Antivirus 2009: rapport malware besoin d'aide
roxou
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
j'ai le virus antivirus 2009
j'ai loader malwarebytes
a la fin il a dit qu'il a pu tout supprimer
voici mon rapport
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1390
Windows 5.1.2600 Service Pack 3
12/11/2008 18:54:41
mbam-log-2008-11-12 (18-54-41).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 92998
Temps écoulé: 47 minute(s), 44 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 9
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 22
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\pmnnOFVm.dll (Trojan.Vundo.H) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74084557-be32-489d-9fd1-0ffaff8f68a3} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{74084557-be32-489d-9fd1-0ffaff8f68a3} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows UDP Control Center (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows UDP Control Services (Backdoor.Bot) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\pmnnofvm -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\pmnnofvm -> Delete on reboot.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\pmnnOFVm.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\mVFOnnmp.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mVFOnnmp.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mathieu\Local Settings\Temporary Internet Files\Content.IE5\5UAA1UEP\cntr[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP124\A0081450.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP125\A0081460.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP126\A0081466.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP126\A0082451.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP126\A0083451.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP126\A0083476.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP127\A0083491.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP127\A0083503.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP127\A0083511.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP127\A0083520.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP127\A0084524.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP127\A0085522.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP127\A0085526.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP127\A0086556.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP128\A0087557.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\fxstaller.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\wksvcsc.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
j'ai le virus antivirus 2009
j'ai loader malwarebytes
a la fin il a dit qu'il a pu tout supprimer
voici mon rapport
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1390
Windows 5.1.2600 Service Pack 3
12/11/2008 18:54:41
mbam-log-2008-11-12 (18-54-41).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 92998
Temps écoulé: 47 minute(s), 44 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 9
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 22
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\pmnnOFVm.dll (Trojan.Vundo.H) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74084557-be32-489d-9fd1-0ffaff8f68a3} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{74084557-be32-489d-9fd1-0ffaff8f68a3} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows UDP Control Center (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows UDP Control Services (Backdoor.Bot) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\pmnnofvm -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\pmnnofvm -> Delete on reboot.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\pmnnOFVm.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\mVFOnnmp.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mVFOnnmp.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mathieu\Local Settings\Temporary Internet Files\Content.IE5\5UAA1UEP\cntr[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP124\A0081450.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP125\A0081460.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP126\A0081466.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP126\A0082451.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP126\A0083451.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP126\A0083476.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP127\A0083491.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP127\A0083503.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP127\A0083511.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP127\A0083520.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP127\A0084524.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP127\A0085522.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP127\A0085526.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP127\A0086556.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8205D71A-4810-4FD7-A887-74E6860CF33E}\RP128\A0087557.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\fxstaller.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\wksvcsc.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
A voir également:
- Antivirus 2009: rapport malware besoin d'aide
- Comodo antivirus - Télécharger - Sécurité
- Panda antivirus - Télécharger - Antivirus & Antimalwares
- Norton antivirus gratuit - Télécharger - Antivirus & Antimalwares
- Telecharger splitcam ancienne version 2009 - Télécharger - Messagerie
- Bitdefender antivirus free - Télécharger - Antivirus & Antimalwares
4 réponses
salut , :
ComboFix:
télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware et ta connection internet
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
ComboFix:
télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware et ta connection internet
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
voici le rapport combofix
ComboFix 08-11-11.01 - Maman 2008-11-12 19:19:17.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.68 [GMT -5:00]
Lancé depuis: c:\documents and settings\Maman\Bureau\ComboFix.exe
* Resident AV is active
[COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/B][/COLOR]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\msn.exe
c:\windows\system32\uwbcpylu.ini
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-13 au 2008-11-13 ))))))))))))))))))))))))))))))))))))
.
2008-11-12 17:10 . 2008-11-12 17:10 <REP> d-------- c:\documents and settings\Maman\Application Data\Malwarebytes
2008-11-12 17:09 . 2008-11-12 17:09 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-12 17:09 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-12 17:09 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-10 21:43 . 2008-11-11 19:39 7,741 --a------ C:\osjs.exe
2008-11-10 19:08 . 2008-11-11 19:49 7,741 --a------ C:\oss.exe
2008-11-10 18:09 . 2008-11-10 18:09 50,688 -r-hs---- c:\windows\printer.exe
2008-11-09 18:20 . 2008-11-09 18:22 <REP> d-------- c:\program files\Téléchargeur de FlatOut2
2008-11-07 20:21 . 2008-11-07 20:20 93,234 -r-hs---- c:\windows\iMDM32.exe
2008-11-07 20:20 . 2008-11-07 20:20 93,234 --a------ C:\gjfs.exe
2008-11-06 10:16 . 2008-11-06 10:16 93,234 --a------ c:\documents and settings\Mathieu\fat.exe
2008-10-31 17:46 . 2008-10-31 17:46 45 ---h----- c:\windows\dsez3061.dat
2008-10-31 17:45 . 2008-10-31 18:11 <REP> d-------- c:\program files\PhotoFiltre Studio
2008-10-31 17:32 . 2008-10-31 17:32 <REP> d-------- c:\documents and settings\Mathieu\Application Data\Canon
2008-10-25 19:49 . 2008-10-25 19:49 8,192 --ahs---- c:\windows\Thumbs.db
2008-10-24 03:58 . 2008-10-15 11:35 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
2008-10-23 18:19 . 2008-10-31 17:39 <REP> d-------- c:\documents and settings\All Users\Application Data\PhotoStitch
2008-10-22 06:12 . 2008-10-22 06:12 <REP> d-------- c:\program files\Eidos Interactive
2008-10-21 19:26 . 2008-10-21 19:26 <REP> d-------- c:\program files\Fichiers communs\BOONTY Shared
2008-10-21 19:26 . 2008-10-21 19:26 <REP> d-------- c:\documents and settings\All Users\Application Data\BOONTY
2008-10-18 08:39 . 2008-10-18 08:43 <REP> d-------- c:\program files\MTA San Andreas
2008-10-16 19:04 . 2008-10-16 20:38 <REP> d-------- c:\documents and settings\Mathieu\Application Data\uTorrent
2008-10-15 21:17 . 2008-09-08 05:41 333,824 -----c--- c:\windows\system32\dllcache\srv.sys
2008-10-15 21:16 . 2008-08-14 08:23 2,191,232 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2008-10-15 21:16 . 2008-08-14 08:23 2,147,328 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-10-15 21:16 . 2008-08-14 08:23 2,068,096 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-10-15 21:16 . 2008-08-14 08:23 2,025,984 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2008-10-15 21:16 . 2008-09-15 10:26 1,846,528 -----c--- c:\windows\system32\dllcache\win32k.sys
2008-10-13 08:00 . 2008-10-13 08:00 <REP> d-------- c:\program files\Fichiers communs\DirectX
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-13 00:02 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2008-11-08 19:06 --------- d-----w c:\documents and settings\Mathieu\Application Data\LimeWire
2008-10-22 01:05 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-22 01:05 --------- d-----w c:\program files\Fichiers communs\InstallShield
2008-10-21 23:49 98,304 ----a-w c:\windows\system32\CmdLineExt.dll
2008-10-13 12:25 --------- d-----w c:\program files\EA Sports
2008-10-01 14:44 --------- d--h--r c:\documents and settings\Mathieu\Application Data\SecuROM
2008-09-25 21:18 --------- d-----w c:\program files\NOS
2008-09-25 21:18 --------- d-----w c:\documents and settings\All Users\Application Data\NOS
2008-09-25 16:39 --------- d-----w c:\program files\Fichiers communs\Adobe AIR
2008-09-25 16:37 --------- d-----w c:\program files\Fichiers communs\Adobe
2008-09-20 11:33 --------- d-----w c:\program files\Windows Media Connect 2
2008-09-15 15:26 1,846,528 ----a-w c:\windows\system32\win32k.sys
2008-08-26 08:11 826,368 ----a-w c:\windows\system32\wininet.dll
2008-08-25 17:17 21,840 ----atw c:\windows\system32\SIntfNT.dll
2008-08-25 17:17 17,212 ----atw c:\windows\system32\SIntf32.dll
2008-08-25 17:17 12,067 ----atw c:\windows\system32\SIntf16.dll
ComboFix 08-11-11.01 - Maman 2008-11-12 19:19:17.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.68 [GMT -5:00]
Lancé depuis: c:\documents and settings\Maman\Bureau\ComboFix.exe
* Resident AV is active
[COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/B][/COLOR]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\msn.exe
c:\windows\system32\uwbcpylu.ini
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-13 au 2008-11-13 ))))))))))))))))))))))))))))))))))))
.
2008-11-12 17:10 . 2008-11-12 17:10 <REP> d-------- c:\documents and settings\Maman\Application Data\Malwarebytes
2008-11-12 17:09 . 2008-11-12 17:09 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-12 17:09 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-12 17:09 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-10 21:43 . 2008-11-11 19:39 7,741 --a------ C:\osjs.exe
2008-11-10 19:08 . 2008-11-11 19:49 7,741 --a------ C:\oss.exe
2008-11-10 18:09 . 2008-11-10 18:09 50,688 -r-hs---- c:\windows\printer.exe
2008-11-09 18:20 . 2008-11-09 18:22 <REP> d-------- c:\program files\Téléchargeur de FlatOut2
2008-11-07 20:21 . 2008-11-07 20:20 93,234 -r-hs---- c:\windows\iMDM32.exe
2008-11-07 20:20 . 2008-11-07 20:20 93,234 --a------ C:\gjfs.exe
2008-11-06 10:16 . 2008-11-06 10:16 93,234 --a------ c:\documents and settings\Mathieu\fat.exe
2008-10-31 17:46 . 2008-10-31 17:46 45 ---h----- c:\windows\dsez3061.dat
2008-10-31 17:45 . 2008-10-31 18:11 <REP> d-------- c:\program files\PhotoFiltre Studio
2008-10-31 17:32 . 2008-10-31 17:32 <REP> d-------- c:\documents and settings\Mathieu\Application Data\Canon
2008-10-25 19:49 . 2008-10-25 19:49 8,192 --ahs---- c:\windows\Thumbs.db
2008-10-24 03:58 . 2008-10-15 11:35 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
2008-10-23 18:19 . 2008-10-31 17:39 <REP> d-------- c:\documents and settings\All Users\Application Data\PhotoStitch
2008-10-22 06:12 . 2008-10-22 06:12 <REP> d-------- c:\program files\Eidos Interactive
2008-10-21 19:26 . 2008-10-21 19:26 <REP> d-------- c:\program files\Fichiers communs\BOONTY Shared
2008-10-21 19:26 . 2008-10-21 19:26 <REP> d-------- c:\documents and settings\All Users\Application Data\BOONTY
2008-10-18 08:39 . 2008-10-18 08:43 <REP> d-------- c:\program files\MTA San Andreas
2008-10-16 19:04 . 2008-10-16 20:38 <REP> d-------- c:\documents and settings\Mathieu\Application Data\uTorrent
2008-10-15 21:17 . 2008-09-08 05:41 333,824 -----c--- c:\windows\system32\dllcache\srv.sys
2008-10-15 21:16 . 2008-08-14 08:23 2,191,232 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2008-10-15 21:16 . 2008-08-14 08:23 2,147,328 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-10-15 21:16 . 2008-08-14 08:23 2,068,096 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-10-15 21:16 . 2008-08-14 08:23 2,025,984 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2008-10-15 21:16 . 2008-09-15 10:26 1,846,528 -----c--- c:\windows\system32\dllcache\win32k.sys
2008-10-13 08:00 . 2008-10-13 08:00 <REP> d-------- c:\program files\Fichiers communs\DirectX
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-13 00:02 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2008-11-08 19:06 --------- d-----w c:\documents and settings\Mathieu\Application Data\LimeWire
2008-10-22 01:05 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-22 01:05 --------- d-----w c:\program files\Fichiers communs\InstallShield
2008-10-21 23:49 98,304 ----a-w c:\windows\system32\CmdLineExt.dll
2008-10-13 12:25 --------- d-----w c:\program files\EA Sports
2008-10-01 14:44 --------- d--h--r c:\documents and settings\Mathieu\Application Data\SecuROM
2008-09-25 21:18 --------- d-----w c:\program files\NOS
2008-09-25 21:18 --------- d-----w c:\documents and settings\All Users\Application Data\NOS
2008-09-25 16:39 --------- d-----w c:\program files\Fichiers communs\Adobe AIR
2008-09-25 16:37 --------- d-----w c:\program files\Fichiers communs\Adobe
2008-09-20 11:33 --------- d-----w c:\program files\Windows Media Connect 2
2008-09-15 15:26 1,846,528 ----a-w c:\windows\system32\win32k.sys
2008-08-26 08:11 826,368 ----a-w c:\windows\system32\wininet.dll
2008-08-25 17:17 21,840 ----atw c:\windows\system32\SIntfNT.dll
2008-08-25 17:17 17,212 ----atw c:\windows\system32\SIntf32.dll
2008-08-25 17:17 12,067 ----atw c:\windows\system32\SIntf16.dll
