Aller au contenu

lucky29200

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    2

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par lucky29200

  1. lucky29200
    j'ai fait la manip voilà le résultat. ComboFix 09-01-02.01 - jean luc 2009-01-04 20:26:24.3 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1023.520 [GMT 1:00] Lancé depuis: d:\documents and settings\jean luc\Bureau\combofix.exe Commutateurs utilisés :: d:\documents and settings\jean luc\Bureau\CFScript.txt * Un nouveau point de restauration a été créé FILE :: C:\aok.exe C:\face2feace.exe C:\nfd.exe C:\osy.exe c:\windows\system32\svscs.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\aok.exe C:\face2feace.exe C:\nfd.exe C:\osy.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2008-12-04 au 2009-01-04 )))))))))))))))))))))))))))))))))))) . 2009-01-04 12:43 . 2009-01-04 13:00 <REP> d-a------ d:\documents and settings\All Users\Application Data\TEMP 2008-12-31 16:47 . 2008-12-31 16:47 <REP> d-------- d:\documents and settings\jean luc\Application Data\Malwarebytes 2008-12-31 16:47 . 2008-12-31 16:47 <REP> d-------- d:\documents and settings\All Users\Application Data\Malwarebytes 2008-12-31 16:47 . 2008-12-31 18:02 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-12-31 16:47 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2008-12-31 16:47 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2008-12-30 12:47 . 2008-12-30 12:47 <REP> d-------- d:\documents and settings\jean luc\Application Data\Webroot 2008-12-30 12:47 . 2008-12-30 12:47 <REP> d-------- d:\documents and settings\All Users\Application Data\Webroot 2008-12-30 12:47 . 2008-12-30 12:47 <REP> d-------- c:\program files\Webroot 2008-12-30 12:47 . 2008-12-30 12:47 <REP> d-------- c:\program files\Fichiers communs\Webroot Shared 2008-12-30 12:47 . 2007-10-03 09:36 196,424 --a------ c:\windows\Unwash6.exe 2008-12-16 19:34 . 2008-12-16 19:34 <REP> d-------- d:\documents and settings\All Users\Application Data\Avira 2008-12-16 19:34 . 2008-12-16 19:34 <REP> d-------- c:\program files\Avira 2008-12-15 19:16 . 2008-12-30 18:05 442 --a------ c:\windows\wininit.ini 2008-12-15 18:55 . 2008-12-29 18:42 <REP> d-------- d:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2008-12-15 18:55 . 2008-12-29 13:50 <REP> d-------- c:\program files\Spybot - Search & Destroy 2008-12-15 18:34 . 2008-12-15 18:34 <REP> d--h-c--- d:\documents and settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} 2008-12-08 09:58 . 2008-12-08 09:58 <REP> dr-hs---- C:\CONFIG . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-04 19:24 --------- d-----w c:\program files\Wanadoo 2008-12-11 16:22 --------- d-----w d:\documents and settings\All Users\Application Data\Lavasoft 2008-11-11 11:55 --------- d-----w d:\documents and settings\amelie\Application Data\QuosaDDM 2008-11-06 22:05 --------- d-----w d:\documents and settings\marie\Application Data\Creative 2008-10-24 11:10 453,632 ------w c:\windows\system32\dllcache\mrxsmb.sys 2008-10-23 13:00 283,648 ----a-w c:\windows\system32\gdi32.dll 2008-10-23 13:00 283,648 ------w c:\windows\system32\dllcache\gdi32.dll 2008-10-17 00:48 3,593,216 ----a-w c:\windows\system32\dllcache\mshtml.dll 2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll 2008-10-16 13:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll 2008-10-16 13:12 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll 2008-10-16 13:11 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe 2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll 2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll 2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll 2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll 2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll 2008-10-15 16:59 332,800 ------w c:\windows\system32\dllcache\netapi32.dll 2008-10-15 07:06 633,632 ------w c:\windows\system32\dllcache\iexplore.exe 2008-10-15 07:04 161,792 ------w c:\windows\system32\dllcache\ieakui.dll 2008-02-21 12:22 61,296 -c--a-w d:\documents and settings\amelie\Application Data\GDIPFONTCACHEV1.DAT 2008-01-22 14:50 61,296 ----a-w d:\documents and settings\lauriane\Application Data\GDIPFONTCACHEV1.DAT 2007-12-11 19:38 61,296 ----a-w d:\documents and settings\lucie\Application Data\GDIPFONTCACHEV1.DAT 2007-12-11 17:39 61,296 ----a-w d:\documents and settings\jean luc\Application Data\GDIPFONTCACHEV1.DAT 2007-07-05 10:52 278,528 -c--a-w c:\program files\Fichiers communs\FDEUnInstaller.exe . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- Directory of C:\CONFIG ---- 2008-12-16 19:29 62 --ahs---- c:\config\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360] "MediaDico"="c:\program files\Micro Application\MediaDICO\MediaDICO.exe" [2001-01-17 221696] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-27 68856] "WOOKIT"="c:\progra~1\Wanadoo\Shell.exe" [2004-08-23 122880] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968] "updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [bU] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-08-02 7110656] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-08-02 86016] "AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-08 57344] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784] "Vade Retro Outlook Express"="c:\progra~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" [2004-10-04 310272] "Ulead AutoDetector v2"="c:\program files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 90112] "PCMService"="c:\apps\Powercinema\PCMService.exe" [2005-05-11 127118] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952] "ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 24576] "EPSON Stylus DX3800 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE" [2005-02-08 98304] "WOOWATCH"="c:\progra~1\Wanadoo\Watch.exe" [2004-08-23 20480] "WOOTASKBARICON"="c:\progra~1\Wanadoo\GestMaj.exe" [2004-10-14 32768] "Creative WebCam Tray"="c:\program files\Creative\Shared Files\CAMTRAY.EXE" [2004-07-30 245760] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-12-11 286720] "EPSON Stylus DX3800 Series (Copie 1)"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE" [2005-02-08 98304] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-01-03 180269] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [2007-03-16 63712] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-12-11 267048] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [bU] "nwiz"="nwiz.exe" [2005-08-02 c:\windows\system32\nwiz.exe] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 c:\windows\system32\HdAShCut.exe] "RTHDCPL"="RTHDCPL.EXE" [2005-06-29 c:\windows\RTHDCPL.EXE] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-05 15360] "msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352] d:\documents and settings\jean luc\Menu D‚marrer\Programmes\D‚marrage\ CamTrack.lnk - c:\program files\DigitalPeers\CamTrack\camtrack.exe [2006-08-13 487424] d:\documents and settings\lauriane\Menu D‚marrer\Programmes\D‚marrage\ CamTrack.lnk - c:\program files\DigitalPeers\CamTrack\camtrack.exe [2006-08-13 487424] d:\documents and settings\marie\Menu D‚marrer\Programmes\D‚marrage\ CamTrack.lnk - c:\program files\DigitalPeers\CamTrack\camtrack.exe [2006-08-13 487424] d:\documents and settings\jean luc\Menu D‚marrer\Programmes\D‚marrage\ CamTrack.lnk - c:\program files\DigitalPeers\CamTrack\camtrack.exe [2006-08-13 487424] d:\documents and settings\jean luc\Menu D‚marrer\Programmes\D‚marrage\ CamTrack.lnk - c:\program files\DigitalPeers\CamTrack\camtrack.exe [2006-08-13 487424] d:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ LG Sync Manager.lnk - c:\program files\LG PC Suite\LG PC Sync\LGSyncManager.exe [2004-09-20 233472] LG SyncManager.lnk - c:\program files\LG PC Suite\LG PC Sync\LGSyncManager.exe [2004-09-20 233472] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360] NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2006-08-27 118784] Utilitaire r‚seau pour SAGEM Wi-Fi 11g USB adapter.lnk - c:\program files\SAGEM WiFi manager\WLANUTL.exe [2007-09-29 925696] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.dvacm"= c:\progra~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm "msacm.ulmp3acm"= c:\progra~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm "msacm.mpegacm"= c:\progra~1\FICHIE~1\ULEADS~1\MPEG\mpegacm.acm [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%ProgramFiles%\\AOL 9.0\\aol.exe"= "%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"= "%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\APPS\\skype\\phone\\Skype.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\guardgui.exe"= "c:\\WINDOWS\\RTHDCPL.EXE"= "c:\\WINDOWS\\system32\\verclsid.exe"= "c:\\Program Files\\Webroot\\Washer\\WasherSvc.exe"= "c:\\APPS\\Powercinema\\Kernel\\TV\\CLCapSvc.exe"= R3 V0090VID;Creative WebCam Vista Plus;c:\windows\system32\drivers\V0090Vid.sys [2006-03-08 138112] R4 wwEngineSvc;Window Washer Engine;c:\program files\Webroot\Washer\WasherSvc.exe [2008-12-30 598856] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;\??\c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys --> c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [?] S3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;c:\windows\system32\drivers\WlanBZXP.sys [2007-09-29 402432] S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;c:\windows\system32\drivers\sis163u.sys [2007-07-05 217088] S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\w300mgmt.sys [2007-08-02 87824] S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;c:\windows\system32\drivers\w300obex.sys [2007-08-02 85696] S3 ZDCndis5;ZDCndis5 Protocol Driver;\??\c:\windows\system32\ZDCndis5.SYS --> c:\windows\system32\ZDCndis5.SYS [?] *Newly Created Service* - CATCHME [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{28ABC5C0-4FCB-11CF-AAX5-21CX5C574571}] c:\config\S-1-5-21-1482476501-1644491937-682003330-1013\Cfg.exe . Contenu du dossier 'Tâches planifiées' 2008-09-09 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57] 2009-01-02 c:\windows\Tasks\Norton Internet Security - Analyse système complète - jean luc.job - c:\progra~1\NORTON~1\NORTON~1\Navw32.exe [] 2009-01-04 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20] . - - - - ORPHELINS SUPPRIMES - - - - BHO-{81a360be-af33-437a-8883-146cb1ffa583} - (no file) BHO-{8CD8011B-CDD3-4D9F-B79C-55932E863252} - (no file) BHO-{9dba86eb-7254-4bc1-87fe-ea363bf26f4e} - (no file) BHO-{DCB430C4-7A7A-42CB-888C-5F1030D9655D} - (no file) . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.orange.fr uDefault_Search_URL = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 O16 -: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://camera1.mairie-brest.fr/activex/AMC.cab c:\windows\Downloaded Program Files\setup.inf . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-04 20:28:24 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(544) c:\progra~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm c:\progra~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm c:\progra~1\FICHIE~1\ULEADS~1\MPEG\mpegacm.acm . Heure de fin: 2009-01-04 20:29:21 ComboFix-quarantined-files.txt 2009-01-04 19:29:18 ComboFix2.txt 2009-01-04 15:26:55 ComboFix3.txt 2009-01-04 14:47:38 Avant-CF: 19 996 176 384 octets libres Après-CF: 19,980,038,144 octets libres 229 --- E O F --- 2009-01-04 14:47:57
  2. lucky29200
    bonjour, je me bagarre depuis quelques temps avec ce cheval de troie et je ne m'en sors pas. Mon pc était protégé avec AVAST puis ensuite j'ai installé AVIRA et SPYBOT pas de résultat. j'ai ensuite installé SPYSWEEPER pour nettoyer le PC il m'a viré quelques trojans mais pas le fameux virtumonde.generic. j'ai continué avec MALWAREBYTES pas mieux et je viens de finir avec COMBOFIX toujours pareil mais je ne sais pas lire le HIJACKTHIS; y-a-t'il quelqu'un pour m'aider svp. ComboFix 09-01-02.01 - jean luc 2009-01-04 16:24:17.2 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1023.532 [GMT 1:00] Lancé depuis: d:\documents and settings\jean luc\Bureau\combofix.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2008-12-04 au 2009-01-04 )))))))))))))))))))))))))))))))))))) . 2009-01-04 12:43 . 2009-01-04 13:00 <REP> d-a------ d:\documents and settings\All Users\Application Data\TEMP 2008-12-31 16:47 . 2008-12-31 16:47 <REP> d-------- d:\documents and settings\jean luc\Application Data\Malwarebytes 2008-12-31 16:47 . 2008-12-31 16:47 <REP> d-------- d:\documents and settings\All Users\Application Data\Malwarebytes 2008-12-31 16:47 . 2008-12-31 18:02 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-12-31 16:47 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2008-12-31 16:47 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2008-12-30 12:47 . 2008-12-30 12:47 <REP> d-------- d:\documents and settings\jean luc\Application Data\Webroot 2008-12-30 12:47 . 2008-12-30 12:47 <REP> d-------- d:\documents and settings\All Users\Application Data\Webroot 2008-12-30 12:47 . 2008-12-30 12:47 <REP> d-------- c:\program files\Webroot 2008-12-30 12:47 . 2008-12-30 12:47 <REP> d-------- c:\program files\Fichiers communs\Webroot Shared 2008-12-30 12:47 . 2007-10-03 09:36 196,424 --a------ c:\windows\Unwash6.exe 2008-12-16 19:34 . 2008-12-16 19:34 <REP> d-------- d:\documents and settings\All Users\Application Data\Avira 2008-12-16 19:34 . 2008-12-16 19:34 <REP> d-------- c:\program files\Avira 2008-12-15 20:20 . 2008-12-15 20:20 210 --a------ C:\face2feace.exe 2008-12-15 19:16 . 2008-12-30 18:05 442 --a------ c:\windows\wininit.ini 2008-12-15 18:55 . 2008-12-29 18:42 <REP> d-------- d:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2008-12-15 18:55 . 2008-12-29 13:50 <REP> d-------- c:\program files\Spybot - Search & Destroy 2008-12-15 18:34 . 2008-12-15 18:34 <REP> d--h-c--- d:\documents and settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} 2008-12-10 20:01 . 2008-12-10 20:01 5,027 --a------ C:\aok.exe 2008-12-08 21:35 . 2008-12-08 21:35 5,027 --a------ C:\nfd.exe 2008-12-08 16:03 . 2008-12-08 16:31 1,025 --a------ C:\osy.exe 2008-12-08 09:58 . 2008-12-08 09:58 <REP> dr-hs---- C:\CONFIG . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-04 14:54 --------- d-----w c:\program files\Wanadoo 2008-12-11 16:22 --------- d-----w d:\documents and settings\All Users\Application Data\Lavasoft 2008-11-11 11:55 --------- d-----w d:\documents and settings\amelie\Application Data\QuosaDDM 2008-11-06 22:05 --------- d-----w d:\documents and settings\marie\Application Data\Creative 2008-10-24 11:10 453,632 ------w c:\windows\system32\dllcache\mrxsmb.sys 2008-10-23 13:00 283,648 ----a-w c:\windows\system32\gdi32.dll 2008-10-23 13:00 283,648 ------w c:\windows\system32\dllcache\gdi32.dll 2008-10-17 00:48 3,593,216 ----a-w c:\windows\system32\dllcache\mshtml.dll 2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll 2008-10-16 13:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll 2008-10-16 13:12 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll 2008-10-16 13:11 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe 2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll 2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll 2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll 2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll 2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll 2008-10-15 16:59 332,800 ------w c:\windows\system32\dllcache\netapi32.dll 2008-10-15 07:06 633,632 ------w c:\windows\system32\dllcache\iexplore.exe 2008-10-15 07:04 161,792 ------w c:\windows\system32\dllcache\ieakui.dll 2008-02-21 12:22 61,296 -c--a-w d:\documents and settings\amelie\Application Data\GDIPFONTCACHEV1.DAT 2008-01-22 14:50 61,296 ----a-w d:\documents and settings\lauriane\Application Data\GDIPFONTCACHEV1.DAT 2007-12-11 19:38 61,296 ----a-w d:\documents and settings\lucie\Application Data\GDIPFONTCACHEV1.DAT 2007-12-11 17:39 61,296 ----a-w d:\documents and settings\jean luc\Application Data\GDIPFONTCACHEV1.DAT 2007-07-05 10:52 278,528 -c--a-w c:\program files\Fichiers communs\FDEUnInstaller.exe . ((((((((((((((((((((((((((((( snapshot@2009-01-04_15.45.52.87 ))))))))))))))))))))))))))))))))))))))))) . + 2008-10-22 09:47:25 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP2QFE\tzchange.exe + 2008-10-23 10:06:59 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP3GDR\tzchange.exe + 2008-10-23 10:17:49 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP3QFE\tzchange.exe + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB955839\spmsg.dll + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB955839\spuninst.exe + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB955839\update\spcustom.dll + 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB955839\update\update.exe + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB955839\update\updspapi.dll + 2008-10-23 12:51:46 284,160 ----a-w c:\windows\$hf_mig$\KB956802\SP2QFE\gdi32.dll + 2008-10-23 12:36:51 286,720 ----a-w c:\windows\$hf_mig$\KB956802\SP3GDR\gdi32.dll + 2008-10-23 12:44:51 286,720 ----a-w c:\windows\$hf_mig$\KB956802\SP3QFE\gdi32.dll + 2008-07-08 13:03:54 18,296 ----a-w c:\windows\$hf_mig$\KB956802\spmsg.dll + 2008-07-08 13:03:55 234,872 ----a-w c:\windows\$hf_mig$\KB956802\spuninst.exe + 2008-07-08 13:03:54 26,488 ----a-w c:\windows\$hf_mig$\KB956802\update\spcustom.dll + 2008-07-09 07:40:26 767,352 ----a-w c:\windows\$hf_mig$\KB956802\update\update.exe + 2008-07-09 07:40:35 406,392 ----a-w c:\windows\$hf_mig$\KB956802\update\updspapi.dll + 2008-08-26 08:11:45 124,928 -c----w c:\windows\ie7updates\KB958215-IE7\advpack.dll + 2008-08-26 08:11:45 347,136 -c----w c:\windows\ie7updates\KB958215-IE7\dxtmsft.dll + 2008-08-26 08:11:45 214,528 -c----w c:\windows\ie7updates\KB958215-IE7\dxtrans.dll + 2008-08-26 08:11:45 133,120 -c----w c:\windows\ie7updates\KB958215-IE7\extmgr.dll + 2008-08-26 08:11:45 63,488 -c----w c:\windows\ie7updates\KB958215-IE7\icardie.dll + 2008-08-25 08:39:40 70,656 -c----w c:\windows\ie7updates\KB958215-IE7\ie4uinit.exe + 2008-08-26 08:11:45 153,088 -c----w c:\windows\ie7updates\KB958215-IE7\ieakeng.dll + 2008-08-26 08:11:45 230,400 -c----w c:\windows\ie7updates\KB958215-IE7\ieaksie.dll + 2008-08-23 05:54:51 161,792 -c----w c:\windows\ie7updates\KB958215-IE7\ieakui.dll + 2008-08-26 08:11:46 383,488 -c----w c:\windows\ie7updates\KB958215-IE7\ieapfltr.dll + 2008-08-26 08:11:46 384,512 -c----w c:\windows\ie7updates\KB958215-IE7\iedkcs32.dll + 2008-10-03 17:12:27 6,066,176 -c----w c:\windows\ie7updates\KB958215-IE7\ieframe.dll + 2008-08-26 08:11:48 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\iernonce.dll + 2008-08-26 08:11:48 267,776 -c----w c:\windows\ie7updates\KB958215-IE7\iertutil.dll + 2008-08-25 08:38:00 13,824 -c----w c:\windows\ie7updates\KB958215-IE7\ieudinit.exe + 2008-08-23 05:56:15 635,848 -c----w c:\windows\ie7updates\KB958215-IE7\iexplore.exe + 2008-08-26 08:11:49 27,648 -c----w c:\windows\ie7updates\KB958215-IE7\jsproxy.dll + 2008-08-26 08:11:49 459,264 -c----w c:\windows\ie7updates\KB958215-IE7\msfeeds.dll + 2008-08-26 08:11:49 52,224 -c----w c:\windows\ie7updates\KB958215-IE7\msfeedsbs.dll + 2008-08-27 09:11:52 3,593,216 -c----w c:\windows\ie7updates\KB958215-IE7\mshtml.dll + 2008-08-26 08:11:52 477,696 -c----w c:\windows\ie7updates\KB958215-IE7\mshtmled.dll + 2008-08-26 08:11:52 193,024 -c----w c:\windows\ie7updates\KB958215-IE7\msrating.dll + 2008-08-26 08:11:52 671,232 -c----w c:\windows\ie7updates\KB958215-IE7\mstime.dll + 2008-08-26 08:11:52 102,912 -c----w c:\windows\ie7updates\KB958215-IE7\occache.dll + 2008-08-26 08:11:52 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\pngfilt.dll + 2007-03-06 01:34:38 216,800 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\spuninst.exe + 2007-03-06 01:35:48 394,976 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\updspapi.dll + 2008-08-26 08:11:52 105,984 -c----w c:\windows\ie7updates\KB958215-IE7\url.dll + 2008-08-26 08:11:53 1,159,680 -c----w c:\windows\ie7updates\KB958215-IE7\urlmon.dll + 2008-08-26 08:11:53 233,472 -c----w c:\windows\ie7updates\KB958215-IE7\webcheck.dll + 2008-08-26 08:11:54 826,368 -c----w c:\windows\ie7updates\KB958215-IE7\wininet.dll - 2008-10-16 12:02:29 167,936 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\accicons.exe + 2009-01-04 14:46:47 167,936 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\accicons.exe - 2008-10-16 12:02:29 2,560 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\cagicon.exe + 2009-01-04 14:46:47 2,560 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\cagicon.exe - 2008-10-16 12:02:29 81,920 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\fpicon.exe + 2009-01-04 14:46:47 81,920 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\fpicon.exe - 2008-10-16 12:02:29 34,304 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\misc.exe + 2009-01-04 14:46:46 34,304 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\misc.exe - 2008-10-16 12:02:29 8,192 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\mspicons.exe + 2009-01-04 14:46:47 8,192 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\mspicons.exe - 2008-10-16 12:02:29 3,584 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\opwicon.exe + 2009-01-04 14:46:47 3,584 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\opwicon.exe - 2008-10-16 12:02:29 114,688 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\outicon.exe + 2009-01-04 14:46:47 114,688 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\outicon.exe - 2008-10-16 12:02:29 16,384 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\PEicons.exe + 2009-01-04 14:46:47 16,384 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\PEicons.exe - 2008-10-16 12:02:29 30,720 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\pptico.exe + 2009-01-04 14:46:47 30,720 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\pptico.exe - 2008-10-16 12:02:29 22,528 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\unbndico.exe + 2009-01-04 14:46:47 22,528 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\unbndico.exe - 2008-10-16 12:02:29 45,056 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe + 2009-01-04 14:46:46 45,056 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe - 2008-10-16 12:02:29 90,112 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe + 2009-01-04 14:46:46 90,112 ----a-r c:\windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe - 2008-08-26 08:11:45 124,928 ----a-w c:\windows\system32\advpack.dll + 2008-10-16 20:18:31 124,928 ----a-w c:\windows\system32\advpack.dll - 2008-08-26 08:11:45 124,928 ------w c:\windows\system32\dllcache\advpack.dll + 2008-10-16 20:18:31 124,928 ------w c:\windows\system32\dllcache\advpack.dll - 2008-08-26 08:11:45 347,136 ----a-w c:\windows\system32\dllcache\dxtmsft.dll + 2008-10-16 20:18:31 347,136 ----a-w c:\windows\system32\dllcache\dxtmsft.dll - 2008-08-26 08:11:45 214,528 ----a-w c:\windows\system32\dllcache\dxtrans.dll + 2008-10-16 20:18:31 214,528 ----a-w c:\windows\system32\dllcache\dxtrans.dll - 2008-08-26 08:11:45 133,120 ----a-w c:\windows\system32\dllcache\extmgr.dll + 2008-10-16 20:18:31 133,120 ----a-w c:\windows\system32\dllcache\extmgr.dll - 2008-08-26 08:11:45 63,488 ------w c:\windows\system32\dllcache\icardie.dll + 2008-10-16 20:18:32 63,488 ------w c:\windows\system32\dllcache\icardie.dll - 2008-08-26 08:11:45 153,088 ------w c:\windows\system32\dllcache\ieakeng.dll + 2008-10-16 20:18:32 153,088 ------w c:\windows\system32\dllcache\ieakeng.dll - 2008-08-26 08:11:45 230,400 ------w c:\windows\system32\dllcache\ieaksie.dll + 2008-10-16 20:18:32 230,400 ------w c:\windows\system32\dllcache\ieaksie.dll - 2008-08-26 08:11:46 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll + 2008-10-16 20:18:32 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll - 2008-08-26 08:11:46 384,512 ------w c:\windows\system32\dllcache\iedkcs32.dll + 2008-10-16 20:18:32 384,512 ------w c:\windows\system32\dllcache\iedkcs32.dll - 2008-10-03 17:12:27 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll + 2008-10-16 20:18:35 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll - 2008-08-26 08:11:48 44,544 ------w c:\windows\system32\dllcache\iernonce.dll + 2008-10-16 20:18:35 44,544 ------w c:\windows\system32\dllcache\iernonce.dll - 2008-08-26 08:11:48 267,776 ------w c:\windows\system32\dllcache\iertutil.dll + 2008-10-16 20:18:35 267,776 ------w c:\windows\system32\dllcache\iertutil.dll - 2008-08-26 08:11:49 27,648 ----a-w c:\windows\system32\dllcache\jsproxy.dll + 2008-10-16 20:18:36 27,648 ----a-w c:\windows\system32\dllcache\jsproxy.dll - 2006-10-18 18:03:58 100,864 ----a-w c:\windows\system32\dllcache\logagent.exe + 2008-06-18 00:09:22 100,864 ----a-w c:\windows\system32\dllcache\logagent.exe - 2008-08-26 08:11:49 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll + 2008-10-16 20:18:37 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll - 2008-08-26 08:11:49 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll + 2008-10-16 20:18:37 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll - 2008-08-26 08:11:52 477,696 ----a-w c:\windows\system32\dllcache\mshtmled.dll + 2008-10-16 20:18:40 477,696 ----a-w c:\windows\system32\dllcache\mshtmled.dll - 2008-08-26 08:11:52 193,024 ----a-w c:\windows\system32\dllcache\msrating.dll + 2008-10-16 20:18:40 193,024 ----a-w c:\windows\system32\dllcache\msrating.dll - 2008-08-26 08:11:52 671,232 ----a-w c:\windows\system32\dllcache\mstime.dll + 2008-10-16 20:18:41 671,232 ----a-w c:\windows\system32\dllcache\mstime.dll - 2008-08-26 08:11:52 102,912 ------w c:\windows\system32\dllcache\occache.dll + 2008-10-16 20:18:41 102,912 ------w c:\windows\system32\dllcache\occache.dll - 2008-08-26 08:11:52 44,544 ----a-w c:\windows\system32\dllcache\pngfilt.dll + 2008-10-16 20:18:41 44,544 ----a-w c:\windows\system32\dllcache\pngfilt.dll - 2006-08-24 12:19:40 246,814 -c----w c:\windows\system32\dllcache\strmdll.dll + 2008-10-03 10:17:02 247,326 ------w c:\windows\system32\dllcache\strmdll.dll - 2008-08-26 08:11:52 105,984 ------w c:\windows\system32\dllcache\url.dll + 2008-10-16 20:18:41 105,984 ------w c:\windows\system32\dllcache\url.dll - 2008-08-26 08:11:53 1,159,680 ----a-w c:\windows\system32\dllcache\urlmon.dll + 2008-10-16 20:18:42 1,160,192 ----a-w c:\windows\system32\dllcache\urlmon.dll - 2008-08-26 08:11:53 233,472 ------w c:\windows\system32\dllcache\webcheck.dll + 2008-10-16 20:18:42 233,472 ------w c:\windows\system32\dllcache\webcheck.dll - 2008-08-26 08:11:54 826,368 ----a-w c:\windows\system32\dllcache\wininet.dll + 2008-10-16 20:18:43 826,368 ----a-w c:\windows\system32\dllcache\wininet.dll - 2006-10-18 19:47:20 937,984 -c--a-w c:\windows\system32\dllcache\WMNetMgr.dll + 2008-06-18 04:03:08 938,496 ----a-w c:\windows\system32\dllcache\WMNetmgr.dll - 2006-10-18 19:47:22 2,450,944 -c--a-w c:\windows\system32\dllcache\wmvcore.dll + 2008-06-18 04:03:14 2,458,112 ----a-w c:\windows\system32\dllcache\WMVCore.dll - 2008-08-26 08:11:45 347,136 ----a-w c:\windows\system32\dxtmsft.dll + 2008-10-16 20:18:31 347,136 ----a-w c:\windows\system32\dxtmsft.dll - 2008-08-26 08:11:45 214,528 ----a-w c:\windows\system32\dxtrans.dll + 2008-10-16 20:18:31 214,528 ----a-w c:\windows\system32\dxtrans.dll - 2008-08-26 08:11:45 133,120 ----a-w c:\windows\system32\extmgr.dll + 2008-10-16 20:18:31 133,120 ----a-w c:\windows\system32\extmgr.dll - 2008-08-26 08:11:45 63,488 ----a-w c:\windows\system32\icardie.dll + 2008-10-16 20:18:32 63,488 ----a-w c:\windows\system32\icardie.dll - 2008-08-25 08:39:40 70,656 ----a-w c:\windows\system32\ie4uinit.exe + 2008-10-16 13:12:20 70,656 ----a-w c:\windows\system32\ie4uinit.exe - 2008-08-26 08:11:45 153,088 ----a-w c:\windows\system32\ieakeng.dll + 2008-10-16 20:18:32 153,088 ----a-w c:\windows\system32\ieakeng.dll - 2008-08-26 08:11:45 230,400 ----a-w c:\windows\system32\ieaksie.dll + 2008-10-16 20:18:32 230,400 ----a-w c:\windows\system32\ieaksie.dll - 2008-08-23 05:54:51 161,792 ----a-w c:\windows\system32\ieakui.dll + 2008-10-15 07:04:53 161,792 ----a-w c:\windows\system32\ieakui.dll - 2008-08-26 08:11:46 383,488 ----a-w c:\windows\system32\ieapfltr.dll + 2008-10-16 20:18:32 383,488 ----a-w c:\windows\system32\ieapfltr.dll - 2008-08-26 08:11:46 384,512 ----a-w c:\windows\system32\iedkcs32.dll + 2008-10-16 20:18:32 384,512 ----a-w c:\windows\system32\iedkcs32.dll - 2008-10-03 17:12:27 6,066,176 ----a-w c:\windows\system32\ieframe.dll + 2008-10-16 20:18:35 6,066,176 ----a-w c:\windows\system32\ieframe.dll - 2008-08-26 08:11:48 44,544 ----a-w c:\windows\system32\iernonce.dll + 2008-10-16 20:18:35 44,544 ----a-w c:\windows\system32\iernonce.dll - 2008-08-26 08:11:48 267,776 ----a-w c:\windows\system32\iertutil.dll + 2008-10-16 20:18:35 267,776 ----a-w c:\windows\system32\iertutil.dll - 2008-08-25 08:38:00 13,824 ----a-w c:\windows\system32\ieudinit.exe + 2008-10-16 13:11:09 13,824 ----a-w c:\windows\system32\ieudinit.exe - 2008-08-26 08:11:49 27,648 ----a-w c:\windows\system32\jsproxy.dll + 2008-10-16 20:18:36 27,648 ----a-w c:\windows\system32\jsproxy.dll - 2006-10-18 18:03:58 100,864 -c--a-w c:\windows\system32\logagent.exe + 2008-06-18 00:09:22 100,864 ----a-w c:\windows\system32\logagent.exe - 2008-08-26 08:11:49 459,264 ----a-w c:\windows\system32\msfeeds.dll + 2008-10-16 20:18:37 459,264 ----a-w c:\windows\system32\msfeeds.dll - 2008-08-26 08:11:49 52,224 ----a-w c:\windows\system32\msfeedsbs.dll + 2008-10-16 20:18:37 52,224 ----a-w c:\windows\system32\msfeedsbs.dll - 2008-08-27 09:11:52 3,593,216 ----a-w c:\windows\system32\mshtml.dll + 2008-10-17 00:48:40 3,593,216 ----a-w c:\windows\system32\mshtml.dll - 2008-08-26 08:11:52 477,696 ----a-w c:\windows\system32\mshtmled.dll + 2008-10-16 20:18:40 477,696 ----a-w c:\windows\system32\mshtmled.dll - 2008-08-26 08:11:52 193,024 ----a-w c:\windows\system32\msrating.dll + 2008-10-16 20:18:40 193,024 ----a-w c:\windows\system32\msrating.dll - 2008-08-26 08:11:52 671,232 ----a-w c:\windows\system32\mstime.dll + 2008-10-16 20:18:41 671,232 ----a-w c:\windows\system32\mstime.dll - 2008-08-26 08:11:52 102,912 ----a-w c:\windows\system32\occache.dll + 2008-10-16 20:18:41 102,912 ----a-w c:\windows\system32\occache.dll - 2008-08-26 08:11:52 44,544 ----a-w c:\windows\system32\pngfilt.dll + 2008-10-16 20:18:41 44,544 ----a-w c:\windows\system32\pngfilt.dll - 2008-07-08 13:03:54 18,296 ------w c:\windows\system32\spmsg.dll + 2007-07-27 08:41:40 16,760 ------w c:\windows\system32\spmsg.dll - 2006-08-24 12:19:40 246,814 ----a-w c:\windows\system32\strmdll.dll + 2008-10-03 10:17:02 247,326 ----a-w c:\windows\system32\strmdll.dll - 2008-07-14 11:09:18 62,976 ------w c:\windows\system32\tzchange.exe + 2008-10-22 09:47:07 62,976 ------w c:\windows\system32\tzchange.exe - 2008-08-26 08:11:52 105,984 ----a-w c:\windows\system32\url.dll + 2008-10-16 20:18:41 105,984 ----a-w c:\windows\system32\url.dll - 2008-08-26 08:11:53 1,159,680 ----a-w c:\windows\system32\urlmon.dll + 2008-10-16 20:18:42 1,160,192 ----a-w c:\windows\system32\urlmon.dll - 2008-08-26 08:11:53 233,472 ----a-w c:\windows\system32\webcheck.dll + 2008-10-16 20:18:42 233,472 ----a-w c:\windows\system32\webcheck.dll - 2008-08-26 08:11:54 826,368 ----a-w c:\windows\system32\wininet.dll + 2008-10-16 20:18:43 826,368 ----a-w c:\windows\system32\wininet.dll - 2006-10-18 19:47:20 937,984 ----a-w c:\windows\system32\WMNetMgr.dll + 2008-06-18 04:03:08 938,496 ----a-w c:\windows\system32\WMNetmgr.dll - 2006-10-18 19:47:22 2,450,944 ----a-w c:\windows\system32\wmvcore.dll + 2008-06-18 04:03:14 2,458,112 ----a-w c:\windows\system32\WMVCore.dll . -- Instantané actualisé -- . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360] "MediaDico"="c:\program files\Micro Application\MediaDICO\MediaDICO.exe" [2001-01-17 221696] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-27 68856] "WOOKIT"="c:\progra~1\Wanadoo\Shell.exe" [2004-08-23 122880] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296] "updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [bU] "nl2plwrk"="c:\windows\system32\svscs.exe" [bU] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-08-02 7110656] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-08-02 86016] "AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-08 57344] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784] "Vade Retro Outlook Express"="c:\progra~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" [2004-10-04 310272] "Ulead AutoDetector v2"="c:\program files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 90112] "PCMService"="c:\apps\Powercinema\PCMService.exe" [2005-05-11 127118] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952] "ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 24576] "EPSON Stylus DX3800 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE" [2005-02-08 98304] "WOOWATCH"="c:\progra~1\Wanadoo\Watch.exe" [2004-08-23 20480] "WOOTASKBARICON"="c:\progra~1\Wanadoo\GestMaj.exe" [2004-10-14 32768] "Creative WebCam Tray"="c:\program files\Creative\Shared Files\CAMTRAY.EXE" [2004-07-30 245760] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-12-11 286720] "EPSON Stylus DX3800 Series (Copie 1)"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE" [2005-02-08 98304] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-01-03 180269] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [2007-03-16 63712] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-12-11 267048] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "nl2plwrk"="c:\windows\system32\svscs.exe" [bU] "ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [bU] "nwiz"="nwiz.exe" [2005-08-02 c:\windows\system32\nwiz.exe] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 c:\windows\system32\HdAShCut.exe] "RTHDCPL"="RTHDCPL.EXE" [2005-06-29 c:\windows\RTHDCPL.EXE] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "GrpConv"="grpconv -o" [X] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-05 15360] "msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352] d:\documents and settings\jean luc\Menu D‚marrer\Programmes\D‚marrage\ CamTrack.lnk - c:\program files\DigitalPeers\CamTrack\camtrack.exe [2006-08-13 487424] d:\documents and settings\lauriane\Menu D‚marrer\Programmes\D‚marrage\ CamTrack.lnk - c:\program files\DigitalPeers\CamTrack\camtrack.exe [2006-08-13 487424] d:\documents and settings\marie\Menu D‚marrer\Programmes\D‚marrage\ CamTrack.lnk - c:\program files\DigitalPeers\CamTrack\camtrack.exe [2006-08-13 487424] d:\documents and settings\jean luc\Menu D‚marrer\Programmes\D‚marrage\ CamTrack.lnk - c:\program files\DigitalPeers\CamTrack\camtrack.exe [2006-08-13 487424] d:\documents and settings\jean luc\Menu D‚marrer\Programmes\D‚marrage\ CamTrack.lnk - c:\program files\DigitalPeers\CamTrack\camtrack.exe [2006-08-13 487424] d:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ LG Sync Manager.lnk - c:\program files\LG PC Suite\LG PC Sync\LGSyncManager.exe [2004-09-20 233472] LG SyncManager.lnk - c:\program files\LG PC Suite\LG PC Sync\LGSyncManager.exe [2004-09-20 233472] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360] NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2006-08-27 118784] Utilitaire r‚seau pour SAGEM Wi-Fi 11g USB adapter.lnk - c:\program files\SAGEM WiFi manager\WLANUTL.exe [2007-09-29 925696] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.dvacm"= c:\progra~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm "msacm.ulmp3acm"= c:\progra~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm "msacm.mpegacm"= c:\progra~1\FICHIE~1\ULEADS~1\MPEG\mpegacm.acm [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%ProgramFiles%\\AOL 9.0\\aol.exe"= "%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"= "%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\APPS\\skype\\phone\\Skype.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\guardgui.exe"= "c:\\WINDOWS\\RTHDCPL.EXE"= "c:\\WINDOWS\\system32\\verclsid.exe"= "c:\\Program Files\\Webroot\\Washer\\WasherSvc.exe"= "c:\\APPS\\Powercinema\\Kernel\\TV\\CLCapSvc.exe"= R3 V0090VID;Creative WebCam Vista Plus;c:\windows\system32\drivers\V0090Vid.sys [2006-03-08 138112] R4 wwEngineSvc;Window Washer Engine;c:\program files\Webroot\Washer\WasherSvc.exe [2008-12-30 598856] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;\??\c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys --> c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [?] S3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;c:\windows\system32\drivers\WlanBZXP.sys [2007-09-29 402432] S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;c:\windows\system32\drivers\sis163u.sys [2007-07-05 217088] S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\w300mgmt.sys [2007-08-02 87824] S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;c:\windows\system32\drivers\w300obex.sys [2007-08-02 85696] S3 ZDCndis5;ZDCndis5 Protocol Driver;\??\c:\windows\system32\ZDCndis5.SYS --> c:\windows\system32\ZDCndis5.SYS [?] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{28ABC5C0-4FCB-11CF-AAX5-21CX5C574571}] c:\config\S-1-5-21-1482476501-1644491937-682003330-1013\Cfg.exe . Contenu du dossier 'Tâches planifiées' 2008-09-09 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57] 2009-01-02 c:\windows\Tasks\Norton Internet Security - Analyse système complète - jean luc.job - c:\progra~1\NORTON~1\NORTON~1\Navw32.exe [] 2009-01-04 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20] . - - - - ORPHELINS SUPPRIMES - - - - BHO-{81a360be-af33-437a-8883-146cb1ffa583} - (no file) BHO-{8CD8011B-CDD3-4D9F-B79C-55932E863252} - (no file) BHO-{9dba86eb-7254-4bc1-87fe-ea363bf26f4e} - (no file) BHO-{DCB430C4-7A7A-42CB-888C-5F1030D9655D} - (no file) . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.orange.fr uDefault_Search_URL = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 O16 -: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://camera1.mairie-brest.fr/activex/AMC.cab c:\windows\Downloaded Program Files\setup.inf . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-04 16:25:57 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . Heure de fin: 2009-01-04 16:26:53 ComboFix-quarantined-files.txt 2009-01-04 15:26:51 ComboFix2.txt 2009-01-04 14:47:38 Avant-CF: 20 025 102 336 octets libres Après-CF: 20,008,665,088 octets libres 411 --- E O F --- 2009-01-04 14:47:57
×
×
  • Créer...