Sujet Précédent Sujet Suivant

Virus!!!!

Résolu/Fermé
cynthia92 Messages postés 294 Date d'inscription mercredi 12 décembre 2007 Statut Membre Dernière intervention 11 août 2009 - 19 nov. 2008 à 20:03
cynthia92 Messages postés 294 Date d'inscription mercredi 12 décembre 2007 Statut Membre Dernière intervention 11 août 2009 - 24 nov. 2008 à 17:32
Bonjour,


En faisant une bêtise sur le net j'ai attrapé des virus.

Dès que je me connectais, ils éteignaient mon pc donc j'ai fait la même chose que pour ma mère http://www.commentcamarche.net/forum/message 230200 le pc s allume et apres il s eteint

et depuis dès que je j'allume mon pc, il y a un message d'erreur qui s'affiche ( ce sont les virus ) et si je ferme ce message, mon pc se bloque.

De plus, dès que je me connecte a internet et je charge un site, ça me redirectionne vers un site pornographique.

Je pose un rapport Hijackthis.
A voir également:

121 réponses

Précédent
Réponse 101 / 121
Utilisateur anonyme
23 nov. 2008 à 23:35
Hi,

Télécharge OTMoveIt3 (de Old_Timer) sur le bureau :

http://oldtimer.geekstogo.com/OTMoveIt3.exe

Double-clique sur OTMoveIt3.exe sur le bureau

- Assure toi que la case Unregister Dll's and Ocx's soit bien cochée

- Copie le texte qui se trouve en citation sans les====et colle le dans le cadre de gauche de OTMoveIt nommé Paste List of Files/Folders to be moved
===================================================================
:processes
explorer.exe

:services

:reg

:files

C:\Documents and Settings\Propriétaire\Bureau\SDFix\SDFix\backups\catchme.zip­ Infected: Backdoor.Win32.TDSS.blh 1

C:\Documents and Settings\Propriétaire\Bureau\SDFix\SDFix\backups\catchme.zip­ Infected: Backdoor.Win32.TDSS.asz 1

C:\Documents and Settings\Propriétaire\Bureau\SDFix\SDFix\backups\catchme.zip­ Infected: Backdoor.Win32.TDSS.atb 1

C:\Documents and Settings\Propriétaire\Mes documents\Nouveau dossier\FindyKill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k 1

C:\Documents and Settings\Propriétaire\Mes documents\Nouveau dossier\SmitfraudFix.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1

C:\Program Files\FindyKill\Tools\Kill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k 1


:commands
[purity]
[emptytemp]
[start explorer]
[reboot]
======================================================================
- Clique sur MoveIt! pour lancer la suppression.
- Ferme OTMoveIt3

Ton PC va redémarrer pour finir la suppression

0
Réponse 102 / 121
cynthia92 Messages postés 294 Date d'inscription mercredi 12 décembre 2007 Statut Membre Dernière intervention 11 août 2009 1
23 nov. 2008 à 23:56
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
File/Folder C:\Documents and Settings\Propriétaire\Bureau\SDFix\SDFix\backups\catchme.zip­­ Infected: Backdoor.Win32.TDSS.blh 1 not found.
File/Folder C:\Documents and Settings\Propriétaire\Bureau\SDFix\SDFix\backups\catchme.zip­­ Infected: Backdoor.Win32.TDSS.asz 1 not found.
File/Folder C:\Documents and Settings\Propriétaire\Bureau\SDFix\SDFix\backups\catchme.zip­­ Infected: Backdoor.Win32.TDSS.atb 1 not found.
File/Folder C:\Documents and Settings\Propriétaire\Mes documents\Nouveau dossier\FindyKill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k 1 not found.
File/Folder C:\Documents and Settings\Propriétaire\Mes documents\Nouveau dossier\SmitfraudFix.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1 not found.
File/Folder C:\Program Files\FindyKill\Tools\Kill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k 1 not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\hsperfdata_Propriétaire\648 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Perflib_Perfdata_878.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DFE200.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\nvcbin.def.CA456A2F.TMP scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_7cc.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 11242008_194113

Files moved on Reboot...
File C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\hsperfdata_Propriétaire\648 not found!
File C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Perflib_Perfdata_878.dat not found!
C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DFE200.tmp moved successfully.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\nvcbin.def.CA456A2F.TMP scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_7cc.dat not found!
0
Réponse 103 / 121
cynthia92 Messages postés 294 Date d'inscription mercredi 12 décembre 2007 Statut Membre Dernière intervention 11 août 2009 1
23 nov. 2008 à 23:56
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:53:18, on 24/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\FSGK32.EXE
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FSMB32.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\slmdmsr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FCH32.EXE
C:\Program Files\Orange\AntivirusFirewall\Common\FAMEH32.EXE
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fssm32.exe
C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe
C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsus.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsav32.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE
C:\Program Files\Atheros\ACU.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IDETOOL\IDETOOL.EXE
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\NETGEAR\WG311T\wlancfg5.exe
C:\Program Files\NETGEAR\WPN311\wlancfg5.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Orange\Deskboard\deskboard.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail?kw=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: IDETool.lnk = C:\Program Files\IDETOOL\IDETOOL.EXE
O4 - Global Startup: NETGEAR WG311T Smart Wizard.lnk = C:\Program Files\NETGEAR\WG311T\wlancfg5.exe
O4 - Global Startup: NETGEAR WPN311 Smart Wizard.lnk = C:\Program Files\NETGEAR\WPN311\wlancfg5.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.orange.fr/portail
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O23 - Service: Service de configuration Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Unknown owner - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (file missing)
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slmdmsr.exe
0
Réponse 104 / 121
cynthia92 Messages postés 294 Date d'inscription mercredi 12 décembre 2007 Statut Membre Dernière intervention 11 août 2009 1
23 nov. 2008 à 23:57
Que faire maintenant stp?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 105 / 121
Utilisateur anonyme
24 nov. 2008 à 00:00
Hi,

Relance hijack et clique sur "Do a system scan only"
Ensuite recherche ces lignes et coches les cases

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail?kw=

Ensuite clique sur "Fix checked"

Refait un hijackthis de controle.
0
Réponse 106 / 121
cynthia92 Messages postés 294 Date d'inscription mercredi 12 décembre 2007 Statut Membre Dernière intervention 11 août 2009 1
24 nov. 2008 à 00:04
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:53:18, on 24/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\FSGK32.EXE
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FSMB32.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\slmdmsr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FCH32.EXE
C:\Program Files\Orange\AntivirusFirewall\Common\FAMEH32.EXE
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fssm32.exe
C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe
C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsus.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsav32.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE
C:\Program Files\Atheros\ACU.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IDETOOL\IDETOOL.EXE
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\NETGEAR\WG311T\wlancfg5.exe
C:\Program Files\NETGEAR\WPN311\wlancfg5.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Orange\Deskboard\deskboard.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail?kw=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: IDETool.lnk = C:\Program Files\IDETOOL\IDETOOL.EXE
O4 - Global Startup: NETGEAR WG311T Smart Wizard.lnk = C:\Program Files\NETGEAR\WG311T\wlancfg5.exe
O4 - Global Startup: NETGEAR WPN311 Smart Wizard.lnk = C:\Program Files\NETGEAR\WPN311\wlancfg5.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.orange.fr/portail
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O23 - Service: Service de configuration Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Unknown owner - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (file missing)
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slmdmsr.exe
0
Réponse 107 / 121
cynthia92 Messages postés 294 Date d'inscription mercredi 12 décembre 2007 Statut Membre Dernière intervention 11 août 2009 1
24 nov. 2008 à 00:04
Et maintenantt...
0
Réponse 108 / 121
cynthia92 Messages postés 294 Date d'inscription mercredi 12 décembre 2007 Statut Membre Dernière intervention 11 août 2009 1
24 nov. 2008 à 00:06
Il est bizarement lent et ne charge pas certaines pages internet...
0
Réponse 109 / 121
Utilisateur anonyme
24 nov. 2008 à 00:06
Hi,

ben utilise "toolscleaner que je t'ai donner précedement,et tu lance l'analyse et tu supprime tout les fix que l'on a utiliser.

Et c'est bon pour toi.

Alut.
0
Réponse 110 / 121
cynthia92 Messages postés 294 Date d'inscription mercredi 12 décembre 2007 Statut Membre Dernière intervention 11 août 2009 1
24 nov. 2008 à 00:24
Ca y est, que faire maintenant parce qu'il est lent et ne charge pas certains sites, choses qu'il ne faisait pas il y a 2 jours...
0
Réponse 111 / 121
Utilisateur anonyme
24 nov. 2008 à 00:28
Hi,

passe sa:

Combofix. Attention, ce logiciel est très puissant, une mauvaise utilisation peut faire des dégâts...

Fais exactement ce qui suit :



Télécharge ComboFix (de sUBs) sur ton Bureau (et pas ailleurs !) :
Fais un clic droit sur ce lien et choisis "enregistrer la cible sous ... " : dans la fenêtre qui s'ouvre tape C-Fix, choisis le bureau comme destination et valide :

--------------------------------------------- [ ! ATTENTION ! ] ----------------------------------------------------------
!! déconnecte toi, ferme toutes tes applications en cours et DESACTIVE TOUTES TES DEFENCES (anti-virus, antispyware, pare-feu) le temps de la manipulation (si jamais tu en as et que je ne les ai pas vu sur le rapport hijackthis....)

---> Surtout, si tu rencontres des difficultés à ce niveau là, dis le moi avant de poursuivre...

Tuto ici : TUTO
---------------------------------------------------------------------------------------------------------------------------------

Ensuite :

Double-clique sur C-Fix.exe (= combofix.exe ) .

Appuie sur une touche pour démarrer le scan .

Attention : n'utilise pas ta souris ni ton clavier pendant que le programme tourne. Cela pourrait figer l'ordi ---> si un message d'erreur windows apparait à un moment : clique sur la croix rouge en haut à droite de la fenêtre pour la fermer

Le rapport sera crée dans: C:\Combofix.txt , poste le ici stp
0
Réponse 112 / 121
cynthia92 Messages postés 294 Date d'inscription mercredi 12 décembre 2007 Statut Membre Dernière intervention 11 août 2009 1
24 nov. 2008 à 00:52
ça y est, et maintenant???
0
Réponse 113 / 121
cynthia92 Messages postés 294 Date d'inscription mercredi 12 décembre 2007 Statut Membre Dernière intervention 11 août 2009 1
24 nov. 2008 à 00:52
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:51:45, on 24/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\FSGK32.EXE
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FSMB32.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\slmdmsr.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FCH32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FAMEH32.EXE
C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE
C:\Program Files\Atheros\ACU.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IDETOOL\IDETOOL.EXE
C:\Program Files\NETGEAR\WG311T\wlancfg5.exe
C:\Program Files\NETGEAR\WPN311\wlancfg5.exe
C:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fssm32.exe
C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsus.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsav32.exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: IDETool.lnk = C:\Program Files\IDETOOL\IDETOOL.EXE
O4 - Global Startup: NETGEAR WG311T Smart Wizard.lnk = C:\Program Files\NETGEAR\WG311T\wlancfg5.exe
O4 - Global Startup: NETGEAR WPN311 Smart Wizard.lnk = C:\Program Files\NETGEAR\WPN311\wlancfg5.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.orange.fr/portail
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O23 - Service: Service de configuration Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Unknown owner - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (file missing)
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slmdmsr.exe
0
Réponse 114 / 121
Utilisateur anonyme
24 nov. 2008 à 03:40
Hi,

tu la fait combofix?

Alut.
0
Réponse 115 / 121
cynthia92 Messages postés 294 Date d'inscription mercredi 12 décembre 2007 Statut Membre Dernière intervention 11 août 2009 1
24 nov. 2008 à 14:44
ComboFix 08-11-22.02 - Propriétaire 2008-11-24 20:35:38.4 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.192 [GMT 1:00]
Lancé depuis: c:\documents and settings\Propriétaire\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé

[COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/B][/COLOR]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\InfoSat.txt

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-24 au 2008-11-24 ))))))))))))))))))))))))))))))))))))
.

2008-11-24 19:41 . 2008-11-24 19:41 <REP> d-------- C:\_OTMoveIt
2008-11-24 10:14 . 2008-11-24 10:14 <REP> d-------- c:\windows\system32\Kaspersky Lab
2008-11-23 19:04 . 2008-11-23 21:20 1,393 --a------ c:\windows\imsins.BAK
2008-11-23 16:05 . 2008-04-14 03:04 93,184 -----c--- c:\windows\system32\dllcache\msxml6r.dll
2008-11-23 16:05 . 2004-08-03 22:41 11,868 --------- c:\windows\system32\drivers\mdmxsdk.sys
2008-11-23 11:10 . 2008-11-23 11:15 <REP> d-------- C:\KB
2008-11-22 23:59 . 2008-11-23 00:08 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-22 23:59 . 2008-11-22 23:59 <REP> d-------- c:\documents and settings\Propriétaire\Application Data\Malwarebytes
2008-11-22 23:59 . 2008-11-22 23:59 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-22 23:59 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-22 23:59 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-22 23:49 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll
2008-11-22 22:33 . 2008-10-16 14:08 27,672 --a------ c:\windows\system32\wuapi.dll.mui
2008-11-21 21:26 . 2008-10-03 18:12 6,066,176 -----c--- c:\windows\system32\dllcache\ieframe.dll
2008-11-21 21:26 . 2007-04-17 10:32 2,455,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dat
2008-11-21 21:26 . 2008-09-15 16:26 1,846,528 -----c--- c:\windows\system32\dllcache\win32k.sys
2008-11-21 21:26 . 2007-03-08 06:10 1,048,576 -----c--- c:\windows\system32\dllcache\ieframe.dll.mui
2008-11-21 21:26 . 2008-08-26 09:11 459,264 -----c--- c:\windows\system32\dllcache\msfeeds.dll
2008-11-21 21:26 . 2008-08-26 09:11 383,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dll
2008-11-21 21:26 . 2008-08-26 09:11 267,776 -----c--- c:\windows\system32\dllcache\iertutil.dll
2008-11-21 21:26 . 2008-08-26 09:11 63,488 -----c--- c:\windows\system32\dllcache\icardie.dll
2008-11-21 21:26 . 2008-08-26 09:11 52,224 -----c--- c:\windows\system32\dllcache\msfeedsbs.dll
2008-11-21 21:25 . 2008-08-14 14:23 2,191,232 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2008-11-21 21:25 . 2008-08-14 14:23 2,147,328 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-11-21 21:25 . 2008-08-14 14:23 2,068,096 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-11-21 21:25 . 2008-08-14 14:23 2,025,984 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2008-11-21 21:14 . 2008-06-14 18:33 272,768 -----c--- c:\windows\system32\dllcache\bthport.sys
2008-11-21 21:13 . 2008-09-08 11:41 333,824 -----c--- c:\windows\system32\dllcache\srv.sys
2008-11-21 21:09 . 2008-05-08 15:02 203,136 -----c--- c:\windows\system32\dllcache\rmcast.sys
2008-11-21 21:08 . 2008-04-11 20:05 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll
2008-11-21 21:02 . 2008-10-15 17:35 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
2008-11-21 21:01 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-21 19:52 . 2008-11-23 14:30 664 --a------ c:\windows\system32\d3d9caps.dat
2008-11-21 18:24 . 2008-11-21 18:24 <REP> d-------- C:\VundoFix Backups
2008-11-21 18:08 . 2008-11-21 18:08 <REP> d-------- C:\rsit
2008-11-20 22:45 . 2008-11-24 20:09 <REP> d-------- c:\windows\ERUNT
2008-11-20 21:18 . 2008-11-20 21:30 <REP> d-------- c:\program files\Navilog1
2008-11-20 19:17 . 2008-11-23 14:06 <REP> d-------- c:\program files\FindyKill
2008-11-20 17:01 . 2008-11-20 17:24 <REP> d-------- C:\ToolBar SD
2008-11-20 16:40 . 2008-11-24 20:15 4,004 --a------ c:\windows\system32\PerfStringBackup.TMP
2008-11-19 16:22 . 2008-11-19 16:22 <REP> d-------- C:\OEMSettings
2008-11-19 16:09 . 2008-11-19 16:09 17,801 --a------ c:\windows\system32\drivers\AegisP.sys
2008-11-19 16:08 . 2008-11-19 16:21 <REP> d-------- c:\program files\NETGEAR
2008-11-19 15:56 . 2008-11-19 15:56 <REP> d-------- c:\windows\Downloaded Installations
2008-11-19 14:32 . 2008-11-19 14:32 268 --ah----- C:\sqmdata00.sqm
2008-11-19 14:32 . 2008-11-19 14:32 244 --ah----- C:\sqmnoopt00.sqm
2008-11-18 21:53 . 2008-11-18 21:53 <REP> d-------- c:\program files\Realtek AC97
2008-11-18 21:21 . 2008-11-19 17:00 <REP> d-------- C:\Driver Download
2008-11-18 21:08 . 2004-08-05 13:00 28,288 --a--c--- c:\windows\system32\dllcache\xjis.nls
2008-11-18 21:06 . 2004-08-05 13:00 1,875,968 --a--c--- c:\windows\system32\dllcache\msir3jp.lex
2008-11-18 21:05 . 2008-04-14 03:31 13,463,552 --a--c--- c:\windows\system32\dllcache\hwxjpn.dll
2008-11-18 21:04 . 2004-08-05 13:00 1,677,824 --a--c--- c:\windows\system32\dllcache\chsbrkr.dll
2008-11-18 21:03 . 2003-04-14 20:29 217,088 --a--c--- c:\windows\system32\dllcache\fpmmcsat.dll
2008-11-18 21:03 . 2003-04-14 20:29 16,384 --a--c--- c:\windows\system32\dllcache\tcptsat.dll
2008-11-18 20:57 . 2008-11-18 20:57 749 -rah----- c:\windows\WindowsShell.Manifest
2008-11-18 20:57 . 2008-11-18 20:57 749 -rah----- c:\windows\system32\wuaucpl.cpl.manifest
2008-11-18 20:57 . 2008-11-18 20:57 749 -rah----- c:\windows\system32\sapi.cpl.manifest
2008-11-18 20:57 . 2008-11-18 20:57 749 -rah----- c:\windows\system32\ncpa.cpl.manifest
2008-11-18 20:57 . 2008-11-18 20:57 488 -rah----- c:\windows\system32\logonui.exe.manifest
2008-11-18 20:56 . 2004-08-05 13:00 16,384 --a--c--- c:\windows\system32\dllcache\isignup.exe
2008-11-18 20:42 . 2008-11-18 20:42 <REP> d---s---- c:\windows\system32\config\systemprofile\Historique
2008-11-18 18:11 . 2008-11-18 18:11 <REP> d-------- c:\documents and settings\All Users\Application Data\AntiVir PersonalEdition Classic
2008-11-18 18:06 . 2008-11-18 18:06 <REP> d-------- c:\program files\Avira
2008-11-18 18:04 . 2008-11-18 18:04 932 --a------ c:\windows\setupapi.old
2008-11-18 16:39 . 2007-09-02 20:56 1,686,016 --a------ c:\windows\system32\clinetsuitex6.ocx
2008-11-18 16:39 . 2004-03-09 16:45 662,288 --a------ c:\windows\system32\MSCOMCT2.OCX
2008-11-18 16:39 . 2004-06-14 14:56 427,864 --a------ c:\windows\system32\XceedZip.dll
2008-11-16 14:08 . 2008-11-16 14:04 73,728 --a------ c:\windows\system32\javacpl.cpl
2008-11-16 13:18 . 2008-11-16 13:42 16,307,608 --a------ c:\program files\jre-6u10-windows-i586-p-s.exe
2008-11-16 13:18 . 2008-11-16 13:18 1,886,800 --a------ c:\program files\install_flash_player_10_active_x.exe
2008-11-12 12:57 . 2008-11-16 14:04 410,976 --a------ c:\windows\system32\deploytk.dll
2008-11-11 17:16 . 2008-11-11 17:16 <REP> d-------- c:\program files\WinZip.Pro.v12.0.8252{H33T}{JOHNCANADUDE}
2008-11-11 17:15 . 2008-11-11 17:16 <REP> d-------- c:\program files\WinRAR 3.71 Final French
2008-11-10 16:44 . 2008-11-10 16:44 <REP> d-------- c:\program files\NeroInstall.bak
2008-11-10 16:34 . 2008-11-10 16:34 <REP> d-------- c:\documents and settings\Propriétaire\Application Data\Nero
2008-11-10 16:23 . 2008-11-10 16:23 <REP> d-------- c:\program files\Nero
2008-11-10 16:23 . 2008-11-10 16:23 <REP> d-------- c:\documents and settings\All Users\Application Data\Nero
2008-11-09 11:17 . 2008-11-09 11:20 2,955,128 --a------ c:\program files\ccsetup213.exe
2008-11-07 19:35 . 2008-11-07 19:35 25,129,080 --a------ c:\program files\antivir_workstation_winu_en_h.exe
2008-11-07 17:50 . 2008-11-07 17:52 6,113,439 --a------ c:\program files\pci_filerecovery.exe
2008-11-07 17:42 . 2008-11-07 17:43 2,331,336 --a------ c:\program files\recuva_recuva_1.20.361_francais_31279.exe
2008-11-07 17:40 . 2008-11-07 17:43 7,261,864 --a------ c:\program files\RecoverMyFiles-Setup.exe
2008-11-05 18:18 . 2008-11-05 18:40 16,735,888 --a------ c:\program files\wg311t_5_0_setup.exe
2008-11-05 17:10 . 2008-11-18 19:24 <REP> d-------- c:\windows\Drivers
2008-11-05 17:10 . 2002-12-24 13:52 54,016 --a------ c:\windows\system32\drivers\ousb2hub.sys
2008-11-05 17:10 . 2002-12-24 13:52 39,040 --a------ c:\windows\system32\drivers\ousbehci.sys
2008-11-04 23:28 . 2008-11-04 23:44 15,689,944 --a------ c:\documents and settings\wpn311_2_0_setup.exe
2008-11-04 23:27 . 2008-11-04 23:44 16,735,888 --a------ c:\documents and settings\wg311t_5_0_setup.exe
2008-11-04 23:24 . 2008-11-04 23:26 1,435,845 --a------ c:\documents and settings\VIA_Hyperion 4in1_v456v.zip
2008-11-04 23:23 . 2008-11-04 23:34 13,301,758 --a------ c:\documents and settings\via_hyperionpro_v521a.zip
2008-11-04 23:21 . 2008-11-04 23:26 461,960 --a------ c:\documents and settings\MANUAL_CMP-USB2PCC10.zip
2008-11-04 23:20 . 2008-11-04 23:33 15,243,539 --a------ c:\documents and settings\VIA_USB2_V270p1-L-M.zip
2008-10-31 13:38 . 2008-10-31 13:38 <REP> d-------- c:\program files\Samsung
2008-10-28 14:01 . 2008-05-14 17:12 <REP> d-------- C:\META-INF
2008-10-28 13:35 . 2008-10-06 18:01 <REP> d--h----- c:\documents and settings\Administrateur\Voisinage réseau
2008-10-28 13:35 . 2008-10-06 18:01 <REP> d--h----- c:\documents and settings\Administrateur\Voisinage d'impression
2008-10-28 13:35 . 2008-10-06 16:07 <REP> d--h----- c:\documents and settings\Administrateur\Modèles
2008-10-28 13:35 . 2008-10-06 18:01 <REP> d-------- c:\documents and settings\Administrateur\Mes documents
2008-10-28 13:35 . 2008-10-06 18:01 <REP> dr------- c:\documents and settings\Administrateur\Menu Démarrer
2008-10-28 13:35 . 2008-10-06 18:01 <REP> d-------- c:\documents and settings\Administrateur\Favoris
2008-10-28 13:35 . 2008-10-06 16:17 <REP> d-------- c:\documents and settings\Administrateur\Bureau
2008-10-28 13:35 . 2008-10-28 13:35 <REP> d-------- c:\documents and settings\Administrateur
2008-10-28 12:19 . 2003-03-11 00:12 59,632 -ra------ c:\windows\system32\drivers\qcusbser.sys
2008-10-28 11:41 . 2003-03-11 00:12 59,632 -ra------ c:\windows\system32\drivers\qcusbmdm.sys
2008-10-25 19:34 . 2008-10-31 14:12 <REP> d-------- c:\documents and settings\Propriétaire\Application Data\Samsung
2008-10-25 19:30 . 2008-10-25 19:30 <REP> d-------- c:\program files\Fichiers communs\Adobe
2008-10-25 19:22 . 2006-05-03 21:53 174,592 --a------ c:\windows\system32\framedyn.dll
2008-10-25 19:22 . 2007-07-03 15:58 106,792 --a------ c:\windows\system32\drivers\sscdmdm.sys
2008-10-25 19:22 . 2007-07-03 15:54 80,552 --a------ c:\windows\system32\drivers\sscdbus.sys
2008-10-25 19:22 . 2007-07-03 15:57 11,944 --a------ c:\windows\system32\drivers\sscdmdfl.sys
2008-10-25 19:22 . 2007-07-03 16:00 9,256 --a------ c:\windows\system32\drivers\sscdwhnt.sys
2008-10-25 19:22 . 2007-07-03 16:00 9,256 --a------ c:\windows\system32\drivers\sscdwh.sys
2008-10-25 19:22 . 2007-07-03 15:56 9,256 --a------ c:\windows\system32\drivers\sscdcmnt.sys
2008-10-25 19:22 . 2007-07-03 15:56 9,256 --a------ c:\windows\system32\drivers\sscdcm.sys
2008-10-25 19:21 . 2008-10-25 19:22 <REP> d-------- c:\windows\system32\Samsung_USB_Drivers
2008-10-25 19:21 . 2005-08-28 20:51 766 --a------ c:\windows\system32\Uninstall.ico
2008-10-25 19:20 . 2008-10-31 14:09 5,632 --a------ c:\windows\system32\drivers\StarOpen.sys
2008-10-25 11:53 . 2008-11-24 20:13 229,860 --a------ c:\windows\system32\oodbs.lor
2008-10-25 10:35 . 2008-10-25 10:35 <REP> d-------- c:\program files\OO Software

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-23 17:36 --------- d-----w c:\program files\MSECACHE
2008-11-23 13:43 --------- d-----w c:\program files\Atheros
2008-11-23 13:08 --------- d-----w c:\program files\VideoLAN
2008-11-19 16:31 --------- d-----w c:\program files\IDETOOL
2008-11-19 15:42 --------- d-----w c:\program files\DirectX
2008-11-19 15:22 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-18 20:35 --------- d-----w c:\program files\ma-config.com
2008-11-18 20:35 --------- d-----w c:\documents and settings\All Users\Application Data\ma-config.com
2008-11-18 19:46 20,152 ----a-w c:\windows\system32\drivers\INFCACHE.1
2008-11-16 13:03 --------- d-----w c:\program files\Java
2008-11-13 20:23 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2008-11-10 15:30 --------- d-----w c:\program files\Fichiers communs\Nero
2008-11-10 13:26 --------- d-----w c:\program files\Ahead
2008-10-30 08:51 51,072 ----a-w c:\windows\system32\drivers\fsdfw.sys
2008-10-30 08:51 30,016 ----a-w c:\windows\system32\drivers\fsndis5.sys
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-23 10:21 --------- d-----w c:\program files\MSBuild
2008-10-23 10:21 --------- d-----w c:\program files\Microsoft Works
2008-10-23 10:18 --------- d-----w c:\program files\Microsoft.NET
2008-10-23 10:14 --------- d-----w c:\program files\Microsoft Visual Studio 8
2008-10-23 10:04 --------- d-----w c:\documents and settings\All Users\Application Data\WinZip
2008-10-23 09:00 --------- d-----w c:\program files\Microsoft Silverlight
2008-10-22 14:34 --------- d-----w c:\documents and settings\All Users\Application Data\DVD Shrink
2008-10-22 14:16 --------- d-----w c:\documents and settings\Propriétaire\Application Data\dvdcss
2008-10-21 15:16 --------- d-----w c:\program files\DVD Shrink
2008-10-21 13:42 --------- d-----w c:\documents and settings\Propriétaire\Application Data\vlc
2008-10-21 13:31 --------- d-----w c:\documents and settings\Propriétaire\Application Data\Apple Computer
2008-10-21 12:31 --------- d-----w c:\program files\Office 2007 Pro Edition _ Lyes dz
2008-10-20 16:00 --------- d-----w c:\documents and settings\Propriétaire\Application Data\Image Zone Express
2008-10-20 08:28 --------- d-----w c:\program files\BitComet
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-12 16:48 --------- d-----w c:\program files\Fichiers communs\InstallShield
2008-10-12 16:32 --------- d-----w c:\program files\Windows Installer Clean Up
2008-10-12 16:30 359,656 ----a-w c:\program files\msicuu2.exe
2008-10-12 15:38 --------- d-----w c:\program files\Microsoft CAPICOM 2.1.0.2
2008-10-10 18:33 --------- d-----w c:\program files\Fichiers communs\Labtec
2008-10-10 18:31 --------- d-----w c:\program files\Fichiers communs\LogiShrd
2008-10-10 18:30 --------- d-----w c:\program files\Labtec
2008-10-09 14:40 --------- d-----w c:\documents and settings\Propriétaire\Application Data\HP
2008-10-08 17:42 1,495,112 ----a-w c:\program files\install_flash_player.exe
2008-10-07 17:52 --------- d-----w c:\program files\Windows Desktop Search
2008-10-07 17:31 --------- d-----w c:\program files\MSXML 4.0
2008-10-07 17:22 --------- d-----w c:\documents and settings\All Users\Application Data\Messenger Plus!
2008-10-07 17:20 --------- d-----w c:\program files\Windows Media Connect 2
2008-10-07 15:03 --------- d-----w c:\program files\NEW DRIVERS
2008-10-07 14:42 --------- d-----w c:\program files\S3
2008-10-07 14:30 --------- d-----w c:\program files\Messenger Plus! Live
2008-10-07 14:24 --------- d-----w c:\program files\Windows Live
2008-10-07 14:19 --------- dcsh--w c:\program files\Fichiers communs\WindowsLiveInstaller
2008-10-07 14:17 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller
2008-10-07 14:15 --------- d-----w c:\program files\iTunes
2008-10-07 14:15 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-07 14:14 --------- d-----w c:\program files\QuickTime
2008-10-07 14:14 --------- d-----w c:\program files\iPod
2008-10-07 14:14 --------- d-----w c:\program files\Bonjour
2008-10-07 14:14 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2008-10-07 14:12 --------- d-----w c:\program files\Fichiers communs\Apple
2008-10-07 14:11 --------- d-----w c:\program files\Apple Software Update
2008-10-07 14:09 --------- d-----w c:\documents and settings\All Users\Application Data\Apple
2008-10-07 14:07 --------- d-----w c:\program files\VIA
2008-10-07 12:58 67,167,528 ----a-w c:\program files\iTunes801Setup.exe
2008-10-06 19:27 --------- d-----w c:\program files\Orange
2008-10-06 19:24 25,752,376 ----a-w c:\program files\wmp11-windowsxp-x86-enu.exe
2008-10-06 19:22 --------- d-----w c:\program files\Fichiers communs\France Telecom
2008-10-06 19:21 --------- d-----w c:\documents and settings\Propriétaire\Application Data\F-Secure
2008-10-06 19:19 --------- d-----w c:\program files\SAGEM
2008-10-06 19:19 --------- d-----w c:\documents and settings\Propriétaire\Application Data\InstallShield
2008-10-06 19:18 --------- d-----w c:\program files\Securitoo
2008-10-06 17:35 4,865,872 ----a-w c:\program files\MsgPlusLive-470.exe
2008-10-06 17:29 --------- d-----w c:\documents and settings\All Users\Application Data\F-Secure
2008-10-06 17:27 2,402,832 ----a-w c:\program files\WLinstaller.exe
2008-10-06 17:27 14,648,672 ----a-w c:\program files\winzip120.exe
2008-10-06 17:27 --------- d-----w c:\documents and settings\All Users\Application Data\fssg
2008-10-06 17:25 69,235,448 ----a-w c:\program files\orange_avfw_513.exe
2008-10-06 16:43 1,234,120 ----a-w c:\program files\wrar380.exe
2008-10-06 16:41 --------- d-----w c:\program files\CCleaner
2008-10-06 16:38 1,885,208 ----a-w c:\program files\flashplayer10_install_activex_091508.exe
2008-10-06 16:36 2,934,168 ----a-w c:\program files\ccsetup212.exe
2008-10-06 16:36 1,014,272 ----a-w c:\program files\wlsetup-web.exe
2008-10-06 16:34 5,318,816 ----a-w c:\program files\bitcomet_setup.exe
2008-10-06 16:31 --------- d-----w c:\program files\Google
2008-10-06 16:30 166,560 ----a-w c:\program files\GoogleToolbarInstaller_download_signed.exe
2008-10-06 15:47 --------- d-----w c:\program files\DRIVERS
2008-10-06 15:46 9,388 ----a-w c:\windows\system32\drivers\iaStor.PNF
2008-10-06 15:46 7,280 ----a-w c:\windows\system32\drivers\viamraid.PNF
2008-10-06 15:46 63,240 ----a-w c:\windows\system32\drivers\Si3112r.PNF
2008-10-06 15:46 6,984 ----a-w c:\windows\system32\drivers\SiSRaid.PNF
2008-10-06 15:46 12,432 ----a-w c:\windows\system32\drivers\adpu320.PNF
2008-10-06 15:46 12,204 ----a-w c:\windows\system32\drivers\nvraid.PNF
2008-10-06 15:46 10,828 ----a-w c:\windows\system32\drivers\iaAHCI.PNF
2008-10-06 15:39 --------- d-----w c:\program files\HP
2008-10-06 15:39 --------- d-----w c:\program files\Fichiers communs\HP
2008-10-06 15:39 --------- d-----w c:\documents and settings\All Users\Application Data\HP
2008-10-06 15:36 --------- d-----w c:\program files\Hewlett-Packard
.

((((((((((((((((((((((((((((( snapshot_2008-11-23_10.13.56,39 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-08-05 12:00:00 200,064 -c----w c:\windows\$NtUninstallKB950762$\rmcast.sys
- 2005-07-26 04:39:58 243,200 -c----w c:\windows\$NtUninstallKB950974$\es.dll
- 2004-08-05 12:00:00 678,400 -c----w c:\windows\$NtUninstallKB951066$\inetcomm.dll
- 2004-08-05 12:00:00 274,944 -c----w c:\windows\$NtUninstallKB951376-v2$\bthport.sys
- 2005-08-30 03:55:44 1,293,312 -c----w c:\windows\$NtUninstallKB951698$\quartz.dll
- 2008-02-20 05:35:05 148,992 -c----w c:\windows\$NtUninstallKB951748$\dnsapi.dll
- 2004-08-05 12:00:00 247,808 -c----w c:\windows\$NtUninstallKB951748$\mswsock.dll
- 2006-01-13 02:28:14 359,808 -c----w c:\windows\$NtUninstallKB951748$\tcpip.sys
- 2004-08-05 12:00:00 223,616 -c----w c:\windows\$NtUninstallKB951748$\tcpip6.sys
- 2004-08-05 12:00:00 331,776 -c----w c:\windows\$NtUninstallKB952287$\msadce.dll
- 2005-06-29 01:49:42 74,240 -c----w c:\windows\$NtUninstallKB952954$\mscms.dll
- 2004-08-05 12:00:00 72,704 -c----w c:\windows\$NtUninstallKB953155$\msw3prt.dll
- 2004-08-05 12:00:00 102,400 -c----w c:\windows\$NtUninstallKB953155$\win32spl.dll
- 2005-10-06 03:08:50 1,839,616 -c----w c:\windows\$NtUninstallKB954211$\win32k.sys
- 2004-08-05 12:00:00 1,236,480 -c----w c:\windows\$NtUninstallKB955069$\msxml3.dll
- 2004-08-05 12:00:00 138,496 -c----w c:\windows\$NtUninstallKB956803$\afd.sys
- 2005-09-29 18:28:42 2,059,520 -c----w c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
- 2005-09-29 18:29:05 2,182,272 -c----w c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
- 2005-05-10 00:17:52 332,544 -c----w c:\windows\$NtUninstallKB957095$\srv.sys
- 2006-05-05 09:41:45 453,120 -c----w c:\windows\$NtUninstallKB957097$\mrxsmb.sys
- 2004-08-05 12:00:00 332,288 -c----w c:\windows\$NtUninstallKB958644$\netapi32.dll
- 2004-08-05 12:00:00 1,852,416 ----a-w c:\windows\AppPatch\AcGenral.dll
+ 2008-04-14 02:33:18 1,852,928 ----a-w c:\windows\AppPatch\acgenral.dll
- 2004-08-05 12:00:00 450,048 ----a-w c:\windows\AppPatch\AcLayers.dll
+ 2008-04-14 02:33:18 451,072 ----a-w c:\windows\AppPatch\aclayers.dll
- 2004-08-05 12:00:00 137,728 ----a-w c:\windows\AppPatch\AcLua.dll
+ 2008-04-14 02:33:18 141,312 ----a-w c:\windows\AppPatch\aclua.dll
- 2004-08-05 12:00:00 244,736 ----a-w c:\windows\AppPatch\AcSpecfc.dll
+ 2008-04-14 02:33:18 245,248 ----a-w c:\windows\AppPatch\acspecfc.dll
- 2004-08-05 12:00:00 116,224 ----a-w c:\windows\AppPatch\AcXtrnal.dll
+ 2008-04-14 02:33:18 116,224 ----a-w c:\windows\AppPatch\acxtrnal.dll
- 2008-06-14 17:59:52 272,768 ------w c:\windows\Driver Cache\i386\bthport.sys
+ 2008-06-14 17:33:37 272,768 ------w c:\windows\Driver Cache\i386\bthport.sys
- 2008-10-24 11:10:42 453,632 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-10-24 11:21:09 455,296 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
- 2008-08-14 13:39:07 2,144,768 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 13:23:44 2,147,328 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2008-08-14 13:39:12 2,065,024 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 13:23:49 2,068,096 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2008-08-14 13:39:03 2,022,912 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 13:23:44 2,025,984 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2008-08-14 13:39:11 2,188,032 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-08-14 13:23:49 2,191,232 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-08-07 14:27:04 163,328 ----a-w c:\windows\ERUNT\SDFIXT\ERDNT.EXE
+ 2008-11-20 21:45:37 3,977,216 ----a-w c:\windows\ERUNT\SDFIXT\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-11-20 21:45:37 192,512 ----a-w c:\windows\ERUNT\SDFIXT\Users\[u]0[/u]0000002\UsrClass.dat
- 2007-06-13 13:22:28 1,037,312 ----a-w c:\windows\explorer.exe
+ 2008-04-14 02:34:03 1,037,824 ----a-w c:\windows\explorer.exe
- 2004-08-05 12:00:00 34,816 ----a-w c:\windows\Help\sniffpol.dll
+ 2008-04-14 02:33:41 34,816 ----a-w c:\windows\Help\sniffpol.dll
- 2004-08-05 12:00:00 33,280 ----a-w c:\windows\Help\sstub.dll
+ 2008-04-14 02:33:46 33,280 ----a-w c:\windows\Help\sstub.dll
- 2004-08-05 12:00:00 279,040 ----a-w c:\windows\Help\tshoot.dll
+ 2008-04-14 02:33:46 279,040 ----a-w c:\windows\Help\tshoot.dll
- 2005-05-26 23:22:02 10,752 ----a-w c:\windows\hh.exe
+ 2008-04-14 02:34:06 10,752 ----a-w c:\windows\hh.exe
- 2004-08-05 12:00:00 220,160 ----a-w c:\windows\ime\mscandui.dll
+ 2008-04-14 02:33:30 220,160 ----a-w c:\windows\ime\mscandui.dll
- 2004-08-05 12:00:00 130,048 ----a-w c:\windows\ime\SOFTKBD.DLL
+ 2008-04-14 02:33:41 130,048 ----a-w c:\windows\ime\softkbd.dll
- 2004-08-05 12:00:00 62,976 ----a-w c:\windows\ime\SPGRMR.dll
+ 2008-04-13 16:43:18 62,976 ----a-w c:\windows\ime\spgrmr.dll
- 2004-08-05 12:00:00 272,384 ----a-w c:\windows\ime\SPTIP.dll
+ 2008-04-14 02:33:46 272,384 ----a-w c:\windows\ime\sptip.dll
- 2006-11-03 08:58:34 317,440 ----a-w c:\windows\inf\unregmp2.exe
+ 2007-06-29 10:59:14 318,976 ----a-w c:\windows\inf\unregmp2.exe
- 2004-08-05 12:00:00 24,064 ----a-w c:\windows\msagent\agentanm.dll
+ 2008-04-14 02:33:18 24,064 ----a-w c:\windows\msagent\agentanm.dll
- 2004-08-05 12:00:00 214,016 ----a-w c:\windows\msagent\agentctl.dll
+ 2008-04-14 02:33:18 214,016 ----a-w c:\windows\msagent\agentctl.dll
- 2006-10-12 14:04:13 42,496 ----a-w c:\windows\msagent\agentdp2.dll
+ 2008-04-14 02:33:18 42,496 ----a-w c:\windows\msagent\agentdp2.dll
- 2007-03-09 13:48:06 57,344 ----a-w c:\windows\msagent\agentdpv.dll
+ 2008-04-14 02:33:18 57,344 ----a-w c:\windows\msagent\agentdpv.dll
- 2004-08-05 12:00:00 49,152 ----a-w c:\windows\msagent\agentmpx.dll
+ 2008-04-14 02:33:18 49,152 ----a-w c:\windows\msagent\agentmpx.dll
- 2004-08-05 12:00:00 24,064 ----a-w c:\windows\msagent\agentpsh.dll
+ 2008-04-14 02:33:18 24,064 ----a-w c:\windows\msagent\agentpsh.dll
- 2004-08-05 12:00:00 44,032 ----a-w c:\windows\msagent\agentsr.dll
+ 2008-04-14 02:33:18 44,032 ----a-w c:\windows\msagent\agentsr.dll
- 2006-10-12 11:09:53 256,512 ----a-w c:\windows\msagent\agentsvr.exe
+ 2008-04-14 02:33:53 256,512 ----a-w c:\windows\msagent\agentsvr.exe
- 2004-08-05 12:00:00 24,064 ----a-w c:\windows\msagent\agtintl.dll
+ 2008-04-14 02:33:19 24,064 ----a-w c:\windows\msagent\agtintl.dll
- 2004-08-05 12:00:00 19,456 ----a-w c:\windows\msagent\intl\agt0405.dll
+ 2007-04-02 18:25:59 19,456 ----a-w c:\windows\msagent\intl\agt0405.dll
- 2004-08-05 12:00:00 19,456 ----a-w c:\windows\msagent\intl\agt0406.dll
+ 2007-04-02 18:25:59 19,456 ----a-w c:\windows\msagent\intl\agt0406.dll
- 2004-08-05 12:00:00 21,504 ----a-w c:\windows\msagent\intl\agt0407.dll
+ 2007-04-02 18:26:00 21,504 ----a-w c:\windows\msagent\intl\agt0407.dll
- 2004-08-05 12:00:00 22,016 ----a-w c:\windows\msagent\intl\agt0408.dll
+ 2007-04-02 18:26:00 22,016 ----a-w c:\windows\msagent\intl\agt0408.dll
- 2004-08-05 12:00:00 19,456 ----a-w c:\windows\msagent\intl\agt0409.dll
+ 2008-04-13 17:32:28 19,968 ----a-w c:\windows\msagent\intl\agt0409.dll
- 2004-08-05 12:00:00 19,456 ----a-w c:\windows\msagent\intl\agt040b.dll
+ 2007-04-02 18:26:00 19,456 ----a-w c:\windows\msagent\intl\agt040b.dll
- 2004-08-05 12:00:00 21,504 ----a-w c:\windows\msagent\intl\agt040c.dll
+ 2007-04-02 18:26:00 21,504 ----a-w c:\windows\msagent\intl\agt040c.dll
- 2004-08-05 12:00:00 19,968 ----a-w c:\windows\msagent\intl\agt040e.dll
+ 2007-04-02 18:26:00 19,968 ----a-w c:\windows\msagent\intl\agt040e.dll
- 2004-08-05 12:00:00 20,992 ----a-w c:\windows\msagent\intl\agt0410.dll
+ 2007-04-02 18:26:00 20,992 ----a-w c:\windows\msagent\intl\agt0410.dll
- 2004-08-05 12:00:00 20,992 ----a-w c:\windows\msagent\intl\agt0413.dll
+ 2007-04-02 18:26:01 20,992 ----a-w c:\windows\msagent\intl\agt0413.dll
- 2004-08-05 12:00:00 19,456 ----a-w c:\windows\msagent\intl\agt0414.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt0414.dll
- 2004-08-05 12:00:00 19,456 ----a-w c:\windows\msagent\intl\agt0415.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt0415.dll
- 2004-08-05 12:00:00 20,480 ----a-w c:\windows\msagent\intl\agt0416.dll
+ 2007-04-02 18:26:01 20,480 ----a-w c:\windows\msagent\intl\agt0416.dll
- 2004-08-05 12:00:00 19,456 ----a-w c:\windows\msagent\intl\agt0419.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt0419.dll
- 2004-08-05 12:00:00 19,456 ----a-w c:\windows\msagent\intl\agt041d.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt041d.dll
- 2004-08-05 12:00:00 19,456 ----a-w c:\windows\msagent\intl\agt041f.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt041f.dll
- 2004-08-05 12:00:00 20,992 ----a-w c:\windows\msagent\intl\agt0816.dll
+ 2007-04-02 18:26:02 20,992 ----a-w c:\windows\msagent\intl\agt0816.dll
- 2004-08-05 12:00:00 20,480 ----a-w c:\windows\msagent\intl\agt0c0a.dll
+ 2007-04-02 18:26:02 20,480 ----a-w c:\windows\msagent\intl\agt0c0a.dll
- 2004-08-05 12:00:00 39,936 ----a-w c:\windows\msagent\mslwvtts.dll
+ 2008-04-14 02:33:32 39,936 ----a-w c:\windows\msagent\mslwvtts.dll
- 2004-08-05 12:00:00 70,656 ----a-w c:\windows\notepad.exe
+ 2008-04-14 02:34:15 70,656 ----a-w c:\windows\notepad.exe
- 2004-08-05 12:00:00 768,512 ----a-w c:\windows\pchealth\helpctr\binaries\HelpCtr.exe
+ 2008-04-14 02:34:06 769,024 ----a-w c:\windows\pchealth\helpctr\binaries\helpctr.exe
- 2004-08-05 12:00:00 743,936 ----a-w c:\windows\pchealth\helpctr\binaries\HelpSvc.exe
+ 2008-04-14 02:34:06 744,448 ----a-w c:\windows\pchealth\helpctr\binaries\helpsvc.exe
- 2004-08-05 12:00:00 18,944 ----a-w c:\windows\pchealth\helpctr\binaries\HscUpd.exe
+ 2008-04-14 02:34:06 18,432 ----a-w c:\windows\pchealth\helpctr\binaries\hscupd.exe
- 2004-08-05 12:00:00 160,768 ----a-w c:\windows\pchealth\helpctr\binaries\msconfig.exe
+ 2008-04-14 02:34:12 172,544 ----a-w c:\windows\pchealth\helpctr\binaries\msconfig.exe
- 2004-08-05 12:00:00 381,952 ----a-w c:\windows\pchealth\helpctr\binaries\msinfo.dll
+ 2008-04-14 02:33:32 382,464 ----a-w c:\windows\pchealth\helpctr\binaries\msinfo.dll
- 2004-08-05 12:00:00 102,400 ----a-w c:\windows\pchealth\helpctr\binaries\pchshell.dll
+ 2008-04-14 02:33:38 102,912 ----a-w c:\windows\pchealth\helpctr\binaries\pchshell.dll
- 2004-08-05 12:00:00 38,912 ----a-w c:\windows\pchealth\helpctr\binaries\pchsvc.dll
+ 2008-04-14 02:33:38 38,400 ----a-w c:\windows\pchealth\helpctr\binaries\pchsvc.dll
- 2004-08-05 12:00:00 151,040 ----a-w c:\windows\pchealth\UploadLB\Binaries\UploadM.exe
+ 2008-04-14 02:34:26 151,040 ----a-w c:\windows\pchealth\UploadLB\Binaries\uploadm.exe
- 2004-08-05 12:00:00 151,552 ----a-w c:\windows\PeerNet\sqldb20.dll
+ 2008-04-14 02:33:46 151,552 ----a-w c:\windows\PeerNet\sqldb20.dll
- 2004-08-05 12:00:00 462,848 ----a-w c:\windows\PeerNet\sqlqp20.dll
+ 2008-04-14 02:33:46 462,848 ----a-w c:\windows\PeerNet\sqlqp20.dll
- 2004-08-05 12:00:00 110,592 ----a-w c:\windows\PeerNet\sqlse20.dll
+ 2008-04-14 02:33:46 110,592 ----a-w c:\windows\PeerNet\sqlse20.dll
- 2004-08-05 12:00:00 153,088 ----a-w c:\windows\regedit.exe
+ 2008-04-14 02:34:19 153,088 ----a-w c:\windows\regedit.exe
+ 2008-04-13 18:46:18 53,376 ------w c:\windows\ServicePackFiles\i386\1394bus.sys
+ 2008-04-13 18:40:50 12,288 ------w c:\windows\ServicePackFiles\i386\4mmdat.sys
+ 2008-04-13 18:46:20 48,128 ------w c:\windows\ServicePackFiles\i386\61883.sys
+ 2008-04-14 02:33:18 100,352 ------w c:\windows\ServicePackFiles\i386\6to4svc.dll
+ 2008-04-14 02:33:18 136,192 ------w c:\windows\ServicePackFiles\i386\aaclient.dll
+ 2004-08-03 21:32:22 231,552 ------w c:\windows\ServicePackFiles\i386\ac97ali.sys
+ 2004-08-03 21:32:32 84,480 ------w c:\windows\ServicePackFiles\i386\ac97via.sys
+ 2008-04-14 02:33:18 39,424 ------w c:\windows\ServicePackFiles\i386\acadproc.dll
+ 2008-04-14 02:33:53 190,464 ------w c:\windows\ServicePackFiles\i386\accwiz.exe
+ 2008-04-14 02:33:18 1,852,928 ------w c:\windows\ServicePackFiles\i386\acgenral.dll
+ 2008-04-14 02:33:18 451,072 ------w c:\windows\ServicePackFiles\i386\aclayers.dll
+ 2008-04-14 02:33:18 141,312 ------w c:\windows\ServicePackFiles\i386\aclua.dll
+ 2008-04-14 02:33:18 120,320 ------w c:\windows\ServicePackFiles\i386\aclui.dll
+ 2008-04-14 01:52:42 188,672 ------w c:\windows\ServicePackFiles\i386\acpi.sys
+ 2008-04-14 02:33:18 245,248 ------w c:\windows\ServicePackFiles\i386\acspecfc.dll
+ 2008-04-14 02:33:18 193,536 ------w c:\windows\ServicePackFiles\i386\activeds.dll
+ 2008-04-14 02:33:53 4,096 ------w c:\windows\ServicePackFiles\i386\actmovie.exe
+ 2008-04-14 02:33:18 98,304 ------w c:\windows\ServicePackFiles\i386\actxprxy.dll
+ 2008-04-14 02:33:18 116,224 ------w c:\windows\ServicePackFiles\i386\acxtrnal.dll
+ 2008-04-14 02:33:18 20,540 ------w c:\windows\ServicePackFiles\i386\admin.dll
+ 2008-04-14 02:33:53 16,439 ------w c:\windows\ServicePackFiles\i386\admin.exe
+ 2004-08-03 21:32:24 10,880 ------w c:\windows\ServicePackFiles\i386\admjoy.sys
+ 2008-04-14 02:33:18 61,440 ------w c:\windows\ServicePackFiles\i386\admparse.dll
+ 2008-04-14 02:33:18 175,616 ------w c:\windows\ServicePackFiles\i386\adsldp.dll
+ 2008-04-14 02:33:18 143,360 ------w c:\windows\ServicePackFiles\i386\adsldpc.dll
+ 2008-04-14 02:33:18 68,096 ------w c:\windows\ServicePackFiles\i386\adsmsext.dll
+ 2008-04-14 02:33:18 263,680 ------w c:\windows\ServicePackFiles\i386\adsnt.dll
+ 2008-04-14 02:33:18 4,255 ------w c:\windows\ServicePackFiles\i386\adv01nt5.dll
+ 2008-04-14 02:33:18 3,967 ------w c:\windows\ServicePackFiles\i386\adv02nt5.dll
+ 2008-04-14 02:33:18 3,615 ------w c:\windows\ServicePackFiles\i386\adv05nt5.dll
+ 2008-04-14 02:33:18 3,647 ------w c:\windows\ServicePackFiles\i386\adv07nt5.dll
+ 2008-04-14 02:33:18 3,135 ------w c:\windows\ServicePackFiles\i386\adv08nt5.dll
+ 2008-04-14 02:33:18 3,711 ------w c:\windows\ServicePackFiles\i386\adv09nt5.dll
+ 2008-04-14 02:33:18 3,775 ------w c:\windows\ServicePackFiles\i386\adv11nt5.dll
+ 2008-04-14 02:33:18 685,568 ------w c:\windows\ServicePackFiles\i386\advapi32.dll
+ 2008-04-14 02:33:18 101,888 ------w c:\windows\ServicePackFiles\i386\advpack.dll
+ 2008-04-13 16:39:23 142,592 ------w c:\windows\ServicePackFiles\i386\aec.sys
+ 2008-04-13 19:19:23 138,112 ------w c:\windows\ServicePackFiles\i386\afd.sys
+ 2008-04-14 02:33:18 24,064 ------w c:\windows\ServicePackFiles\i386\agentanm.dll
+ 2008-04-14 02:33:18 214,016 ------w c:\windows\ServicePackFiles\i386\agentctl.dll
+ 2008-04-14 02:33:18 42,496 ------w c:\windows\ServicePackFiles\i386\agentdp2.dll
+ 2008-04-14 02:33:18 57,344 ------w c:\windows\ServicePackFiles\i386\agentdpv.dll
+ 2008-04-14 02:33:18 49,152 ------w c:\windows\ServicePackFiles\i386\agentmpx.dll
+ 2008-04-14 02:33:18 24,064 ------w c:\windows\ServicePackFiles\i386\agentpsh.dll
+ 2008-04-14 02:33:18 44,032 ------w c:\windows\ServicePackFiles\i386\agentsr.dll
+ 2008-04-14 02:33:53 256,512 ------w c:\windows\ServicePackFiles\i386\agentsvr.exe
+ 2008-04-13 18:36:38 42,368 ------w c:\windows\ServicePackFiles\i386\agp440.sys
+ 2008-04-13 18:36:39 44,928 ------w c:\windows\ServicePackFiles\i386\agpcpq.sys
+ 2007-04-02 18:25:59 19,456 ------w c:\windows\ServicePackFiles\i386\agt0401.dll
+ 2007-04-02 18:25:59 19,456 ------w c:\windows\ServicePackFiles\i386\agt0404.dll
+ 2007-04-02 18:25:59 19,456 ------w c:\windows\ServicePackFiles\i386\agt0405.dll
+ 2007-04-02 18:25:59 19,456 ------w c:\windows\ServicePackFiles\i386\agt0406.dll
+ 2007-04-02 18:26:00 21,504 ------w c:\windows\ServicePackFiles\i386\agt0407.dll
+ 2007-04-02 18:26:00 22,016 ------w c:\windows\ServicePackFiles\i386\agt0408.dll
+ 2008-04-13 17:32:28 19,968 ------w c:\windows\ServicePackFiles\i386\agt0409.dll
+ 2007-04-02 18:26:00 19,456 ------w c:\windows\ServicePackFiles\i386\agt040b.dll
+ 2007-04-02 18:26:00 21,504 ------w c:\windows\ServicePackFiles\i386\agt040c.dll
+ 2007-04-02 18:26:00 19,456 ------w c:\windows\ServicePackFiles\i386\agt040d.dll
+ 2007-04-02 18:26:00 19,968 ------w c:\windows\ServicePackFiles\i386\agt040e.dll
+ 2007-04-02 18:26:00 20,992 ------w c:\windows\ServicePackFiles\i386\agt0410.dll
+ 2007-04-02 18:26:00 19,456 ------w c:\windows\ServicePackFiles\i386\agt0411.dll
+ 2007-04-02 18:26:00 19,456 ------w c:\windows\ServicePackFiles\i386\agt0412.dll
+ 2007-04-02 18:26:01 20,992 ------w c:\windows\ServicePackFiles\i386\agt0413.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt0414.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt0415.dll
+ 2007-04-02 18:26:01 20,480 ------w c:\windows\ServicePackFiles\i386\agt0416.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt0419.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt041d.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt041f.dll
+ 2007-04-02 18:26:02 19,456 ------w c:\windows\ServicePackFiles\i386\agt0804.dll
+ 2007-04-02 18:26:02 20,992 ------w c:\windows\ServicePackFiles\i386\agt0816.dll
+ 2007-04-02 18:26:02 20,480 ------w c:\windows\ServicePackFiles\i386\agt0c0a.dll
+ 2008-04-14 02:33:19 24,064 ------w c:\windows\ServicePackFiles\i386\agtintl.dll
+ 2008-04-14 02:33:53 98,304 ------w c:\windows\ServicePackFiles\i386\ahui.exe
+ 2008-04-14 02:33:53 44,544 ------w c:\windows\ServicePackFiles\i386\alg.exe
+ 2008-04-13 18:36:38 42,752 ------w c:\windows\ServicePackFiles\i386\alim1541.sys
+ 2008-04-14 02:33:19 17,408 ------w c:\windows\ServicePackFiles\i386\alrsvc.dll
+ 2008-04-13 18:36:39 43,008 ------w c:\windows\ServicePackFiles\i386\amdagp.sys
+ 2008-04-14 01:54:28 41,472 ------w c:\windows\ServicePackFiles\i386\amdk6.sys
+ 2008-04-14 01:54:29 41,856 ------w c:\windows\ServicePackFiles\i386\amdk7.sys
+ 2008-04-14 02:33:19 70,656 ------w c:\windows\ServicePackFiles\i386\amstream.dll
+ 2004-08-03 21:31:20 36,224 ------w c:\windows\ServicePackFiles\i386\an983.sys
+ 2008-04-14 02:33:19 125,952 ------w c:\windows\ServicePackFiles\i386\apphelp.dll
+ 2008-04-14 02:33:19 334,336 ------w c:\windows\ServicePackFiles\i386\aqueue.dll
+ 2008-04-13 18:51:25 60,800 ------w c:\windows\ServicePackFiles\i386\arp1394.sys
+ 2008-04-14 02:33:19 65,024 ------w c:\windows\ServicePackFiles\i386\asycfilt.dll
+ 2008-04-13 18:57:27 14,336 ------w c:\windows\ServicePackFiles\i386\asyncmac.sys
+ 2008-04-14 02:33:53 25,088 ------w c:\windows\ServicePackFiles\i386\at.exe
+ 2008-04-13 18:40:30 96,512 ------w c:\windows\ServicePackFiles\i386\atapi.sys
+ 2004-08-03 20:29:30 56,623 ------w c:\windows\ServicePackFiles\i386\ati1btxx.sys
+ 2004-08-03 20:29:30 11,615 ------w c:\windows\ServicePackFiles\i386\ati1mdxx.sys
+ 2004-08-03 20:29:30 12,047 ------w c:\windows\ServicePackFiles\i386\ati1pdxx.sys
+ 2004-08-03 20:29:32 30,671 ------w c:\windows\ServicePackFiles\i386\ati1raxx.sys
+ 2004-08-03 20:29:32 63,663 ------w c:\windows\ServicePackFiles\i386\ati1rvxx.sys
+ 2004-08-03 20:29:32 26,367 ------w c:\windows\ServicePackFiles\i386\ati1snxx.sys
+ 2004-08-03 20:29:32 21,343 ------w c:\windows\ServicePackFiles\i386\ati1ttxx.sys
+ 2004-08-03 20:29:32 36,463 ------w c:\windows\ServicePackFiles\i386\ati1tuxx.sys
+ 2004-08-03 20:29:32 29,455 ------w c:\windows\ServicePackFiles\i386\ati1xbxx.sys
+ 2004-08-03 20:29:32 34,735 ------w c:\windows\ServicePackFiles\i386\ati1xsxx.sys
+ 2008-04-14 02:33:19 229,376 ------w c:\windows\ServicePackFiles\i386\ati2cqag.dll
+ 2008-04-14 02:33:19 377,984 ------w c:\windows\ServicePackFiles\i386\ati2dvaa.dll
+ 2008-04-14 02:33:19 201,728 ------w c:\windows\ServicePackFiles\i386\ati2dvag.dll
+ 2004-08-03 22:38:42 327,168 ------w c:\windows\ServicePackFiles\i386\ati2mtaa.sys
+ 2004-08-03 22:38:44 701,440 ------w c:\windows\ServicePackFiles\i386\ati2mtag.sys
+ 2008-04-14 02:33:19 870,784 ------w c:\windows\ServicePackFiles\i386\ati3d1ag.dll
+ 2008-04-14 02:33:19 1,057,760 ------w c:\windows\ServicePackFiles\i386\ati3d2ag.dll
+ 2008-04-14 02:33:19 1,888,992 ------w c:\windows\ServicePackFiles\i386\ati3duag.dll
+ 2004-08-03 20:29:28 57,856 ------w c:\windows\ServicePackFiles\i386\atinbtxx.sys
+ 2004-08-03 20:29:30 13,824 ------w c:\windows\ServicePackFiles\i386\atinmdxx.sys
+ 2004-08-03 20:29:30 14,336 ------w c:\windows\ServicePackFiles\i386\atinpdxx.sys
+ 2004-08-03 20:29:30 52,224 ------w c:\windows\ServicePackFiles\i386\atinraxx.sys
+ 2004-08-03 20:29:32 104,960 ------w c:\windows\ServicePackFiles\i386\atinrvxx.sys
+ 2004-08-03 20:29:32 28,672 ------w c:\windows\ServicePackFiles\i386\atinsnxx.sys
+ 2004-08-03 20:29:32 13,824 ------w c:\windows\ServicePackFiles\i386\atinttxx.sys
+ 2004-08-03 20:29:32 73,216 ------w c:\windows\ServicePackFiles\i386\atintuxx.sys
+ 2004-08-03 20:29:32 31,744 ------w c:\windows\ServicePackFiles\i386\atinxbxx.sys
+ 2004-08-03 20:29:32 63,488 ------w c:\windows\ServicePackFiles\i386\atinxsxx.sys
+ 2008-04-14 02:33:19 32,768 ------w c:\windows\ServicePackFiles\i386\ativtmxx.dll
+ 2008-04-14 02:33:19 516,768 ------w c:\windows\ServicePackFiles\i386\ativvaxx.dll
+ 2008-04-14 02:33:19 58,880 ------w c:\windows\ServicePackFiles\i386\atl.dll
+ 2008-04-14 02:33:53 11,264 ------w c:\windows\ServicePackFiles\i386\atmadm.exe
+ 2008-04-13 18:51:25 59,904 ------w c:\windows\ServicePackFiles\i386\atmarpc.sys
+ 2008-04-14 02:31:00 285,696 ------w c:\windows\ServicePackFiles\i386\atmfd.dll
+ 2008-04-13 18:51:30 55,808 ------w c:\windows\ServicePackFiles\i386\atmlane.sys
+ 2008-04-14 02:33:19 30,208 ------w c:\windows\ServicePackFiles\i386\atmlib.dll
+ 2008-04-14 02:33:53 12,288 ------w c:\windows\ServicePackFiles\i386\attrib.exe
+ 2008-04-14 02:33:19 21,183 ------w c:\windows\ServicePackFiles\i386\atv01nt5.dll
+ 2008-04-14 02:33:19 11,359 ------w c:\windows\ServicePackFiles\i386\atv02nt5.dll
+ 2008-04-14 02:33:19 25,471 ------w c:\windows\ServicePackFiles\i386\atv04nt5.dll
+ 2008-04-14 02:33:19 14,143 ------w c:\windows\ServicePackFiles\i386\atv06nt5.dll
+ 2008-04-14 02:33:19 17,279 ------w c:\windows\ServicePackFiles\i386\atv10nt5.dll
+ 2008-04-14 02:33:19 42,496 ------w c:\windows\ServicePackFiles\i386\audiosrv.dll
+ 2008-04-14 02:33:53 14,336 ------w c:\windows\ServicePackFiles\i386\auditusr.exe
+ 2008-04-14 02:33:19 20,540 ------w c:\windows\ServicePackFiles\i386\author.dll
+ 2008-04-14 02:33:53 16,439 ------w c:\windows\ServicePackFiles\i386\author.exe
+ 2008-04-14 02:33:19 62,464 ------w c:\windows\ServicePackFiles\i386\authz.dll
+ 2008-04-14 02:33:53 625,152 ------w c:\windows\ServicePackFiles\i386\autochk.exe
+ 2008-04-14 02:33:53 638,976 ------w c:\windows\ServicePackFiles\i386\autoconv.exe
+ 2008-04-14 02:33:54 616,960 ------w c:\windows\ServicePackFiles\i386\autofmt.exe
+ 2008-04-14 02:33:54 11,264 ------w c:\windows\ServicePackFiles\i386\autolfn.exe
+ 2008-04-13 18:46:20 38,912 ------w c:\windows\ServicePackFiles\i386\avc.sys
+ 2008-04-13 18:46:07 13,696 ------w c:\windows\ServicePackFiles\i386\avcstrm.sys
+ 2008-04-14 02:33:19 85,504 ------w c:\windows\ServicePackFiles\i386\avifil32.dll
+ 2008-04-14 02:33:19 233,472 ------w c:\windows\ServicePackFiles\i386\azroles.dll
+ 2008-04-14 02:33:19 52,736 ------w c:\windows\ServicePackFiles\i386\basesrv.dll
+ 2008-04-14 02:33:19 29,184 ------w c:\windows\ServicePackFiles\i386\batmeter.dll
+ 2008-04-14 02:33:19 8,704 ------w c:\windows\ServicePackFiles\i386\batt.dll
+ 2008-04-13 18:36:32 14,208 ------w c:\windows\ServicePackFiles\i386\battc.sys
+ 2008-04-13 18:46:21 11,776 ------w c:\windows\ServicePackFiles\i386\bdasup.sys
+ 2008-04-14 02:33:19 17,408 ------w c:\windows\ServicePackFiles\i386\bidispl.dll
+ 2008-04-14 02:33:19 8,192 ------w c:\windows\ServicePackFiles\i386\bitsprx2.dll
+ 2008-04-14 02:33:19 7,168 ------w c:\windows\ServicePackFiles\i386\bitsprx3.dll
+ 2008-04-14 02:33:19 7,168 ------w c:\windows\ServicePackFiles\i386\bitsprx4.dll
+ 2008-04-14 02:33:55 71,680 ------w c:\windows\ServicePackFiles\i386\blastcln.exe
+ 2008-04-13 18:53:23 71,552 ------w c:\windows\ServicePackFiles\i386\bridge.sys
+ 2008-04-14 01:57:48 70,144 ------w c:\windows\ServicePackFiles\i386\browselc.dll
+ 2008-04-14 02:33:20 77,824 ------w c:\windows\ServicePackFiles\i386\browser.dll
+ 2008-04-14 02:33:20 1,025,024 ------w c:\windows\ServicePackFiles\i386\browseui.dll
+ 2008-04-14 02:33:20 78,336 ------w c:\windows\ServicePackFiles\i386\browsewm.dll
+ 2008-04-14 02:33:20 20,992 ------w c:\windows\ServicePackFiles\i386\bthci.dll
+ 2008-04-13 18:46:33 17,024 ------w c:\windows\ServicePackFiles\i386\bthenum.sys
+ 2008-04-13 18:46:33 37,888 ------w c:\windows\ServicePackFiles\i386\bthmodem.sys
+ 2008-04-13 18:51:34 101,120 ------w c:\windows\ServicePackFiles\i386\bthpan.sys
+ 2008-04-14 01:58:00 273,664 ------w c:\windows\ServicePackFiles\i386\bthport.sys
+ 2008-04-13 18:46:31 36,480 ------w c:\windows\ServicePackFiles\i386\bthprint.sys
+ 2008-04-14 02:33:20 30,208 ------w c:\windows\ServicePackFiles\i386\bthserv.dll
+ 2008-04-13 18:46:29 18,944 ------w c:\windows\ServicePackFiles\i386\bthusb.sys
+ 2008-04-14 02:33:20 50,688 ------w c:\windows\ServicePackFiles\i386\btpanui.dll
+ 2008-04-14 02:33:20 218,112 ------w c:\windows\ServicePackFiles\i386\c_g18030.dll
+ 2008-04-14 02:33:20 60,416 ------w c:\windows\ServicePackFiles\i386\cabinet.dll
+ 2008-04-14 02:33:20 85,504 ------w c:\windows\ServicePackFiles\i386\cabview.dll
+ 2008-04-14 02:33:55 20,992 ------w c:\windows\ServicePackFiles\i386\cacls.exe
+ 2008-04-14 02:33:20 385,024 ------w c:\windows\ServicePackFiles\i386\callcont.dll
+ 2008-04-14 02:33:20 121,856 ------w c:\windows\ServicePackFiles\i386\camext30.dll
+ 2008-04-14 02:33:20 50,688 ------w c:\windows\ServicePackFiles\i386\camocx.dll
+ 2008-04-14 02:33:20 153,600 ------w c:\windows\ServicePackFiles\i386\capesnpn.dll
+ 2008-04-14 02:33:20 226,304 ------w c:\windows\ServicePackFiles\i386\catsrv.dll
+ 2008-04-14 02:33:20 85,504 ------w c:\windows\ServicePackFiles\i386\catsrvps.dll
+ 2008-04-14 02:33:20 625,664 ------w c:\windows\ServicePackFiles\i386\catsrvut.dll
+ 2008-04-13 18:46:23 17,024 ------w c:\windows\ServicePackFiles\i386\ccdecode.sys
+ 2008-04-13 19:14:21 63,744 ------w c:\windows\ServicePackFiles\i386\cdfs.sys
+ 2008-04-14 02:33:20 152,064 ------w c:\windows\ServicePackFiles\i386\cdfview.dll
+ 2008-04-14 02:33:20 66,560 ------w c:\windows\ServicePackFiles\i386\cdm.dll
+ 2008-04-14 02:33:20 2,091,520 ------w c:\windows\ServicePackFiles\i386\cdosys.dll
+ 2008-04-13 18:40:46 62,976 ------w c:\windows\ServicePackFiles\i386\cdrom.sys
+ 2008-04-14 02:33:20 200,192 ------w c:\windows\ServicePackFiles\i386\certcli.dll
+ 2008-04-14 02:33:20 467,968 ------w c:\windows\ServicePackFiles\i386\certmgr.dll
+ 2008-04-14 02:33:20 39,424 ------w c:\windows\ServicePackFiles\i386\cfgbkend.dll
+ 2008-04-14 02:31:03 16,896 ------w c:\windows\ServicePackFiles\i386\cfgmgr32.dll
+ 2008-04-14 02:33:56 188,480 ------w c:\windows\ServicePackFiles\i386\cfgwiz.exe
+ 2008-04-14 02:33:20 15,423 ------w c:\windows\ServicePackFiles\i386\ch7xxnt5.dll
+ 2008-04-13 18:40:58 8,192 ------w c:\windows\ServicePackFiles\i386\changer.sys
+ 2008-04-14 02:33:20 148,480 ------w c:\windows\ServicePackFiles\i386\cic.dll
+ 2008-04-14 02:33:20 1,359,360 ------w c:\windows\ServicePackFiles\i386\cimwin32.dll
+ 2008-04-14 02:33:20 69,120 ------w c:\windows\ServicePackFiles\i386\ciodm.dll
+ 2008-04-14 02:33:57 5,632 ------w c:\windows\ServicePackFiles\i386\cisvc.exe
+ 2008-04-13 19:16:22 49,536 ------w c:\windows\ServicePackFiles\i386\classpnp.sys
+ 2008-04-14 02:33:21 110,592 ------w c:\windows\ServicePackFiles\i386\clbcatex.dll
+ 2008-04-14 02:33:21 498,688 ------w c:\windows\ServicePackFiles\i386\clbcatq.dll
+ 2008-04-14 02:33:57 65,536 ------w c:\windows\ServicePackFiles\i386\cleanmgr.exe
+ 2008-04-14 02:33:21 77,824 ------w c:\windows\ServicePackFiles\i386\cliconfg.dll
+ 2008-04-14 02:33:57 20,480 ------w c:\windows\ServicePackFiles\i386\cliconfg.exe
+ 2008-04-14 02:33:57 104,448 ------w c:\windows\ServicePackFiles\i386\clipbrd.exe
+ 2008-04-14 02:33:57 33,280 ------w c:\windows\ServicePackFiles\i386\clipsrv.exe
+ 2008-04-14 02:33:21 58,368 ------w c:\windows\ServicePackFiles\i386\clusapi.dll
+ 2008-04-13 18:36:37 13,952 ------w c:\windows\ServicePackFiles\i386\cmbatt.sys
+ 2008-04-14 02:33:21 15,872 ------w c:\windows\ServicePackFiles\i386\cmcfg32.dll
+ 2008-04-14 02:33:57 401,408 ------w c:\windows\ServicePackFiles\i386\cmd.exe
+ 2008-04-14 02:33:21 353,280 ------w c:\windows\ServicePackFiles\i386\cmdial32.dll
+ 2008-04-14 02:33:57 25,600 ------w c:\windows\ServicePackFiles\i386\cmdl32.exe
+ 2008-04-14 02:33:57 39,936 ------w c:\windows\ServicePackFiles\i386\cmmon32.exe
+ 2008-04-14 02:33:21 191,488 ------w c:\windows\ServicePackFiles\i386\cmprops.dll
+ 2008-04-14 02:33:21 13,312 ------w c:\windows\ServicePackFiles\i386\cmsetacl.dll
+ 2008-04-14 02:33:57 65,536 ------w c:\windows\ServicePackFiles\i386\cmstp.exe
+ 2008-04-14 02:33:21 40,960 ------w c:\windows\ServicePackFiles\i386\cmutil.dll
+ 2008-04-14 02:33:21 50,688 ------w c:\windows\ServicePackFiles\i386\cnbjmon.dll
+ 2008-04-14 02:33:21 83,968 ------w c:\windows\ServicePackFiles\i386\cnbjmon2.dll
+ 2008-04-13 16:44:16 17,920 ------w c:\windows\ServicePackFiles\i386\cobramsg.dll
+ 2008-04-14 02:33:21 60,416 ------w c:\windows\ServicePackFiles\i386\colbact.dll
+ 2008-04-14 02:33:21 28,160 ------w c:\windows\ServicePackFiles\i386\comaddin.dll
+ 2008-04-14 02:33:21 195,072 ------w c:\windows\ServicePackFiles\i386\comadmin.dll
+ 2008-04-14 02:33:21 617,472 ------w c:\windows\ServicePackFiles\i386\comctl32.dll
+ 2008-04-14 02:33:21 281,600 ------w c:\windows\ServicePackFiles\i386\comdlg32.dll
+ 2008-04-14 02:33:21 253,440 ------w c:\windows\ServicePackFiles\i386\compatui.dll
+ 2008-04-13 18:36:37 10,240 ------w c:\windows\ServicePackFiles\i386\compbatt.sys
+ 2008-04-14 02:33:21 230,912 ------w c:\windows\ServicePackFiles\i386\compstui.dll
+ 2008-04-14 02:33:21 97,792 ------w c:\windows\ServicePackFiles\i386\comrepl.dll
+ 2008-04-14 02:33:57 9,728 ------w c:\windows\ServicePackFiles\i386\comrepl.exe
+ 2008-04-14 02:33:57 6,144 ------w c:\windows\ServicePackFiles\i386\comrereg.exe
+ 2008-04-14 02:33:21 851,968 ------w c:\windows\ServicePackFiles\i386\comres.dll
+ 2008-04-14 02:33:21 274,944 ------w c:\windows\ServicePackFiles\i386\comsetup.dll
+ 2008-04-14 02:33:21 167,424 ------w c:\windows\ServicePackFiles\i386\comsnap.dll
+ 2008-04-14 02:33:21 1,267,200 ------w c:\windows\ServicePackFiles\i386\comsvcs.dll
+ 2008-04-14 02:33:21 539,648 ------w c:\windows\ServicePackFiles\i386\comuid.dll
+ 2008-04-14 02:33:58 1,044,480 ------w c:\windows\ServicePackFiles\i386\conf.exe
+ 2008-04-14 02:33:21 45,056 ------w c:\windows\ServicePackFiles\i386\confmrsl.dll
+ 2008-04-14 02:33:21 358,400 ------w c:\windows\ServicePackFiles\i386\confmsp.dll
+ 2008-04-14 02:33:59 27,648 ------w c:\windows\ServicePackFiles\i386\conime.exe
+ 2008-04-14 02:33:21 35,328 ------w c:\windows\ServicePackFiles\i386\corpol.dll
+ 2008-04-14 02:33:21 12,800 ------w c:\windows\ServicePackFiles\i386\credssp.dll
+ 2008-04-14 02:33:21 165,888 ------w c:\windows\ServicePackFiles\i386\credui.dll
+ 2008-04-14 02:02:47 40,960 ------w c:\windows\ServicePackFiles\i386\crusoe.sys
+ 2008-04-14 02:33:21 606,208 ------w c:\windows\ServicePackFiles\i386\crypt32.dll
+ 2008-04-14 02:33:21 75,776 ------w c:\windows\ServicePackFiles\i386\cryptdlg.dll
+ 2008-04-14 02:33:21 33,280 ------w c:\windows\ServicePackFiles\i386\cryptdll.dll
+ 2008-04-14 02:33:21 54,784 ------w c:\windows\ServicePackFiles\i386\cryptext.dll
+ 2008-04-14 02:33:21 64,512 ------w c:\windows\ServicePackFiles\i386\cryptnet.dll
+ 2008-04-14 02:33:21 62,464 ------w c:\windows\ServicePackFiles\i386\cryptsvc.dll
+ 2008-04-14 02:33:21 530,432 ------w c:\windows\ServicePackFiles\i386\cryptui.dll
+ 2008-04-14 02:33:21 102,912 ------w c:\windows\ServicePackFiles\i386\cscdll.dll
+ 2008-04-14 02:33:59 139,264 ------w c:\windows\ServicePackFiles\i386\cscript.exe
+ 2008-04-14 02:33:21 337,920 ------w c:\windows\ServicePackFiles\i386\cscui.dll
+ 2008-04-14 02:33:22 32,256 ------w c:\windows\ServicePackFiles\i386\csrsrv.dll
+ 2008-04-14 02:33:59 6,144 ------w c:\windows\ServicePackFiles\i386\csrss.exe
+ 2008-04-14 02:33:59 15,360 ------w c:\windows\ServicePackFiles\i386\ctfmon.exe
+ 2008-04-14 02:33:22 252,416 ------w c:\windows\ServicePackFiles\i386\ctmasetp.dll
+ 2008-04-14 02:33:22 33,792 ------w c:\windows\ServicePackFiles\i386\custsat.dll
+ 2004-08-03 21:32:26 48,640 ------w c:\windows\ServicePackFiles\i386\cwrwdm.sys
+ 2008-04-14 02:33:22 1,179,648 ------w c:\windows\ServicePackFiles\i386\d3d8.dll
+ 2008-04-14 02:33:22 8,192 ------w c:\windows\ServicePackFiles\i386\d3d8thk.dll
+ 2008-04-14 02:33:22 1,689,088 ------w c:\windows\ServicePackFiles\i386\d3d9.dll
+ 2008-04-14 02:33:22 824,320 ------w c:\windows\ServicePackFiles\i386\d3dim700.dll
+ 2008-04-14 02:33:22 1,056,768 ------w c:\windows\ServicePackFiles\i386\danim.dll
+ 2008-01-19 11:04:48 554,008 ------w c:\windows\ServicePackFiles\i386\dao360.dll
+ 2008-04-14 02:33:22 55,296 ------w c:\windows\ServicePackFiles\i386\dataclen.dll
+ 2008-04-14 02:33:22 165,376 ------w c:\windows\ServicePackFiles\i386\datime.dll
+ 2008-04-14 02:33:22 25,600 ------w c:\windows\ServicePackFiles\i386\davclnt.dll
+ 2008-04-14 02:33:22 640,000 ------w c:\windows\ServicePackFiles\i386\dbghelp.dll
+ 2008-04-14 02:33:22 24,576 ------w c:\windows\ServicePackFiles\i386\dbmsrpcn.dll
+ 2008-04-14 02:33:22 110,592 ------w c:\windows\ServicePackFiles\i386\dbnetlib.dll
+ 2008-04-14 02:33:22 28,672 ------w c:\windows\ServicePackFiles\i386\dbnmpntw.dll
+ 2008-04-14 02:50:20 1,804 ------w c:\windows\ServicePackFiles\i386\dcache.bin
+ 2008-04-14 02:33:22 40,960 ------w c:\windows\ServicePackFiles\i386\dcap32.dll
+ 2008-04-14 02:33:22 8,704 ------w c:\windows\ServicePackFiles\i386\dciman32.dll
+ 2008-04-14 02:33:59 6,144 ------w c:\windows\ServicePackFiles\i386\dcomcnfg.exe
+ 2008-04-14 02:33:59 31,744 ------w c:\windows\ServicePackFiles\i386\ddeshare.exe
+ 2008-04-14 02:33:22 279,552 ------w c:\windows\ServicePackFiles\i386\ddraw.dll
+ 2008-04-14 02:33:22 27,136 ------w c:\windows\ServicePackFiles\i386\ddrawex.dll
+ 2008-04-14 02:33:59 25,088 ------w c:\windows\ServicePackFiles\i386\defrag.exe
+ 2008-04-14 02:33:22 59,904 ------w c:\windows\ServicePackFiles\i386\devenum.dll
+ 2008-04-14 02:33:22 290,816 ------w c:\windows\ServicePackFiles\i386\devmgr.dll
+ 2008-04-14 02:33:59 82,944 ------w c:\windows\ServicePackFiles\i386\dfrgfat.exe
+ 2008-04-14 02:33:59 105,472 ------w c:\windows\ServicePackFiles\i386\dfrgntfs.exe
+ 2008-04-14 02:33:22 39,936 ------w c:\windows\ServicePackFiles\i386\dfrgsnap.dll
+ 2008-04-14 02:33:22 124,416 ------w c:\windows\ServicePackFiles\i386\dfrgui.dll
+ 2008-04-14 02:33:22 28,672 ------w c:\windows\ServicePackFiles\i386\dfsshlex.dll
+ 2008-04-14 02:33:22 115,200 ------w c:\windows\ServicePackFiles\i386\dgnet.dll
+ 2008-04-14 02:33:22 127,488 ------w c:\windows\ServicePackFiles\i386\dhcpcsvc.dll
+ 2008-04-14 02:33:22 411,136 ------w c:\windows\ServicePackFiles\i386\dhcpmon.dll
+ 2008-04-14 02:33:22 49,152 ------w c:\windows\ServicePackFiles\i386\dhcpqec.dll
+ 2008-04-14 02:33:59 548,352 ------w c:\windows\ServicePackFiles\i386\dialer.exe
+ 2008-04-14 02:34:00 87,040 ------w c:\windows\ServicePackFiles\i386\diantz.exe
+ 2007-03-28 13:08:57 887,784 ------w c:\windows\ServicePackFiles\i386\digcore.exe
+ 2008-04-14 02:33:22 68,608 ------w c:\windows\ServicePackFiles\i386\digest.dll
+ 2008-04-14 02:33:22 19,456 ------w c:\windows\ServicePackFiles\i386\dimsntfy.dll
+ 2008-04-14 02:33:22 39,936 ------w c:\windows\ServicePackFiles\i386\dimsroam.dll
+ 2008-04-14 02:33:22 165,376 ------w c:\windows\ServicePackFiles\i386\dinput.dll
+ 2008-04-14 02:33:22 187,904 ------w c:\windows\ServicePackFiles\i386\dinput8.dll
+ 2008-04-14 02:33:22 86,528 ------w c:\windows\ServicePackFiles\i386\directdb.dll
+ 2008-04-13 18:40:47 36,352 ------w c:\windows\ServicePackFiles\i386\disk.sys
+ 2008-04-14 02:33:22 1,504,768 ------w c:\windows\ServicePackFiles\i386\diskcopy.dll
+ 2008-04-13 18:40:44 14,208 ------w c:\windows\ServicePackFiles\i386\diskdump.sys
+ 2008-04-14 02:34:00 167,936 ------w c:\windows\ServicePackFiles\i386\diskpart.exe
+ 2008-04-14 02:33:22 32,768 ------w c:\windows\ServicePackFiles\i386\dispex.dll
+ 2008-04-14 02:34:00 5,120 ------w c:\windows\ServicePackFiles\i386\dllhost.exe
+ 2008-04-13 18:40:51 8,320 ------w c:\windows\ServicePackFiles\i386\dlttape.sys
+ 2008-04-14 02:34:00 225,280 ------w c:\windows\ServicePackFiles\i386\dmadmin.exe
+ 2008-04-14 02:33:22 28,672 ------w c:\windows\ServicePackFiles\i386\dmband.dll
+ 2008-04-14 02:05:07 800,256 ------w c:\windows\ServicePackFiles\i386\dmboot.sys
+ 2008-04-14 02:33:22 61,440 ------w c:\windows\ServicePackFiles\i386\dmcompos.dll
+ 2008-04-14 02:33:22 285,184 ------w c:\windows\ServicePackFiles\i386\dmdlgs.dll
+ 2008-04-14 02:33:22 200,704 ------w c:\windows\ServicePackFiles\i386\dmdskmgr.dll
+ 2008-04-14 02:33:22 181,248 ------w c:\windows\ServicePackFiles\i386\dmime.dll
+ 2008-04-14 02:05:12 154,496 ------w c:\windows\ServicePackFiles\i386\dmio.sys
+ 2008-04-14 02:33:22 35,840 ------w c:\windows\ServicePackFiles\i386\dmloader.dll
+ 2008-04-14 02:34:00 15,872 ------w c:\windows\ServicePackFiles\i386\dmremote.exe
+ 2008-04-14 02:33:22 82,432 ------w c:\windows\ServicePackFiles\i386\dmscript.dll
+ 2008-04-14 02:33:22 24,576 ------w c:\windows\ServicePackFiles\i386\dmserver.dll
+ 2008-04-14 02:33:22 105,984 ------w c:\windows\ServicePackFiles\i386\dmstyle.dll
+ 2008-04-14 02:33:22 103,424 ------w c:\windows\ServicePackFiles\i386\dmsynth.dll
+ 2008-04-14 02:33:22 104,448 ------w c:\windows\ServicePackFiles\i386\dmusic.dll
+ 2008-04-13 18:45:01 52,864 ------w c:\windows\ServicePackFiles\i386\dmusic.sys
+ 2008-04-14 02:33:22 58,880 ------w c:\windows\ServicePackFiles\i386\dmutil.dll
+ 2008-04-14 02:33:22 147,968 ------w c:\windows\ServicePackFiles\i386\dnsapi.dll
+ 2008-04-14 02:33:22 45,568 ------w c:\windows\ServicePackFiles\i386\dnsrslvr.dll
+ 2008-04-14 02:33:22 48,640 ------w c:\windows\ServicePackFiles\i386\docprop2.dll
+ 2004-08-05 12:00:00 54,080 ------w c:\windows\ServicePackFiles\i386\dosx.exe
+ 2008-04-14 02:33:22 26,112 ------w c:\windows\ServicePackFiles\i386\dot3api.dll
+ 2008-04-14 02:33:22 60,928 ------w c:\windows\ServicePackFiles\i386\dot3cfg.dll
+ 2008-04-14 02:33:22 39,936 ------w c:\windows\ServicePackFiles\i386\dot3clnt.dll
+ 2008-04-14 02:33:22 9,216 ------w c:\windows\ServicePackFiles\i386\dot3dlg.dll
+ 2008-04-14 02:33:22 56,832 ------w c:\windows\ServicePackFiles\i386\dot3msm.dll
+ 2008-04-14 02:33:22 133,120 ------w c:\windows\ServicePackFiles\i386\dot3svc.dll
+ 2008-04-14 02:33:22 651,264 ------w c:\windows\ServicePackFiles\i386\dot3ui.dll
+ 2008-04-13 18:39:46 206,976 ------w c:\windows\ServicePackFiles\i386\dot4.sys
+ 2008-04-14 01:54:17 103,936 ------w c:\windows\ServicePackFiles\i386\dpcdll.dll
+ 2008-04-14 02:34:01 29,696 ------w c:\windows\ServicePackFiles\i386\dplaysvr.exe
+ 2008-04-14 02:33:22 229,888 ------w c:\windows\ServicePackFiles\i386\dplayx.dll
+ 2008-04-14 02:33:23 24,064 ------w c:\windows\ServicePackFiles\i386\dpmodemx.dll
+ 2008-04-14 02:31:14 3,072 ------w c:\windows\ServicePackFiles\i386\dpnaddr.dll
+ 2008-04-14 02:33:23 375,296 ------w c:\windows\ServicePackFiles\i386\dpnet.dll
+ 2008-04-14 02:33:23 35,328 ------w c:\windows\ServicePackFiles\i386\dpnhpast.dll
+ 2008-04-14 02:33:23 60,928 ------w c:\windows\ServicePackFiles\i386\dpnhupnp.dll
+ 2008-04-14 02:31:14 3,072 ------w c:\windows\ServicePackFiles\i386\dpnlobby.dll
+ 2008-04-14 02:34:01 18,432 ------w c:\windows\ServicePackFiles\i386\dpnsvr.exe
+ 2008-04-14 02:33:23 21,504 ------w c:\windows\ServicePackFiles\i386\dpvacm.dll
+ 2008-04-14 02:33:23 213,504 ------w c:\windows\ServicePackFiles\i386\dpvoice.dll
+ 2008-04-14 02:34:01 83,456 ------w c:\windows\ServicePackFiles\i386\dpvsetup.exe
+ 2008-04-14 02:33:23 116,736 ------w c:\windows\ServicePackFiles\i386\dpvvox.dll
+ 2008-04-14 02:33:23 57,344 ------w c:\windows\ServicePackFiles\i386\dpwsockx.dll
+ 2008-04-13 18:45:14 60,160 ------w c:\windows\ServicePackFiles\i386\drmk.sys
+ 2008-04-13 18:45:13 2,944 ------w c:\windows\ServicePackFiles\i386\drmkaud.sys
+ 2008-04-14 02:33:23 14,336 ------w c:\windows\ServicePackFiles\i386\drprov.dll
+ 2004-08-05 12:00:00 4,656 ------w c:\windows\ServicePackFiles\i386\ds16gt.dll
+ 2008-04-14 02:33:23 16,384 ------w c:\windows\ServicePackFiles\i386\ds32gt.dll
+ 2008-04-14 02:33:23 181,248 ------w c:\windows\ServicePackFiles\i386\dsdmo.dll
+ 2008-04-14 02:33:23 72,192 ------w c:\windows\ServicePackFiles\i386\dsdmoprp.dll
+ 2008-04-14 02:33:23 93,696 ------w c:\windows\ServicePackFiles\i386\dskquota.dll
+ 2008-04-14 02:33:23 161,280 ------w c:\windows\ServicePackFiles\i386\dskquoui.dll
+ 2008-04-14 02:33:23 367,616 ------w c:\windows\ServicePackFiles\i386\dsound.dll
+ 2008-04-14 02:33:23 1,293,824 ------w c:\windows\Ser
0
Réponse 116 / 121
cynthia92 Messages postés 294 Date d'inscription mercredi 12 décembre 2007 Statut Membre Dernière intervention 11 août 2009 1
24 nov. 2008 à 14:49
Que faire maintenant stp?
0
Réponse 117 / 121
Utilisateur anonyme
24 nov. 2008 à 16:35
Hi,

Il est pas complet ton rapport?

Ensuite comment va ton pc?

Alut.
0
Réponse 118 / 121
cynthia92 Messages postés 294 Date d'inscription mercredi 12 décembre 2007 Statut Membre Dernière intervention 11 août 2009 1
24 nov. 2008 à 17:21
" APPPARAMENT " il est normal , mais je pense que c'est parce que j'ai désactivé mon antivirus.

Quand j'ai fait une analyse avec TrendMicro il m'a détecté 1 trojan.... Mais comme j'avais un problème Java

"environnement" que j'ai toujours il n'a rien pu supprimer...

Que faire stp?
0
Réponse 119 / 121
cynthia92 Messages postés 294 Date d'inscription mercredi 12 décembre 2007 Statut Membre Dernière intervention 11 août 2009 1
24 nov. 2008 à 17:22
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:21:10, on 25/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\acs.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\FSGK32.EXE
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\slmdmsr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fssm32.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IDETOOL\IDETOOL.EXE
C:\Program Files\NETGEAR\WG311T\wlancfg5.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\NETGEAR\WPN311\wlancfg5.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\Deskboard\deskboard.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FSLAUNCH.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: IDETool.lnk = C:\Program Files\IDETOOL\IDETOOL.EXE
O4 - Global Startup: NETGEAR WG311T Smart Wizard.lnk = C:\Program Files\NETGEAR\WG311T\wlancfg5.exe
O4 - Global Startup: NETGEAR WPN311 Smart Wizard.lnk = C:\Program Files\NETGEAR\WPN311\wlancfg5.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.orange.fr/portail
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O23 - Service: Service de configuration Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Unknown owner - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (file missing)
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slmdmsr.exe
0
Réponse 120 / 121
Utilisateur anonyme
24 nov. 2008 à 17:27
Hi,

Pour moi c'est bon tu n'as plus rien d'infectieux.

Alut.
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
problême Opéra est ce un virus??
sand2504 -
sand2504 -

85 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses