Aller au contenu

CIOCC

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    144

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par CIOCC

  1. CIOCC
    Bonjour, mon compte bloqué refonctionne Merci Thys
  2. CIOCC

    Adobe Reader 9.2.0

    CIOCC a répondu à un(e) sujet de ipl_001 dans Mises à jour utilitaires

    Re, Le première solution, je l' ai déjà essayée, sans succès. Pour la 2, je l'ai au moins répétée 10 fois, tjs avec le même problème. Je n'ai pas décoché ''Barre d'outils Google gratuite '' car je ne la vois pas. Par contre je vois une proposition (déjà cochée) pour un scan McAfee gratuit qui ne m' intéresse pas, j' ai déjà McAfee. Sous le logiciel à télécharger, il y a cette ligne Autres langues et sytème d' exploitation en cliquant dessus on fait apparaitre 2 menus. 1 pour le choix de la langue, 1 autre pour le système utilisé. En choisissant windows XP2, Oh miracle cela fonctionne. Si cela peut aider quelqu'un Merci pour les tuyaux Ciocc
  3. CIOCC

    Adobe Reader 9.2.0

    CIOCC a répondu à un(e) sujet de ipl_001 dans Mises à jour utilitaires

    Bonjour, je n' arrive pas à faire la mise à jour. Lorsque je lance le téléchargment sur le lien, il ne me demande rien. Je vois une barre ''Adobe Download Manager'' apparaitre pour laquelle je n'ai même pas le choix de lui dire oui / non. Quand j' ouvre un PDF, je suis tjs en V7.0. Donc à priori pas d' update Je n'ai pas très bien compris : Aide / Rechercher les mises à jour... du Menu ou trouve t-on ce Aide/recherche... ? de quel menu parle t-on? Merci de votre aide Ciocc
  4. CIOCC
    Exact, merci tibonhomme et longue vie au forum. Avec vous, c' est presque un plaisir de bidouiller nos PC, même lorsqu' il sont vérolés. On en apprend tous les jours. A+ Ciocc
  5. CIOCC
    Bonjour Tibonhomme, bien vu le truc. PSI me renvoie sur le fichier C:\WINDOWS\system32\flash.ocx qui appartient en effet à la version précédente. Plutôt que de supprimer le fichier, le l'ai pour le moment sauvegardé sur une cle USB. PSI ne me le site plus comme à mettre à jour. Merci pour le conseil Ciocc
  6. CIOCC
    Re, le solution de boubourg a fonctionné .J' ai pu réinstaller Flash Player. Malgré la mise à jour de flash player version 10.0.32.18, Secunia PSI me dit que je suis à la version 7.0.14.0 et me l' affiche comme non à jour!!!!!!!!!!!!!!!!! Comme tout focntionne, je laisse tomber ce détail. Merci Ciocc
  7. CIOCC
    Bonjour Ticlou, IE8 Microsoft Windows XP Professionnel 5.1.2600 Service Pack 3 Nu 2600 si tu as besoin de plsu, dit le moi A+ Ciocc
  8. CIOCC
    Bonsoir, je n'arrive pas à mettre à jour Macromedia Flash Player. J 'ai installé SECUNIA PSI qui m' a aidé à mettre à jour pas mal de logiciels mais, je bloque sur ce dernier. Secunia l' indique en fin de vie. La mise à jour sur fait sur ce lien http://get.adobe.com/fr/flashplayer mais, IE se bloque et je suis obligé de fermer le processus avec Alt. Sup. J' ai pu télécharger la fichier .exe sur 01net.com mais, cela ne résoud pas le problème. Même en désintallant et réinstallant le logiciel, je ne peut tjs visionner les video sur internet. Y a t-il une solution? est-ce un pb de fond ou bien simple un parametre sur mon PC à modifier. Merci de votre aide Ciocc
  9. CIOCC
    plutôt bien. Le logiciel rnamfler est parti, les dll avec. Le disque dur à l' air de tourner rond ce qui n' était pas le cas avant. Merci pour votre aide précieuse ainsi qu' à tous les autres passionnés que vous êtes. Merci de me dire si je peux fermer ce post. Ciocc
  10. CIOCC
    Re, voici le rapport A+ All processes killed ========== PROCESSES ========== ========== FILES ========== c:\program files\rnamfler moved successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== COMMANDS ========== [EMPTYTEMP] User: Administrateur ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: HP_Administrateur ->Temp folder emptied: 4741677 bytes ->Temporary Internet Files folder emptied: 19827071 bytes ->Java cache emptied: 0 bytes User: LocalService ->Temp folder emptied: 0 bytes File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 32902 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes %systemdrive% .tmp files removed: 0 bytes C:\WINDOWS\msdownld.tmp folder deleted successfully. %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes File delete failed. C:\WINDOWS\temp\WFVD.tmp scheduled to be deleted on reboot. Windows Temp folder emptied: 57571670 bytes RecycleBin emptied: 12816490 bytes Total Files Cleaned = 90,59 mb OTM by OldTimer - Version 3.0.0.6 log created on 10162009_141750
  11. CIOCC
    Bonjour Pear, Pour c:\program files\rnamfler, pouvez vous le désinstaller, par Ajout/ Suppression ou par un fichier Uninstall? je ne le vois pas dans la liste des programme, à moins qu' il porte un autre nom. Sinon, puis-je simplement supprimer c:\program files\rnamfler ? Ciocc
  12. CIOCC
    Bonjour, en ce moment je suis en Allemagne et je pourrai faire ceci peut-être demain soir ou bien vendredi. Pour ce qui est du PC, je trouve qu´il fonctionne mieux qu´avant. Je pesne que c´est en partie dû aux mises à jour qui étaient bloquées par un mauvais réglage de McAfee. IE8 à l´air de bien fonctionner mais, il m´a posé pas mal de problème pour faire la MAJ de Adobe Flash Player. Alors que sur le PC du boulot cela est passé comme une lettre à la poste. Pour ce qui est du Nero craqué, je ne l´ai jamais ni utilisé ni installé. Un copain me l´avait donné au cas ou. Pensez-vous que le Keygen était réellement infecté ou bien était- il reconnu comme virus potentiel? Connaissant mon copain, je suis presque sûr que le keygen vennait d´un site type serials, site reconnu comme douteux. J´ai aussi testé la vunlnerabilité de mon PC avec PCsecurity 2009. Coté virus il semble bien armé mais pas coté Spyware. En plus de McAfee, devrais-je installer un Antispyware? encore merci pour votre aide et je vais donc supprimer ce logiciel rnamfler dès mon retour. Ciocc
  13. CIOCC
    2 eme partie + 2009-10-11 20:24 . 2009-03-08 02:34 914944 c:\windows\ie8updates\KB972260-IE8\wininet.dll + 2009-10-11 20:24 . 2009-05-26 11:40 406392 c:\windows\ie8updates\KB972260-IE8\spuninst\updspapi.dll + 2009-10-11 20:24 . 2009-05-26 11:40 234872 c:\windows\ie8updates\KB972260-IE8\spuninst\spuninst.exe + 2009-10-11 20:24 . 2009-03-08 02:34 109568 c:\windows\ie8updates\KB972260-IE8\occache.dll + 2009-10-11 20:24 . 2009-03-08 02:32 594432 c:\windows\ie8updates\KB972260-IE8\msfeeds.dll + 2009-10-11 20:24 . 2009-03-08 02:33 246784 c:\windows\ie8updates\KB972260-IE8\ieproxy.dll + 2009-10-11 20:24 . 2009-03-08 02:31 183808 c:\windows\ie8updates\KB972260-IE8\iepeers.dll + 2009-10-11 20:24 . 2009-03-08 12:09 391536 c:\windows\ie8updates\KB972260-IE8\iedkcs32.dll + 2009-10-11 20:24 . 2009-03-08 02:32 173056 c:\windows\ie8updates\KB972260-IE8\ie4uinit.exe + 2009-10-11 20:28 . 2008-07-08 13:04 406392 c:\windows\ie8updates\KB971961-IE8\spuninst\updspapi.dll + 2009-10-11 20:28 . 2008-07-08 13:03 234872 c:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe + 2009-10-11 20:28 . 2009-03-08 02:33 726528 c:\windows\ie8updates\KB971961-IE8\jscript.dll + 2004-08-10 19:30 . 2009-08-18 08:55 179712 c:\windows\ehome\ehkeyctl.dll + 2009-10-11 20:11 . 2008-10-24 11:21 455296 c:\windows\Driver Cache\i386\mrxsmb.sys - 2008-06-29 10:31 . 2008-06-29 10:31 389120 c:\windows\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll + 2009-10-11 20:30 . 2009-10-11 20:30 389120 c:\windows\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll - 2008-06-29 10:31 . 2008-06-29 10:31 122880 c:\windows\assembly\GAC\ehiwmp\6.0.3000.0__31bf3856ad364e35\ehiwmp.dll + 2009-10-11 20:30 . 2009-10-11 20:30 122880 c:\windows\assembly\GAC\ehiwmp\6.0.3000.0__31bf3856ad364e35\ehiwmp.dll - 2008-06-29 10:31 . 2008-06-29 10:31 278528 c:\windows\assembly\GAC\ehiVidCtl\6.0.3000.0__31bf3856ad364e35\ehiVidCtl.dll + 2009-10-11 20:30 . 2009-10-11 20:30 278528 c:\windows\assembly\GAC\ehiVidCtl\6.0.3000.0__31bf3856ad364e35\ehiVidCtl.dll + 2009-10-11 20:30 . 2009-10-11 20:30 389120 c:\windows\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll - 2008-06-29 10:31 . 2008-06-29 10:31 389120 c:\windows\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll + 2009-10-11 20:30 . 2009-10-11 20:30 204800 c:\windows\assembly\GAC\ehiPlay\6.0.3000.0__31bf3856ad364e35\ehiPlay.dll - 2008-06-29 10:31 . 2008-06-29 10:31 204800 c:\windows\assembly\GAC\ehiPlay\6.0.3000.0__31bf3856ad364e35\ehiPlay.dll - 2008-06-29 10:31 . 2008-06-29 10:31 167936 c:\windows\assembly\GAC\ehiMsgr\6.0.3000.0__31bf3856ad364e35\ehiMsgr.dll + 2009-10-11 20:30 . 2009-10-11 20:30 167936 c:\windows\assembly\GAC\ehiMsgr\6.0.3000.0__31bf3856ad364e35\ehiMsgr.dll - 2008-06-29 10:31 . 2008-06-29 10:31 110592 c:\windows\assembly\GAC\ehExtCOM\6.0.3000.0__31bf3856ad364e35\ehExtCOM.dll + 2009-10-11 20:30 . 2009-10-11 20:30 110592 c:\windows\assembly\GAC\ehExtCOM\6.0.3000.0__31bf3856ad364e35\ehExtCOM.dll - 2008-06-29 10:31 . 2008-06-29 10:31 126976 c:\windows\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll + 2009-10-11 20:30 . 2009-10-11 20:30 126976 c:\windows\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll + 2009-10-11 20:30 . 2009-10-11 20:30 864256 c:\windows\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll - 2008-06-29 10:31 . 2008-06-29 10:31 864256 c:\windows\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll + 2009-10-11 20:30 . 2009-10-11 20:30 192512 c:\windows\assembly\GAC\ehcommon\6.0.3000.0__31bf3856ad364e35\ehcommon.dll - 2008-06-29 10:31 . 2008-06-29 10:31 192512 c:\windows\assembly\GAC\ehcommon\6.0.3000.0__31bf3856ad364e35\ehcommon.dll - 2008-06-29 10:31 . 2008-06-29 10:31 102400 c:\windows\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll + 2009-10-11 20:30 . 2009-10-11 20:30 102400 c:\windows\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll - 2008-06-29 10:31 . 2008-06-29 10:31 117248 c:\windows\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll + 2009-10-11 20:30 . 2009-10-11 20:30 117248 c:\windows\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll + 2009-10-11 20:13 . 2008-04-15 17:49 1724416 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\GdiPlus.dll + 2008-09-30 14:42 . 2008-09-30 14:42 1286152 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll + 2004-08-11 01:00 . 2009-05-20 02:56 2458112 c:\windows\system32\WMVCore.dll + 2004-08-11 01:00 . 2009-04-19 19:50 1847296 c:\windows\system32\win32k.sys + 2004-08-11 01:00 . 2009-07-03 16:57 1208832 c:\windows\system32\urlmon.dll - 2004-08-11 01:00 . 2008-04-14 02:33 8517632 c:\windows\system32\shell32.dll + 2004-08-11 01:00 . 2008-06-17 19:02 8517632 c:\windows\system32\shell32.dll + 2004-08-11 01:00 . 2009-06-03 19:10 1297408 c:\windows\system32\quartz.dll - 2004-08-11 01:00 . 2008-04-14 02:07 2147328 c:\windows\system32\ntoskrnl.exe + 2004-08-11 01:00 . 2009-02-09 11:23 2147328 c:\windows\system32\ntoskrnl.exe - 2004-08-11 01:00 . 2008-04-14 02:07 2025984 c:\windows\system32\ntkrnlpa.exe + 2004-08-11 01:00 . 2009-02-09 11:23 2025984 c:\windows\system32\ntkrnlpa.exe + 2008-06-29 10:04 . 2008-09-10 01:15 1307648 c:\windows\system32\msxml6.dll + 2008-09-30 14:43 . 2008-09-30 14:43 1286152 c:\windows\system32\msxml4.dll + 2004-08-11 01:00 . 2008-09-04 17:16 1106944 c:\windows\system32\msxml3.dll + 2004-08-11 01:00 . 2009-06-10 07:21 2066432 c:\windows\system32\mstscax.dll - 2004-08-11 01:00 . 2009-03-08 02:41 5937152 c:\windows\system32\mshtml.dll + 2004-08-11 01:00 . 2009-07-19 13:15 5937152 c:\windows\system32\mshtml.dll + 2004-08-11 01:00 . 2009-03-21 14:07 1054720 c:\windows\system32\kernel32.dll - 2004-08-11 01:00 . 2008-04-14 02:33 1054720 c:\windows\system32\kernel32.dll + 2007-08-13 16:34 . 2009-07-03 16:57 1985536 c:\windows\system32\iertutil.dll + 2003-09-25 10:07 . 2003-09-25 10:07 1139472 c:\windows\system32\FM20.DLL + 2009-10-11 20:07 . 2009-08-28 17:42 2065696 c:\windows\system32\DRVSTORE\usbaapl_6DA28B91FF48C57089E4D2436654AFA4ECAD0622\usbaaplrc.dll + 2009-10-11 20:07 . 2009-08-28 17:42 1417504 c:\windows\system32\DRVSTORE\netaapl_F433E854B3FF3BEE74986FDE8E16A64162342BFF\wdfcoinstaller01005.dll + 2004-08-11 01:00 . 2009-05-20 02:56 2458112 c:\windows\system32\dllcache\WMVCore.dll + 2009-04-19 19:50 . 2009-04-19 19:50 1847296 c:\windows\system32\dllcache\win32k.sys + 2007-08-13 16:54 . 2009-07-03 16:57 1208832 c:\windows\system32\dllcache\urlmon.dll + 2008-06-17 19:02 . 2008-06-17 19:02 8517632 c:\windows\system32\dllcache\shell32.dll + 2008-05-07 05:11 . 2009-06-03 19:10 1297408 c:\windows\system32\dllcache\quartz.dll + 2009-10-11 20:13 . 2009-02-09 11:24 2191104 c:\windows\system32\dllcache\ntoskrnl.exe + 2009-10-11 20:13 . 2009-02-09 11:23 2025984 c:\windows\system32\dllcache\ntkrpamp.exe + 2009-02-10 17:06 . 2009-02-10 17:06 2068096 c:\windows\system32\dllcache\ntkrnlpa.exe + 2009-10-11 20:13 . 2009-02-09 11:23 2147328 c:\windows\system32\dllcache\ntkrnlmp.exe + 2008-06-29 10:04 . 2008-09-10 01:15 1307648 c:\windows\system32\dllcache\msxml6.dll + 2004-08-11 01:00 . 2009-06-10 07:21 2066432 c:\windows\system32\dllcache\mstscax.dll + 2008-04-21 06:43 . 2009-07-19 13:15 5937152 c:\windows\system32\dllcache\mshtml.dll - 2008-04-21 06:43 . 2009-03-08 02:41 5937152 c:\windows\system32\dllcache\mshtml.dll + 2009-03-21 14:07 . 2009-03-21 14:07 1054720 c:\windows\system32\dllcache\kernel32.dll + 2008-06-29 19:01 . 2009-07-03 16:57 1985536 c:\windows\system32\dllcache\iertutil.dll + 2009-10-11 21:19 . 2009-10-11 21:19 1091584 c:\windows\Installer\f084d.msi + 2009-10-12 04:49 . 2009-10-12 04:49 5922304 c:\windows\Installer\e7222.msp + 2009-04-29 13:03 . 2009-04-29 13:03 8404992 c:\windows\Installer\c0343.msp + 2008-09-04 13:52 . 2008-09-04 13:52 4337664 c:\windows\Installer\c02f1.msp + 2008-06-11 18:13 . 2008-06-11 18:13 7988224 c:\windows\Installer\c02de.msp + 2008-03-31 14:35 . 2008-03-31 14:35 8309760 c:\windows\Installer\c02b1.msp + 2008-01-11 12:13 . 2008-01-11 12:13 5862912 c:\windows\Installer\c029a.msp + 2008-01-14 12:26 . 2008-01-14 12:26 4478464 c:\windows\Installer\c0274.msp + 2006-08-29 15:50 . 2006-08-29 15:50 3210240 c:\windows\Installer\c0260.msp + 2006-03-28 13:37 . 2006-03-28 13:37 6956032 c:\windows\Installer\c024c.msp + 2006-02-22 07:46 . 2006-02-22 07:46 2334720 c:\windows\Installer\c0236.msp + 2006-02-27 14:31 . 2006-02-27 14:31 1269248 c:\windows\Installer\c021c.msp + 2006-02-23 08:46 . 2006-02-23 08:46 2990080 c:\windows\Installer\c021a.msp + 2004-09-13 02:34 . 2004-09-13 02:34 1432576 c:\windows\Installer\c01dd.msp + 2009-10-12 17:26 . 2009-10-12 17:26 1622016 c:\windows\Installer\472ab3.msi + 2009-10-11 20:09 . 2009-10-11 20:09 4405248 c:\windows\Installer\10887a.msi + 2009-10-11 20:07 . 2009-10-11 20:07 1659392 c:\windows\Installer\10884d.msi + 2009-10-11 20:07 . 2009-10-11 20:07 3310592 c:\windows\Installer\108843.msi + 2009-10-11 19:56 . 2009-10-11 19:56 9013760 c:\windows\Installer\108839.msi + 2009-10-11 19:47 . 2009-10-11 19:47 1549312 c:\windows\Installer\108567.msi + 2008-04-23 01:19 . 2008-04-23 01:19 9609216 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA76301B7447A0100000020\7.1.0\AcroRd32.dll + 2009-10-11 20:24 . 2009-03-08 02:34 1206784 c:\windows\ie8updates\KB972260-IE8\urlmon.dll + 2009-10-11 20:24 . 2009-03-08 02:41 5937152 c:\windows\ie8updates\KB972260-IE8\mshtml.dll + 2009-10-11 20:24 . 2009-03-08 02:32 1985024 c:\windows\ie8updates\KB972260-IE8\iertutil.dll + 2008-06-28 15:48 . 2006-08-21 14:03 1077321 c:\windows\Help\SBSI\Training\orun32.exe + 2009-10-11 20:13 . 2009-02-09 11:24 2191104 c:\windows\Driver Cache\i386\ntoskrnl.exe + 2009-10-11 20:13 . 2009-02-09 11:23 2025984 c:\windows\Driver Cache\i386\ntkrpamp.exe + 2009-02-10 17:06 . 2009-02-10 17:06 2068096 c:\windows\Driver Cache\i386\ntkrnlpa.exe + 2009-10-11 20:13 . 2009-02-09 11:23 2147328 c:\windows\Driver Cache\i386\ntkrnlmp.exe + 2009-07-17 18:12 . 2009-07-17 18:12 1962160 c:\windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe - 2008-06-29 10:31 . 2008-06-29 10:31 1863680 c:\windows\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\EhCM.dll + 2009-10-11 20:30 . 2009-10-11 20:30 1863680 c:\windows\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\EhCM.dll + 2004-08-11 01:00 . 2009-07-13 21:43 10841088 c:\windows\system32\wmp.dll + 2008-06-29 12:41 . 2009-08-28 12:38 24689600 c:\windows\system32\MRT.exe + 2007-08-13 16:54 . 2009-07-19 16:45 11067392 c:\windows\system32\ieframe.dll + 2004-08-11 01:00 . 2009-07-13 21:43 10841088 c:\windows\system32\dllcache\wmp.dll + 2008-06-29 19:01 . 2009-07-19 16:45 11067392 c:\windows\system32\dllcache\ieframe.dll + 2009-07-20 10:03 . 2009-07-20 10:03 16465408 c:\windows\Installer\c0358.msp + 2009-05-05 16:06 . 2009-05-05 16:06 17515008 c:\windows\Installer\c031c.msp + 2005-09-25 09:46 . 2005-09-25 09:46 16084480 c:\windows\Installer\c0205.msp + 2004-02-21 19:41 . 2004-02-21 19:41 60819164 c:\windows\Installer\5fa6fd.msp + 2009-10-11 20:24 . 2009-03-08 02:39 11063808 c:\windows\ie8updates\KB972260-IE8\ieframe.dll . -- Instantané actualisé -- . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-08 149280] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736] "VolPanel"="c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" [2005-07-11 122880] "AudioDrvEmulator"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-06-16 49152] "HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152] "Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-15 233472] "BJCFD"="c:\program files\BroadJump\Client Foundation\CFD.exe" [2003-01-27 376912] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-08-12 13570048] "KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440] "ShStatEXE"="c:\program files\Network Associates\VirusScan\SHSTAT.EXE" [2004-09-22 94208] "McAfeeUpdaterUI"="c:\program files\Network Associates\Common Framework\UpdaterUI.exe" [2004-08-06 139320] "Network Associates Error Reporting Service"="c:\program files\Fichiers communs\Network Associates\TalkBack\TBMon.exe" [2003-10-07 147514] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-08-12 86016] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "AlwaysReady Power Message APP"="ARPWRMSG.EXE" - c:\windows\arpwrmsg.exe [2005-08-03 77312] "CTHelper"="CTHELPER.EXE" - c:\windows\CTHELPER.EXE [2005-08-09 16384] c:\documents and settings\HP_Administrateur\Menu D‚marrer\Programmes\D‚marrage\ Secunia PSI.lnk - c:\program files\Secunia\PSI\psi.exe [2009-8-21 900816] c:\documents and settings\HP_Administrateur\Menu D‚marrer\Programmes\D‚marrage\ Secunia PSI.lnk - c:\program files\Secunia\PSI\psi.exe [2009-8-21 900816] c:\documents and settings\HP_Administrateur\Menu D‚marrer\Programmes\D‚marrage\ Secunia PSI.lnk - c:\program files\Secunia\PSI\psi.exe [2009-8-21 900816] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624] Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696] c:\documents and settings\HP_Administrateur\Menu D‚marrer\Programmes\D‚marrage\ Secunia PSI.lnk - c:\program files\Secunia\PSI\psi.exe [2009-8-21 900816] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LE COMPAGNON CLUB.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\LE COMPAGNON CLUB.lnk backup=c:\windows\pss\LE COMPAGNON CLUB.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrateur^Menu Démarrer^Programmes^Démarrage^Notification de cadeaux MSN.lnk] path=c:\documents and settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage\Notification de cadeaux MSN.lnk backup=c:\windows\pss\Notification de cadeaux MSN.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [03/10/2009 17:12 28544] R1 NaiAvTdi1;NaiAvTdi1;c:\windows\system32\drivers\mvstdi5x.sys [27/07/2008 17:57 58464] R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [28/06/2008 18:06 2777472] R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [17/06/2009 14:20 12648] R3 WN5401;Liteon Wireless LAN PCI 802.11 a/b/g adapter WN5401A;c:\windows\system32\drivers\wn5401.sys [28/06/2008 18:06 449920] S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [23/09/2009 14:50 238960] --- Autres Services/Pilotes en mémoire --- *NewlyCreated* - ENTDRV51 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contenu du dossier 'Tâches planifiées' 2009-10-11 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2009-10-09 c:\windows\Tasks\Connexion facile à Internet.job - c:\program files\Easy Internet signup\HPSdpApp.exe [2005-05-24 14:46] 2009-10-13 c:\windows\Tasks\Maintenance en 1 clic.job - c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-03-03 07:23] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.yahoo.fr/ mStart Page = hxxp://www.duxet.com/ uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000 IE: Pages liées - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html IE: Pages similaires - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html IE: Version de la page actuelle disponible dans le cache Google - c:\program files\Google\GoogleToolbar1.dll/cmcache.html Trusted Zone: internet Trusted Zone: mcafee.com DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab DPF: {4EFE4BE8-8771-4649-B3EF-D97374C8D2C2} - hxxps://particuliers.secure.lcl.fr/v_1.0/img/akl/FormProtect.cab DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.zebulon.fr/scan8/oscan8.cab . - - - - ORPHELINS SUPPRIMES - - - - AddRemove-Notification de cadeaux MSN - c:\documents and settings\HP_Administrateur\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-10-13 07:33 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run CTHelper = CTHELPER.EXE? Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'lsass.exe'(800) c:\windows\system32\EntApi.dll - - - - - - - > 'explorer.exe'(928) c:\windows\system32\EntApi.dll c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\windows\arservice.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\CTSVCCDA.EXE c:\windows\ehome\ehRecvr.exe c:\windows\ehome\ehSched.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Fichiers communs\LightScribe\LSSrvc.exe c:\program files\Network Associates\Common Framework\FrameworkService.exe c:\program files\Network Associates\VirusScan\Mcshield.exe c:\program files\Network Associates\VirusScan\VsTskMgr.exe c:\progra~1\NETWOR~1\COMMON~1\naPrdMgr.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\spool\drivers\w32x86\3\HPZIPM12.EXE c:\windows\system32\rundll32.exe c:\windows\system32\CTxfispi.exe c:\windows\system32\dllhost.exe c:\windows\ehome\ehmsas.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Heure de fin: 2009-10-13 7:37 - La machine a redémarré ComboFix-quarantined-files.txt 2009-10-13 05:37 ComboFix2.txt 2009-10-11 14:19 Avant-CF: 127 516 020 736 octets libres Après-CF: 127 528 488 960 octets libres 606 --- E O F --- 2009-07-24 15:18
  14. CIOCC
    Bonjour Pear, voici le rapport combofix 1ere partie Ciocc ComboFix 09-10-12.03 - HP_Administrateur 13/10/2009 7:26.2.2 - NTFSx86 MINIMAL Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3070.2814 [GMT 2:00] Lancé depuis: c:\documents and settings\HP_Administrateur\Bureau\45858-CF.exe Commutateurs utilisés :: c:\documents and settings\HP_Administrateur\Bureau\CFScript.txt FILE :: "c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\LE COMPAGNON CLUB.lnk" "c:\documents and settings\HP_Administrateur\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe" "c:\program files\Panda Security" "c:\windows\BDOSCAN8" . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\HP_Administrateur\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2009-09-13 au 2009-10-13 )))))))))))))))))))))))))))))))))))) . 2009-10-13 05:21 . 2009-10-13 05:21 -------- d-sh--w- c:\documents and settings\Administrateur\IETldCache 2009-10-12 17:26 . 2009-10-12 17:26 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\McAfee 2009-10-12 17:26 . 2009-10-12 17:26 -------- d-----w- c:\program files\McAfee 2009-10-12 17:26 . 2009-10-12 17:26 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee 2009-10-12 12:20 . 2009-10-12 12:20 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2 2009-10-11 21:19 . 2009-10-11 21:19 -------- d-----w- c:\program files\Garmin GPS Plugin 2009-10-11 21:19 . 2009-10-11 21:19 -------- d-----w- c:\program files\DIFX 2009-10-11 21:19 . 2009-10-11 21:19 -------- d-----w- c:\program files\Garmin 2009-10-11 20:36 . 2009-10-11 20:36 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2009-10-11 20:24 . 2009-10-11 20:24 -------- d-----w- c:\windows\ie8updates 2009-10-11 20:18 . 2009-06-21 21:47 153088 ------w- c:\windows\system32\dllcache\triedit.dll 2009-10-11 20:17 . 2009-07-10 13:27 1315328 ------w- c:\windows\system32\dllcache\msoe.dll 2009-10-11 20:16 . 2009-07-03 16:57 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll 2009-10-11 20:16 . 2009-07-03 16:57 12800 ------w- c:\windows\system32\dllcache\xpshims.dll 2009-10-11 20:14 . 2008-12-16 12:31 354304 ------w- c:\windows\system32\dllcache\winhttp.dll 2009-10-11 20:12 . 2008-12-11 10:57 333952 ------w- c:\windows\system32\dllcache\srv.sys 2009-10-11 20:11 . 2008-10-24 11:21 455296 ------w- c:\windows\system32\dllcache\mrxsmb.sys 2009-10-11 20:11 . 2008-09-04 17:16 1106944 ------w- c:\windows\system32\dllcache\msxml3.dll 2009-10-11 20:11 . 2008-10-15 16:35 337408 ------w- c:\windows\system32\dllcache\netapi32.dll 2009-10-11 20:11 . 2008-05-01 14:36 331776 ------w- c:\windows\system32\dllcache\msadce.dll 2009-10-11 20:10 . 2008-04-11 19:05 691712 ------w- c:\windows\system32\dllcache\inetcomm.dll 2009-10-11 20:08 . 2009-10-11 20:08 -------- d-----w- c:\program files\iPod 2009-10-11 20:08 . 2009-10-11 20:09 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-10-11 20:07 . 2009-10-11 20:07 -------- d-----w- c:\program files\Bonjour 2009-10-11 19:56 . 2009-10-11 19:56 -------- d-----w- c:\program files\QuickTime 2009-10-11 19:55 . 2009-10-11 20:08 -------- d-----w- c:\program files\Fichiers communs\Apple 2009-10-11 19:47 . 2009-10-11 19:47 -------- d-----w- c:\documents and settings\HP_Administrateur\Local Settings\Application Data\Apple 2009-10-11 19:47 . 2009-10-11 19:47 -------- d-----w- c:\program files\Apple Software Update 2009-10-11 19:47 . 2009-10-11 19:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple 2009-10-11 19:42 . 2009-10-11 19:42 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\vlc 2009-10-11 18:43 . 2009-10-11 18:43 -------- d-----w- c:\program files\Secunia 2009-10-11 17:00 . 2009-10-11 17:00 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\Yahoo! 2009-10-11 16:48 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-10-11 16:48 . 2009-10-11 16:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-10-11 16:48 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-10-11 14:11 . 2009-10-11 14:19 -------- d-----w- C:\45858-CF 2009-10-09 14:24 . 2009-10-09 14:29 -------- d-----w- C:\Gamer 2009-10-08 20:18 . 2009-10-08 20:18 -------- d--h--w- c:\windows\PIF 2009-10-08 20:14 . 2009-10-08 20:14 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-10-08 17:32 . 2009-10-08 17:32 -------- d-sh--w- c:\documents and settings\HP_Administrateur\PrivacIE 2009-10-08 17:24 . 2009-10-08 17:24 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2009-10-08 17:23 . 2009-10-08 17:23 -------- d-sh--w- c:\documents and settings\HP_Administrateur\IETldCache 2009-10-08 17:17 . 2009-10-08 17:17 -------- d--h--w- c:\windows\msdownld.tmp 2009-10-08 17:16 . 2009-10-08 17:16 -------- dc-h--w- c:\windows\ie8 2009-10-08 14:43 . 2009-10-08 14:44 -------- d-----w- C:\rsit 2009-10-07 18:50 . 2009-10-07 18:50 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\Malwarebytes 2009-10-07 18:50 . 2009-10-07 18:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-10-07 18:47 . 2009-10-07 20:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-10-07 17:35 . 2009-10-07 17:35 -------- d-----w- C:\_OTM 2009-10-06 19:36 . 2009-10-06 20:48 -------- d-----w- c:\windows\BDOSCAN8 2009-10-03 15:12 . 2008-06-19 15:24 28544 ----a-w- c:\windows\system32\drivers\pavboot.sys 2009-10-03 15:11 . 2009-10-03 15:11 -------- d-----w- c:\program files\Panda Security . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-12 12:39 . 2008-07-27 15:16 -------- d-----w- c:\program files\Microsoft ActiveSync 2009-10-12 09:55 . 2009-01-06 21:08 -------- d-----w- c:\program files\SFR 2009-10-11 21:15 . 2008-06-28 16:01 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-10-11 21:14 . 2008-06-28 11:38 -------- d-----w- c:\program files\Yahoo! 2009-10-11 20:34 . 2004-12-11 06:04 64484 ----a-w- c:\windows\system32\perfc00C.dat 2009-10-11 20:34 . 2004-12-11 06:04 446566 ----a-w- c:\windows\system32\perfh00C.dat 2009-10-11 20:29 . 2008-06-28 16:28 -------- d-----w- c:\program files\iTunes 2009-10-11 20:08 . 2008-06-28 16:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer 2009-10-11 17:00 . 2008-06-28 11:38 -------- d-----w- c:\program files\CCleaner 2009-10-10 06:30 . 2008-06-28 11:45 -------- d-----w- c:\program files\ma-config.com 2009-10-10 06:30 . 2008-06-28 11:45 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com 2009-10-09 14:42 . 2008-06-28 15:50 -------- d-----w- c:\program files\Java 2009-10-09 04:47 . 2008-06-28 16:37 -------- d-----w- c:\program files\Easy Internet signup 2009-10-08 19:43 . 2008-06-28 11:32 -------- d-----w- c:\program files\TuneUp Utilities 2008 2009-10-07 17:38 . 2009-05-20 17:17 -------- d--h--r- c:\program files\rnamfler 2009-08-05 09:00 . 2004-08-11 01:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll 2009-07-29 04:35 . 2008-06-28 15:45 81920 ----a-w- c:\windows\system32\fontsub.dll 2009-07-29 04:35 . 2004-08-11 01:00 119808 ----a-w- c:\windows\system32\t2embed.dll 2009-07-17 19:03 . 2004-08-11 01:00 58880 ----a-w- c:\windows\system32\atl.dll . ((((((((((((((((((((((((((((( SnapShot@2009-10-11_14.17.45 ))))))))))))))))))))))))))))))))))))))))) . + 2008-09-30 14:45 . 2008-09-30 14:45 91656 c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll + 2009-10-13 05:33 . 2009-10-13 05:33 16384 c:\windows\temp\Perflib_Perfdata_4f8.dat + 2004-08-11 01:00 . 2009-06-25 08:26 54272 c:\windows\system32\wdigest.dll + 2008-06-29 10:05 . 2009-07-14 11:03 46080 c:\windows\system32\tzchange.exe + 2004-08-11 01:00 . 2009-06-15 10:44 82944 c:\windows\system32\tlntsess.exe + 2004-08-11 01:00 . 2009-06-15 10:44 78848 c:\windows\system32\telnet.exe + 2004-08-11 01:00 . 2009-06-25 08:26 56832 c:\windows\system32\secur32.dll + 2008-06-28 15:47 . 2009-02-06 10:39 35328 c:\windows\system32\sc.exe + 2004-12-11 06:04 . 2009-10-11 20:34 53436 c:\windows\system32\perfc009.dat - 2004-12-11 06:04 . 2009-03-29 05:28 53436 c:\windows\system32\perfc009.dat + 2004-08-11 01:00 . 2008-06-12 14:22 91648 c:\windows\system32\mtxoci.dll - 2004-08-11 01:00 . 2008-04-14 02:33 91648 c:\windows\system32\mtxoci.dll + 2004-08-11 01:00 . 2008-06-12 14:22 66560 c:\windows\system32\mtxclu.dll - 2004-08-11 01:00 . 2008-04-14 02:33 66560 c:\windows\system32\mtxclu.dll - 2007-08-13 16:54 . 2009-03-08 02:31 55296 c:\windows\system32\msfeedsbs.dll + 2007-08-13 16:54 . 2009-07-03 16:57 55296 c:\windows\system32\msfeedsbs.dll + 2004-08-11 01:00 . 2008-06-12 14:22 58880 c:\windows\system32\msdtclog.dll - 2004-08-11 01:00 . 2008-04-14 02:33 58880 c:\windows\system32\msdtclog.dll + 2004-08-11 01:00 . 2008-06-24 16:44 74240 c:\windows\system32\mscms.dll + 2009-10-12 13:52 . 2009-10-12 13:52 88589 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe + 2004-08-11 01:00 . 2009-07-03 16:57 25600 c:\windows\system32\jsproxy.dll - 2004-08-11 01:00 . 2009-03-08 02:33 25600 c:\windows\system32\jsproxy.dll + 2003-10-29 12:05 . 2003-10-29 12:05 28672 c:\windows\system32\FM20FRA.DLL + 2009-10-11 20:07 . 2009-08-28 17:42 40448 c:\windows\system32\DRVSTORE\usbaapl_6DA28B91FF48C57089E4D2436654AFA4ECAD0622\usbaapl.sys + 2009-10-11 20:07 . 2009-08-28 17:42 17408 c:\windows\system32\DRVSTORE\netaapl_F433E854B3FF3BEE74986FDE8E16A64162342BFF\netaapl.sys + 2009-10-11 21:19 . 2007-03-08 14:18 18432 c:\windows\system32\DRVSTORE\grmnusb_09F3E629557EBE4D2BA1A9469BDAE635AC0807AE\I386\grmngen.sys + 2009-10-11 20:09 . 2009-05-18 12:17 26600 c:\windows\system32\DRVSTORE\GEARAspiWD_3B7AACF0636A2C042EB7AD2AFF76D37B27BDD28C\x86\GEARAspiWDM.sys + 2009-06-17 12:20 . 2009-06-17 12:20 12648 c:\windows\system32\drivers\psi_mf.sys + 2004-08-11 01:00 . 2009-06-24 11:18 92928 c:\windows\system32\drivers\ksecdd.sys + 2005-03-07 15:52 . 2009-05-18 12:17 26600 c:\windows\system32\drivers\GEARAspiWDM.sys + 2008-12-12 09:11 . 2008-12-12 09:11 61440 c:\windows\system32\dnssd.dll + 2008-12-12 09:18 . 2008-12-12 09:18 87336 c:\windows\system32\dns-sd.exe + 2009-06-25 08:26 . 2009-06-25 08:26 54272 c:\windows\system32\dllcache\wdigest.dll + 2009-06-15 10:44 . 2009-06-15 10:44 82944 c:\windows\system32\dllcache\tlntsess.exe + 2009-06-15 10:44 . 2009-06-15 10:44 78848 c:\windows\system32\dllcache\telnet.exe + 2009-02-03 19:58 . 2009-06-25 08:26 56832 c:\windows\system32\dllcache\secur32.dll + 2008-06-28 15:47 . 2009-02-06 10:39 35328 c:\windows\system32\dllcache\sc.exe + 2008-06-12 14:22 . 2008-06-12 14:22 91648 c:\windows\system32\dllcache\mtxoci.dll + 2008-06-12 14:22 . 2008-06-12 14:22 66560 c:\windows\system32\dllcache\mtxclu.dll - 2008-06-29 19:01 . 2009-03-08 02:31 55296 c:\windows\system32\dllcache\msfeedsbs.dll + 2008-06-29 19:01 . 2009-07-03 16:57 55296 c:\windows\system32\dllcache\msfeedsbs.dll + 2008-06-12 14:22 . 2008-06-12 14:22 58880 c:\windows\system32\dllcache\msdtclog.dll + 2008-06-24 16:44 . 2008-06-24 16:44 74240 c:\windows\system32\dllcache\mscms.dll + 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys + 2007-08-13 16:54 . 2009-07-03 16:57 25600 c:\windows\system32\dllcache\jsproxy.dll - 2007-08-13 16:54 . 2009-03-08 02:33 25600 c:\windows\system32\dllcache\jsproxy.dll + 2009-07-29 04:35 . 2009-07-29 04:35 81920 c:\windows\system32\dllcache\fontsub.dll + 2009-06-10 14:14 . 2009-06-10 14:14 85504 c:\windows\system32\dllcache\avifil32.dll + 2009-07-17 19:03 . 2009-07-17 19:03 58880 c:\windows\system32\dllcache\atl.dll + 2004-08-11 01:00 . 2009-06-10 14:14 85504 c:\windows\system32\avifil32.dll - 2004-08-11 01:00 . 2008-04-14 02:33 85504 c:\windows\system32\avifil32.dll - 2001-01-22 01:25 . 2001-01-22 01:25 32768 c:\windows\system32\ATHPRXY.DLL + 2004-01-29 14:08 . 2004-01-29 14:08 32768 c:\windows\system32\ATHPRXY.DLL - 2008-07-17 19:35 . 2008-07-17 19:35 25214 c:\windows\Installer\{AC76BA86-7AD7-1036-7B44-A71000000002}\SC_Reader.exe + 2008-07-17 19:35 . 2009-10-12 04:50 25214 c:\windows\Installer\{AC76BA86-7AD7-1036-7B44-A71000000002}\SC_Reader.exe + 2008-07-27 15:31 . 2009-10-12 12:40 90112 c:\windows\Installer\{9113040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe - 2008-07-27 15:31 . 2008-07-27 15:31 90112 c:\windows\Installer\{9113040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe - 2008-07-27 15:31 . 2008-07-27 15:31 45056 c:\windows\Installer\{9113040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe + 2008-07-27 15:31 . 2009-10-12 12:40 45056 c:\windows\Installer\{9113040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe + 2008-07-27 15:31 . 2009-10-12 12:40 22528 c:\windows\Installer\{9113040C-6000-11D3-8CFE-0050048383C9}\unbndico.exe - 2008-07-27 15:31 . 2008-07-27 15:31 22528 c:\windows\Installer\{9113040C-6000-11D3-8CFE-0050048383C9}\unbndico.exe - 2008-07-27 15:31 . 2008-07-27 15:31 12800 c:\windows\Installer\{9113040C-6000-11D3-8CFE-0050048383C9}\pubs.exe + 2008-07-27 15:31 . 2009-10-12 12:40 12800 c:\windows\Installer\{9113040C-6000-11D3-8CFE-0050048383C9}\pubs.exe + 2008-07-27 15:31 . 2009-10-12 12:40 16384 c:\windows\Installer\{9113040C-6000-11D3-8CFE-0050048383C9}\PEicons.exe - 2008-07-27 15:31 . 2008-07-27 15:31 16384 c:\windows\Installer\{9113040C-6000-11D3-8CFE-0050048383C9}\PEicons.exe + 2008-07-27 15:31 . 2009-10-12 12:40 34304 c:\windows\Installer\{9113040C-6000-11D3-8CFE-0050048383C9}\misc.exe - 2008-07-27 15:31 . 2008-07-27 15:31 34304 c:\windows\Installer\{9113040C-6000-11D3-8CFE-0050048383C9}\misc.exe + 2009-10-11 20:23 . 2009-10-11 20:23 32768 c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe + 2009-10-11 19:47 . 2009-10-11 19:47 27136 c:\windows\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe + 2009-10-12 17:50 . 2009-10-12 17:50 49152 c:\windows\Installer\{49FA793C-785E-47E9-93DF-BD442B0B45D1}\Icon49FA793C.exe + 2009-10-11 20:07 . 2009-10-11 20:07 86016 c:\windows\Installer\{07287123-B8AC-41CE-8346-3D777245C35B}\PrntWzrdIco.exe + 2009-10-11 20:24 . 2009-03-08 02:33 12288 c:\windows\ie8updates\KB972260-IE8\xpshims.dll + 2009-10-11 20:24 . 2009-03-08 02:31 55296 c:\windows\ie8updates\KB972260-IE8\msfeedsbs.dll + 2009-10-11 20:24 . 2009-03-08 02:33 25600 c:\windows\ie8updates\KB972260-IE8\jsproxy.dll - 2008-06-29 10:31 . 2008-06-29 10:31 77824 c:\windows\assembly\GAC\SonicMCEBurnEngine\0.9.0.0__17c52700e9a64fd0\SonicMCEBurnEngine.dll + 2009-10-11 20:30 . 2009-10-11 20:30 77824 c:\windows\assembly\GAC\SonicMCEBurnEngine\0.9.0.0__17c52700e9a64fd0\SonicMCEBurnEngine.dll - 2008-06-29 10:31 . 2008-06-29 10:31 45056 c:\windows\assembly\GAC\Microsoft.MediaCenter\6.0.3100.0__31bf3856ad364e35\Microsoft.MediaCenter.dll + 2009-10-11 20:30 . 2009-10-11 20:30 45056 c:\windows\assembly\GAC\Microsoft.MediaCenter\6.0.3100.0__31bf3856ad364e35\Microsoft.MediaCenter.dll + 2009-10-11 20:30 . 2009-10-11 20:30 53248 c:\windows\assembly\GAC\ehiWUapi\6.0.3000.0__31bf3856ad364e35\ehiWUapi.dll - 2008-06-29 10:31 . 2008-06-29 10:31 53248 c:\windows\assembly\GAC\ehiWUapi\6.0.3000.0__31bf3856ad364e35\ehiWUapi.dll - 2008-06-29 10:31 . 2008-06-29 10:31 18944 c:\windows\assembly\GAC\ehiUserXp\6.0.3000.0__31bf3856ad364e35\ehiuserxp.dll + 2009-10-11 20:30 . 2009-10-11 20:30 18944 c:\windows\assembly\GAC\ehiUserXp\6.0.3000.0__31bf3856ad364e35\ehiuserxp.dll + 2009-10-11 20:30 . 2009-10-11 20:30 73728 c:\windows\assembly\GAC\ehiExtens\6.0.3000.0__31bf3856ad364e35\ehiExtens.dll - 2008-06-29 10:31 . 2008-06-29 10:31 73728 c:\windows\assembly\GAC\ehiExtens\6.0.3000.0__31bf3856ad364e35\ehiExtens.dll + 2008-05-05 05:25 . 2008-05-05 05:25 3072 c:\windows\system32\xpsp4res.dll + 2009-10-11 21:19 . 2007-03-08 14:18 8320 c:\windows\system32\DRVSTORE\grmnusb_09F3E629557EBE4D2BA1A9469BDAE635AC0807AE\I386\grmnusb.sys + 2008-07-27 15:31 . 2009-10-12 12:40 3584 c:\windows\Installer\{9113040C-6000-11D3-8CFE-0050048383C9}\opwicon.exe - 2008-07-27 15:31 . 2008-07-27 15:31 3584 c:\windows\Installer\{9113040C-6000-11D3-8CFE-0050048383C9}\opwicon.exe + 2008-07-27 15:31 . 2009-10-12 12:40 8192 c:\windows\Installer\{9113040C-6000-11D3-8CFE-0050048383C9}\mspicons.exe - 2008-07-27 15:31 . 2008-07-27 15:31 8192 c:\windows\Installer\{9113040C-6000-11D3-8CFE-0050048383C9}\mspicons.exe - 2008-07-27 15:31 . 2008-07-27 15:31 2560 c:\windows\Installer\{9113040C-6000-11D3-8CFE-0050048383C9}\cagicon.exe + 2008-07-27 15:31 . 2009-10-12 12:40 2560 c:\windows\Installer\{9113040C-6000-11D3-8CFE-0050048383C9}\cagicon.exe + 2009-10-11 20:30 . 2009-10-11 20:30 8192 c:\windows\assembly\GAC\ehiExtCOM\6.0.3000.0__31bf3856ad364e35\ehiExtCOM.dll - 2008-06-29 10:31 . 2008-06-29 10:31 8192 c:\windows\assembly\GAC\ehiExtCOM\6.0.3000.0__31bf3856ad364e35\ehiExtCOM.dll + 2006-12-01 20:54 . 2006-12-01 20:54 626688 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll + 2006-12-01 20:54 . 2006-12-01 20:54 548864 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll + 2006-12-01 20:54 . 2006-12-01 20:54 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll - 2006-10-18 19:47 . 2006-10-18 19:47 295936 c:\windows\system32\wmpeffects.dll + 2006-10-18 19:47 . 2008-06-24 16:12 295936 c:\windows\system32\wmpeffects.dll + 2004-08-11 01:00 . 2009-07-13 21:43 286208 c:\windows\system32\wmpdxm.dll + 2004-08-11 01:00 . 2008-06-18 03:03 938496 c:\windows\system32\WMNetmgr.dll + 2004-08-11 01:00 . 2009-06-10 06:15 132096 c:\windows\system32\wkssvc.dll - 2004-08-11 01:00 . 2008-04-14 02:33 132096 c:\windows\system32\wkssvc.dll + 2004-08-11 01:00 . 2009-07-03 16:57 915456 c:\windows\system32\wininet.dll - 2004-08-11 01:00 . 2008-04-14 02:33 354304 c:\windows\system32\winhttp.dll + 2004-08-11 01:00 . 2008-12-16 12:31 354304 c:\windows\system32\winhttp.dll + 2004-08-11 01:00 . 2009-02-06 10:10 227840 c:\windows\system32\wbem\wmiprvse.exe + 2004-08-11 01:00 . 2009-02-09 10:53 453120 c:\windows\system32\wbem\wmiprvsd.dll + 2004-08-11 01:00 . 2009-02-09 10:53 473600 c:\windows\system32\wbem\fastprox.dll + 2004-08-11 01:00 . 2008-10-03 10:03 247326 c:\windows\system32\strmdll.dll + 2004-08-11 01:00 . 2009-02-09 11:23 111104 c:\windows\system32\services.exe + 2004-08-11 01:00 . 2009-06-25 08:26 147456 c:\windows\system32\schannel.dll + 2004-08-11 01:00 . 2009-02-09 10:53 401408 c:\windows\system32\rpcss.dll + 2004-08-11 01:00 . 2009-04-15 14:53 585216 c:\windows\system32\rpcrt4.dll + 2004-12-11 06:04 . 2009-10-11 20:34 381692 c:\windows\system32\perfh009.dat - 2004-12-11 06:04 . 2009-03-29 05:28 381692 c:\windows\system32\perfh009.dat + 2004-08-11 01:00 . 2009-03-06 14:20 286720 c:\windows\system32\pdh.dll - 2004-08-11 01:00 . 2008-04-14 02:33 286720 c:\windows\system32\pdh.dll + 2004-08-11 01:00 . 2009-07-03 16:57 206848 c:\windows\system32\occache.dll + 2004-08-11 01:00 . 2009-02-09 10:53 739840 c:\windows\system32\ntdll.dll - 2004-08-11 01:00 . 2008-04-14 02:33 337408 c:\windows\system32\netapi32.dll + 2004-08-11 01:00 . 2008-10-15 16:35 337408 c:\windows\system32\netapi32.dll + 2008-10-16 12:07 . 2008-10-16 12:07 208744 c:\windows\system32\muweb.dll + 2004-08-11 01:00 . 2009-06-25 08:26 136192 c:\windows\system32\msv1_0.dll + 2004-08-11 01:00 . 2006-12-04 14:21 414720 c:\windows\system32\msscp.dll - 2007-08-13 16:54 . 2009-03-08 02:32 594432 c:\windows\system32\msfeeds.dll + 2007-08-13 16:54 . 2009-07-03 16:57 594432 c:\windows\system32\msfeeds.dll - 2004-08-11 01:00 . 2008-04-14 02:33 161792 c:\windows\system32\msdtcuiu.dll + 2004-08-11 01:00 . 2008-06-12 14:22 161792 c:\windows\system32\msdtcuiu.dll + 2004-08-11 01:00 . 2008-06-12 14:22 956928 c:\windows\system32\msdtctm.dll - 2004-08-11 01:00 . 2008-04-14 02:33 956928 c:\windows\system32\msdtctm.dll + 2004-08-11 01:00 . 2008-06-12 14:22 428032 c:\windows\system32\msdtcprx.dll + 2004-08-11 01:00 . 2004-08-10 04:00 112128 c:\windows\system32\mapi32.dll - 2004-08-11 01:00 . 2004-08-11 01:00 112128 c:\windows\system32\mapi32.dll + 2009-07-18 03:12 . 2009-07-18 03:12 257440 c:\windows\system32\Macromed\Flash\FlashUtil10c.exe + 2004-08-11 01:00 . 2009-06-25 08:26 736768 c:\windows\system32\lsasrv.dll + 2004-08-11 01:00 . 2008-06-17 23:09 100864 c:\windows\system32\logagent.exe - 2004-08-11 01:00 . 2006-10-18 18:03 100864 c:\windows\system32\logagent.exe + 2004-08-11 01:00 . 2009-05-07 15:33 348672 c:\windows\system32\localspl.dll + 2004-08-11 01:00 . 2009-06-25 08:26 301568 c:\windows\system32\kerberos.dll - 2004-08-11 01:00 . 2009-03-08 02:33 726528 c:\windows\system32\jscript.dll + 2004-08-11 01:00 . 2009-06-22 06:47 726528 c:\windows\system32\jscript.dll - 2004-08-11 01:00 . 2008-04-14 02:33 691712 c:\windows\system32\inetcomm.dll + 2004-08-11 01:00 . 2008-04-11 19:05 691712 c:\windows\system32\inetcomm.dll + 2004-08-11 01:00 . 2009-07-03 16:57 184320 c:\windows\system32\iepeers.dll + 2004-08-11 01:00 . 2009-07-03 16:57 386048 c:\windows\system32\iedkcs32.dll + 2004-08-11 01:00 . 2009-07-03 11:01 173056 c:\windows\system32\ie4uinit.exe - 2004-08-11 01:00 . 2009-03-08 02:32 173056 c:\windows\system32\ie4uinit.exe + 2005-03-07 15:52 . 2008-04-17 11:12 107368 c:\windows\system32\GEARAspi.dll + 2004-08-11 01:00 . 2008-10-23 12:36 286720 c:\windows\system32\gdi32.dll - 2004-12-11 06:10 . 2009-06-08 19:14 341032 c:\windows\system32\FNTCACHE.DAT + 2004-12-11 06:10 . 2009-10-11 20:29 341032 c:\windows\system32\FNTCACHE.DAT + 2004-08-11 01:00 . 2008-07-07 20:28 253952 c:\windows\system32\es.dll + 2009-10-11 20:09 . 2008-04-17 11:12 107368 c:\windows\system32\DRVSTORE\GEARAspiWD_3B7AACF0636A2C042EB7AD2AFF76D37B27BDD28C\x86\GEARAspi.dll + 2004-08-11 01:00 . 2008-12-11 10:57 333952 c:\windows\system32\drivers\srv.sys + 2004-08-11 01:00 . 2008-10-24 11:21 455296 c:\windows\system32\drivers\mrxsmb.sys - 2004-08-11 01:00 . 2008-06-20 11:40 138496 c:\windows\system32\drivers\afd.sys + 2004-08-11 01:00 . 2008-08-14 10:04 138496 c:\windows\system32\drivers\afd.sys + 2009-10-11 20:13 . 2008-04-21 21:15 219136 c:\windows\system32\dllcache\wordpad.exe + 2004-08-11 01:00 . 2009-07-13 21:43 286208 c:\windows\system32\dllcache\wmpdxm.dll + 2004-08-11 01:00 . 2008-06-18 03:03 938496 c:\windows\system32\dllcache\WMNetmgr.dll + 2009-10-11 20:13 . 2009-02-06 10:10 227840 c:\windows\system32\dllcache\wmiprvse.exe + 2009-10-11 20:13 . 2009-02-09 10:53 453120 c:\windows\system32\dllcache\wmiprvsd.dll + 2009-06-10 06:15 . 2009-06-10 06:15 132096 c:\windows\system32\dllcache\wkssvc.dll + 2008-04-21 06:43 . 2009-07-03 16:57 915456 c:\windows\system32\dllcache\wininet.dll + 2004-08-11 01:00 . 2007-06-29 09:59 318976 c:\windows\system32\dllcache\unregmp2.exe + 2009-07-29 04:35 . 2009-07-29 04:35 119808 c:\windows\system32\dllcache\t2embed.dll + 2004-08-11 01:00 . 2008-10-03 10:03 247326 c:\windows\system32\dllcache\strmdll.dll + 2009-10-11 20:13 . 2009-02-09 11:23 111104 c:\windows\system32\dllcache\services.exe + 2008-12-05 06:57 . 2009-06-25 08:26 147456 c:\windows\system32\dllcache\schannel.dll + 2009-10-11 20:13 . 2009-02-09 10:53 401408 c:\windows\system32\dllcache\rpcss.dll + 2009-04-15 14:53 . 2009-04-15 14:53 585216 c:\windows\system32\dllcache\rpcrt4.dll + 2009-10-11 20:13 . 2009-03-06 14:20 286720 c:\windows\system32\dllcache\pdh.dll + 2007-08-13 16:44 . 2009-07-03 16:57 206848 c:\windows\system32\dllcache\occache.dll + 2009-10-11 20:13 . 2009-02-09 10:53 739840 c:\windows\system32\dllcache\ntdll.dll + 2009-08-05 09:00 . 2009-08-05 09:00 205312 c:\windows\system32\dllcache\mswebdvd.dll + 2009-06-25 08:26 . 2009-06-25 08:26 136192 c:\windows\system32\dllcache\msv1_0.dll + 2004-08-11 01:00 . 2006-12-04 14:21 414720 c:\windows\system32\dllcache\msscp.dll - 2008-06-29 19:01 . 2009-03-08 02:32 594432 c:\windows\system32\dllcache\msfeeds.dll + 2008-06-29 19:01 . 2009-07-03 16:57 594432 c:\windows\system32\dllcache\msfeeds.dll + 2008-06-12 14:22 . 2008-06-12 14:22 161792 c:\windows\system32\dllcache\msdtcuiu.dll + 2008-06-12 14:22 . 2008-06-12 14:22 956928 c:\windows\system32\dllcache\msdtctm.dll + 2008-06-12 14:22 . 2008-06-12 14:22 428032 c:\windows\system32\dllcache\msdtcprx.dll + 2009-10-11 20:13 . 2009-06-25 08:26 736768 c:\windows\system32\dllcache\lsasrv.dll - 2004-08-11 01:00 . 2006-10-18 18:03 100864 c:\windows\system32\dllcache\logagent.exe + 2004-08-11 01:00 . 2008-06-17 23:09 100864 c:\windows\system32\dllcache\logagent.exe + 2009-05-07 15:33 . 2009-05-07 15:33 348672 c:\windows\system32\dllcache\localspl.dll + 2009-06-25 08:26 . 2009-06-25 08:26 301568 c:\windows\system32\dllcache\kerberos.dll - 2007-08-13 16:38 . 2009-03-08 02:33 726528 c:\windows\system32\dllcache\jscript.dll + 2007-08-13 16:38 . 2009-06-22 06:47 726528 c:\windows\system32\dllcache\jscript.dll + 2007-08-13 16:54 . 2009-07-03 16:57 184320 c:\windows\system32\dllcache\iepeers.dll + 2007-08-13 16:39 . 2009-07-03 16:57 386048 c:\windows\system32\dllcache\iedkcs32.dll + 2007-08-13 16:39 . 2009-07-03 11:01 173056 c:\windows\system32\dllcache\ie4uinit.exe - 2007-08-13 16:39 . 2009-03-08 02:32 173056 c:\windows\system32\dllcache\ie4uinit.exe + 2008-10-23 12:36 . 2008-10-23 12:36 286720 c:\windows\system32\dllcache\gdi32.dll + 2009-10-11 20:13 . 2009-02-09 10:53 473600 c:\windows\system32\dllcache\fastprox.dll + 2008-07-07 20:28 . 2008-07-07 20:28 253952 c:\windows\system32\dllcache\es.dll - 2008-06-20 11:40 . 2008-06-20 11:40 138496 c:\windows\system32\dllcache\afd.sys + 2008-06-20 11:40 . 2008-08-14 10:04 138496 c:\windows\system32\dllcache\afd.sys + 2009-10-11 20:13 . 2009-02-09 10:53 685568 c:\windows\system32\dllcache\advapi32.dll + 2004-08-11 01:00 . 2009-02-09 10:53 685568 c:\windows\system32\advapi32.dll - 2004-08-11 01:00 . 2008-04-14 02:33 685568 c:\windows\system32\advapi32.dll + 2009-10-11 21:19 . 2009-10-11 21:19 637952 c:\windows\Installer\f085f.msi + 2009-04-20 13:15 . 2009-04-20 13:15 207872 c:\windows\Installer\c032f.msp + 2009-02-10 07:07 . 2009-02-10 07:07 528896 c:\windows\Installer\c0308.msp + 2008-05-07 14:39 . 2008-05-07 14:39 669184 c:\windows\Installer\c02c9.msp + 2006-02-23 08:47 . 2006-02-23 08:47 755712 c:\windows\Installer\c021b.msp + 2004-03-11 08:46 . 2004-03-11 08:46 801792 c:\windows\Installer\c01f0.msp + 2009-10-12 12:20 . 2009-10-12 12:20 470528 c:\windows\Installer\5fa704.msi + 2009-10-11 20:23 . 2009-10-11 20:23 432640 c:\windows\Installer\3189dc.msi + 2009-10-11 19:55 . 2009-10-11 19:55 694272 c:\windows\Installer\1085a9.msi + 2009-10-11 20:09 . 2009-10-11 20:09 102400 c:\windows\Installer\{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}\iTunesIco.exe - 2008-07-27 15:31 . 2008-07-27 15:31 114688 c:\windows\Installer\{9113040C-6000-11D3-8CFE-0050048383C9}\outicon.exe + 2008-07-27 15:31 . 2009-10-12 12:40 114688 c:\windows\Installer\{9113040C-6000-11D3-8CFE-0050048383C9}\outicon.exe - 2008-07-27 15:31 . 2008-07-27 15:31 155702 c:\windows\Installer\{9113040C-6000-11D3-8CFE-0050048383C9}\bcicon.exe + 2008-07-27 15:31 . 2009-10-12 12:40 155702 c:\windows\Installer\{9113040C-6000-11D3-8CFE-0050048383C9}\bcicon.exe + 2004-12-09 08:52 . 2004-12-09 08:52 561152 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA76301B7447A0100000020\7.1.0\JP2KLib.dll + 2004-08-11 01:00 . 2007-06-29 09:59 318976 c:\windows\inf\unregmp2.exe
  15. CIOCC
    Le nettoyage a été effectué à la fin du scan. Ok pour faire le nettoyage. A+ Ciocc
  16. CIOCC
    Re, voivi le log de nettoyage Mbam Malwarebytes' Anti-Malware 1.41 Version de la base de données: 2943 Windows 5.1.2600 Service Pack 3 12/10/2009 06:33:10 mbam-log-2009-10-12 (06-33-10).txt Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|K:\|L:\|M:\|N:\|) Eléments examinés: 235361 Temps écoulé: 1 hour(s), 2 minute(s), 45 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 4 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Documents and Settings\All Users\nos documents\Eric\system\HP\Utilitaires\Nero 7.0.8.2 francçais\Keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully. K:\080628Mesdocuments02\nos documents\Eric\system\HP\Utilitaires\Nero 7.0.8.2 francçais\Keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully. K:\nos documents 20091011\Eric\system\HP\Utilitaires\Nero 7.0.8.2 francçais\Keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully. K:\System Volume Information\_restore{CE19DE18-A7E5-4EC6-982C-713622D64F9E}\RP29\A0023364.exe (Trojan.Downloader) -> Quarantined and deleted successfully. voici les rapports Total Virus Numero 1 Fichier bdcore.dll.vir reçu le 2009.10.12 13:01:41 (UTC) Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE Résultat: 0/41 (0%) File size: 32 bytes MD5...: 18075b2c9f0f300bee209744a8bec353 SHA1..: 315568bd76c692467592abcd983c2c310a8e06e8 SHA256: 34b9348ecccb09747637e5bdaa744e48362a9e684b260766e49868f2e50cecab ssdeep: 3:WlWUqt/vll:idq PEiD..: - PEInfo: - RDS...: NSRL Reference Data Set - pdfid.: - trid..: Generic Win/DOS Executable (49.9%) DOS Executable Generic (49.8%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%) sigcheck: publisher....: n/a copyright....: n/a product......: n/a description..: n/a original name: n/a internal name: n/a file version.: n/a comments.....: n/a signers......: - signing date.: - verified.....: Unsigned Numero 2 Fichier libfn.dll.vir reçu le 2009.10.12 13:04:34 (UTC) Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE Résultat: 0/41 (0%) File size: 32 bytes MD5...: 18075b2c9f0f300bee209744a8bec353 SHA1..: 315568bd76c692467592abcd983c2c310a8e06e8 SHA256: 34b9348ecccb09747637e5bdaa744e48362a9e684b260766e49868f2e50cecab ssdeep: 3:WlWUqt/vll:idq PEiD..: - PEInfo: - RDS...: NSRL Reference Data Set - pdfid.: - trid..: Generic Win/DOS Executable (49.9%) DOS Executable Generic (49.8%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%) sigcheck: publisher....: n/a copyright....: n/a product......: n/a description..: n/a original name: n/a internal name: n/a file version.: n/a comments.....: n/a signers......: - signing date.: - verified.....: Unsigned Ciocc
  17. CIOCC
    njour, en fait, en écrivant mon dernier post hier soir, cela m' a mis la puce à l' oreille. J' ai reparamétré McAfee et ai pu faire une mise à jour de mon système qui s 's tavérée plus que nécessaire. J' ai aussi mis à jour Mbam don voici le log du scan de cette nuit. Comme je l' ai dit, j' ai mit à jour presque tout sauf Macromedia Flash Player. Les active X ne veulent pas s' installer et le page internet se plante. Je suspecte un mauvais paramétrage. A part cela, merci de me dire si Mbam à décelé vraiment quelque chose de suspect. Le rapport ne parait pas inquiétant. A+ Ciocc Malwarebytes' Anti-Malware 1.41 Version de la base de données: 2943 Windows 5.1.2600 Service Pack 3 12/10/2009 06:29:20 mbam-log-2009-10-12 (06-29-10).txt Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|K:\|L:\|M:\|N:\|) Eléments examinés: 235361 Temps écoulé: 1 hour(s), 2 minute(s), 45 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 4 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Documents and Settings\All Users\nos documents\Eric\system\HP\Utilitaires\Nero 7.0.8.2 francçais\Keygen.exe (Trojan.Downloader) -> No action taken. K:\080628Mesdocuments02\nos documents\Eric\system\HP\Utilitaires\Nero 7.0.8.2 francçais\Keygen.exe (Trojan.Downloader) -> No action taken. K:\nos documents 20091011\Eric\system\HP\Utilitaires\Nero 7.0.8.2 francçais\Keygen.exe (Trojan.Downloader) -> No action taken. K:\System Volume Information\_restore{CE19DE18-A7E5-4EC6-982C-713622D64F9E}\RP29\A0023364.exe (Trojan.Downloader) -> No action taken.
  18. CIOCC
    Re, suite au dernier scan Combofix, j' ai chercher sur le net à tester la vulnarabilité de mon PC ( qu iest plutot bonne) et le niveau de mise à jour de mes logiciels. Je suis tombé sur le soft PSI de SEcunia. J' ai 6 Logiciel qui devraient être mise à jour. Mais, comme pour Mbam, je suis incapable de les mettre à jour. Soit j' ai un paramettre sur mon PC qui bloque les mises à jour soit, c' est un virus ou bien autres?????????? Ciocc
  19. CIOCC
    Bonjour Pear, voici le Log que j 'ai eu. Le scan a été assez rapide et je n' ai pas eu à taper 1. J' avais oublié de désactiver McAfee et je l' ai fait pendant le scan. Si cela pose problème, me dire si je dois refaire le scan. A+ Ciocc ComboFix 09-10-10.02 - HP_Administrateur 11/10/2009 16:13.1.2 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3070.2334 [GMT 2:00] Lancé depuis: c:\documents and settings\HP_Administrateur\Bureau\45858-CF.exe * Un antivirus résident est actif . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\recycler\S-1-5-21-1207953100-1665831925-712883280-1006 c:\recycler\S-1-5-21-1214440339-2025429265-682003330-500 c:\windows\Downloaded Program Files\bdcore.dll c:\windows\Downloaded Program Files\libfn.dll c:\windows\Installer\10407c.msi c:\windows\Installer\43f1b.msi c:\windows\Installer\519777.msi c:\windows\Installer\55103.msi c:\windows\Installer\fe0c5.msi c:\windows\system32\muzapp.exe D:\Autorun.inf . ((((((((((((((((((((((((((((( Fichiers créés du 2009-09-11 au 2009-10-11 )))))))))))))))))))))))))))))))))))) . 2009-10-09 14:24 . 2009-10-09 14:29 -------- d-----w- C:\Gamer 2009-10-08 20:18 . 2009-10-08 20:18 -------- d--h--w- c:\windows\PIF 2009-10-08 20:14 . 2009-10-08 20:14 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-10-08 17:32 . 2009-10-08 17:32 -------- d-sh--w- c:\documents and settings\HP_Administrateur\PrivacIE 2009-10-08 17:24 . 2009-10-08 17:24 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2009-10-08 17:23 . 2009-10-08 17:23 -------- d-sh--w- c:\documents and settings\HP_Administrateur\IETldCache 2009-10-08 17:17 . 2009-10-08 17:17 -------- d--h--w- c:\windows\msdownld.tmp 2009-10-08 17:16 . 2009-10-08 17:16 -------- dc-h--w- c:\windows\ie8 2009-10-08 14:43 . 2009-10-08 14:44 -------- d-----w- C:\rsit 2009-10-07 18:50 . 2009-10-07 18:50 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\Malwarebytes 2009-10-07 18:50 . 2009-10-07 18:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-10-07 18:47 . 2009-10-07 20:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-10-07 17:35 . 2009-10-07 17:35 -------- d-----w- C:\_OTM 2009-10-06 19:36 . 2009-10-06 20:48 -------- d-----w- c:\windows\BDOSCAN8 2009-10-03 15:12 . 2008-06-19 15:24 28544 ----a-w- c:\windows\system32\drivers\pavboot.sys 2009-10-03 15:11 . 2009-10-03 15:11 -------- d-----w- c:\program files\Panda Security . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-10 06:30 . 2008-06-28 11:45 -------- d-----w- c:\program files\ma-config.com 2009-10-10 06:30 . 2008-06-28 11:45 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com 2009-10-09 14:42 . 2008-06-28 15:50 -------- d-----w- c:\program files\Java 2009-10-09 04:47 . 2008-06-28 16:37 -------- d-----w- c:\program files\Easy Internet signup 2009-10-08 19:43 . 2008-06-28 11:32 -------- d-----w- c:\program files\TuneUp Utilities 2008 2009-10-07 17:38 . 2009-05-20 17:17 -------- d--h--r- c:\program files\rnamfler . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472] "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-08 149280] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736] "VolPanel"="c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" [2005-07-11 122880] "AudioDrvEmulator"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-06-16 49152] "HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152] "Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-15 233472] "BJCFD"="c:\program files\BroadJump\Client Foundation\CFD.exe" [2003-01-27 376912] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-08-12 13570048] "KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440] "ShStatEXE"="c:\program files\Network Associates\VirusScan\SHSTAT.EXE" [2004-09-22 94208] "McAfeeUpdaterUI"="c:\program files\Network Associates\Common Framework\UpdaterUI.exe" [2004-08-06 139320] "Network Associates Error Reporting Service"="c:\program files\Fichiers communs\Network Associates\TalkBack\TBMon.exe" [2003-10-07 147514] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-08-12 86016] "SMSTray"="c:\program files\Samsung\EmoDio\SMSTray.exe" [2009-04-16 479232] "AlwaysReady Power Message APP"="ARPWRMSG.EXE" - c:\windows\arpwrmsg.exe [2005-08-03 77312] "CTHelper"="CTHELPER.EXE" - c:\windows\CTHELPER.EXE [2005-08-09 16384] c:\documents and settings\HP_Administrateur\Menu D‚marrer\Programmes\D‚marrage\ Notification de cadeaux MSN.lnk - c:\documents and settings\HP_Administrateur\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2009-10-8 135680] c:\documents and settings\HP_Administrateur\Menu D‚marrer\Programmes\D‚marrage\ Notification de cadeaux MSN.lnk - c:\documents and settings\HP_Administrateur\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2009-10-8 135680] c:\documents and settings\HP_Administrateur\Menu D‚marrer\Programmes\D‚marrage\ Notification de cadeaux MSN.lnk - c:\documents and settings\HP_Administrateur\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2009-10-8 135680] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624] c:\documents and settings\HP_Administrateur\Menu D‚marrer\Programmes\D‚marrage\ Notification de cadeaux MSN.lnk - c:\documents and settings\HP_Administrateur\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2009-10-8 135680] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LE COMPAGNON CLUB.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\LE COMPAGNON CLUB.lnk backup=c:\windows\pss\LE COMPAGNON CLUB.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\program files\SFR\Media Center\httpd\httpd.exe"= c:\program files\SFR\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.0/255.255.255.0:Enabled:Serveur de partage Media Center (Player SFR) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [03/10/2009 17:12 28544] R1 NaiAvTdi1;NaiAvTdi1;c:\windows\system32\drivers\mvstdi5x.sys [27/07/2008 17:57 58464] R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [28/06/2008 18:06 2777472] R3 WN5401;Liteon Wireless LAN PCI 802.11 a/b/g adapter WN5401A;c:\windows\system32\drivers\wn5401.sys [28/06/2008 18:06 449920] S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [23/09/2009 14:50 238960] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contenu du dossier 'Tâches planifiées' 2009-10-09 c:\windows\Tasks\Connexion facile à Internet.job - c:\program files\Easy Internet signup\HPSdpApp.exe [2005-05-24 14:46] 2009-10-11 c:\windows\Tasks\Maintenance en 1 clic.job - c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-03-03 07:23] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://yahoo.fr/ uInternet Connection Wizard,ShellNext = iexplore IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000 IE: Pages liées - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html IE: Pages similaires - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html IE: Version de la page actuelle disponible dans le cache Google - c:\program files\Google\GoogleToolbar1.dll/cmcache.html DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab DPF: {4EFE4BE8-8771-4649-B3EF-D97374C8D2C2} - hxxps://particuliers.secure.lcl.fr/v_1.0/img/akl/FormProtect.cab DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.zebulon.fr/scan8/oscan8.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-10-11 16:17 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run CTHelper = CTHELPER.EXE? Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'lsass.exe'(804) c:\windows\system32\EntApi.dll . Heure de fin: 2009-10-11 16:19 ComboFix-quarantined-files.txt 2009-10-11 14:19 Avant-CF: 129 778 249 728 octets libres Après-CF: 129 791 242 240 octets libres 166 --- E O F --- 2009-07-24 15:18
  20. CIOCC
    Re, j' ai ré-installé Mbam mais, le problème persiste. J 'ai ensuite installé GMER et fait un Scan. Aucune ligne rouge n 'est apparue. Voici malgré tout le rapport Ciocc GMER 1.0.15.15125 - http://www.gmer.net Rootkit scan 2009-10-09 16:34:24 Windows 5.1.2600 Service Pack 3 Running: gmer.exe; Driver: C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\kwldqpob.sys ---- System - GMER 1.0.15 ---- SSDT 88746109 ZwCreateThread INT 0x63 \SystemRoot\system32\DRIVERS\3xHybrid.sys (3xHybrid/ASUSTek) B9CDE6C8 SYSENTER \WINDOWS\system32\ntkrnlpa.exe 80541520 ---- Modules - GMER 1.0.15 ---- Module viaide.sys (Generic PCI IDE Bus Driver/Microsoft Corporation) BADAC000-BADAE000 (8192 bytes) Module pavboot.sys (Panda Boot Driver/Panda Security, S.L.) BAB38000-BAB3E000 (24576 bytes) Module PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) BAB40000-BAB45000 (20480 bytes) Module \SystemRoot\system32\DRIVERS\nv4_mini.sys (NVIDIA Compatible Windows 2000 Miniport Driver, Version 177.89 /NVIDIA Corporation) B9FBD000-BA592000 (6115328 bytes) Module \SystemRoot\system32\DRIVERS\3xHybrid.sys (3xHybrid/ASUSTek) B9CDE000-B9F85000 (2781184 bytes) Module \SystemRoot\system32\drivers\ctaud2k.sys (Creative WDM Audio Device Driver/Creative Technology Ltd) B9C4F000-B9CBB000 (442368 bytes) Module \SystemRoot\system32\drivers\ctoss2k.sys (Creative OS Services Driver (WDM)/Creative Technology Ltd.) B9BF9000-B9C2B000 (204800 bytes) Module \SystemRoot\system32\drivers\ctprxy2k.sys (Creative Proxy Device Driver (WDM)/Creative Technology Ltd) BAC38000-BAC40000 (32768 bytes) Module \SystemRoot\system32\DRIVERS\wn5401.sys (Driver for Liteon Wireless LAN PCI 802.11 a/b/g adapter WN5401A/Liteon Technology Corp.) B9B8B000-B9BF9000 (450560 bytes) Module \SystemRoot\SYSTEM32\DRIVERS\GEARAspiWDM.sys (CDRom Class Filter Driver/GEAR Software Inc.) BAC40000-BAC47000 (28672 bytes) Module \SystemRoot\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) BAC50000-BAC55000 (20480 bytes) Module \SystemRoot\system32\drivers\ha20x2k.sys (Creative 20X HAL (WDM)/Creative Technology Ltd) B3547000-B3657000 (1114112 bytes) Module \SystemRoot\system32\drivers\emupia2k.sys (E-mu Plug-in Architecture Driver (WDM)/Creative Technology Ltd) B351A000-B3547000 (184320 bytes) Module \SystemRoot\system32\drivers\ctsfm2k.sys (SoundFont® Manager (WDM)/Creative Technology Ltd) B34F3000-B351A000 (159744 bytes) Module \SystemRoot\system32\drivers\ctac32k.sys (Creative AC3 SW Decoder Device Driver (WDM)/Creative Technology Ltd) B3457000-B34F3000 (638976 bytes) Module \SystemRoot\system32\drivers\mvstdi5x.sys (Anti-Virus Mini-Firewall Driver/Network Associates, Inc.) BAA18000-BAA27000 (61440 bytes) Module \SystemRoot\System32\nv4_disp.dll (NVIDIA Compatible Windows 2000 Display driver, Version 177.89 /NVIDIA Corporation) BF9D5000-BFF9B000 (6053888 bytes) Module \SystemRoot\system32\drivers\naiavf5x.sys (Anti-Virus File System Filter Driver/Network Associates, Inc.) B2265000-B2280000 (110592 bytes) Module \??\C:\WINDOWS\system32\drivers\EntDrv51.sys (EntDrv/Network Associates, Inc) B22B4000-B22B7000 (12288 bytes) Module \??\C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\kwldqpob.sys (GMER) B10D2000-B10E8000 (90112 bytes) ---- Processes - GMER 1.0.15 ---- Process C:\WINDOWS\arservice.exe (ARSVC Application/Microsoft) 124 Library C:\WINDOWS\arservice.exe (ARSVC Application/Microsoft) 0x01000000 Process C:\WINDOWS\system32\CTsvcCDA.EXE (Creative Service for CDROM Access/Creative Technology Ltd) 156 Library C:\WINDOWS\system32\CTsvcCDA.EXE (Creative Service for CDROM Access/Creative Technology Ltd) 0x00400000 Process C:\WINDOWS\eHome\ehRecvr.exe (Service de réception Media Center/Microsoft Corporation) 188 Library C:\WINDOWS\system32\sbe.dll 0x4EE30000 Library C:\WINDOWS\system32\msdmo.dll 0x73600000 Library C:\WINDOWS\system32\MSNP.ax 0x00DE0000 Library C:\WINDOWS\system32\mpg2splt.ax 0x1FF00000 Library C:\WINDOWS\system32\PsisRndr.ax 0x46830000 Library C:\Program Files\MainConcept\mcemcesmpeg.ax (MPEG Encoder and Muxer/MainConcept AG) 0x01440000 Library C:\Program Files\MainConcept\mcempgaout.dll (MPEG Audio Encoder/MainConcept AG) 0x24000000 Library C:\Program Files\MainConcept\mcempgvout.dll (MPEG Video Wrapper/MainConcept AG) 0x011A0000 Library C:\Program Files\MainConcept\mcempgmux.dll (MPEG Multiplexer/MainConcept AG) 0x01460000 Library C:\Program Files\MainConcept\mcempgvout.004 (MPEG Video Encoder/MainConcept AG) 0x014B0000 Library C:\WINDOWS\system32\WSTPager.ax 0x4D6A0000 Library C:\WINDOWS\system32\VBICodec.ax 0x47D80000 Library C:\WINDOWS\system32\encdec.dll 0x47F50000 Library C:\WINDOWS\system32\TvRatings.dll (TvRatings Module/Philips Semiconductors GmbH) 0x01880000 Library C:\WINDOWS\system32\PsisDecd.dll 0x5E0F0000 Library C:\WINDOWS\system32\Mpeg2Data.ax 0x4C3D0000 Process C:\Program Files\Java\jre6\bin\jqs.exe (Java Quick Starter Service/Sun Microsystems, Inc.) 276 Library C:\Program Files\Java\jre6\bin\jqs.exe (Java Quick Starter Service/Sun Microsystems, Inc.) 0x00400000 Library C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CorperfmonExt.dll (Microsoft Common Language Runtime - WorkStation/Microsoft Corporation) 0x79760000 Process C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe (Hewlett-Packard Company) 400 Library C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe (Hewlett-Packard Company) 0x00400000 Process C:\Program Files\Network Associates\Common Framework\FrameworkService.exe (Framework Service/Network Associates, Inc.) 416 Library C:\Program Files\Network Associates\Common Framework\FrameworkService.exe (Framework Service/Network Associates, Inc.) 0x00400000 Library C:\Program Files\Network Associates\Common Framework\nailog.dll (Debug Logging/Network Associates, Inc.) 0x60280000 Library C:\Program Files\Network Associates\Common Framework\naXML.dll (McAfee Framework XML Parser/Network Associates, Inc.) 0x60210000 Library C:\Program Files\Network Associates\Common Framework\naCmnLib.dll (Common Library/Network Associates, Inc.) 0x60180000 Library C:\Program Files\Network Associates\Common Framework\applib.dll (CMA Application Library/Network Associates, Inc.) 0x00330000 Library C:\Program Files\Network Associates\Common Framework\040C\AgentRes.dll (Agent Subsystem Resources/Network Associates, Inc.) 0x605E0000 Library C:\Program Files\Network Associates\Common Framework\Logging.dll (Logging Subsystem/Network Associates, Inc.) 0x603C0000 Library C:\Program Files\Network Associates\Common Framework\InternetManager.dll (Intennet Manager Subsystem/Network Associates, Inc.) 0x60350000 Library C:\Program Files\Network Associates\Common Framework\naInet.dll (Internet Protocol Library/Network Associates, Inc.) 0x601E0000 Library C:\Program Files\Network Associates\Common Framework\UserSpace.dll (User Space Controller Subsystem/Network Associates, Inc.) 0x60600000 Library C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll (Secure Framework Factory/Network Associates, Inc.) 0x60530000 Library C:\Program Files\Network Associates\Common Framework\Management.dll (Management Subsystem/Network Associates, Inc.) 0x603D0000 Library C:\Program Files\Network Associates\Common Framework\cmalib.dll (CMA Library/Network Associates, Inc.) 0x602A0000 Library C:\Program Files\Network Associates\Common Framework\naPolicyManager.dll (Policy Manager/Network Associates, Inc.) 0x60410000 Library C:\Program Files\Network Associates\Common Framework\ScriptSubSys.dll (McAfee Script Subsystem/Network Associates, Inc.) 0x60510000 Library C:\Program Files\Network Associates\Common Framework\UpdateSubSys.dll (McAfee Update Subsystem/Network Associates, Inc.) 0x60560000 Library C:\Program Files\Network Associates\Common Framework\Scheduler.dll (Scheduler Subsystem/Network Associates, Inc.) 0x604B0000 Library C:\Program Files\Network Associates\Common Framework\TCSubSys.dll (TC Subsystem/Network Associates, Inc.) 0x60540000 Library C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) 0x37000000 Library C:\Program Files\Network Associates\Common Framework\GenEvtInf.dll (GenEvtInf Module/Network Associates, Inc.) 0x60320000 Process C:\Program Files\Messenger\msmsgs.exe (Windows Messenger/Microsoft Corporation) 472 Library C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) 0x37000000 Process C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe (Task Manager : scheduling and OAS alerting service/Network Associates, Inc.) 564 Library C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe (Task Manager : scheduling and OAS alerting service/Network Associates, Inc.) 0x00400000 Library C:\Program Files\Network Associates\VirusScan\SHUTIL.dll (VirusScan Shared Utility Library/Network Associates, Inc.) 0x18200000 Library C:\Program Files\Network Associates\VirusScan\naiwmain.dll (Shared Library/Network Associates, Inc.) 0x18440000 Library C:\Program Files\Network Associates\VirusScan\naicondl.dll (VirusScan Console Data Layer/Network Associates, Inc.) 0x186C0000 Library C:\Program Files\Network Associates\VirusScan\RES0c\VsTskMgr.dll (English(09) resources for VsTskMgr/Network Associates, Inc.) 0x19340000 Library C:\Program Files\Network Associates\VirusScan\MIDUtil.Dll (MID Config Applicator/McAfee, Inc.) 0x10000000 Library C:\Program Files\Network Associates\VirusScan\BBCpl.dll (Access Protection Console Plugin/Network Associates, Inc.) 0x180F0000 Library C:\Program Files\Network Associates\VirusScan\coptcpl.dll (Virus Scan Console Options/Network Associates, Inc.) 0x187F0000 Library C:\Program Files\Network Associates\VirusScan\EmCfgCpl.dll (VirusScan e-mail Scan/Network Associates, Inc.) 0x18620000 Library C:\Program Files\Network Associates\VirusScan\RES0c\SEmalRes.dll (Resources for VirusScan Mapi Mail Scanner/Network Associates, Inc.) 0x19200000 Library C:\Program Files\Network Associates\VirusScan\RES0c\Product.dll (English(09) common resources/Network Associates, Inc.) 0x19250000 Library C:\Program Files\Network Associates\VirusScan\nvpcpl.dll (VirusScan Unwanted Programs Policy Console Plugin/Network Associates, Inc.) 0x18190000 Library C:\Program Files\Network Associates\VirusScan\ftcfg.dll (Filter Configuration Resource Library/Network Associates, Inc.) 0x18300000 Library C:\Program Files\Network Associates\VirusScan\mytilus.dll (Common Shell - Scanners' interface to the engine/Network Associates, Inc.) 0x12400000 Library C:\Program Files\Network Associates\VirusScan\Res0C\McShield.dll (English (09) resources for McShield/Network Associates, Inc.) 0x12580000 Library C:\Program Files\Network Associates\VirusScan\OASCpl.dll (VirusScan On-Access Scanner Console Plugin/Network Associates, Inc.) 0x18090000 Library C:\Program Files\Network Associates\VirusScan\vsodscpl.dll (VirusScan On-Demand Console Plugin/Network Associates, Inc.) 0x18480000 Library C:\Program Files\Network Associates\VirusScan\ftl.dll (File Filter Library/Network Associates, Inc.) 0x22500000 Library C:\Program Files\Network Associates\VirusScan\vsupdcpl.dll (VirusScan Update Console Plugin/Network Associates, Inc.) 0x18980000 Process C:\Program Files\Network Associates\VirusScan\Mcshield.exe (On-Access Scanner service/Network Associates, Inc.) 604 Library C:\Program Files\Network Associates\VirusScan\Mcshield.exe (On-Access Scanner service/Network Associates, Inc.) 0x00400000 Library C:\Program Files\Network Associates\VirusScan\Res0C\McShield.DLL (English (09) resources for McShield/Network Associates, Inc.) 0x12580000 Library C:\Program Files\Network Associates\VirusScan\FTL.Dll (File Filter Library/Network Associates, Inc.) 0x22500000 Library C:\Program Files\Network Associates\VirusScan\naiann.dll (McShield Announcer (VirusScan Enterprise : messages and TaskManager interfaces)./Network Associates, Inc.) 0x124D0000 Library C:\Program Files\Network Associates\VirusScan\mytilus.dll (Common Shell - Scanners' interface to the engine/Network Associates, Inc.) 0x12400000 Library C:\Program Files\Network Associates\Common Framework\GenEvtInf.dll (GenEvtInf Module/Network Associates, Inc.) 0x60320000 Library C:\Program Files\Network Associates\VirusScan\NaEventU.DLL (Client Event Interface DLL/Network Associates, Inc.) 0x24700000 Library C:\Program Files\Network Associates\VirusScan\Res0C\naEvtRes.dll (Client Event Interface Resources/Network Associates, Inc.) 0x24800000 Library C:\Program Files\Network Associates\VirusScan\VSIDSvr.dll (Virus Source Information Database./Network Associates, Inc.) 0x12550000 Library C:\Program Files\Fichiers communs\Network Associates\Engine\MCSCAN32.DLL (AV Scanning Engine/McAfee, Inc.) 0x12000000 Library C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll (Secure Framework Factory/Network Associates, Inc.) 0x60530000 Library C:\Program Files\Network Associates\VirusScan\EntSrv.Dll (EntSrv/Network Associates, Inc) 0x39000000 Process C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe (NAI Product Manager/Network Associates, Inc.) 692 Library C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe (NAI Product Manager/Network Associates, Inc.) 0x00400000 Library C:\PROGRA~1\NETWOR~1\COMMON~1\nailog.dll (Debug Logging/Network Associates, Inc.) 0x60280000 Library C:\PROGRA~1\NETWOR~1\COMMON~1\naCmnLib.dll (Common Library/Network Associates, Inc.) 0x60180000 Library C:\PROGRA~1\NETWOR~1\COMMON~1\naXML.dll (McAfee Framework XML Parser/Network Associates, Inc.) 0x60210000 Library C:\PROGRA~1\NETWOR~1\COMMON~1\040C\AgentRes.dll (Agent Subsystem Resources/Network Associates, Inc.) 0x605E0000 Library C:\Program Files\Network Associates\VirusScan\VsPlugin.dll (VirusScan Updater Notification Plugin/Network Associates, Inc.) 0x188C0000 Library C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) 0x37000000 Process C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Driver Helper Service, Version 177.89/NVIDIA Corporation) 764 Library C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Driver Helper Service, Version 177.89/NVIDIA Corporation) 0x00400000 Library C:\WINDOWS\system32\nvapi.dll (NVIDIA NVAPI Library, Version 177.89 /NVIDIA Corporation) 0x00960000 Process C:\WINDOWS\system32\services.exe (Applications Services et Contrôleur/Microsoft Corporation) 788 Library C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) 0x37000000 Process C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) 800 Library C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) 0x37000000 Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 972 Library C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) 0x37000000 Process C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE (PML Driver/HP) 1004 Library C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE (PML Driver/HP) 0x00400000 Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1020 Library C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) 0x37000000 Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1108 Library C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) 0x37000000 Process C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1164 Library c:\windows\system32\uxtuneup.dll (TuneUp Theme Extension/TuneUp Software GmbH) 0x55580000 Library C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) 0x37000000 Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1208 Library C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) 0x37000000 Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1260 Library C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) 0x37000000 Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1420 Library C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) 0x37000000 Process C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) 1652 Library C:\WINDOWS\system32\HpTcpMon.dll (Standard TCP/IP Port Monitor DLL/Hewlett Packard) 0x10000000 Library C:\WINDOWS\system32\hpzjrd01.dll (HP Rediscovery Library/Hewlett Packard) 0x00980000 Library C:\WINDOWS\system32\HPTcpMUI.dll (Standard TCP/IP Port Monitor UI DLL/Microsoft Corporation) 0x00AC0000 Library C:\WINDOWS\system32\hptcpmib.dll (Standard TCP/IP Port Monitor DLL/Hewlett Packard) 0x00D60000 Process C:\WINDOWS\Explorer.EXE (Explorateur Windows/Microsoft Corporation) 1880 Library C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) 0x37000000 Library C:\Program Files\Network Associates\VirusScan\shext.dll (VirusScan Shell Extension/Network Associates, Inc.) 0x183B0000 Library C:\Program Files\Network Associates\VirusScan\RES0c\ShExtRes.dll (English(09) Shell Extension Resources/Network Associates, Inc.) 0x192F0000 Library C:\PROGRA~1\TUNEUP~1\SDShelEx-win32.dll (TuneUp Shredder Shell Extension/TuneUp Software GmbH) 0x10000000 Library C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Acrobat IE Helper Version 7.0 for ActiveX/Adobe Systems Incorporated) 0x00D20000 Library C:\WINDOWS\system32\nvcpl.dll (NVIDIA Display Properties Extension/NVIDIA Corporation) 0x03A00000 Library C:\WINDOWS\system32\NVRSFR.DLL (NVIDIA French language resource library/NVIDIA Corporation) 0x038B0000 Library C:\WINDOWS\system32\nvshell.dll 0x04720000 Library C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll (PDF Shell Extension/Adobe Systems, Inc.) 0x03510000 Process C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) 2288 Library C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) 0x37000000 Process C:\Program Files\Microsoft Office\Office10\WINWORD.EXE (Microsoft Word/Microsoft Corporation) 2436 Library C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) 0x37000000 Library C:\Program Files\Fichiers communs\Microsoft Shared\Office10\usp10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x3D380000 Library C:\Program Files\Fichiers communs\Microsoft Shared\Proof\MSSP3FR.DLL (Mssp3fr.dll/SYNAPSE Développement, Toulouse (France)) 0x10000000 Library C:\Program Files\Microsoft Office\Office10\intldate.dll 0x3D200000 Process C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (HP Digital Imaging Monitor/Hewlett-Packard Co.) 2588 Library C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (HP Digital Imaging Monitor/Hewlett-Packard Co.) 0x00400000 Library c:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll (HP CUE Context Manager Objects/Hewlett-Packard Co.) 0x14A00000 Library c:\Program Files\HP\Digital Imaging\bin\hpquio08.dll (HP U/I COM Objects/Hewlett-Packard Co.) 0x14000000 Library C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc (CUE TrayApp Combined resource DLL/Hewlett-Packard Co.) 0x15000000 Library c:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll (HP Digital Imaging Monitor Objects (CUE)/Hewlett-Packard Co.) 0x15800000 Library c:\Program Files\HP\Digital Imaging\Unload\hpiCamTA.dll (Camera TrayAppPlugin Module/Hewlett-Packard) 0x10000000 Library c:\Program Files\HP\Digital Imaging\Unload\HpqUnRes.dll 0x00EE0000 Library c:\Program Files\HP\Digital Imaging\bin\hpqmif08.dll (HP Mars Interface Tray App PlugIn/Hewlett-Packard Co.) 0x00F10000 Library c:\Program Files\HP\Digital Imaging\bin\hpotradd.dll (HP Digital Imaging Monitor PlugIn (AiO)/Hewlett-Packard Co.) 0x00F50000 Library c:\Program Files\HP\Digital Imaging\bin\hphtra08.dll (HPHtra08/Hewlett-Packard) 0x00F60000 Library c:\Program Files\HP\Digital Imaging\bin\hpotra08.dll (HP All-in-One TrayAppPlugin/Hewlett-Packard Co.) 0x16600000 Library c:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc (AiO TrayAppPlugIn Combined resource DLL/Hewlett-Packard Co.) 0x16750000 Library c:\Program Files\HP\Digital Imaging\bin\HpqUtil.dll 0x011E0000 Library c:\Program Files\HP\Digital Imaging\bin\hpodvd09.dll (HP All-in-One DeviceDiscovery/Hewlett-Packard Co.) 0x3AB00000 Library C:\Program Files\HP\Digital Imaging\bin\hpoddcomm09.dll (HP All-in-One DeviceDiscovery Common Library/Hewlett-Packard Co.) 0x3AF00000 Process C:\Gamer\gmer.exe 3624 Library C:\Gamer\gmer.exe 0x00400000 Process C:\Program Files\Java\jre6\bin\jusched.exe (Java Platform SE binary/Sun Microsystems, Inc.) 3644 Library C:\Program Files\Java\jre6\bin\jusched.exe (Java Platform SE binary/Sun Microsystems, Inc.) 0x00400000 Process C:\windows\system\hpsysdrv.exe (hpsysdrv/Hewlett-Packard Company) 3652 Library C:\windows\system\hpsysdrv.exe (hpsysdrv/Hewlett-Packard Company) 0x00400000 Process C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe (VolPanel.exe/Creative Technology Ltd) 3672 Library C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe (VolPanel.exe/Creative Technology Ltd) 0x00400000 Library C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\CTAudSel.dll (CTAudSel library/Creative Technology Ltd) 0x10000000 Library C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.crl (VolPanel.crl/Creative Technology Ltd) 0x61000000 Library C:\Program Files\Creative\ShareDLL\CADI\ctcadi.dll (nil./Creative Technology Ltd) 0x00BF0000 Library C:\WINDOWS\SYSTEM32\CTXFISPI.DLL (SPI Proxy/Stub/Creative Technology Ltd) 0x02000000 Library C:\Program Files\Creative\ShareDLL\CADI\dbacs.dll (Creative /Creative Technology Ltd) 0x00D10000 Library C:\Program Files\Creative\Shared Files\mxlib.dll (Creative Mixer Library/Creative Technology Ltd.) 0x00C20000 Library C:\WINDOWS\SYSTEM32\CTDCIFCE.DLL (Creative Audio Device Control Interface/Creative Technology Ltd) 0x00C50000 Library C:\WINDOWS\SYSTEM32\CTDC0000.DLL (Creative Audio Device Control Module/Creative Technology Ltd) 0x016B0000 Library C:\WINDOWS\SYSTEM32\ctosuser.dll (Creative OS Services Module/Creative Technology Ltd) 0x01120000 Library C:\Program Files\Creative\Shared Files\CTTheme.dll (Creative Theme Engine DLL/Creative Technology Ltd) 0x00CC0000 Library C:\Program Files\Creative\Shared Files\CtrlSrc.dll (Creative Theme Engine RTX Base Control DLL/Creative Technology Ltd) 0x00CF0000 Library C:\Program Files\Creative\Shared Files\CTIniF.dll (CTIniF/Creative Technology Ltd) 0x00D00000 Library C:\Program Files\Creative\Shared Files\GDICtrl.skc (Creative Theme Engine GDI Controls plug-in/Creative Technology Ltd) 0x01740000 Library C:\Program Files\Creative\Shared Files\GDICtrl2.skc (Creative Theme Engine GDI2 Controls plug-in/Creative Technology Ltd) 0x017A0000 Library C:\Program Files\Creative\Shared Files\GDICtrl3.skc (Creative Theme Engine GDI3 Controls plug-in/Creative Technology Ltd) 0x017E0000 Library C:\Program Files\Creative\Shared Files\RtxCtrl.skc (Creative Theme Engine RTX Controls Plug-In/Creative Technology Ltd) 0x01800000 Process C:\WINDOWS\eHome\ehmsas.exe (Media Center Media Status Aggregator Service/Microsoft Corporation) 3692 Library C:\WINDOWS\armcex.dll 0x003F0000 Library c:\hp\hptunes\HPITMSAS.dll (HPITMSAS Dynamic Link Library/Hewlett-Packard Development Company, L.P.) 0x62010000 Library c:\windows\system32\fpalsu.dll (Front Panel Assembly Led Status Update Module/Hewlett-Packard Company) 0x10000000 Process C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (DLL Module Loader/Creative Technology Ltd.) 3696 Library C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (DLL Module Loader/Creative Technology Ltd.) 0x00400000 Library C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll (Audio Driver Emulator DLL/Creative Technology Ltd.) 0x10000000 Library C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\CTAudSel.dll (CTAudSel library/Creative Technology Ltd) 0x00980000 Library C:\Program Files\Creative\ShareDLL\CADI\ctcadi.dll (nil./Creative Technology Ltd) 0x00C20000 Library C:\WINDOWS\SYSTEM32\CTXFISPI.DLL (SPI Proxy/Stub/Creative Technology Ltd) 0x02000000 Library C:\Program Files\Creative\ShareDLL\CADI\dbacs.dll (Creative /Creative Technology Ltd) 0x00D40000 Library C:\Program Files\Creative\Shared Files\Module Loader\OSD\PanelSvc.dll (PanelSvc DLL/Creative Technology Ltd.) 0x00C50000 Process C:\WINDOWS\CTHELPER.EXE (CtHelper Application/Creative Technology Ltd) 3712 Library C:\WINDOWS\CTHELPER.EXE (CtHelper Application/Creative Technology Ltd) 0x01000000 Process C:\Program Files\BroadJump\Client Foundation\CFD.exe 3748 Library C:\Program Files\BroadJump\Client Foundation\CFD.exe 0x00400000 Library C:\WINDOWS\system32\stlport_4_0_0_DDR.dll 0x689E0000 Library C:\Program Files\BroadJump\Client Foundation\BJComRT.dll 0x68E00000 Library C:\Program Files\BroadJump\Client Foundation\BasicLoaderService.dll 0x68EE0000 Library C:\Program Files\BroadJump\Client Foundation\AppProperties.dll 0x68FA0000 Library C:\Program Files\BroadJump\Client Foundation\Marshaller.dll 0x68E80000 Library C:\Program Files\BroadJump\Client Foundation\TimerManager.dll 0x68860000 Library C:\Program Files\BroadJump\Client Foundation\BJComSRCManager.dll 0x68DB0000 Process C:\HP\KBD\KBD.EXE (KBD EXE/Hewlett-Packard Company) 3764 Library C:\HP\KBD\KBD.EXE (KBD EXE/Hewlett-Packard Company) 0x63000000 Library C:\HP\KBD\led.dll (LED DLL/Hewlett-Packard Company) 0x63080000 Library C:\HP\KBD\USB.dll (USB DLL/Hewlett-Packard Company) 0x63190000 Library C:\HP\KBD\ps2.dll (PS2 DLL/Hewlett-Packard Company) 0x63130000 Library C:\HP\KBD\msg.dll (MSG DLL/Hewlett-Packard Company) 0x630A0000 Library C:\HP\KBD\osd.dll (OSD DLL/Hewlett-Packard Company) 0x63110000 Library C:\HP\KBD\sct.dll (ONL DLL/Hewlett-Packard Company) 0x63150000 Library C:\HP\KBD\onl.dll (ONL DLL/Hewlett-Packard Company) 0x630E0000 Library C:\HP\KBD\aol.dll (AOL DLL/Hewlett-Packard Company) 0x63020000 Library C:\HP\KBD\url.dll (URL DLL/Hewlett-Packard Company) 0x63170000 Library C:\HP\KBD\cfg.dll (CFG DLL/Hewlett-Packard Company) 0x63040000 Library C:\HP\KBD\MSIKBDIF.DLL (MSIKBDIF DLL/Hewlett-Packard Company) 0x630C0000 Process C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE (On-access scanner statistics/Network Associates, Inc.) 3772 Library C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE (On-access scanner statistics/Network Associates, Inc.) 0x00400000 Library C:\Program Files\Network Associates\VirusScan\SHUTIL.dll (VirusScan Shared Utility Library/Network Associates, Inc.) 0x18200000 Library C:\Program Files\Network Associates\VirusScan\naiwmain.dll (Shared Library/Network Associates, Inc.) 0x18440000 Library C:\Program Files\Network Associates\VirusScan\RES0c\shstat.dll (English(09) resources for ShStat/Network Associates, Inc.) 0x19300000 Library C:\Program Files\Network Associates\VirusScan\RES0c\Product.dll (English(09) common resources/Network Associates, Inc.) 0x19250000 Library C:\Program Files\Network Associates\VirusScan\RES0c\McShield.dll (English (09) resources for McShield/Network Associates, Inc.) 0x12580000 Library C:\Program Files\Network Associates\VirusScan\RES0c\Shutilrc.dll (English(09) resources for ShUtil/Network Associates, Inc.) 0x19320000 Library C:\Program Files\Network Associates\VirusScan\Graphics.dll (VirusScan Graphics/Network Associates, Inc.) 0x19000000 Process C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe (Common User Interface/Network Associates, Inc.) 3796 Library C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe (Common User Interface/Network Associates, Inc.) 0x00400000 Library C:\Program Files\Network Associates\Common Framework\nailog.dll (Debug Logging/Network Associates, Inc.) 0x60280000 Library C:\Program Files\Network Associates\Common Framework\naCmnLib.dll (Common Library/Network Associates, Inc.) 0x60180000 Library C:\Program Files\Network Associates\Common Framework\naXML.dll (McAfee Framework XML Parser/Network Associates, Inc.) 0x60210000 Library C:\Program Files\Network Associates\Common Framework\040C\UpdRes.dll (Common UI Resources/Network Associates, Inc.) 0x605C0000 Library C:\Program Files\Network Associates\Common Framework\040C\AgentRes.dll (Agent Subsystem Resources/Network Associates, Inc.) 0x605E0000 Library C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll (Secure Framework Factory/Network Associates, Inc.) 0x60530000 Process C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe (TalkBack Monitor/Network Associates, Inc.) 3856 Library C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe (TalkBack Monitor/Network Associates, Inc.) 0x00400000 Process C:\WINDOWS\system32\RUNDLL32.EXE (Exécuter une DLL en tant qu'application/Microsoft Corporation) 3892 Library C:\WINDOWS\system32\NvMcTray.dll (NVIDIA Media Center Library/NVIDIA Corporation) 0x10000000 Library C:\WINDOWS\system32\nvapi.dll (NVIDIA NVAPI Library, Version 177.89 /NVIDIA Corporation) 0x00A60000 Library C:\WINDOWS\system32\NVRSFR.DLL (NVIDIA French language resource library/NVIDIA Corporation) 0x00B00000 Process C:\WINDOWS\SYSTEM32\CTXFISPI.EXE (SPI (Creative X-Fi Module)/Creative Technology Ltd) 3924 Library C:\WINDOWS\SYSTEM32\CTXFISPI.EXE (SPI (Creative X-Fi Module)/Creative Technology Ltd) 0x01000000 Library C:\WINDOWS\SYSTEM32\ctosuser.dll (Creative OS Services Module/Creative Technology Ltd) 0x02000000 Library C:\WINDOWS\SYSTEM32\CTXFISPI.DLL (SPI Proxy/Stub/Creative Technology Ltd) 0x00EB0000 Library C:\WINDOWS\SYSTEM32\CTDPROXY.DLL (Creative Audio Driver Proxy/Creative Technology Ltd) 0x00EC0000 Library C:\WINDOWS\SYSTEM32\PIAPROXY.DLL (E-mu Plug-in Architecture Device Driver Proxy/Creative Technology Ltd) 0x00F00000 Process C:\Program Files\Samsung\EmoDio\SMSTray.exe (SMSTray.exe/SAMSUNG ELECTRONICS) 4016 Library C:\Program Files\Samsung\EmoDio\SMSTray.exe (SMSTray.exe/SAMSUNG ELECTRONICS) 0x00400000 Library C:\Program Files\Samsung\EmoDio\ResourceDll.dll (TODO: <File description>/TODO: <Company name>) 0x10000000 Library C:\Program Files\Samsung\EmoDio\SMSUSBInfo.dll (Produced by James/SAMSUNG ELECTRONICS) 0x00A70000 Library C:\WINDOWS\system32\MSWMDM.dll (Windows Media Device Manager Core/Microsoft Corporation) 0x0E510000 ---- Services - GMER 1.0.15 ---- Service C:\WINDOWS\system32\DRIVERS\3xHybrid.sys (3xHybrid/ASUSTek) [MANUAL] 3xHybrid Service C:\WINDOWS\arservice.exe (ARSVC Application/Microsoft) [AUTO] ARSVC Service C:\WINDOWS\system32\CTsvcCDA.EXE (Creative Service for CDROM Access/Creative Technology Ltd) [AUTO] Creative Service for CDROM Access Service C:\WINDOWS\system32\CT20XUT.DLL (Creative 20X Utility Effects/Creative Technology Ltd.) [MANUAL] CT20XUT.DLL Service C:\WINDOWS\system32\drivers\ctac32k.sys (Creative AC3 SW Decoder Device Driver (WDM)/Creative Technology Ltd) [MANUAL] ctac32k Service C:\WINDOWS\system32\drivers\ctaud2k.sys (Creative WDM Audio Device Driver/Creative Technology Ltd) [MANUAL] ctaud2k Service C:\WINDOWS\system32\drivers\ctdvda2k.sys (Creative DVD-Audio Device Driver (WDM)/Creative Technology Ltd) [MANUAL] ctdvda2k Service C:\WINDOWS\system32\CTEXFIFX.DLL (Creative XFi Effects/Creative Technology Ltd.) [MANUAL] CTEXFIFX.DLL Service C:\WINDOWS\system32\CTHWIUT.DLL (Creative Utility Effects/Creative Technology Ltd.) [MANUAL] CTHWIUT.DLL Service C:\WINDOWS\system32\drivers\ctprxy2k.sys (Creative Proxy Device Driver (WDM)/Creative Technology Ltd) [MANUAL] ctprxy2k Service C:\WINDOWS\system32\drivers\ctsfm2k.sys (SoundFont® Manager (WDM)/Creative Technology Ltd) [MANUAL] ctsfm2k Service C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (ma-config.com/Ma-Config.com) [MANUAL] driverhardwarev2 Service C:\WINDOWS\system32\DRIVERS\e100b325.sys (Intel® PRO/100 Adapter NDIS 5.1 driver/Intel Corporation) [MANUAL] E100B Service C:\WINDOWS\system32\drivers\emupia2k.sys (E-mu Plug-in Architecture Driver (WDM)/Creative Technology Ltd) [MANUAL] emupia Service C:\WINDOWS\system32\drivers\EntDrv51.sys (EntDrv/Network Associates, Inc) [MANUAL] EntDrv51 Service C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys (CDRom Class Filter Driver/GEAR Software Inc.) [MANUAL] GEARAspiWDM Service C:\WINDOWS\system32\drivers\ha20x2k.sys (Creative 20X HAL (WDM)/Creative Technology Ltd) [MANUAL] ha20x2k Service C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe (IDriverT Module/Macrovision Corporation) [MANUAL] IDriverT Service C:\Program Files\iPod\bin\iPodService.exe (iPodService Module/Apple Computer, Inc.) [MANUAL] iPodService Service C:\Program Files\Java\jre6\bin\jqs.exe (Java Quick Starter Service/Sun Microsystems, Inc.) [AUTO] JavaQuickStarterService Service C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe (Hewlett-Packard Company) [AUTO] LightScribeService Service C:\Program Files\ma-config.com\maconfservice.exe (Service de détection matériel/CybelSoft) [MANUAL] maconfservice Service C:\Program [AUTO] McAfeeFramework Service C:\Program Files\Network Associates\VirusScan\Mcshield.exe (On-Access Scanner service/Network Associates, Inc.) [AUTO] McShield Service C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe (Task Manager : scheduling and OAS alerting service/Network Associates, Inc.) [AUTO] McTaskManager Service C:\WINDOWS\system32\DRIVERS\MPE.sys (Microsoft MPE to IP Filter/Microsoft Corporation) [MANUAL] MPE Service C:\Program Files\Common Files\Motive\MRENDIS5.sys (Motive NDIS 5.0 Protocol Driver/Motive, Inc.) [MANUAL] MRENDIS5 Service C:\WINDOWS\system32\drivers\naiavf5x.sys (Anti-Virus File System Filter Driver/Network Associates, Inc.) [MANUAL] NaiAvFilter1 Service C:\WINDOWS\system32\drivers\mvstdi5x.sys (Anti-Virus Mini-Firewall Driver/Network Associates, Inc.) [sYSTEM] NaiAvTdi1 Service C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Compatible Windows 2000 Miniport Driver, Version 177.89 /NVIDIA Corporation) [MANUAL] nv Service C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Driver Helper Service, Version 177.89/NVIDIA Corporation) [AUTO] NVSvc Service C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative OS Services Driver (WDM)/Creative Technology Ltd.) [MANUAL] ossrv Service C:\WINDOWS\system32\drivers\pavboot.sys (Panda Boot Driver/Panda Security, S.L.) [bOOT] pavboot Service C:\WINDOWS\System32\Drivers\PCASp50.sys (PCAUSA NDIS 5.0 SPR Protocol Driver/Printing Communications Assoc., Inc. (PCAUSA)) [MANUAL] PCASp50 Service C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [DISABLED] Planificateur LiveUpdate automatique Service C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE (PML Driver/HP) [AUTO] Pml Driver HPZ12 Service C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) [MANUAL] Ptilink Service C:\WINDOWS\System32\Drivers\PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) [bOOT] PxHelp20 Service C:\WINDOWS\system32\DRIVERS\RTL8139.SYS (Realtek RTL8139 NDIS 5.0 Driver/Realtek Semiconductor Corporation) [MANUAL] rtl8139 Service C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [MANUAL] Secdrv Service SNMP Service C:\WINDOWS\system32\DRIVERS\StreamIP.sys (Microsoft IP Test Driver/Microsoft Corporation) [MANUAL] streamip Service C:\WINDOWS\System32\TuneUpDefragService.exe (TuneUp Drive Defrag Service/TuneUp Software GmbH) [MANUAL] TuneUp.Defrag Service C:\WINDOWS\system32\DRIVERS\viaide.sys (Generic PCI IDE Bus Driver/Microsoft Corporation) [bOOT] ViaIde Service C:\WINDOWS\system32\DRIVERS\wn5401.sys (Driver for Liteon Wireless LAN PCI 802.11 a/b/g adapter WN5401A/Liteon Technology Corp.) [MANUAL] WN5401 ---- EOF - GMER 1.0.15 ----
  21. CIOCC
    Bonjour Pear, je ferai ceci ce soir pour Mbam. Par contre pour Java, hier je ne l´ai pas mis à jour (à cause du problème de connexion) mais, téléchargé le fichier suivant jre-6u16-windows-i586.exe de 15.8 MB il me semble que ce fichier a ré-installé Java et en plus il parait à jour à la dernière version. ais-je bien fait????? Ciocc
  22. CIOCC
    A Priori oui pour Mbam; je n' ai pas trouvé l' extension MBAM.exe mais 2 fichiers application sans extension MBAM 1282 ko et mbangui 411 ko j' ai renomé MBAM en winlogon sans extension .exe puisqu' elle n' y etait pas à l' origine pour info, lorque j' avais executé MBAM pour l' installer j' avais déjà ce même message d'erreur qui apparait lorsque je lance la mise à jour. pour Java j' ai suivi à la lettre les indications. ?????? Ciocc
  23. CIOCC
    Pour Mbam, c 'est idem. J ' ai tjs le même message Une erreur est survenue. Veuillez transmettre de Malwarebytes Anti-malware le code erreur ci-dessous Erreur code : 732 (0,0) Ciocc
  24. CIOCC
    C' est tjs pareil. la mise à jour de Java est impossible. Voici le toujours le même message que j' obtiens Erreur- Programme d' installation Java Le programme d' installatio nne peut pas s' exécuter avec les paramètres de connexion internet actuels. Pour plus d' info visiter le site suivant http://java.com Cioc
  25. CIOCC
    Pour la mise à jour de Java j' ai tjs le même pb. Dois- je passer e nIE8 avant de mettre à jour Java et Mbam? Ciocc
×
×
  • Créer...