR.exe"
O4 - HKLM\..\Run: [VX3000] D:\WINDOWS.0\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "D:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Gestionnaire de sécurité Sympatico] D:\Program Files\Bell\Gestionnaire de securite\RPS.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [cygevu] D:\WINDOWS.0\system32\suvas.exe
O4 - HKLM\..\RunServices: [cygevu] D:\WINDOWS.0\system32\suvas.exe
O4 - HKLM\..\RunOnce: [IndexCleaner] "D:\Program Files\Bell\Gestionnaire de securite\IdxClnR.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS.0\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\RunOnce: [IndexCleaner] "D:\Program Files\Bell\Gestionnaire de securite\IdxClnR.exe"
O4 - Global Startup: SnagIt 9.lnk = D:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{A18D2102-42B8-463E-A0A8-917079DDDE72}: NameServer = 85.255.113.134,85.255.112.12
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.113.134 85.255.112.12
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.134 85.255.112.12
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.113.134 85.255.112.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.134 85.255.112.12
O20 - AppInit_DLLs: D:\program,files\relevantknowledge\rlai.dll,D:\program,files\relevantknowledge\rlai.dll,D:\program,files\relevantknowledge\rlai.dll,D:\program,files\relevantknowledge\rlai.dll,D:\program,files\relevantknowledge\rlai.dll,D:\program files\relevantknowledge\rlai.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS.0\system32\WPDShServiceObj.dll
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - D:\Program Files\Fichiers communs\Authentium\AntiVirus\dvpapi.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - D:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS.0\system32\nvsvc32.exe
O23 - Service: PDAgent - Raxco Software, Inc. - D:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - D:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS.0\system32\PnkBstrA.exe
O23 - Service: Gestionnaire de sécurité Sympatico (Radialpoint Security Services) - Radialpoint Inc. - D:\Program Files\Bell\Gestionnaire de securite\RpsSecurityAware.exe
O23 - Service: Service de mise-à-jour pour le Gestionnaire de sécurité Sympatico (RPSUpdaterR) - Bell Sympatico - D:\Program Files\Bell\Gestionnaire de securite\rpsupdaterR.exe
O23 - Service: Gestionnaire de sécurité Sympatico Coupe-feu (RP_FWS) - Bell Sympatico - D:\Program Files\Bell\Gestionnaire de securite\Fws.exe
O23 - Service: Personal Vault Upgrade Service (VaultClientUpgrade) - BELL - D:\Program Files\Personal Vault\VaultClientUpgrade.exe
O23 - Service: BCL easyPDF SDK Loader (xuluyapyuxe) - Unknown owner - D:\WINDOWS.0\system32\foku.exe
Logfile of HijackThis v1.99.1
Scan saved at 20:24:24, on 2008-09-20
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Running processes:
D:\WINDOWS.0\System32\smss.exe
D:\WINDOWS.0\system32\winlogon.exe
D:\WINDOWS.0\system32\services.exe
D:\WINDOWS.0\system32\lsass.exe
D:\WINDOWS.0\system32\svchost.exe
D:\WINDOWS.0\System32\svchost.exe
D:\Program Files\Bell\Gestionnaire de securite\Fws.exe
D:\WINDOWS.0\system32\spoolsv.exe
D:\WINDOWS.0\Explorer.EXE
D:\WINDOWS.0\system32\RUNDLL32.EXE
D:\WINDOWS.0\ehome\ehtray.exe
D:\Program Files\Bell\Sympatico Security Advisor\SSA.exe
D:\WINDOWS.0\vVX3000.exe
D:\WINDOWS.0\RTHDCPL.EXE
D:\Program Files\Bell\Gestionnaire de securite\RPS.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
D:\WINDOWS.0\system32\suvas.exe
D:\WINDOWS.0\system32\ctfmon.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Fichiers communs\Authentium\AntiVirus\dvpapi.exe
D:\WINDOWS.0\eHome\ehRecvr.exe
D:\WINDOWS.0\eHome\ehSched.exe
D:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
D:\Program Files\Microsoft LifeCam\MSCamS32.exe
D:\WINDOWS.0\system32\nvsvc32.exe
D:\Program Files\Raxco\PerfectDisk\PDAgent.exe
D:\WINDOWS.0\system32\PnkBstrA.exe
D:\WINDOWS.0\system32\svchost.exe
D:\Program Files\Personal Vault\VaultClientUpgrade.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Raxco\PerfectDisk\PDEngine.exe
D:\Program Files\Bell\Gestionnaire de securite\rpsupdaterR.exe
D:\WINDOWS.0\system32\dllhost.exe
D:\WINDOWS.0\eHome\ehmsas.exe
D:\Program Files\SwiftKit\SwiftKit.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.freeze.com/?AcquisitionID=08f1522d-537e-4b44-bf3e-e25ae5b4daae&s=&ipc=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - D:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PopKill Class - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - D:\Program Files\Bell\Gestionnaire de securite\pkR.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - D:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS.0\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS.0\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ehTray] D:\WINDOWS.0\ehome\ehtray.exe
O4 - HKLM\..\Run: [MotiveReportAgent] "D:\Program Files\Fichiers communs\Motive\McciBootStrapper.exe" /url="-url=file://D:\Program Files\Fichiers communs\Motive\ReportAgent.html" /browsertype=CustomMSIE /browserpath="D:\Program Files\Common Files\Motive\motivebrowser.exe" /hidden
O4 - HKLM\..\Run: [SSA.exe] "D:\Program Files\Bell\Sympatico Security Advisor\SSA.exe" /AUTORUN
O4 - HKLM\..\Run: [-FreedomNeedsReboot] "D:\Program Files\Bell\Gestionnaire de securite\ZkRunOnceR.exe"
O4 - HKLM\..\Run: [VX3000] D:\WINDOWS.0\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "D:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Gestionnaire de sécurité Sympatico] D:\Program Files\Bell\Gestionnaire de securite\RPS.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [cygevu] D:\WINDOWS.0\system32\suvas.exe
O4 - HKLM\..\RunServices: [cygevu] D:\WINDOWS.0\system32\suvas.exe
O4 - HKLM\..\RunOnce: [IndexCleaner] "D:\Program Files\Bell\Gestionnaire de securite\IdxClnR.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS.0\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\RunOnce: [IndexCleaner] "D:\Program Files\Bell\Gestionnaire de securite\IdxClnR.exe"
O4 - Global Startup: SnagIt 9.lnk = D:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{A18D2102-42B8-463E-A0A8-917079DDDE72}: NameServer = 85.255.113.134,85.255.112.12
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.113.134 85.255.112.12
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.134 85.255.112.12
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.113.134 85.255.112.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.134 85.255.112.12
O20 - AppInit_DLLs: D:\program,files\relevantknowledge\rlai.dll,D:\program,files\relevantknowledge\rlai.dll,D:\program,files\relevantknowledge\rlai.dll,D:\program,files\relevantknowledge\rlai.dll,D:\program,files\relevantknowledge\rlai.dll,D:\program files\relevantknowledge\rlai.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS.0\system32\WPDShServiceObj.dll
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - D:\Program Files\Fichiers communs\Authentium\AntiVirus\dvpapi.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - D:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS.0\system32\nvsvc32.exe
O23 - Service: PDAgent - Raxco Software, Inc. - D:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - D:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS.0\system32\PnkBstrA.exe
O23 - Service: Gestionnaire de sécurité Sympatico (Radialpoint Security Services) - Radialpoint Inc. - D:\Program Files\Bell\Gestionnaire de securite\RpsSecurityAware.exe
O23 - Service: Service de mise-à-jour pour le Gestionnaire de sécurité Sympatico (RPSUpdaterR) - Bell Sympatico - D:\Program Files\Bell\Gestionnaire de securite\rpsupdaterR.exe
O23 - Service: Gestionnaire de sécurité Sympatico Coupe-feu (RP_FWS) - Bell Sympatico - D:\Program Files\Bell\Gestionnaire de securite\Fws.exe
O23 - Service: Personal Vault Upgrade Service (VaultClientUpgrade) - BELL - D:\Program Files\Personal Vault\VaultClientUpgrade.exe
O23 - Service: BCL easyPDF SDK Loader (xuluyapyuxe) - Unknown owner - D:\WINDOWS.0\system32\foku.exe
A voir également:
- Virus album photo aider moi!!
- Google photo - Télécharger - Albums photo
- Album photo partagé - Guide
- Google photo album partagé - Guide
- Photo filtre 7 gratuit - Télécharger - Retouche d'image
- Logiciel album photo - Télécharger - Albums photo
45 réponses
ComboFix 08-09-20.05 - GUNSHOTS 2008-09-20 23:40:23.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.235 [GMT -4:00]
Lancé depuis: D:\Documents and Settings\GUNSHOTS\Bureau\ComboFix.exe
Commutateurs utilisés :: D:\Documents and Settings\GUNSHOTS\Bureau\CFScript.txt
* Un nouveau point de restauration a été créé
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
FILE ::
D:\WINDOWS.0\system32\foku.exe
D:\WINDOWS.0\system32\suvas.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
D:\WINDOWS.0\system32\foku.exe
D:\WINDOWS.0\system32\suvas.exe
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_XULUYAPYUXE
-------\Service_xuluyapyuxe
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-21 au 2008-09-21 ))))))))))))))))))))))))))))))))))))
.
2008-09-20 23:07 . 2008-09-20 23:07 579,584 --a--c--- D:\WINDOWS.0\system32\dllcache\user32.dll
2008-09-20 23:06 . 2008-09-20 23:06 <REP> d-------- D:\WINDOWS.0\ERUNT
2008-09-20 22:32 . 2008-09-20 23:15 <REP> d-------- D:\SDFix
2008-09-20 20:49 . 2008-09-20 20:49 <REP> d-------- D:\msnfix
2008-09-20 01:25 . 2008-09-20 01:25 0 --a------ D:\WINDOWS.0\nsreg.dat
2008-09-20 01:05 . 2008-09-20 01:05 <REP> d-------- D:\WINDOWS.0\system32\fr-fr
2008-09-20 01:05 . 2008-09-20 01:05 <REP> d-------- D:\WINDOWS.0\system32\fr
2008-09-20 01:05 . 2008-09-20 01:05 <REP> d-------- D:\WINDOWS.0\system32\bits
2008-09-20 01:05 . 2008-09-20 01:05 <REP> d-------- D:\WINDOWS.0\l2schemas
2008-09-20 01:04 . 2008-09-20 01:06 <REP> d-------- D:\WINDOWS.0\ServicePackFiles
2008-09-20 00:40 . 2008-09-20 01:20 <REP> d-------- D:\Documents and Settings\GUNSHOTS\Application Data\MSNInstaller
2008-09-20 00:37 . 2008-08-09 09:24 59,728 --a------ D:\msimg32.dll
2008-09-17 12:29 . 2008-09-17 12:30 <REP> d-------- D:\Program Files\BSR Screen Recorder 4
2008-09-17 12:29 . 2008-09-17 12:29 585,728 --a------ D:\WINDOWS.0\system32\bsratswf.dll
2008-09-17 12:29 . 2008-09-17 12:29 147,456 --a------ D:\WINDOWS.0\system32\bsratwmv.dll
2008-09-17 12:29 . 2008-09-17 12:42 2,048 --a------ D:\WINDOWS.0\system32\Tr_sttool.dat
2008-09-08 05:09 . 2008-09-08 05:09 <REP> d-------- D:\WINDOWS.0\system32\djpclib
2008-09-08 05:09 . 2008-09-08 05:52 <REP> d-------- D:\Program Files\DJ Music Mixer
2008-09-08 05:09 . 2008-09-08 05:09 275,412 --a------ D:\WINDOWS.0\DJ Music Mixer Uninstaller.exe
2008-09-07 03:05 . 2008-09-07 03:05 <REP> d-------- D:\Program Files\New Folder 1
2008-09-07 02:51 . 2008-09-08 05:02 <REP> d-------- D:\Program Files\Mixxx
2008-09-07 02:51 . 2008-09-08 05:05 <REP> d-------- D:\Program Files\GamingSquared
2008-09-07 02:51 . 2008-09-07 02:51 <REP> d-------- D:\Program Files\Free Offers from Freeze.com
2008-09-07 02:50 . 2008-09-08 05:03 <REP> d-------- D:\Program Files\Yahoo!
2008-09-07 02:30 . 2008-09-07 02:30 <REP> d-------- D:\Program Files\HyCam2
2008-09-05 01:40 . 2008-09-05 01:40 <REP> d-------- D:\Program Files\TechSmith
2008-09-05 01:40 . 2008-09-05 01:40 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS.0\Application Data\TechSmith
2008-09-05 01:39 . 2008-09-05 01:39 <REP> d-------- D:\Program Files\Fichiers communs\Wise Installation Wizard
2008-09-02 10:05 . 2008-08-24 16:25 1,557,877 --------- D:\WINDOWS.0\MacroWhiz.CAB
2008-09-02 10:05 . 2000-07-15 00:00 101,888 --a------ D:\WINDOWS.0\system32\VB6STKIT.DLL
2008-09-02 10:05 . 2008-09-02 10:05 73,216 --a------ D:\WINDOWS.0\ST6UNST.EXE
2008-09-02 10:05 . 2008-09-02 10:05 1,378 --a------ D:\WINDOWS.0\ST6UNST.000
2008-08-23 00:18 . 2008-09-18 18:36 69 --a------ D:\WINDOWS.0\NeroDigital.ini
2008-08-21 01:14 . 2008-08-21 01:14 <REP> d-------- D:\Documents and Settings\GUNSHOTS\Application Data\Nero
2008-08-21 01:12 . 2008-08-21 01:12 <REP> d-------- D:\Program Files\Nero
2008-08-21 01:12 . 2008-08-21 01:12 <REP> d-------- D:\Program Files\Fichiers communs\Nero
2008-08-21 01:12 . 2008-08-21 01:12 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS.0\Application Data\Nero
2008-08-21 01:12 . 2006-03-17 11:45 1,757,184 --a------ D:\WINDOWS.0\system32\imagX7.dll
2008-08-21 01:12 . 2006-03-17 11:45 802,816 --a------ D:\WINDOWS.0\system32\imagXRA7.dll
2008-08-21 01:12 . 2006-03-17 11:45 497,296 --a------ D:\WINDOWS.0\system32\imagXpr7.dll
2008-08-21 01:12 . 2006-03-17 14:49 368,640 --a------ D:\WINDOWS.0\system32\TwnLib4.dll
2008-08-21 01:12 . 2006-03-17 11:45 258,048 --a------ D:\WINDOWS.0\system32\imagXR7.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-21 02:38 --------- d-----w D:\Documents and Settings\All Users.WINDOWS.0\Application Data\WLInstaller
2008-09-20 04:40 --------- d-----w D:\Program Files\Windows Live
2008-09-20 04:39 --------- d-----w D:\Program Files\Windows Live Toolbar
2008-09-19 09:52 138,280 ----a-w D:\WINDOWS.0\system32\drivers\PnkBstrK.sys
2008-09-19 09:52 111,928 ----a-w D:\WINDOWS.0\system32\PnkBstrB.exe
2008-09-17 22:31 --------- d-----w D:\Documents and Settings\GUNSHOTS\Application Data\LimeWire
2008-09-08 09:01 --------- d-----w D:\Program Files\Google
2008-09-08 05:35 --------- d-----w D:\Documents and Settings\GUNSHOTS\Application Data\skypePM
2008-09-02 14:23 --------- d-----w D:\Program Files\SwiftKit
2008-09-01 08:54 24 ----a-w D:\Documents and Settings\GUNSHOTS\jagex_runescape_preferences.dat
2008-08-19 16:39 --------- d-----w D:\Documents and Settings\GUNSHOTS\Application Data\Windows Live Writer
2008-08-16 16:03 --------- d-----w D:\Documents and Settings\GUNSHOTS\Application Data\Apple Computer
2008-08-16 14:49 --------- d-----w D:\Program Files\LimeWire
2008-08-13 12:49 --------- d-----w D:\Documents and Settings\All Users.WINDOWS.0\Application Data\Skype
2008-08-13 05:34 --------- d-----w D:\Program Files\Java
2008-08-13 05:33 --------- d-----w D:\Program Files\Fichiers communs\Java
2008-08-11 13:50 --------- d-----w D:\Program Files\iTunes
2008-08-11 13:49 --------- d-----w D:\Program Files\iPod
2008-08-11 13:49 --------- d-----w D:\Program Files\Bonjour
2008-08-11 13:49 --------- d-----w D:\Documents and Settings\All Users.WINDOWS.0\Application Data\Apple Computer
2008-08-11 13:48 --------- d-----w D:\Program Files\QuickTime
2008-08-11 13:46 --------- d-----w D:\Program Files\Apple Software Update
2008-08-11 13:45 --------- d-----w D:\Documents and Settings\All Users.WINDOWS.0\Application Data\Apple
2008-08-11 12:38 --------- d-----w D:\Documents and Settings\All Users.WINDOWS.0\Application Data\SwiftKit
2008-08-11 02:39 66,872 ----a-w D:\WINDOWS.0\system32\PnkBstrA.exe
2008-08-11 00:58 --------- d-----w D:\Program Files\Realtek
2008-08-11 00:31 --------- d--h--w D:\Program Files\InstallShield Installation Information
2008-08-11 00:23 --------- d-----w D:\Documents and Settings\All Users.WINDOWS.0\Application Data\PC Drivers HeadQuarters
2008-08-10 23:52 --------- d-----w D:\Program Files\Fichiers communs\InstallShield
2008-08-10 20:49 --------- d-----w D:\Program Files\NOS
2008-08-10 20:49 --------- d-----w D:\Documents and Settings\All Users.WINDOWS.0\Application Data\NOS
2008-08-10 20:44 --------- d-----w D:\Program Files\Fichiers communs\Adobe
2008-08-10 20:21 --------- d-----w D:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-08-10 19:07 --------- d-----w D:\Program Files\Microsoft SQL Server Compact Edition
2008-08-10 18:59 --------- dcsh--w D:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-08-10 18:42 --------- d-----w D:\Program Files\Microsoft LifeCam
2008-08-10 18:18 --------- d-----w D:\Documents and Settings\GUNSHOTS\Application Data\Bell
2008-08-10 18:15 --------- d-----w D:\Program Files\Fichiers communs\Scanner
2008-08-10 18:09 --------- d-----w D:\Program Files\Personal Vault
2008-08-10 18:08 --------- d-----w D:\Program Files\Raxco
2008-08-10 18:08 --------- d-----w D:\Program Files\Fichiers communs\Authentium
2008-08-10 18:08 --------- d-----w D:\Program Files\CA
2008-08-10 18:08 --------- d-----w D:\Program Files\Bell
2008-08-10 18:08 --------- d-----w D:\Documents and Settings\All Users.WINDOWS.0\Application Data\Raxco
2008-08-10 18:08 --------- d-----w D:\Documents and Settings\All Users.WINDOWS.0\Application Data\Bell
2008-08-10 18:07 --------- d-----w D:\Documents and Settings\GUNSHOTS\Application Data\InstallShield
2008-08-10 18:04 --------- d-----w D:\Documents and Settings\All Users.WINDOWS.0\Application Data\MotiveSysIDs
2008-08-10 17:58 157 ----a-w D:\Program Files\INSTALL.LOG
2008-08-10 17:58 155,995 ----a-w D:\WINDOWS.0\java\Packages\ZVJTBV9V.ZIP
2008-08-10 17:58 --------- d-----w D:\Program Files\Fichiers communs\Motive
2008-08-10 17:58 --------- d-----w D:\Program Files\Common Files
2008-08-10 17:58 --------- d-----w D:\Documents and Settings\All Users.WINDOWS.0\Application Data\Motive
2008-08-10 17:45 --------- d-----w D:\Documents and Settings\All Users.WINDOWS.0\Application Data\NVIDIA
2008-08-10 16:48 --------- d-----w D:\Program Files\InterVideo
2008-08-10 16:48 --------- d-----w D:\Program Files\Fichiers communs\InterVideo
2008-08-10 16:44 --------- d-----w D:\Program Files\microsoft frontpage
2008-08-10 16:41 --------- d-----w D:\Program Files\Services en ligne
2008-08-10 16:38 --------- d-----w D:\Program Files\Windows Plus
2008-07-19 02:10 94,920 ----a-w D:\WINDOWS.0\system32\cdm.dll
2008-07-19 02:10 53,448 ----a-w D:\WINDOWS.0\system32\wuauclt.exe
2008-07-19 02:10 45,768 ----a-w D:\WINDOWS.0\system32\wups2.dll
2008-07-19 02:10 36,552 ----a-w D:\WINDOWS.0\system32\wups.dll
2008-07-19 02:09 563,912 ----a-w D:\WINDOWS.0\system32\wuapi.dll
2008-07-19 02:09 325,832 ----a-w D:\WINDOWS.0\system32\wucltui.dll
2008-07-19 02:09 205,000 ----a-w D:\WINDOWS.0\system32\wuweb.dll
2008-07-19 02:09 1,811,656 ----a-w D:\WINDOWS.0\system32\wuaueng.dll
2008-07-19 02:07 270,880 ----a-w D:\WINDOWS.0\system32\mucltui.dll
2008-07-19 02:07 210,976 ----a-w D:\WINDOWS.0\system32\muweb.dll
2008-07-18 18:39 587,264 ----a-w D:\WINDOWS.0\WLXPGSS.SCR
2008-07-07 20:28 253,952 ----a-w D:\WINDOWS.0\system32\es.dll
2008-06-24 16:44 74,240 ----a-w D:\WINDOWS.0\system32\mscms.dll
2008-06-23 15:10 670,208 ----a-w D:\WINDOWS.0\system32\wininet.dll
.
((((((((((((((((((((((((((((( snapshot@2008-09-20_22.07.54.31 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-08-07 20:27:04 163,328 ----a-w D:\WINDOWS.0\ERUNT\SDFIX\ERDNT.EXE
+ 2008-09-21 03:06:38 3,923,968 ----a-w D:\WINDOWS.0\ERUNT\SDFIX\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-09-21 03:06:38 180,224 ----a-w D:\WINDOWS.0\ERUNT\SDFIX\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-08-07 20:27:04 163,328 ----a-w D:\WINDOWS.0\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-09-21 03:06:35 3,923,968 ----a-w D:\WINDOWS.0\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-09-21 03:06:35 180,224 ----a-w D:\WINDOWS.0\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000002\UsrClass.dat
- 2008-08-11 01:35:15 29,926 ----a-r D:\WINDOWS.0\Installer\{BADF6744-3787-48F6-B8C9-4C4995401D65}\MsblIco.Exe
+ 2008-09-21 02:41:54 29,926 ----a-r D:\WINDOWS.0\Installer\{BADF6744-3787-48F6-B8C9-4C4995401D65}\MsblIco.Exe
- 2005-09-23 11:28:58 55,488 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2007-04-13 07:21:18 58,712 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
- 2005-09-23 11:28:32 10,752 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2007-04-13 07:20:52 10,752 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
- 2005-09-23 11:28:32 8,192 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2007-04-13 07:20:52 8,192 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
- 2005-09-23 11:28:32 23,552 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2007-04-13 07:20:52 23,552 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
- 2005-09-23 11:28:32 70,656 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2007-04-13 07:20:50 75,264 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
- 2005-09-23 11:28:32 26,824 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2007-04-13 07:20:52 32,608 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
- 2005-09-23 11:28:32 29,896 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2007-04-13 07:20:52 33,632 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
- 2005-09-23 11:28:32 29,888 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2007-04-13 07:20:52 32,600 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
- 2005-09-23 11:28:32 503,808 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2007-04-13 07:20:52 507,904 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2005-09-23 11:28:56 88,576 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2007-04-13 07:21:16 88,576 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
- 2005-09-23 11:28:38 4,608 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2007-04-13 07:20:58 5,120 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2005-09-23 11:28:56 10,752 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Accessibility.dll
+ 2005-09-23 11:28:32 503,808 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\AspNetMMCExt.dll
+ 2005-09-23 11:28:42 13,312 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\cscompmgd.dll
+ 2005-09-23 11:28:56 68,608 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\CustomMarshalers.dll
+ 2005-09-23 11:28:56 8,192 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\IEExecRemote.dll
+ 2005-09-23 11:28:56 36,864 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\IEHost.dll
+ 2005-09-23 11:28:56 5,632 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\IIEHost.dll
+ 2005-09-23 11:28:56 72,192 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\ISymWrapper.dll
+ 2005-09-23 11:28:48 413,696 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft.Build.Engine.dll
+ 2005-09-23 11:28:48 36,864 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft.Build.Framework.dll
+ 2005-09-23 11:28:48 647,168 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft.Build.Tasks.dll
+ 2005-09-23 11:28:48 73,728 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft.Build.Utilities.dll
+ 2005-09-23 11:28:48 745,472 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft.JScript.dll
+ 2005-09-23 11:29:10 110,592 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2005-09-23 11:29:10 372,736 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft.VisualBasic.Compatibility.dll
+ 2005-09-23 11:29:08 667,648 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft.VisualBasic.dll
+ 2005-09-23 11:28:30 28,672 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft.VisualBasic.Vsa.dll
+ 2005-09-23 11:29:10 5,632 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft.VisualC.Dll
+ 2005-09-23 11:28:30 32,768 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft.Vsa.dll
+ 2005-09-23 11:28:30 12,800 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2005-09-23 11:28:30 7,168 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft_VsaVb.dll
+ 2005-09-23 11:28:56 4,308,992 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\mscorlib.dll
+ 2005-09-23 11:28:56 110,592 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\sysglobl.dll
+ 2005-09-23 11:28:58 389,120 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.configuration.dll
+ 2005-09-23 11:28:56 81,920 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Configuration.Install.dll
+ 2005-09-23 11:28:56 2,878,976 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Data.dll
+ 2005-09-23 11:28:56 482,304 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Data.OracleClient.dll
+ 2005-09-23 11:28:56 716,800 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Data.SqlXml.dll
+ 2005-09-23 11:28:38 884,736 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Deployment.dll
+ 2005-09-23 11:28:56 5,050,368 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Design.dll
+ 2005-09-23 11:28:56 397,312 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.DirectoryServices.dll
+ 2005-09-23 11:28:56 188,416 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.DirectoryServices.Protocols.dll
+ 2005-09-23 11:28:56 3,018,752 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.dll
+ 2005-09-23 11:28:56 81,920 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Drawing.Design.dll
+ 2005-09-23 11:28:56 700,416 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Drawing.dll
+ 2005-09-23 11:28:56 258,048 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.EnterpriseServices.dll
+ 2005-09-23 11:28:56 114,176 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.EnterpriseServices.Wrapper.dll
+ 2005-09-23 11:28:56 368,640 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Management.dll
+ 2005-09-23 11:28:56 258,048 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Messaging.dll
+ 2005-09-23 11:28:56 299,008 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Runtime.Remoting.dll
+ 2005-09-23 11:28:56 131,072 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Runtime.Serialization.Formatters.Soap.dll
+ 2005-09-23 11:28:56 258,048 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Security.dll
+ 2005-09-23 11:28:56 114,688 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.ServiceProcess.dll
+ 2005-09-23 11:28:56 260,096 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Transactions.dll
+ 2005-09-23 11:28:56 5,025,792 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Web.dll
+ 2005-09-23 11:28:56 835,584 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Web.Mobile.dll
+ 2005-09-23 11:28:56 86,016 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Web.RegularExpressions.dll
+ 2005-09-23 11:28:56 823,296 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Web.Services.dll
+ 2005-09-23 11:28:56 5,316,608 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Windows.Forms.dll
+ 2005-09-23 11:28:56 2,035,712 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.XML.dll
- 2005-09-23 11:28:56 9,728 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2007-04-13 07:21:16 9,728 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
- 2005-09-23 11:28:56 224,952 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2007-04-13 07:21:16 228,688 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
- 2005-09-23 11:28:56 28,672 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2007-04-13 07:21:16 28,672 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2005-09-23 11:28:48 413,696 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2007-04-13 07:21:10 413,696 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
- 2005-09-23 11:28:48 647,168 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2007-04-13 07:21:10 647,168 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
- 2005-09-23 11:28:48 745,472 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2007-04-13 07:21:08 749,568 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
- 2005-09-23 11:28:32 87,552 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2007-04-13 07:20:52 87,040 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
- 2005-09-23 11:28:56 800,768 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2007-04-13 07:21:18 802,304 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2005-09-23 11:28:56 36,864 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2007-04-13 07:21:16 36,864 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
- 2005-09-23 11:28:56 326,144 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2007-04-13 07:21:16 326,656 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
- 2005-09-23 11:28:56 4,308,992 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2007-04-13 07:21:16 4,308,992 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2005-09-23 11:28:56 102,400 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2007-04-13 07:21:16 102,912 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
- 2005-09-23 11:28:56 226,816 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2007-04-13 07:21:18 227,328 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
- 2005-09-23 11:28:56 66,240 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2007-04-13 07:21:18 68,952 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
- 2005-09-23 11:28:50 5,615,616 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2007-04-13 07:21:12 5,634,048 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2005-09-23 11:28:56 96,440 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2007-04-13 07:21:16 99,152 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\ngen.exe
- 2005-09-23 11:28:56 14,848 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2007-04-13 07:21:18 15,360 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\normalization.dll
- 2005-09-23 11:28:50 136,192 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2007-04-13 07:21:12 136,192 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\peverify.dll
- 2005-09-23 11:28:56 377,344 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2007-04-13 07:21:18 382,464 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2005-09-23 11:28:56 110,592 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2007-04-13 07:21:18 110,592 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
- 2005-09-23 11:28:58 389,120 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2007-04-13 07:21:18 413,696 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2005-09-23 11:28:56 2,878,976 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2007-04-13 07:21:16 2,902,016 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
- 2005-09-23 11:28:56 482,304 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2007-04-13 07:21:18 482,304 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
- 2005-09-23 11:28:56 716,800 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2007-04-13 07:21:18 716,800 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
- 2005-09-23 11:28:38 884,736 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2007-04-13 07:20:58 888,832 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
- 2005-09-23 11:28:56 5,050,368 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2007-04-13 07:21:16 5,001,216 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
- 2005-09-23 11:28:56 188,416 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2007-04-13 07:21:18 188,416 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2005-09-23 11:28:56 3,018,752 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2007-04-13 07:21:16 2,940,928 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2005-09-23 11:28:56 700,416 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2007-04-13 07:21:16 577,536 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2005-09-23 11:28:56 258,048 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2007-04-13 07:21:16 258,048 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
- 2005-09-23 11:28:56 47,616 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2007-04-13 07:21:18 47,616 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2005-09-23 11:28:56 114,176 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2007-04-13 07:21:18 114,176 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2005-09-23 11:28:56 368,640 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2007-04-13 07:21:16 372,736 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2005-09-23 11:28:56 299,008 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2007-04-13 07:21:16 299,008 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
- 2005-09-23 11:28:56 260,096 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2007-04-13 07:21:18 260,096 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
- 2005-09-23 11:28:56 5,025,792 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2007-04-13 07:21:16 5,156,864 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
- 2005-09-23 11:28:56 5,316,608 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2007-04-13 07:21:16 5,152,768 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2005-09-23 11:28:56 2,035,712 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2007-04-13 07:21:16 2,027,520 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
- 2005-09-23 11:29:06 1,140,920 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2007-04-13 07:21:28 1,166,672 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\vbc.exe
- 2005-09-23 11:28:30 1,306,624 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2007-04-13 07:20:50 1,330,688 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
- 2005-09-23 11:28:32 298,496 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2007-04-13 07:20:52 406,016 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2005-09-23 11:28:52 270,848 ----a-w D:\WINDOWS.0\system32\mscoree.dll
+ 2007-04-13 07:21:14 271,360 ----a-w D:\WINDOWS.0\system32\mscoree.dll
+ 2007-10-18 15:31:46 51,224 ----a-w D:\WINDOWS.0\system32\sirenacm.dll
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS.0\system32\ctfmon.exe" [2008-04-13 15360]
"MSMSGS"="D:\Program Files\Messenger\msmsgs.exe" [2008-04-13 1695232]
"MsnMsgr"="D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"IndexCleaner"="D:\Program Files\Bell\Gestionnaire de securite\IdxClnR.exe" [2008-03-10 61168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="D:\WINDOWS.0\system32\NvCpl.dll" [2006-08-12 7630848]
"NvMediaCenter"="D:\WINDOWS.0\system32\NvMcTray.dll" [2006-08-12 86016]
"ehTray"="D:\WINDOWS.0\ehome\ehtray.exe" [2004-08-10 59392]
"SSA.exe"="D:\Program Files\Bell\Sympatico Security Advisor\SSA.exe" [2007-03-27 2061816]
"-FreedomNeedsReboot"="D:\Program Files\Bell\Gestionnaire de securite\ZkRunOnceR.exe" [2008-03-10 13552]
"VX3000"="D:\WINDOWS.0\vVX3000.exe" [2006-12-05 707360]
"LifeCam"="D:\Program Files\Microsoft LifeCam\LifeExp.exe" [2007-01-12 275800]
"Gestionnaire de sécurité Sympatico"="D:\Program Files\Bell\Gestionnaire de securite\RPS.exe" [2008-03-10 311024]
"iTunesHelper"="D:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"SkyTel"="SkyTel.EXE" [2006-05-16 D:\WINDOWS.0\SkyTel.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"IndexCleaner"="D:\Program Files\Bell\Gestionnaire de securite\IdxClnR.exe" [2008-03-10 61168]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS.0\system32\CTFMON.EXE" [2008-04-13 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= D:\WINDOWS.0\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= D:\WINDOWS.0\Resources\Themes\Royale.theme
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"D:\\WINDOWS.0\\system32\\sessmgr.exe"=
"D:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"D:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"D:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"D:\\Program Files\\iTunes\\iTunes.exe"=
"D:\\Program Files\\Messenger\\msmsgs.exe"=
"D:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\system32\\sessmgr.exe"=
"D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
R2 MSCamSvc;MSCamSvc;D:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-01-04 240408]
R2 VaultClientUpgrade;Personal Vault Upgrade Service;D:\Program Files\Personal Vault\VaultClientUpgrade.exe [2008-03-07 53248]
S3 Radialpoint Security Services;Gestionnaire de sécurité Sympatico;D:\Program Files\Bell\Gestionnaire de securite\RpsSecurityAware.exe [2008-03-10 67824]
.
Contenu du dossier 'Tâches planifiées'
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-20 23:43:09
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
D:\Program Files\Bell\Gestionnaire de securite\Fws.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Fichiers communs\Authentium\AntiVirus\dvpapi.exe
D:\WINDOWS.0\ehome\ehRecvr.exe
D:\WINDOWS.0\ehome\ehSched.exe
D:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
D:\WINDOWS.0\system32\rundll32.exe
D:\WINDOWS.0\system32\nvsvc32.exe
D:\Program Files\Raxco\PerfectDisk\PDAgent.exe
D:\WINDOWS.0\system32\PnkBstrA.exe
D:\Program Files\Raxco\PerfectDisk\PDEngine.exe
D:\WINDOWS.0\ehome\ehmsas.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\WINDOWS.0\system32\dllhost.exe
D:\Program Files\Bell\Gestionnaire de securite\rpsupdaterR.exe
D:\WINDOWS.0\system32\wscntfy.exe
D:\ComboFix\pv.cfexe
.
**************************************************************************
.
Heure de fin: 2008-09-20 23:46:34 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-09-21 03:46:30
ComboFix2.txt 2008-09-21 02:08:26
Avant-CF: 103ÿ524ÿ667ÿ392 octets libres
Après-CF: 103,513,989,120 octets libres
396 --- E O F --- 2008-09-20 05:09:23
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.235 [GMT -4:00]
Lancé depuis: D:\Documents and Settings\GUNSHOTS\Bureau\ComboFix.exe
Commutateurs utilisés :: D:\Documents and Settings\GUNSHOTS\Bureau\CFScript.txt
* Un nouveau point de restauration a été créé
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
FILE ::
D:\WINDOWS.0\system32\foku.exe
D:\WINDOWS.0\system32\suvas.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
D:\WINDOWS.0\system32\foku.exe
D:\WINDOWS.0\system32\suvas.exe
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_XULUYAPYUXE
-------\Service_xuluyapyuxe
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-21 au 2008-09-21 ))))))))))))))))))))))))))))))))))))
.
2008-09-20 23:07 . 2008-09-20 23:07 579,584 --a--c--- D:\WINDOWS.0\system32\dllcache\user32.dll
2008-09-20 23:06 . 2008-09-20 23:06 <REP> d-------- D:\WINDOWS.0\ERUNT
2008-09-20 22:32 . 2008-09-20 23:15 <REP> d-------- D:\SDFix
2008-09-20 20:49 . 2008-09-20 20:49 <REP> d-------- D:\msnfix
2008-09-20 01:25 . 2008-09-20 01:25 0 --a------ D:\WINDOWS.0\nsreg.dat
2008-09-20 01:05 . 2008-09-20 01:05 <REP> d-------- D:\WINDOWS.0\system32\fr-fr
2008-09-20 01:05 . 2008-09-20 01:05 <REP> d-------- D:\WINDOWS.0\system32\fr
2008-09-20 01:05 . 2008-09-20 01:05 <REP> d-------- D:\WINDOWS.0\system32\bits
2008-09-20 01:05 . 2008-09-20 01:05 <REP> d-------- D:\WINDOWS.0\l2schemas
2008-09-20 01:04 . 2008-09-20 01:06 <REP> d-------- D:\WINDOWS.0\ServicePackFiles
2008-09-20 00:40 . 2008-09-20 01:20 <REP> d-------- D:\Documents and Settings\GUNSHOTS\Application Data\MSNInstaller
2008-09-20 00:37 . 2008-08-09 09:24 59,728 --a------ D:\msimg32.dll
2008-09-17 12:29 . 2008-09-17 12:30 <REP> d-------- D:\Program Files\BSR Screen Recorder 4
2008-09-17 12:29 . 2008-09-17 12:29 585,728 --a------ D:\WINDOWS.0\system32\bsratswf.dll
2008-09-17 12:29 . 2008-09-17 12:29 147,456 --a------ D:\WINDOWS.0\system32\bsratwmv.dll
2008-09-17 12:29 . 2008-09-17 12:42 2,048 --a------ D:\WINDOWS.0\system32\Tr_sttool.dat
2008-09-08 05:09 . 2008-09-08 05:09 <REP> d-------- D:\WINDOWS.0\system32\djpclib
2008-09-08 05:09 . 2008-09-08 05:52 <REP> d-------- D:\Program Files\DJ Music Mixer
2008-09-08 05:09 . 2008-09-08 05:09 275,412 --a------ D:\WINDOWS.0\DJ Music Mixer Uninstaller.exe
2008-09-07 03:05 . 2008-09-07 03:05 <REP> d-------- D:\Program Files\New Folder 1
2008-09-07 02:51 . 2008-09-08 05:02 <REP> d-------- D:\Program Files\Mixxx
2008-09-07 02:51 . 2008-09-08 05:05 <REP> d-------- D:\Program Files\GamingSquared
2008-09-07 02:51 . 2008-09-07 02:51 <REP> d-------- D:\Program Files\Free Offers from Freeze.com
2008-09-07 02:50 . 2008-09-08 05:03 <REP> d-------- D:\Program Files\Yahoo!
2008-09-07 02:30 . 2008-09-07 02:30 <REP> d-------- D:\Program Files\HyCam2
2008-09-05 01:40 . 2008-09-05 01:40 <REP> d-------- D:\Program Files\TechSmith
2008-09-05 01:40 . 2008-09-05 01:40 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS.0\Application Data\TechSmith
2008-09-05 01:39 . 2008-09-05 01:39 <REP> d-------- D:\Program Files\Fichiers communs\Wise Installation Wizard
2008-09-02 10:05 . 2008-08-24 16:25 1,557,877 --------- D:\WINDOWS.0\MacroWhiz.CAB
2008-09-02 10:05 . 2000-07-15 00:00 101,888 --a------ D:\WINDOWS.0\system32\VB6STKIT.DLL
2008-09-02 10:05 . 2008-09-02 10:05 73,216 --a------ D:\WINDOWS.0\ST6UNST.EXE
2008-09-02 10:05 . 2008-09-02 10:05 1,378 --a------ D:\WINDOWS.0\ST6UNST.000
2008-08-23 00:18 . 2008-09-18 18:36 69 --a------ D:\WINDOWS.0\NeroDigital.ini
2008-08-21 01:14 . 2008-08-21 01:14 <REP> d-------- D:\Documents and Settings\GUNSHOTS\Application Data\Nero
2008-08-21 01:12 . 2008-08-21 01:12 <REP> d-------- D:\Program Files\Nero
2008-08-21 01:12 . 2008-08-21 01:12 <REP> d-------- D:\Program Files\Fichiers communs\Nero
2008-08-21 01:12 . 2008-08-21 01:12 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS.0\Application Data\Nero
2008-08-21 01:12 . 2006-03-17 11:45 1,757,184 --a------ D:\WINDOWS.0\system32\imagX7.dll
2008-08-21 01:12 . 2006-03-17 11:45 802,816 --a------ D:\WINDOWS.0\system32\imagXRA7.dll
2008-08-21 01:12 . 2006-03-17 11:45 497,296 --a------ D:\WINDOWS.0\system32\imagXpr7.dll
2008-08-21 01:12 . 2006-03-17 14:49 368,640 --a------ D:\WINDOWS.0\system32\TwnLib4.dll
2008-08-21 01:12 . 2006-03-17 11:45 258,048 --a------ D:\WINDOWS.0\system32\imagXR7.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-21 02:38 --------- d-----w D:\Documents and Settings\All Users.WINDOWS.0\Application Data\WLInstaller
2008-09-20 04:40 --------- d-----w D:\Program Files\Windows Live
2008-09-20 04:39 --------- d-----w D:\Program Files\Windows Live Toolbar
2008-09-19 09:52 138,280 ----a-w D:\WINDOWS.0\system32\drivers\PnkBstrK.sys
2008-09-19 09:52 111,928 ----a-w D:\WINDOWS.0\system32\PnkBstrB.exe
2008-09-17 22:31 --------- d-----w D:\Documents and Settings\GUNSHOTS\Application Data\LimeWire
2008-09-08 09:01 --------- d-----w D:\Program Files\Google
2008-09-08 05:35 --------- d-----w D:\Documents and Settings\GUNSHOTS\Application Data\skypePM
2008-09-02 14:23 --------- d-----w D:\Program Files\SwiftKit
2008-09-01 08:54 24 ----a-w D:\Documents and Settings\GUNSHOTS\jagex_runescape_preferences.dat
2008-08-19 16:39 --------- d-----w D:\Documents and Settings\GUNSHOTS\Application Data\Windows Live Writer
2008-08-16 16:03 --------- d-----w D:\Documents and Settings\GUNSHOTS\Application Data\Apple Computer
2008-08-16 14:49 --------- d-----w D:\Program Files\LimeWire
2008-08-13 12:49 --------- d-----w D:\Documents and Settings\All Users.WINDOWS.0\Application Data\Skype
2008-08-13 05:34 --------- d-----w D:\Program Files\Java
2008-08-13 05:33 --------- d-----w D:\Program Files\Fichiers communs\Java
2008-08-11 13:50 --------- d-----w D:\Program Files\iTunes
2008-08-11 13:49 --------- d-----w D:\Program Files\iPod
2008-08-11 13:49 --------- d-----w D:\Program Files\Bonjour
2008-08-11 13:49 --------- d-----w D:\Documents and Settings\All Users.WINDOWS.0\Application Data\Apple Computer
2008-08-11 13:48 --------- d-----w D:\Program Files\QuickTime
2008-08-11 13:46 --------- d-----w D:\Program Files\Apple Software Update
2008-08-11 13:45 --------- d-----w D:\Documents and Settings\All Users.WINDOWS.0\Application Data\Apple
2008-08-11 12:38 --------- d-----w D:\Documents and Settings\All Users.WINDOWS.0\Application Data\SwiftKit
2008-08-11 02:39 66,872 ----a-w D:\WINDOWS.0\system32\PnkBstrA.exe
2008-08-11 00:58 --------- d-----w D:\Program Files\Realtek
2008-08-11 00:31 --------- d--h--w D:\Program Files\InstallShield Installation Information
2008-08-11 00:23 --------- d-----w D:\Documents and Settings\All Users.WINDOWS.0\Application Data\PC Drivers HeadQuarters
2008-08-10 23:52 --------- d-----w D:\Program Files\Fichiers communs\InstallShield
2008-08-10 20:49 --------- d-----w D:\Program Files\NOS
2008-08-10 20:49 --------- d-----w D:\Documents and Settings\All Users.WINDOWS.0\Application Data\NOS
2008-08-10 20:44 --------- d-----w D:\Program Files\Fichiers communs\Adobe
2008-08-10 20:21 --------- d-----w D:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-08-10 19:07 --------- d-----w D:\Program Files\Microsoft SQL Server Compact Edition
2008-08-10 18:59 --------- dcsh--w D:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-08-10 18:42 --------- d-----w D:\Program Files\Microsoft LifeCam
2008-08-10 18:18 --------- d-----w D:\Documents and Settings\GUNSHOTS\Application Data\Bell
2008-08-10 18:15 --------- d-----w D:\Program Files\Fichiers communs\Scanner
2008-08-10 18:09 --------- d-----w D:\Program Files\Personal Vault
2008-08-10 18:08 --------- d-----w D:\Program Files\Raxco
2008-08-10 18:08 --------- d-----w D:\Program Files\Fichiers communs\Authentium
2008-08-10 18:08 --------- d-----w D:\Program Files\CA
2008-08-10 18:08 --------- d-----w D:\Program Files\Bell
2008-08-10 18:08 --------- d-----w D:\Documents and Settings\All Users.WINDOWS.0\Application Data\Raxco
2008-08-10 18:08 --------- d-----w D:\Documents and Settings\All Users.WINDOWS.0\Application Data\Bell
2008-08-10 18:07 --------- d-----w D:\Documents and Settings\GUNSHOTS\Application Data\InstallShield
2008-08-10 18:04 --------- d-----w D:\Documents and Settings\All Users.WINDOWS.0\Application Data\MotiveSysIDs
2008-08-10 17:58 157 ----a-w D:\Program Files\INSTALL.LOG
2008-08-10 17:58 155,995 ----a-w D:\WINDOWS.0\java\Packages\ZVJTBV9V.ZIP
2008-08-10 17:58 --------- d-----w D:\Program Files\Fichiers communs\Motive
2008-08-10 17:58 --------- d-----w D:\Program Files\Common Files
2008-08-10 17:58 --------- d-----w D:\Documents and Settings\All Users.WINDOWS.0\Application Data\Motive
2008-08-10 17:45 --------- d-----w D:\Documents and Settings\All Users.WINDOWS.0\Application Data\NVIDIA
2008-08-10 16:48 --------- d-----w D:\Program Files\InterVideo
2008-08-10 16:48 --------- d-----w D:\Program Files\Fichiers communs\InterVideo
2008-08-10 16:44 --------- d-----w D:\Program Files\microsoft frontpage
2008-08-10 16:41 --------- d-----w D:\Program Files\Services en ligne
2008-08-10 16:38 --------- d-----w D:\Program Files\Windows Plus
2008-07-19 02:10 94,920 ----a-w D:\WINDOWS.0\system32\cdm.dll
2008-07-19 02:10 53,448 ----a-w D:\WINDOWS.0\system32\wuauclt.exe
2008-07-19 02:10 45,768 ----a-w D:\WINDOWS.0\system32\wups2.dll
2008-07-19 02:10 36,552 ----a-w D:\WINDOWS.0\system32\wups.dll
2008-07-19 02:09 563,912 ----a-w D:\WINDOWS.0\system32\wuapi.dll
2008-07-19 02:09 325,832 ----a-w D:\WINDOWS.0\system32\wucltui.dll
2008-07-19 02:09 205,000 ----a-w D:\WINDOWS.0\system32\wuweb.dll
2008-07-19 02:09 1,811,656 ----a-w D:\WINDOWS.0\system32\wuaueng.dll
2008-07-19 02:07 270,880 ----a-w D:\WINDOWS.0\system32\mucltui.dll
2008-07-19 02:07 210,976 ----a-w D:\WINDOWS.0\system32\muweb.dll
2008-07-18 18:39 587,264 ----a-w D:\WINDOWS.0\WLXPGSS.SCR
2008-07-07 20:28 253,952 ----a-w D:\WINDOWS.0\system32\es.dll
2008-06-24 16:44 74,240 ----a-w D:\WINDOWS.0\system32\mscms.dll
2008-06-23 15:10 670,208 ----a-w D:\WINDOWS.0\system32\wininet.dll
.
((((((((((((((((((((((((((((( snapshot@2008-09-20_22.07.54.31 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-08-07 20:27:04 163,328 ----a-w D:\WINDOWS.0\ERUNT\SDFIX\ERDNT.EXE
+ 2008-09-21 03:06:38 3,923,968 ----a-w D:\WINDOWS.0\ERUNT\SDFIX\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-09-21 03:06:38 180,224 ----a-w D:\WINDOWS.0\ERUNT\SDFIX\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-08-07 20:27:04 163,328 ----a-w D:\WINDOWS.0\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-09-21 03:06:35 3,923,968 ----a-w D:\WINDOWS.0\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-09-21 03:06:35 180,224 ----a-w D:\WINDOWS.0\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000002\UsrClass.dat
- 2008-08-11 01:35:15 29,926 ----a-r D:\WINDOWS.0\Installer\{BADF6744-3787-48F6-B8C9-4C4995401D65}\MsblIco.Exe
+ 2008-09-21 02:41:54 29,926 ----a-r D:\WINDOWS.0\Installer\{BADF6744-3787-48F6-B8C9-4C4995401D65}\MsblIco.Exe
- 2005-09-23 11:28:58 55,488 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2007-04-13 07:21:18 58,712 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
- 2005-09-23 11:28:32 10,752 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2007-04-13 07:20:52 10,752 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
- 2005-09-23 11:28:32 8,192 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2007-04-13 07:20:52 8,192 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
- 2005-09-23 11:28:32 23,552 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2007-04-13 07:20:52 23,552 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
- 2005-09-23 11:28:32 70,656 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2007-04-13 07:20:50 75,264 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
- 2005-09-23 11:28:32 26,824 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2007-04-13 07:20:52 32,608 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
- 2005-09-23 11:28:32 29,896 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2007-04-13 07:20:52 33,632 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
- 2005-09-23 11:28:32 29,888 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2007-04-13 07:20:52 32,600 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
- 2005-09-23 11:28:32 503,808 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2007-04-13 07:20:52 507,904 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2005-09-23 11:28:56 88,576 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2007-04-13 07:21:16 88,576 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
- 2005-09-23 11:28:38 4,608 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2007-04-13 07:20:58 5,120 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2005-09-23 11:28:56 10,752 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Accessibility.dll
+ 2005-09-23 11:28:32 503,808 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\AspNetMMCExt.dll
+ 2005-09-23 11:28:42 13,312 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\cscompmgd.dll
+ 2005-09-23 11:28:56 68,608 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\CustomMarshalers.dll
+ 2005-09-23 11:28:56 8,192 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\IEExecRemote.dll
+ 2005-09-23 11:28:56 36,864 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\IEHost.dll
+ 2005-09-23 11:28:56 5,632 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\IIEHost.dll
+ 2005-09-23 11:28:56 72,192 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\ISymWrapper.dll
+ 2005-09-23 11:28:48 413,696 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft.Build.Engine.dll
+ 2005-09-23 11:28:48 36,864 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft.Build.Framework.dll
+ 2005-09-23 11:28:48 647,168 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft.Build.Tasks.dll
+ 2005-09-23 11:28:48 73,728 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft.Build.Utilities.dll
+ 2005-09-23 11:28:48 745,472 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft.JScript.dll
+ 2005-09-23 11:29:10 110,592 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2005-09-23 11:29:10 372,736 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft.VisualBasic.Compatibility.dll
+ 2005-09-23 11:29:08 667,648 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft.VisualBasic.dll
+ 2005-09-23 11:28:30 28,672 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft.VisualBasic.Vsa.dll
+ 2005-09-23 11:29:10 5,632 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft.VisualC.Dll
+ 2005-09-23 11:28:30 32,768 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft.Vsa.dll
+ 2005-09-23 11:28:30 12,800 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2005-09-23 11:28:30 7,168 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\Microsoft_VsaVb.dll
+ 2005-09-23 11:28:56 4,308,992 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\mscorlib.dll
+ 2005-09-23 11:28:56 110,592 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\sysglobl.dll
+ 2005-09-23 11:28:58 389,120 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.configuration.dll
+ 2005-09-23 11:28:56 81,920 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Configuration.Install.dll
+ 2005-09-23 11:28:56 2,878,976 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Data.dll
+ 2005-09-23 11:28:56 482,304 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Data.OracleClient.dll
+ 2005-09-23 11:28:56 716,800 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Data.SqlXml.dll
+ 2005-09-23 11:28:38 884,736 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Deployment.dll
+ 2005-09-23 11:28:56 5,050,368 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Design.dll
+ 2005-09-23 11:28:56 397,312 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.DirectoryServices.dll
+ 2005-09-23 11:28:56 188,416 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.DirectoryServices.Protocols.dll
+ 2005-09-23 11:28:56 3,018,752 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.dll
+ 2005-09-23 11:28:56 81,920 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Drawing.Design.dll
+ 2005-09-23 11:28:56 700,416 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Drawing.dll
+ 2005-09-23 11:28:56 258,048 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.EnterpriseServices.dll
+ 2005-09-23 11:28:56 114,176 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.EnterpriseServices.Wrapper.dll
+ 2005-09-23 11:28:56 368,640 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Management.dll
+ 2005-09-23 11:28:56 258,048 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Messaging.dll
+ 2005-09-23 11:28:56 299,008 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Runtime.Remoting.dll
+ 2005-09-23 11:28:56 131,072 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Runtime.Serialization.Formatters.Soap.dll
+ 2005-09-23 11:28:56 258,048 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Security.dll
+ 2005-09-23 11:28:56 114,688 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.ServiceProcess.dll
+ 2005-09-23 11:28:56 260,096 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Transactions.dll
+ 2005-09-23 11:28:56 5,025,792 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Web.dll
+ 2005-09-23 11:28:56 835,584 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Web.Mobile.dll
+ 2005-09-23 11:28:56 86,016 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Web.RegularExpressions.dll
+ 2005-09-23 11:28:56 823,296 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Web.Services.dll
+ 2005-09-23 11:28:56 5,316,608 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.Windows.Forms.dll
+ 2005-09-23 11:28:56 2,035,712 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\GAC14235\System.XML.dll
- 2005-09-23 11:28:56 9,728 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2007-04-13 07:21:16 9,728 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
- 2005-09-23 11:28:56 224,952 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2007-04-13 07:21:16 228,688 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
- 2005-09-23 11:28:56 28,672 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2007-04-13 07:21:16 28,672 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2005-09-23 11:28:48 413,696 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2007-04-13 07:21:10 413,696 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
- 2005-09-23 11:28:48 647,168 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2007-04-13 07:21:10 647,168 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
- 2005-09-23 11:28:48 745,472 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2007-04-13 07:21:08 749,568 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
- 2005-09-23 11:28:32 87,552 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2007-04-13 07:20:52 87,040 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
- 2005-09-23 11:28:56 800,768 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2007-04-13 07:21:18 802,304 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2005-09-23 11:28:56 36,864 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2007-04-13 07:21:16 36,864 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
- 2005-09-23 11:28:56 326,144 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2007-04-13 07:21:16 326,656 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
- 2005-09-23 11:28:56 4,308,992 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2007-04-13 07:21:16 4,308,992 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2005-09-23 11:28:56 102,400 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2007-04-13 07:21:16 102,912 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
- 2005-09-23 11:28:56 226,816 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2007-04-13 07:21:18 227,328 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
- 2005-09-23 11:28:56 66,240 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2007-04-13 07:21:18 68,952 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
- 2005-09-23 11:28:50 5,615,616 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2007-04-13 07:21:12 5,634,048 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2005-09-23 11:28:56 96,440 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2007-04-13 07:21:16 99,152 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\ngen.exe
- 2005-09-23 11:28:56 14,848 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2007-04-13 07:21:18 15,360 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\normalization.dll
- 2005-09-23 11:28:50 136,192 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2007-04-13 07:21:12 136,192 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\peverify.dll
- 2005-09-23 11:28:56 377,344 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2007-04-13 07:21:18 382,464 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2005-09-23 11:28:56 110,592 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2007-04-13 07:21:18 110,592 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
- 2005-09-23 11:28:58 389,120 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2007-04-13 07:21:18 413,696 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2005-09-23 11:28:56 2,878,976 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2007-04-13 07:21:16 2,902,016 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
- 2005-09-23 11:28:56 482,304 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2007-04-13 07:21:18 482,304 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
- 2005-09-23 11:28:56 716,800 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2007-04-13 07:21:18 716,800 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
- 2005-09-23 11:28:38 884,736 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2007-04-13 07:20:58 888,832 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
- 2005-09-23 11:28:56 5,050,368 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2007-04-13 07:21:16 5,001,216 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
- 2005-09-23 11:28:56 188,416 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2007-04-13 07:21:18 188,416 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2005-09-23 11:28:56 3,018,752 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2007-04-13 07:21:16 2,940,928 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2005-09-23 11:28:56 700,416 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2007-04-13 07:21:16 577,536 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2005-09-23 11:28:56 258,048 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2007-04-13 07:21:16 258,048 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
- 2005-09-23 11:28:56 47,616 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2007-04-13 07:21:18 47,616 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2005-09-23 11:28:56 114,176 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2007-04-13 07:21:18 114,176 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2005-09-23 11:28:56 368,640 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2007-04-13 07:21:16 372,736 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2005-09-23 11:28:56 299,008 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2007-04-13 07:21:16 299,008 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
- 2005-09-23 11:28:56 260,096 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2007-04-13 07:21:18 260,096 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
- 2005-09-23 11:28:56 5,025,792 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2007-04-13 07:21:16 5,156,864 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
- 2005-09-23 11:28:56 5,316,608 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2007-04-13 07:21:16 5,152,768 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2005-09-23 11:28:56 2,035,712 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2007-04-13 07:21:16 2,027,520 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
- 2005-09-23 11:29:06 1,140,920 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2007-04-13 07:21:28 1,166,672 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\vbc.exe
- 2005-09-23 11:28:30 1,306,624 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2007-04-13 07:20:50 1,330,688 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
- 2005-09-23 11:28:32 298,496 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2007-04-13 07:20:52 406,016 ----a-w D:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2005-09-23 11:28:52 270,848 ----a-w D:\WINDOWS.0\system32\mscoree.dll
+ 2007-04-13 07:21:14 271,360 ----a-w D:\WINDOWS.0\system32\mscoree.dll
+ 2007-10-18 15:31:46 51,224 ----a-w D:\WINDOWS.0\system32\sirenacm.dll
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS.0\system32\ctfmon.exe" [2008-04-13 15360]
"MSMSGS"="D:\Program Files\Messenger\msmsgs.exe" [2008-04-13 1695232]
"MsnMsgr"="D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"IndexCleaner"="D:\Program Files\Bell\Gestionnaire de securite\IdxClnR.exe" [2008-03-10 61168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="D:\WINDOWS.0\system32\NvCpl.dll" [2006-08-12 7630848]
"NvMediaCenter"="D:\WINDOWS.0\system32\NvMcTray.dll" [2006-08-12 86016]
"ehTray"="D:\WINDOWS.0\ehome\ehtray.exe" [2004-08-10 59392]
"SSA.exe"="D:\Program Files\Bell\Sympatico Security Advisor\SSA.exe" [2007-03-27 2061816]
"-FreedomNeedsReboot"="D:\Program Files\Bell\Gestionnaire de securite\ZkRunOnceR.exe" [2008-03-10 13552]
"VX3000"="D:\WINDOWS.0\vVX3000.exe" [2006-12-05 707360]
"LifeCam"="D:\Program Files\Microsoft LifeCam\LifeExp.exe" [2007-01-12 275800]
"Gestionnaire de sécurité Sympatico"="D:\Program Files\Bell\Gestionnaire de securite\RPS.exe" [2008-03-10 311024]
"iTunesHelper"="D:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"SkyTel"="SkyTel.EXE" [2006-05-16 D:\WINDOWS.0\SkyTel.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"IndexCleaner"="D:\Program Files\Bell\Gestionnaire de securite\IdxClnR.exe" [2008-03-10 61168]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS.0\system32\CTFMON.EXE" [2008-04-13 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= D:\WINDOWS.0\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= D:\WINDOWS.0\Resources\Themes\Royale.theme
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"D:\\WINDOWS.0\\system32\\sessmgr.exe"=
"D:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"D:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"D:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"D:\\Program Files\\iTunes\\iTunes.exe"=
"D:\\Program Files\\Messenger\\msmsgs.exe"=
"D:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\system32\\sessmgr.exe"=
"D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
R2 MSCamSvc;MSCamSvc;D:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-01-04 240408]
R2 VaultClientUpgrade;Personal Vault Upgrade Service;D:\Program Files\Personal Vault\VaultClientUpgrade.exe [2008-03-07 53248]
S3 Radialpoint Security Services;Gestionnaire de sécurité Sympatico;D:\Program Files\Bell\Gestionnaire de securite\RpsSecurityAware.exe [2008-03-10 67824]
.
Contenu du dossier 'Tâches planifiées'
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-20 23:43:09
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
D:\Program Files\Bell\Gestionnaire de securite\Fws.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Fichiers communs\Authentium\AntiVirus\dvpapi.exe
D:\WINDOWS.0\ehome\ehRecvr.exe
D:\WINDOWS.0\ehome\ehSched.exe
D:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
D:\WINDOWS.0\system32\rundll32.exe
D:\WINDOWS.0\system32\nvsvc32.exe
D:\Program Files\Raxco\PerfectDisk\PDAgent.exe
D:\WINDOWS.0\system32\PnkBstrA.exe
D:\Program Files\Raxco\PerfectDisk\PDEngine.exe
D:\WINDOWS.0\ehome\ehmsas.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\WINDOWS.0\system32\dllhost.exe
D:\Program Files\Bell\Gestionnaire de securite\rpsupdaterR.exe
D:\WINDOWS.0\system32\wscntfy.exe
D:\ComboFix\pv.cfexe
.
**************************************************************************
.
Heure de fin: 2008-09-20 23:46:34 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-09-21 03:46:30
ComboFix2.txt 2008-09-21 02:08:26
Avant-CF: 103ÿ524ÿ667ÿ392 octets libres
Après-CF: 103,513,989,120 octets libres
396 --- E O F --- 2008-09-20 05:09:23
pour vrai merci encore une fois tu croi que je peu avoir ton msn si g des question exemple? je sen que tes un guide des ordinateur :P
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question