Luck114.com
Résolu/Fermé
yassouah225
Messages postés
50
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
25 janvier 2011
-
29 janv. 2009 à 23:36
crapoulou Messages postés 28158 Date d'inscription mercredi 28 novembre 2007 Statut Modérateur, Contributeur sécurité Dernière intervention 16 avril 2024 - 1 mars 2009 à 23:18
crapoulou Messages postés 28158 Date d'inscription mercredi 28 novembre 2007 Statut Modérateur, Contributeur sécurité Dernière intervention 16 avril 2024 - 1 mars 2009 à 23:18
A voir également:
- Luck114.com
- Tubidy com - Forum Audio
- Waptric com - Télécharger - Divers TV & Vidéo
- Wanadoo.fr ou .com - Forum Mail
- Hotmail.fr ou .com ✓ - Forum Réseaux sociaux
- Xnxx..com - Forum Virus
14 réponses
crapoulou
Messages postés
28158
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
16 avril 2024
7 990
29 janv. 2009 à 23:37
29 janv. 2009 à 23:37
Salut,
- Télécharge HijackThis Version 2.02 :
= = = = >>> En cliquant ici <<< = = = =
- Enregistre HJTInstall.exe sur ton bureau.
- Fais un double-clic (gauche) sur HJTInstall.exe afin de lancer l’installation
- Clique sur Install ensuite sur « I Accept »
- Clique sur « Do a scan system scan and save log file »
- Le bloc-notes s’ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.
- Télécharge HijackThis Version 2.02 :
= = = = >>> En cliquant ici <<< = = = =
- Enregistre HJTInstall.exe sur ton bureau.
- Fais un double-clic (gauche) sur HJTInstall.exe afin de lancer l’installation
- Clique sur Install ensuite sur « I Accept »
- Clique sur « Do a scan system scan and save log file »
- Le bloc-notes s’ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.
yassouah225
Messages postés
50
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
25 janvier 2011
29 janv. 2009 à 23:41
29 janv. 2009 à 23:41
Merci Crapoulou de bien vouloir de donner un coup de main mais g ne vois pa trop l'"utilité de hijackthis ici.
ta pa une autre solution plus pratique.
Merci
ta pa une autre solution plus pratique.
Merci
crapoulou
Messages postés
28158
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
16 avril 2024
7 990
29 janv. 2009 à 23:42
29 janv. 2009 à 23:42
Si tu veux que l'on désinfecte ton PC il faut bien localiser l'infection non ?!
Ainsi pouvoir utiliser les outils appropprier.
Hijackthis me permettra de faire cette évaluation avant de commencer l'étape de désinfection !
Ainsi pouvoir utiliser les outils appropprier.
Hijackthis me permettra de faire cette évaluation avant de commencer l'étape de désinfection !
yassouah225
Messages postés
50
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
25 janvier 2011
30 janv. 2009 à 00:17
30 janv. 2009 à 00:17
Crapoulou je crois que mo, problème est plus sérieux que je ne le pense; je ne peux pas installer hijackthis, ni même mon antivirus (nod32). Par contre j'ai regardé dans ajout/sppression de programme il y a ceci de nouveau je ne sais pa d'ou sa vient.
"Adsense based popAd" et sa m'ouvre des site chinois.
"Adsense based popAd" et sa m'ouvre des site chinois.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
crapoulou
Messages postés
28158
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
16 avril 2024
7 990
30 janv. 2009 à 00:22
30 janv. 2009 à 00:22
Désinstalle le alors !
Tu as un message d'erreur à l'installation ??
Tu as un message d'erreur à l'installation ??
yassouah225
Messages postés
50
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
25 janvier 2011
30 janv. 2009 à 00:27
30 janv. 2009 à 00:27
c pire que tout il me dit que le programme est déja désinstallé et là je redémarre mon ordi et quand je lance une application, le même message sort :" cette application est déjà utlisé par un autre programme cliquez sur oui pour fermer". et sa continue de m'ouvrir les page en chinois.
sa me fou les boule et je suis pa loin de formater a moins que...
:)
sa me fou les boule et je suis pa loin de formater a moins que...
:)
crapoulou
Messages postés
28158
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
16 avril 2024
7 990
30 janv. 2009 à 00:33
30 janv. 2009 à 00:33
Essaye un nettoyage global avec cet outil :
Télécharge Malwarebytes’ Anti-Malware
= = = = >>> En cliquant ici <<< = = = =
- Sur la page cliques sur Télécharger Malwarebyte’s Anti-Malware
- Enregistres le sur le bureau
- Double cliques sur le fichier téléchargé pour lancer le processus d’installation
- Lorsqu’il te le sera demandé, met à jour Malwarebytes anti malware
- Si le pare-feu demande l’autorisation de se connecter pour malwarebytes, acceptes
- Une fois la mise à jour terminée, ferme Malwarebytes
- Double-cliques sur l’icône de malwarebytes pour le relancer
- Dans l’onglet, Recherche, probablement ouvert par défaut,
- Sélectionne Exécuter un examen complet
- Clique sur Rechercher
- Le scan démarre
- A la fin de l’analyse, un message s’affiche : L’examen s’est terminé normalement. Cliquez sur ‘Afficher les résultats’ pour afficher tous les objets trouvés.
- Cliques sur Ok pour poursuivre.
- Si des malwares ont été détectés, cliques sur Afficher les résultats
- Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
- Malwarebytes va ouvrir le bloc-notes et y copier le rapport d’analyse.
- Rends toi dans l’onglet rapport/log
- Tu cliques dessus pour l’afficher une fois affiché
- Tu cliques sur édition en haut du bloc notes, et puis sur sélectionner tout
- Tu recliques sur édition et puis sur copier et tu reviens sur le forum et dans ta réponse
- Tu cliques droit dans le cadre de la réponse et coller
Si tu as besoin d’aide regarde ce tutorial ICI
Télécharge Malwarebytes’ Anti-Malware
= = = = >>> En cliquant ici <<< = = = =
- Sur la page cliques sur Télécharger Malwarebyte’s Anti-Malware
- Enregistres le sur le bureau
- Double cliques sur le fichier téléchargé pour lancer le processus d’installation
- Lorsqu’il te le sera demandé, met à jour Malwarebytes anti malware
- Si le pare-feu demande l’autorisation de se connecter pour malwarebytes, acceptes
- Une fois la mise à jour terminée, ferme Malwarebytes
- Double-cliques sur l’icône de malwarebytes pour le relancer
- Dans l’onglet, Recherche, probablement ouvert par défaut,
- Sélectionne Exécuter un examen complet
- Clique sur Rechercher
- Le scan démarre
- A la fin de l’analyse, un message s’affiche : L’examen s’est terminé normalement. Cliquez sur ‘Afficher les résultats’ pour afficher tous les objets trouvés.
- Cliques sur Ok pour poursuivre.
- Si des malwares ont été détectés, cliques sur Afficher les résultats
- Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
- Malwarebytes va ouvrir le bloc-notes et y copier le rapport d’analyse.
- Rends toi dans l’onglet rapport/log
- Tu cliques dessus pour l’afficher une fois affiché
- Tu cliques sur édition en haut du bloc notes, et puis sur sélectionner tout
- Tu recliques sur édition et puis sur copier et tu reviens sur le forum et dans ta réponse
- Tu cliques droit dans le cadre de la réponse et coller
Si tu as besoin d’aide regarde ce tutorial ICI
yassouah225
Messages postés
50
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
25 janvier 2011
30 janv. 2009 à 01:08
30 janv. 2009 à 01:08
yesssssssssssssssssssssssssssssss enfin j'ai un peu d'espoir!!!
je suis a 20mn de scan et 35 éléments trouvé.
c'est pas bon n'est-ce pas?
j'espère seulement que sa ira juqu'à la fin du scan et de la suppression alors je te feré le copier-coller.
stp bouge pa surtout
:)
je suis a 20mn de scan et 35 éléments trouvé.
c'est pas bon n'est-ce pas?
j'espère seulement que sa ira juqu'à la fin du scan et de la suppression alors je te feré le copier-coller.
stp bouge pa surtout
:)
yassouah225
Messages postés
50
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
25 janvier 2011
30 janv. 2009 à 03:42
30 janv. 2009 à 03:42
ouf voicile rapport hijackthis mais a chaque fois que je lance l'analyse il trouve toujours des trojans et autres alors que je les supprime toujours . pourquoi? et que dois-je faire ?? merci
Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1707
Windows 5.1.2600 Service Pack 2
30/01/2009 02:11:02
mbam-log-2009-01-30 (02-11-02).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 76956
Temps écoulé: 22 minute(s), 40 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 72
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 4
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\mewboeomediapop.popboeo (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{de2267bd-b163-407f-9e8d-6adec771e7ab} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0ad3ab16-6d0e-4f04-8660-fb1f36bc2dc0} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2f685b36-c53a-4653-9231-1dae5736de45} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{50c4cdd9-22d7-49ff-ac6d-7d4d528a3ab2} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{11f09afd-75ad-4e51-ab43-e09e9351ce16} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11f09afd-75ad-4e51-ab43-e09e9351ce16} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11f09afd-75ad-4e51-ab43-e09e9351ce16} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{34a12a06-48c0-420d-8f11-73552ee9631a} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cde9eb54-a08e-4570-b748-13f5ddb5781c} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mewboeomediapop.popboeo.1 (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mewwadpopup.bulogc (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mewwadpopup.bulogc.1 (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\newadpopup.toolbardetector (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\newadpopup.toolbardetector.1 (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\contentmatch (Adware.CPush) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\cpush (Adware.CPush) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MicroPlugins (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AutoRun.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwProxy.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32kui.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360rpt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360Safe.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360tray.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Iparmor.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAV32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPFW.EXE (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP.kxp (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVSrvXP.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVwsc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Navapsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFW.EXE (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rav.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RAVmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RAVmonD.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntiArp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AvMonitor.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.com (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CCenter.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HijackThis.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVStart.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMailMon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFWSvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRegEx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmsk.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32krn.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavStub.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavTask.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RfwMain.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwsrv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RsAgent.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rsaupd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\runiep.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojanDetector.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Trojanwall.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojDie.kxp (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360safebox.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQDoctor.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safeboxTray.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kissvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwstub.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icesword.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ArSwp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VPTray.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AST.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavService.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GFUpd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GuardField.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VPC32.exe (Security.Hijack) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\Fichiers communs\PushWare (Adware.CPush) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\Fichiers communs\PushWare\cpush.dll (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{74C2D4C1-65E7-4712-8029-43B7BEF8E8FB}\RP17\A0003641.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{74C2D4C1-65E7-4712-8029-43B7BEF8E8FB}\RP17\A0003651.dll (Adware.Cpush) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\PushWare\Uninst.exe (Adware.CPush) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1707
Windows 5.1.2600 Service Pack 2
30/01/2009 02:11:02
mbam-log-2009-01-30 (02-11-02).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 76956
Temps écoulé: 22 minute(s), 40 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 72
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 4
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\mewboeomediapop.popboeo (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{de2267bd-b163-407f-9e8d-6adec771e7ab} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0ad3ab16-6d0e-4f04-8660-fb1f36bc2dc0} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2f685b36-c53a-4653-9231-1dae5736de45} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{50c4cdd9-22d7-49ff-ac6d-7d4d528a3ab2} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{11f09afd-75ad-4e51-ab43-e09e9351ce16} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11f09afd-75ad-4e51-ab43-e09e9351ce16} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11f09afd-75ad-4e51-ab43-e09e9351ce16} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{34a12a06-48c0-420d-8f11-73552ee9631a} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cde9eb54-a08e-4570-b748-13f5ddb5781c} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mewboeomediapop.popboeo.1 (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mewwadpopup.bulogc (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mewwadpopup.bulogc.1 (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\newadpopup.toolbardetector (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\newadpopup.toolbardetector.1 (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\contentmatch (Adware.CPush) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\cpush (Adware.CPush) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MicroPlugins (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AutoRun.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwProxy.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32kui.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360rpt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360Safe.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360tray.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Iparmor.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAV32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPFW.EXE (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP.kxp (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVSrvXP.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVwsc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Navapsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFW.EXE (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rav.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RAVmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RAVmonD.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntiArp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AvMonitor.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.com (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CCenter.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HijackThis.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVStart.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMailMon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFWSvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRegEx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmsk.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32krn.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavStub.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavTask.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RfwMain.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwsrv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RsAgent.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rsaupd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\runiep.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojanDetector.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Trojanwall.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojDie.kxp (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360safebox.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQDoctor.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safeboxTray.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kissvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwstub.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icesword.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ArSwp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VPTray.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AST.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavService.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GFUpd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GuardField.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VPC32.exe (Security.Hijack) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\Fichiers communs\PushWare (Adware.CPush) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\Fichiers communs\PushWare\cpush.dll (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{74C2D4C1-65E7-4712-8029-43B7BEF8E8FB}\RP17\A0003641.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{74C2D4C1-65E7-4712-8029-43B7BEF8E8FB}\RP17\A0003651.dll (Adware.Cpush) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\PushWare\Uninst.exe (Adware.CPush) -> Quarantined and deleted successfully.
crapoulou
Messages postés
28158
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
16 avril 2024
7 990
30 janv. 2009 à 11:55
30 janv. 2009 à 11:55
ça c'est le rapport malwarebytes anti malware !
Très bien.
Rends toi sur l'onglet quarantaine et supprime tout.
Réessaye hijackthis stp.
Eventuellement retélécharge le en le renommant au téléchargement.
Très bien.
Rends toi sur l'onglet quarantaine et supprime tout.
Réessaye hijackthis stp.
Eventuellement retélécharge le en le renommant au téléchargement.
yassouah225
Messages postés
50
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
25 janvier 2011
30 janv. 2009 à 13:23
30 janv. 2009 à 13:23
ouf sa pa ete facile mè voici.
je voulè oci signaler que dans poste de travail quand je fais click droit sur c: sa me sort les option en chinoi(???) pour ouvrir et explorer. Merci
Logfile of random's system information tool 1.05 (written by random/random)
Run by EMMANUELLA at 2009-01-30 11:08:09
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 2 GB (16%) free of 10 GB
Total RAM: 383 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:09:27, on 30/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Eset\nod32.exe
C:\Documents and Settings\EMMANUELLA\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\EMMANUELLA.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://luck114.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/spresults.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKLM\..\Policies\Explorer\Run: [internetnet] C:\WINDOWS\system32\spoolsv.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/default.aspx
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
End of file - 4905 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2008-05-15 817936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-20 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-20 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-20 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2008-05-15 817936]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2009-01-19 949376]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-20 136600]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"internetnet"=C:\WINDOWS\system32\spoolsv.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
"Yahoo! Pager"=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2007-08-30 4670704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [2007-08-30 4670704]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableChangePassword"=0
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableChangePassword"=0
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoActiveDesktop"=1
"NoViewContextMenu"=0
"NoControlPanel"=1
"NoFileUrl"=0
"NoRun"=0
"NoToolBarCustomize"=0
"NoBandCustomize"=0
"NoDrives"=0
"NoClose"=0
"NoLogoff"=0
"StartMenuLogoff"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoViewContextMenu"=
"NoFileUrl"=
"NoRun"=
"NoToolBarCustomize"=
"NoBandCustomize"=
"NoDrives"=
"NoClose"=
"NoLogoff"=
"StartMenuLogoff"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
""C:\Program Files\CCP Client\CCPClient.exe""=""C:\Program Files\CCP Client\CCPClient.exe:*:Enabled:CyberCafePro Client Software""
"C:\Program Files\CCP Client\CCPClient.exe"="C:\Program Files\CCP Client\CCPClient.exe:*:Enabled:CyberCafePro Client"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0398e886-ed11-11dd-bf0d-00065b7dfc8c}]
shell\explore\command - DZ.PIF
shell\open\command - DZ.PIF
======List of files/folders created in the last 1 months======
2009-01-30 11:08:15 ----D---- C:\Program Files\trend micro
2009-01-30 11:08:09 ----D---- C:\rsit
2009-01-29 22:22:43 ----A---- C:\WINDOWS\system32\nk.ini
2009-01-28 14:00:54 ----A---- C:\WINDOWS\system32\waudafe.exe
2009-01-26 17:39:56 ----D---- C:\Documents and Settings\All Users\Application Data\Macrovision
2009-01-26 17:38:04 ----D---- C:\Program Files\Fichiers communs\Macromedia Shared
2009-01-26 17:34:25 ----D---- C:\Program Files\Fichiers communs\Macromedia
2009-01-26 17:31:01 ----D---- C:\Program Files\Macromedia
2009-01-26 17:23:16 ----A---- C:\WINDOWS\SWFDecompiler.INI
2009-01-26 17:23:13 ----D---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-01-26 17:20:38 ----D---- C:\Documents and Settings\EMMANUELLA\Application Data\U3
2009-01-24 14:40:03 ----A---- C:\WINDOWS\system32\kbdkor.dll
2009-01-24 14:40:03 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2009-01-24 14:40:03 ----A---- C:\WINDOWS\system32\kbd106.dll
2009-01-24 14:40:03 ----A---- C:\WINDOWS\system32\kbd103.dll
2009-01-24 14:40:03 ----A---- C:\WINDOWS\system32\kbd101c.dll
2009-01-24 14:40:03 ----A---- C:\WINDOWS\system32\kbd101b.dll
2009-01-24 13:18:19 ----A---- C:\WINDOWS\system32\wpcap.dll
2009-01-24 13:18:19 ----A---- C:\WINDOWS\system32\waucafe.exe
2009-01-24 13:18:10 ----D---- C:\WINDOWS\Intel
2009-01-24 13:16:38 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-01-22 23:13:31 ----A---- C:\WINDOWS\system32\WanPacket.dll
2009-01-22 23:13:31 ----A---- C:\WINDOWS\system32\Packet.dll
2009-01-22 23:09:43 ----D---- C:\WINDOWS\Minidump
2009-01-22 21:11:16 ----A---- C:\WINDOWS\system32\sysd.ini
2009-01-21 15:32:36 ----D---- C:\WINDOWS\Sun
2009-01-20 19:26:52 ----A---- C:\WINDOWS\system32\Zipit.dll
2009-01-20 19:26:52 ----A---- C:\WINDOWS\system32\Zipdll.dll
2009-01-20 19:26:52 ----A---- C:\WINDOWS\system32\Unzdll.dll
2009-01-20 19:26:49 ----A---- C:\WINDOWS\system32\ccrpbds6.dll
2009-01-20 19:26:34 ----D---- C:\Program Files\CCP Client
2009-01-20 16:14:58 ----D---- C:\WINDOWS\pss
2009-01-20 02:06:28 ----D---- C:\Program Files\Microsoft
2009-01-20 02:06:03 ----D---- C:\Program Files\Windows Live SkyDrive
2009-01-20 02:05:32 ----D---- C:\Program Files\Windows Live
2009-01-20 01:21:14 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-01-20 01:18:02 ----A---- C:\WINDOWS\system32\javaws.exe
2009-01-20 01:18:02 ----A---- C:\WINDOWS\system32\javaw.exe
2009-01-20 01:18:02 ----A---- C:\WINDOWS\system32\java.exe
2009-01-20 01:18:02 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-01-20 00:55:10 ----D---- C:\Documents and Settings\EMMANUELLA\Application Data\Sun
2009-01-20 00:43:46 ----D---- C:\Documents and Settings\EMMANUELLA\Application Data\ArcSoft
2009-01-20 00:32:51 ----A---- C:\WINDOWS\system32\gdiplus.dll
2009-01-20 00:20:25 ----D---- C:\Program Files\Fichiers communs\ArcSoft
2009-01-20 00:20:18 ----A---- C:\WINDOWS\system32\unicows.dll
2009-01-20 00:20:17 ----D---- C:\Program Files\Hercules
2009-01-20 00:20:17 ----A---- C:\WINDOWS\PCDLIB32.DLL
2009-01-20 00:18:08 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-01-20 00:17:09 ----N---- C:\WINDOWS\system32\ov530usd.dll
2009-01-20 00:17:09 ----N---- C:\WINDOWS\system32\ov530ext.dll
2009-01-20 00:17:09 ----N---- C:\WINDOWS\ov530dib.dll
2009-01-20 00:17:09 ----D---- C:\WINDOWS\OvtCam
2009-01-20 00:17:00 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-20 00:15:42 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-01-20 00:14:34 ----D---- C:\Documents and Settings\EMMANUELLA\Application Data\Yahoo!
2009-01-20 00:14:34 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2009-01-20 00:14:09 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2009-01-20 00:05:40 ----A---- C:\YServer.txt
2009-01-20 00:05:15 ----D---- C:\Program Files\Yahoo!
2009-01-20 00:00:54 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-01-20 00:00:35 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-01-19 23:31:43 ----A---- C:\WINDOWS\system32\wups2.dll
2009-01-19 23:31:42 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2009-01-19 23:31:41 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2009-01-19 23:31:40 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-01-19 23:31:40 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2009-01-19 23:22:54 ----D---- C:\Documents and Settings\EMMANUELLA\Application Data\Macromedia
2009-01-19 23:22:32 ----D---- C:\Documents and Settings\EMMANUELLA\Application Data\Adobe
2009-01-19 23:14:42 ----D---- C:\Program Files\Java
2009-01-19 22:51:40 ----D---- C:\Program Files\Fichiers communs\Java
2009-01-19 22:39:04 ----SHD---- C:\RECYCLER
2009-01-19 22:35:10 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-01-19 22:34:20 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-01-19 22:34:20 ----D---- C:\Program Files\Adobe
2009-01-19 22:27:02 ----A---- C:\WINDOWS\system32\imon.dll
2009-01-19 22:25:35 ----D---- C:\Program Files\ESET
2009-01-19 21:48:17 ----A---- C:\WINDOWS\ODBC.INI
2009-01-19 21:48:09 ----A---- C:\WINDOWS\system32\mdimon.dll
2009-01-19 21:46:51 ----D---- C:\Program Files\Microsoft.NET
2009-01-19 21:45:30 ----D---- C:\Program Files\Fichiers communs\DESIGNER
2009-01-19 21:44:49 ----D---- C:\WINDOWS\SHELLNEW
2009-01-19 21:38:17 ----D---- C:\Program Files\Microsoft Office
2009-01-19 21:35:16 ----RHD---- C:\MSOCache
2009-01-19 21:31:56 ----D---- C:\Documents and Settings\EMMANUELLA\Application Data\Identities
2009-01-19 21:31:53 ----HD---- C:\Program Files\Uninstall Information
2009-01-19 21:31:34 ----ASH---- C:\Documents and Settings\EMMANUELLA\Application Data\desktop.ini
2009-01-19 21:31:33 ----SD---- C:\Documents and Settings\EMMANUELLA\Application Data\Microsoft
2009-01-19 21:27:38 ----D---- C:\WINDOWS\SoftwareDistribution
2009-01-19 21:27:25 ----D---- C:\WINDOWS\Prefetch
2009-01-19 21:27:24 ----SD---- C:\WINDOWS\system32\Microsoft
2009-01-19 21:27:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-19 21:19:03 ----D---- C:\WINDOWS\system32\xircom
2009-01-19 21:19:03 ----D---- C:\Program Files\xerox
2009-01-19 21:19:03 ----D---- C:\Program Files\microsoft frontpage
2009-01-19 21:18:09 ----A---- C:\WINDOWS\control.ini
2009-01-19 21:18:09 ----A---- C:\AUTOEXEC.BAT
2009-01-19 21:17:43 ----A---- C:\WINDOWS\OEWABLog.txt
2009-01-19 21:17:32 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-01-19 21:15:17 ----RD---- C:\WINDOWS\Offline Web Pages
2009-01-19 21:15:16 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-01-19 21:15:16 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-01-19 21:15:04 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-01-19 21:14:53 ----HD---- C:\Program Files\WindowsUpdate
2009-01-19 21:14:45 ----D---- C:\Program Files\Services en ligne
2009-01-19 21:14:18 ----D---- C:\WINDOWS\system32\DirectX
2009-01-19 21:13:54 ----A---- C:\WINDOWS\system32\atrace.dll
2009-01-19 21:13:52 ----A---- C:\WINDOWS\system32\desktop.ini
2009-01-19 21:13:52 ----A---- C:\WINDOWS\desktop.ini
2009-01-19 21:13:45 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-01-19 21:13:44 ----A---- C:\WINDOWS\system32\acctres.dll
2009-01-19 21:13:43 ----D---- C:\Program Files\Fichiers communs\Services
2009-01-19 21:13:40 ----SD---- C:\WINDOWS\Tasks
2009-01-19 21:13:40 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-01-19 21:13:39 ----D---- C:\Program Files\Fichiers communs\MSSoap
2009-01-19 21:13:34 ----D---- C:\WINDOWS\srchasst
2009-01-19 21:13:33 ----D---- C:\WINDOWS\system32\Macromed
2009-01-19 21:13:30 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-01-19 21:13:30 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-01-19 21:13:30 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-01-19 21:13:30 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-01-19 21:13:29 ----A---- C:\WINDOWS\system32\wups.dll
2009-01-19 21:13:29 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-01-19 21:13:29 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-01-19 21:13:29 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-01-19 21:13:29 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-01-19 21:13:29 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-01-19 21:13:29 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-01-19 21:13:28 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-01-19 21:13:28 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-01-19 21:13:24 ----D---- C:\Program Files\Movie Maker
2009-01-19 21:13:19 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-01-19 21:13:19 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-01-19 21:13:19 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-01-19 21:13:19 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-01-19 21:13:15 ----D---- C:\WINDOWS\system32\Restore
2009-01-19 21:13:15 ----A---- C:\WINDOWS\system32\fltMc.exe
2009-01-19 21:13:15 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-01-19 21:13:14 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-01-19 21:13:14 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-01-19 21:13:14 ----A---- C:\WINDOWS\system32\srclient.dll
2009-01-19 21:13:13 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-01-19 21:13:13 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-01-19 21:13:13 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-01-19 21:13:13 ----A---- C:\WINDOWS\system32\ils.dll
2009-01-19 21:13:12 ----A---- C:\WINDOWS\system32\msconf.dll
2009-01-19 21:13:12 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-01-19 21:13:10 ----D---- C:\Program Files\NetMeeting
2009-01-19 21:13:10 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-01-19 21:13:10 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-01-19 21:13:08 ----A---- C:\WINDOWS\system32\inetres.dll
2009-01-19 21:13:08 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-01-19 21:13:05 ----D---- C:\Program Files\Outlook Express
2009-01-19 21:13:05 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-01-19 21:13:05 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-01-19 21:13:05 ----A---- C:\WINDOWS\system32\mstask.dll
2009-01-19 21:13:04 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-01-19 21:13:03 ----A---- C:\WINDOWS\system32\isign32.dll
2009-01-19 21:13:03 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-01-19 21:13:03 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-01-19 21:12:56 ----D---- C:\Program Files\Fichiers communs\System
2009-01-19 21:12:55 ----D---- C:\Program Files\Internet Explorer
2009-01-19 21:11:38 ----D---- C:\Program Files\ComPlus Applications
2009-01-19 21:11:33 ----A---- C:\WINDOWS\vbaddin.ini
2009-01-19 21:11:33 ----A---- C:\WINDOWS\vb.ini
2009-01-19 21:11:24 ----D---- C:\WINDOWS\Registration
2009-01-19 21:11:08 ----D---- C:\Program Files\Online Services
2009-01-19 21:11:07 ----D---- C:\Program Files\Windows Media Player
2009-01-19 21:10:56 ----D---- C:\Program Files\Messenger
2009-01-19 21:10:51 ----D---- C:\Program Files\MSN Gaming Zone
2009-01-19 21:10:51 ----A---- C:\WINDOWS\system32\write.exe
2009-01-19 21:10:38 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-01-19 21:10:38 ----A---- C:\WINDOWS\system32\hticons.dll
2009-01-19 21:10:38 ----A---- C:\WINDOWS\system32\avwav.dll
2009-01-19 21:10:37 ----A---- C:\WINDOWS\system32\winchat.exe
2009-01-19 21:10:37 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-01-19 21:10:37 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-01-19 21:10:28 ----A---- C:\WINDOWS\system32\getuname.dll
2009-01-19 21:10:27 ----A---- C:\WINDOWS\system32\sol.exe
2009-01-19 21:10:27 ----A---- C:\WINDOWS\system32\charmap.exe
2009-01-19 21:10:27 ----A---- C:\WINDOWS\system32\calc.exe
2009-01-19 21:10:26 ----A---- C:\WINDOWS\system32\winmine.exe
2009-01-19 21:10:26 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-01-19 21:10:26 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-01-19 21:10:26 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-01-19 21:10:26 ----A---- C:\WINDOWS\system32\tskill.exe
2009-01-19 21:10:26 ----A---- C:\WINDOWS\system32\reset.exe
2009-01-19 21:10:26 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-01-19 21:10:26 ----A---- C:\WINDOWS\system32\freecell.exe
2009-01-19 21:10:25 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-01-19 21:10:25 ----A---- C:\WINDOWS\system32\tscon.exe
2009-01-19 21:10:25 ----A---- C:\WINDOWS\system32\shadow.exe
2009-01-19 21:10:25 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-01-19 21:10:25 ----A---- C:\WINDOWS\system32\regini.exe
2009-01-19 21:10:25 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-01-19 21:10:25 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-01-19 21:10:25 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-01-19 21:10:25 ----A---- C:\WINDOWS\system32\msg.exe
2009-01-19 21:10:25 ----A---- C:\WINDOWS\system32\logoff.exe
2009-01-19 21:10:25 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-01-19 21:10:24 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-01-19 21:10:24 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-01-19 21:10:24 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-01-19 21:10:24 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-01-19 21:10:24 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-01-19 21:10:23 ----A---- C:\WINDOWS\system32\stclient.dll
2009-01-19 21:10:23 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-01-19 21:10:23 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-01-19 21:10:23 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-01-19 21:10:16 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-01-19 21:10:05 ----D---- C:\Program Files\MSN
2009-01-19 21:10:04 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-01-19 21:10:04 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-01-19 21:10:03 ----D---- C:\Program Files\Windows NT
2009-01-19 21:10:03 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-01-19 21:10:03 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-01-19 21:10:02 ----A---- C:\WINDOWS\system32\spider.exe
2009-01-19 21:10:02 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-01-19 21:10:02 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-01-19 21:10:01 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-01-19 21:10:01 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-01-19 21:10:01 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-01-19 21:10:01 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-01-19 21:10:01 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-01-19 21:10:00 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-01-19 21:10:00 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-01-19 21:10:00 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-01-19 21:10:00 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-01-19 21:10:00 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-01-19 21:10:00 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-01-19 21:10:00 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-01-19 21:09:59 ----D---- C:\WINDOWS\system32\MsDtc
2009-01-19 21:09:59 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-01-19 21:09:59 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-01-19 21:09:59 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-01-19 21:09:59 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-01-19 21:09:59 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-01-19 21:09:59 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-01-19 21:09:59 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-01-19 21:09:58 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-01-19 21:09:58 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-01-19 21:09:58 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-01-19 21:09:58 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-01-19 21:09:57 ----D---- C:\WINDOWS\system32\Com
2009-01-19 21:09:57 ----A---- C:\WINDOWS\system32\colbact.dll
2009-01-19 21:09:57 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-01-19 21:09:57 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-01-19 21:09:57 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-01-19 21:09:56 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-01-19 21:09:56 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-01-19 21:09:55 ----A---- C:\WINDOWS\system32\comuid.dll
2009-01-19 21:09:55 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-01-19 21:09:47 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-01-19 21:09:47 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-01-19 21:09:46 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-01-19 21:09:46 ----A---- C:\WINDOWS\system32\cmprops.dll
2009-01-19 21:07:24 ----A---- C:\WINDOWS\system32\h323log.txt
2009-01-19 21:04:52 ----A---- C:\WINDOWS\system32\ati2dvaa.dll
2009-01-19 21:04:19 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-01-19 21:04:02 ----A---- C:\WINDOWS\system32\usbui.dll
2009-01-19 21:02:02 ----A---- C:\WINDOWS\imsins.BAK
2009-01-19 21:01:57 ----SHD---- C:\WINDOWS\Installer
2009-01-19 21:01:57 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-19 21:01:55 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-01-19 21:01:55 ----A---- C:\WINDOWS\ODBCINST.INI
2009-01-19 21:01:50 ----RD---- C:\Program Files
2009-01-19 21:01:50 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2009-01-19 21:01:50 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-01-19 21:01:50 ----D---- C:\Program Files\Fichiers communs
2009-01-19 21:01:45 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-01-19 21:01:45 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-01-19 21:01:45 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-01-19 21:01:43 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-01-19 21:01:43 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-01-19 21:01:43 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-01-19 21:01:43 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-01-19 21:01:43 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-01-19 21:01:43 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-01-19 21:01:43 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-01-19 21:01:43 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-01-19 21:01:43 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-01-19 21:01:43 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-01-19 21:01:43 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-01-19 21:01:43 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-01-19 21:01:40 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-01-19 21:01:40 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-01-19 21:01:40 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-01-19 21:01:40 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-01-19 21:01:40 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-01-19 21:01:40 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-01-19 21:01:40 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-01-19 21:01:39 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-01-19 21:01:39 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-01-19 21:01:39 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-01-19 21:01:39 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-01-19 21:01:39 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-01-19 21:01:33 ----A---- C:\WINDOWS\system32\irclass.dll
2009-01-19 21:01:33 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-01-19 21:01:32 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-01-19 21:01:32 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-01-19 21:01:32 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-01-19 21:01:29 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-01-19 21:01:29 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-01-19 21:01:28 ----A---- C:\WINDOWS\system32\batt.dll
2009-01-19 21:01:28 ----A---- C:\WINDOWS\NOTEPAD.EXE
2009-01-19 21:01:27 ----A---- C:\WINDOWS\system32\storprop.dll
2009-01-19 21:01:10 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-01-19 21:01:03 ----RA---- C:\WINDOWS\SET8.tmp
2009-01-19 21:00:57 ----RA---- C:\WINDOWS\SET4.tmp
2009-01-19 21:00:55 ----RA---- C:\WINDOWS\SET3.tmp
2009-01-19 21:00:47 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-19 21:00:47 ----D---- C:\WINDOWS\system32\CatRoot
2009-01-19 21:00:40 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-01-19 21:00:17 ----A---- C:\WINDOWS\setuplog.txt
2009-01-19 21:00:08 ----D---- C:\Documents and Settings
2009-01-19 21:00:07 ----SHD---- C:\System Volume Information
2009-01-19 20:59:21 ----SH---- C:\boot.ini
2009-01-19 20:54:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-19 20:54:12 ----RSD---- C:\WINDOWS\Fonts
2009-01-19 20:54:12 ----RD---- C:\WINDOWS\Web
2009-01-19 20:54:12 ----HD---- C:\WINDOWS\inf
2009-01-19 20:54:12 ----D---- C:\WINDOWS\WinSxS
2009-01-19 20:54:12 ----D---- C:\WINDOWS\twain_32
2009-01-19 20:54:12 ----D---- C:\WINDOWS\Temp
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\wins
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\wbem
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\usmt
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\spool
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\ShellExt
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\Setup
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\ras
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\oobe
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\npp
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\mui
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\inetsrv
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\IME
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\icsxml
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\ias
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\export
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\drivers
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\dhcp
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\config
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\3com_dmi
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\3076
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\2052
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\1054
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\1042
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\1041
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\1037
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\1036
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\1033
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\1031
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\1028
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\1025
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system
2009-01-19 20:54:12 ----D---- C:\WINDOWS\security
2009-01-19 20:54:12 ----D---- C:\WINDOWS\Resources
2009-01-19 20:54:12 ----D---- C:\WINDOWS\repair
2009-01-19 20:54:12 ----D---- C:\WINDOWS\Provisioning
2009-01-19 20:54:12 ----D---- C:\WINDOWS\PeerNet
2009-01-19 20:54:12 ----D---- C:\WINDOWS\pchealth
2009-01-19 20:54:12 ----D---- C:\WINDOWS\mui
2009-01-19 20:54:12 ----D---- C:\WINDOWS\msapps
2009-01-19 20:54:12 ----D---- C:\WINDOWS\msagent
2009-01-19 20:54:12 ----D---- C:\WINDOWS\Media
2009-01-19 20:54:12 ----D---- C:\WINDOWS\java
2009-01-19 20:54:12 ----D---- C:\WINDOWS\ime
2009-01-19 20:54:12 ----D---- C:\WINDOWS\Help
2009-01-19 20:54:12 ----D---- C:\WINDOWS\ehome
2009-01-19 20:54:12 ----D---- C:\WINDOWS\Driver Cache
2009-01-19 20:54:12 ----D---- C:\WINDOWS\Debug
2009-01-19 20:54:12 ----D---- C:\WINDOWS\Cursors
2009-01-19 20:54:12 ----D---- C:\WINDOWS\Connection Wizard
2009-01-19 20:54:12 ----D---- C:\WINDOWS\Config
2009-01-19 20:54:12 ----D---- C:\WINDOWS\AppPatch
2009-01-19 20:54:12 ----D---- C:\WINDOWS\addins
2009-01-19 20:54:12 ----D---- C:\WINDOWS
======List of files/folders modified in the last 1 months======
2009-01-29 23:20:51 ----A---- C:\WINDOWS\system.ini
2009-01-20 16:15:17 ----A---- C:\WINDOWS\win.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2009-01-19 15424]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-28 12032]
R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2009-01-19 512096]
R3 ac97intc;Service d'installation du pilote audio Intel(r) 82801 (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ati2mtaa;ati2mtaa; C:\WINDOWS\system32\DRIVERS\ati2mtaa.sys [2004-08-19 327168]
R3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S2 pnpmem;pnpmem; \??\C:\WINDOWS\system32\drivers\pnpmem.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 kkvk;kkvk; \??\C:\WINDOWS\Fonts\kkvk.fon []
S3 ksns;ksns; \??\C:\WINDOWS\fonts\ksns.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 MyDog;MyDog; \??\C:\WINDOWS\system32\Drivers\Atieccx.sys []
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 npf;npf; \??\C:\WINDOWS\system32\drivers\npf.sys []
S3 ovt530;Webcam Classic; C:\WINDOWS\System32\Drivers\ov530vid.sys [2005-03-15 161792]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-20 152984]
S2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2009-01-19 552064]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe [2009-01-26 68096]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
-----------------EOF-----------------
je voulè oci signaler que dans poste de travail quand je fais click droit sur c: sa me sort les option en chinoi(???) pour ouvrir et explorer. Merci
Logfile of random's system information tool 1.05 (written by random/random)
Run by EMMANUELLA at 2009-01-30 11:08:09
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 2 GB (16%) free of 10 GB
Total RAM: 383 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:09:27, on 30/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Eset\nod32.exe
C:\Documents and Settings\EMMANUELLA\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\EMMANUELLA.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://luck114.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/spresults.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKLM\..\Policies\Explorer\Run: [internetnet] C:\WINDOWS\system32\spoolsv.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/default.aspx
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
End of file - 4905 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2008-05-15 817936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-20 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-20 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-20 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2008-05-15 817936]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2009-01-19 949376]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-20 136600]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"internetnet"=C:\WINDOWS\system32\spoolsv.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
"Yahoo! Pager"=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2007-08-30 4670704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [2007-08-30 4670704]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableChangePassword"=0
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableChangePassword"=0
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoActiveDesktop"=1
"NoViewContextMenu"=0
"NoControlPanel"=1
"NoFileUrl"=0
"NoRun"=0
"NoToolBarCustomize"=0
"NoBandCustomize"=0
"NoDrives"=0
"NoClose"=0
"NoLogoff"=0
"StartMenuLogoff"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoViewContextMenu"=
"NoFileUrl"=
"NoRun"=
"NoToolBarCustomize"=
"NoBandCustomize"=
"NoDrives"=
"NoClose"=
"NoLogoff"=
"StartMenuLogoff"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
""C:\Program Files\CCP Client\CCPClient.exe""=""C:\Program Files\CCP Client\CCPClient.exe:*:Enabled:CyberCafePro Client Software""
"C:\Program Files\CCP Client\CCPClient.exe"="C:\Program Files\CCP Client\CCPClient.exe:*:Enabled:CyberCafePro Client"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0398e886-ed11-11dd-bf0d-00065b7dfc8c}]
shell\explore\command - DZ.PIF
shell\open\command - DZ.PIF
======List of files/folders created in the last 1 months======
2009-01-30 11:08:15 ----D---- C:\Program Files\trend micro
2009-01-30 11:08:09 ----D---- C:\rsit
2009-01-29 22:22:43 ----A---- C:\WINDOWS\system32\nk.ini
2009-01-28 14:00:54 ----A---- C:\WINDOWS\system32\waudafe.exe
2009-01-26 17:39:56 ----D---- C:\Documents and Settings\All Users\Application Data\Macrovision
2009-01-26 17:38:04 ----D---- C:\Program Files\Fichiers communs\Macromedia Shared
2009-01-26 17:34:25 ----D---- C:\Program Files\Fichiers communs\Macromedia
2009-01-26 17:31:01 ----D---- C:\Program Files\Macromedia
2009-01-26 17:23:16 ----A---- C:\WINDOWS\SWFDecompiler.INI
2009-01-26 17:23:13 ----D---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-01-26 17:20:38 ----D---- C:\Documents and Settings\EMMANUELLA\Application Data\U3
2009-01-24 14:40:03 ----A---- C:\WINDOWS\system32\kbdkor.dll
2009-01-24 14:40:03 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2009-01-24 14:40:03 ----A---- C:\WINDOWS\system32\kbd106.dll
2009-01-24 14:40:03 ----A---- C:\WINDOWS\system32\kbd103.dll
2009-01-24 14:40:03 ----A---- C:\WINDOWS\system32\kbd101c.dll
2009-01-24 14:40:03 ----A---- C:\WINDOWS\system32\kbd101b.dll
2009-01-24 13:18:19 ----A---- C:\WINDOWS\system32\wpcap.dll
2009-01-24 13:18:19 ----A---- C:\WINDOWS\system32\waucafe.exe
2009-01-24 13:18:10 ----D---- C:\WINDOWS\Intel
2009-01-24 13:16:38 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-01-22 23:13:31 ----A---- C:\WINDOWS\system32\WanPacket.dll
2009-01-22 23:13:31 ----A---- C:\WINDOWS\system32\Packet.dll
2009-01-22 23:09:43 ----D---- C:\WINDOWS\Minidump
2009-01-22 21:11:16 ----A---- C:\WINDOWS\system32\sysd.ini
2009-01-21 15:32:36 ----D---- C:\WINDOWS\Sun
2009-01-20 19:26:52 ----A---- C:\WINDOWS\system32\Zipit.dll
2009-01-20 19:26:52 ----A---- C:\WINDOWS\system32\Zipdll.dll
2009-01-20 19:26:52 ----A---- C:\WINDOWS\system32\Unzdll.dll
2009-01-20 19:26:49 ----A---- C:\WINDOWS\system32\ccrpbds6.dll
2009-01-20 19:26:34 ----D---- C:\Program Files\CCP Client
2009-01-20 16:14:58 ----D---- C:\WINDOWS\pss
2009-01-20 02:06:28 ----D---- C:\Program Files\Microsoft
2009-01-20 02:06:03 ----D---- C:\Program Files\Windows Live SkyDrive
2009-01-20 02:05:32 ----D---- C:\Program Files\Windows Live
2009-01-20 01:21:14 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-01-20 01:18:02 ----A---- C:\WINDOWS\system32\javaws.exe
2009-01-20 01:18:02 ----A---- C:\WINDOWS\system32\javaw.exe
2009-01-20 01:18:02 ----A---- C:\WINDOWS\system32\java.exe
2009-01-20 01:18:02 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-01-20 00:55:10 ----D---- C:\Documents and Settings\EMMANUELLA\Application Data\Sun
2009-01-20 00:43:46 ----D---- C:\Documents and Settings\EMMANUELLA\Application Data\ArcSoft
2009-01-20 00:32:51 ----A---- C:\WINDOWS\system32\gdiplus.dll
2009-01-20 00:20:25 ----D---- C:\Program Files\Fichiers communs\ArcSoft
2009-01-20 00:20:18 ----A---- C:\WINDOWS\system32\unicows.dll
2009-01-20 00:20:17 ----D---- C:\Program Files\Hercules
2009-01-20 00:20:17 ----A---- C:\WINDOWS\PCDLIB32.DLL
2009-01-20 00:18:08 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-01-20 00:17:09 ----N---- C:\WINDOWS\system32\ov530usd.dll
2009-01-20 00:17:09 ----N---- C:\WINDOWS\system32\ov530ext.dll
2009-01-20 00:17:09 ----N---- C:\WINDOWS\ov530dib.dll
2009-01-20 00:17:09 ----D---- C:\WINDOWS\OvtCam
2009-01-20 00:17:00 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-20 00:15:42 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-01-20 00:14:34 ----D---- C:\Documents and Settings\EMMANUELLA\Application Data\Yahoo!
2009-01-20 00:14:34 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2009-01-20 00:14:09 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2009-01-20 00:05:40 ----A---- C:\YServer.txt
2009-01-20 00:05:15 ----D---- C:\Program Files\Yahoo!
2009-01-20 00:00:54 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-01-20 00:00:35 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-01-19 23:31:43 ----A---- C:\WINDOWS\system32\wups2.dll
2009-01-19 23:31:42 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2009-01-19 23:31:41 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2009-01-19 23:31:40 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-01-19 23:31:40 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2009-01-19 23:22:54 ----D---- C:\Documents and Settings\EMMANUELLA\Application Data\Macromedia
2009-01-19 23:22:32 ----D---- C:\Documents and Settings\EMMANUELLA\Application Data\Adobe
2009-01-19 23:14:42 ----D---- C:\Program Files\Java
2009-01-19 22:51:40 ----D---- C:\Program Files\Fichiers communs\Java
2009-01-19 22:39:04 ----SHD---- C:\RECYCLER
2009-01-19 22:35:10 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-01-19 22:34:20 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-01-19 22:34:20 ----D---- C:\Program Files\Adobe
2009-01-19 22:27:02 ----A---- C:\WINDOWS\system32\imon.dll
2009-01-19 22:25:35 ----D---- C:\Program Files\ESET
2009-01-19 21:48:17 ----A---- C:\WINDOWS\ODBC.INI
2009-01-19 21:48:09 ----A---- C:\WINDOWS\system32\mdimon.dll
2009-01-19 21:46:51 ----D---- C:\Program Files\Microsoft.NET
2009-01-19 21:45:30 ----D---- C:\Program Files\Fichiers communs\DESIGNER
2009-01-19 21:44:49 ----D---- C:\WINDOWS\SHELLNEW
2009-01-19 21:38:17 ----D---- C:\Program Files\Microsoft Office
2009-01-19 21:35:16 ----RHD---- C:\MSOCache
2009-01-19 21:31:56 ----D---- C:\Documents and Settings\EMMANUELLA\Application Data\Identities
2009-01-19 21:31:53 ----HD---- C:\Program Files\Uninstall Information
2009-01-19 21:31:34 ----ASH---- C:\Documents and Settings\EMMANUELLA\Application Data\desktop.ini
2009-01-19 21:31:33 ----SD---- C:\Documents and Settings\EMMANUELLA\Application Data\Microsoft
2009-01-19 21:27:38 ----D---- C:\WINDOWS\SoftwareDistribution
2009-01-19 21:27:25 ----D---- C:\WINDOWS\Prefetch
2009-01-19 21:27:24 ----SD---- C:\WINDOWS\system32\Microsoft
2009-01-19 21:27:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-19 21:19:03 ----D---- C:\WINDOWS\system32\xircom
2009-01-19 21:19:03 ----D---- C:\Program Files\xerox
2009-01-19 21:19:03 ----D---- C:\Program Files\microsoft frontpage
2009-01-19 21:18:09 ----A---- C:\WINDOWS\control.ini
2009-01-19 21:18:09 ----A---- C:\AUTOEXEC.BAT
2009-01-19 21:17:43 ----A---- C:\WINDOWS\OEWABLog.txt
2009-01-19 21:17:32 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-01-19 21:15:17 ----RD---- C:\WINDOWS\Offline Web Pages
2009-01-19 21:15:16 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-01-19 21:15:16 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-01-19 21:15:04 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-01-19 21:14:53 ----HD---- C:\Program Files\WindowsUpdate
2009-01-19 21:14:45 ----D---- C:\Program Files\Services en ligne
2009-01-19 21:14:18 ----D---- C:\WINDOWS\system32\DirectX
2009-01-19 21:13:54 ----A---- C:\WINDOWS\system32\atrace.dll
2009-01-19 21:13:52 ----A---- C:\WINDOWS\system32\desktop.ini
2009-01-19 21:13:52 ----A---- C:\WINDOWS\desktop.ini
2009-01-19 21:13:45 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-01-19 21:13:44 ----A---- C:\WINDOWS\system32\acctres.dll
2009-01-19 21:13:43 ----D---- C:\Program Files\Fichiers communs\Services
2009-01-19 21:13:40 ----SD---- C:\WINDOWS\Tasks
2009-01-19 21:13:40 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-01-19 21:13:39 ----D---- C:\Program Files\Fichiers communs\MSSoap
2009-01-19 21:13:34 ----D---- C:\WINDOWS\srchasst
2009-01-19 21:13:33 ----D---- C:\WINDOWS\system32\Macromed
2009-01-19 21:13:30 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-01-19 21:13:30 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-01-19 21:13:30 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-01-19 21:13:30 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-01-19 21:13:29 ----A---- C:\WINDOWS\system32\wups.dll
2009-01-19 21:13:29 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-01-19 21:13:29 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-01-19 21:13:29 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-01-19 21:13:29 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-01-19 21:13:29 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-01-19 21:13:29 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-01-19 21:13:28 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-01-19 21:13:28 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-01-19 21:13:24 ----D---- C:\Program Files\Movie Maker
2009-01-19 21:13:19 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-01-19 21:13:19 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-01-19 21:13:19 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-01-19 21:13:19 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-01-19 21:13:15 ----D---- C:\WINDOWS\system32\Restore
2009-01-19 21:13:15 ----A---- C:\WINDOWS\system32\fltMc.exe
2009-01-19 21:13:15 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-01-19 21:13:14 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-01-19 21:13:14 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-01-19 21:13:14 ----A---- C:\WINDOWS\system32\srclient.dll
2009-01-19 21:13:13 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-01-19 21:13:13 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-01-19 21:13:13 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-01-19 21:13:13 ----A---- C:\WINDOWS\system32\ils.dll
2009-01-19 21:13:12 ----A---- C:\WINDOWS\system32\msconf.dll
2009-01-19 21:13:12 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-01-19 21:13:10 ----D---- C:\Program Files\NetMeeting
2009-01-19 21:13:10 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-01-19 21:13:10 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-01-19 21:13:08 ----A---- C:\WINDOWS\system32\inetres.dll
2009-01-19 21:13:08 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-01-19 21:13:05 ----D---- C:\Program Files\Outlook Express
2009-01-19 21:13:05 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-01-19 21:13:05 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-01-19 21:13:05 ----A---- C:\WINDOWS\system32\mstask.dll
2009-01-19 21:13:04 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-01-19 21:13:03 ----A---- C:\WINDOWS\system32\isign32.dll
2009-01-19 21:13:03 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-01-19 21:13:03 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-01-19 21:12:56 ----D---- C:\Program Files\Fichiers communs\System
2009-01-19 21:12:55 ----D---- C:\Program Files\Internet Explorer
2009-01-19 21:11:38 ----D---- C:\Program Files\ComPlus Applications
2009-01-19 21:11:33 ----A---- C:\WINDOWS\vbaddin.ini
2009-01-19 21:11:33 ----A---- C:\WINDOWS\vb.ini
2009-01-19 21:11:24 ----D---- C:\WINDOWS\Registration
2009-01-19 21:11:08 ----D---- C:\Program Files\Online Services
2009-01-19 21:11:07 ----D---- C:\Program Files\Windows Media Player
2009-01-19 21:10:56 ----D---- C:\Program Files\Messenger
2009-01-19 21:10:51 ----D---- C:\Program Files\MSN Gaming Zone
2009-01-19 21:10:51 ----A---- C:\WINDOWS\system32\write.exe
2009-01-19 21:10:38 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-01-19 21:10:38 ----A---- C:\WINDOWS\system32\hticons.dll
2009-01-19 21:10:38 ----A---- C:\WINDOWS\system32\avwav.dll
2009-01-19 21:10:37 ----A---- C:\WINDOWS\system32\winchat.exe
2009-01-19 21:10:37 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-01-19 21:10:37 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-01-19 21:10:28 ----A---- C:\WINDOWS\system32\getuname.dll
2009-01-19 21:10:27 ----A---- C:\WINDOWS\system32\sol.exe
2009-01-19 21:10:27 ----A---- C:\WINDOWS\system32\charmap.exe
2009-01-19 21:10:27 ----A---- C:\WINDOWS\system32\calc.exe
2009-01-19 21:10:26 ----A---- C:\WINDOWS\system32\winmine.exe
2009-01-19 21:10:26 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-01-19 21:10:26 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-01-19 21:10:26 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-01-19 21:10:26 ----A---- C:\WINDOWS\system32\tskill.exe
2009-01-19 21:10:26 ----A---- C:\WINDOWS\system32\reset.exe
2009-01-19 21:10:26 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-01-19 21:10:26 ----A---- C:\WINDOWS\system32\freecell.exe
2009-01-19 21:10:25 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-01-19 21:10:25 ----A---- C:\WINDOWS\system32\tscon.exe
2009-01-19 21:10:25 ----A---- C:\WINDOWS\system32\shadow.exe
2009-01-19 21:10:25 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-01-19 21:10:25 ----A---- C:\WINDOWS\system32\regini.exe
2009-01-19 21:10:25 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-01-19 21:10:25 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-01-19 21:10:25 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-01-19 21:10:25 ----A---- C:\WINDOWS\system32\msg.exe
2009-01-19 21:10:25 ----A---- C:\WINDOWS\system32\logoff.exe
2009-01-19 21:10:25 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-01-19 21:10:24 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-01-19 21:10:24 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-01-19 21:10:24 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-01-19 21:10:24 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-01-19 21:10:24 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-01-19 21:10:23 ----A---- C:\WINDOWS\system32\stclient.dll
2009-01-19 21:10:23 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-01-19 21:10:23 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-01-19 21:10:23 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-01-19 21:10:16 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-01-19 21:10:05 ----D---- C:\Program Files\MSN
2009-01-19 21:10:04 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-01-19 21:10:04 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-01-19 21:10:03 ----D---- C:\Program Files\Windows NT
2009-01-19 21:10:03 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-01-19 21:10:03 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-01-19 21:10:02 ----A---- C:\WINDOWS\system32\spider.exe
2009-01-19 21:10:02 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-01-19 21:10:02 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-01-19 21:10:01 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-01-19 21:10:01 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-01-19 21:10:01 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-01-19 21:10:01 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-01-19 21:10:01 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-01-19 21:10:00 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-01-19 21:10:00 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-01-19 21:10:00 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-01-19 21:10:00 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-01-19 21:10:00 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-01-19 21:10:00 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-01-19 21:10:00 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-01-19 21:09:59 ----D---- C:\WINDOWS\system32\MsDtc
2009-01-19 21:09:59 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-01-19 21:09:59 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-01-19 21:09:59 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-01-19 21:09:59 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-01-19 21:09:59 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-01-19 21:09:59 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-01-19 21:09:59 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-01-19 21:09:58 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-01-19 21:09:58 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-01-19 21:09:58 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-01-19 21:09:58 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-01-19 21:09:57 ----D---- C:\WINDOWS\system32\Com
2009-01-19 21:09:57 ----A---- C:\WINDOWS\system32\colbact.dll
2009-01-19 21:09:57 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-01-19 21:09:57 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-01-19 21:09:57 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-01-19 21:09:56 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-01-19 21:09:56 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-01-19 21:09:55 ----A---- C:\WINDOWS\system32\comuid.dll
2009-01-19 21:09:55 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-01-19 21:09:47 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-01-19 21:09:47 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-01-19 21:09:46 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-01-19 21:09:46 ----A---- C:\WINDOWS\system32\cmprops.dll
2009-01-19 21:07:24 ----A---- C:\WINDOWS\system32\h323log.txt
2009-01-19 21:04:52 ----A---- C:\WINDOWS\system32\ati2dvaa.dll
2009-01-19 21:04:19 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-01-19 21:04:02 ----A---- C:\WINDOWS\system32\usbui.dll
2009-01-19 21:02:02 ----A---- C:\WINDOWS\imsins.BAK
2009-01-19 21:01:57 ----SHD---- C:\WINDOWS\Installer
2009-01-19 21:01:57 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-19 21:01:55 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-01-19 21:01:55 ----A---- C:\WINDOWS\ODBCINST.INI
2009-01-19 21:01:50 ----RD---- C:\Program Files
2009-01-19 21:01:50 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2009-01-19 21:01:50 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-01-19 21:01:50 ----D---- C:\Program Files\Fichiers communs
2009-01-19 21:01:45 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-01-19 21:01:45 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-01-19 21:01:45 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-01-19 21:01:43 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-01-19 21:01:43 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-01-19 21:01:43 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-01-19 21:01:43 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-01-19 21:01:43 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-01-19 21:01:43 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-01-19 21:01:43 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-01-19 21:01:43 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-01-19 21:01:43 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-01-19 21:01:43 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-01-19 21:01:43 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-01-19 21:01:43 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-01-19 21:01:40 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-01-19 21:01:40 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-01-19 21:01:40 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-01-19 21:01:40 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-01-19 21:01:40 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-01-19 21:01:40 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-01-19 21:01:40 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-01-19 21:01:39 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-01-19 21:01:39 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-01-19 21:01:39 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-01-19 21:01:39 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-01-19 21:01:39 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-01-19 21:01:36 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-01-19 21:01:33 ----A---- C:\WINDOWS\system32\irclass.dll
2009-01-19 21:01:33 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-01-19 21:01:32 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-01-19 21:01:32 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-01-19 21:01:32 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-01-19 21:01:29 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-01-19 21:01:29 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-01-19 21:01:28 ----A---- C:\WINDOWS\system32\batt.dll
2009-01-19 21:01:28 ----A---- C:\WINDOWS\NOTEPAD.EXE
2009-01-19 21:01:27 ----A---- C:\WINDOWS\system32\storprop.dll
2009-01-19 21:01:10 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-01-19 21:01:03 ----RA---- C:\WINDOWS\SET8.tmp
2009-01-19 21:00:57 ----RA---- C:\WINDOWS\SET4.tmp
2009-01-19 21:00:55 ----RA---- C:\WINDOWS\SET3.tmp
2009-01-19 21:00:47 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-19 21:00:47 ----D---- C:\WINDOWS\system32\CatRoot
2009-01-19 21:00:40 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-01-19 21:00:17 ----A---- C:\WINDOWS\setuplog.txt
2009-01-19 21:00:08 ----D---- C:\Documents and Settings
2009-01-19 21:00:07 ----SHD---- C:\System Volume Information
2009-01-19 20:59:21 ----SH---- C:\boot.ini
2009-01-19 20:54:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-19 20:54:12 ----RSD---- C:\WINDOWS\Fonts
2009-01-19 20:54:12 ----RD---- C:\WINDOWS\Web
2009-01-19 20:54:12 ----HD---- C:\WINDOWS\inf
2009-01-19 20:54:12 ----D---- C:\WINDOWS\WinSxS
2009-01-19 20:54:12 ----D---- C:\WINDOWS\twain_32
2009-01-19 20:54:12 ----D---- C:\WINDOWS\Temp
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\wins
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\wbem
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\usmt
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\spool
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\ShellExt
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\Setup
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\ras
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\oobe
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\npp
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\mui
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\inetsrv
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\IME
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\icsxml
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\ias
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\export
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\drivers
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\dhcp
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\config
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\3com_dmi
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\3076
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\2052
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\1054
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\1042
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\1041
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\1037
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\1036
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\1033
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\1031
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\1028
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32\1025
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system32
2009-01-19 20:54:12 ----D---- C:\WINDOWS\system
2009-01-19 20:54:12 ----D---- C:\WINDOWS\security
2009-01-19 20:54:12 ----D---- C:\WINDOWS\Resources
2009-01-19 20:54:12 ----D---- C:\WINDOWS\repair
2009-01-19 20:54:12 ----D---- C:\WINDOWS\Provisioning
2009-01-19 20:54:12 ----D---- C:\WINDOWS\PeerNet
2009-01-19 20:54:12 ----D---- C:\WINDOWS\pchealth
2009-01-19 20:54:12 ----D---- C:\WINDOWS\mui
2009-01-19 20:54:12 ----D---- C:\WINDOWS\msapps
2009-01-19 20:54:12 ----D---- C:\WINDOWS\msagent
2009-01-19 20:54:12 ----D---- C:\WINDOWS\Media
2009-01-19 20:54:12 ----D---- C:\WINDOWS\java
2009-01-19 20:54:12 ----D---- C:\WINDOWS\ime
2009-01-19 20:54:12 ----D---- C:\WINDOWS\Help
2009-01-19 20:54:12 ----D---- C:\WINDOWS\ehome
2009-01-19 20:54:12 ----D---- C:\WINDOWS\Driver Cache
2009-01-19 20:54:12 ----D---- C:\WINDOWS\Debug
2009-01-19 20:54:12 ----D---- C:\WINDOWS\Cursors
2009-01-19 20:54:12 ----D---- C:\WINDOWS\Connection Wizard
2009-01-19 20:54:12 ----D---- C:\WINDOWS\Config
2009-01-19 20:54:12 ----D---- C:\WINDOWS\AppPatch
2009-01-19 20:54:12 ----D---- C:\WINDOWS\addins
2009-01-19 20:54:12 ----D---- C:\WINDOWS
======List of files/folders modified in the last 1 months======
2009-01-29 23:20:51 ----A---- C:\WINDOWS\system.ini
2009-01-20 16:15:17 ----A---- C:\WINDOWS\win.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2009-01-19 15424]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-28 12032]
R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2009-01-19 512096]
R3 ac97intc;Service d'installation du pilote audio Intel(r) 82801 (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ati2mtaa;ati2mtaa; C:\WINDOWS\system32\DRIVERS\ati2mtaa.sys [2004-08-19 327168]
R3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S2 pnpmem;pnpmem; \??\C:\WINDOWS\system32\drivers\pnpmem.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 kkvk;kkvk; \??\C:\WINDOWS\Fonts\kkvk.fon []
S3 ksns;ksns; \??\C:\WINDOWS\fonts\ksns.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 MyDog;MyDog; \??\C:\WINDOWS\system32\Drivers\Atieccx.sys []
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 npf;npf; \??\C:\WINDOWS\system32\drivers\npf.sys []
S3 ovt530;Webcam Classic; C:\WINDOWS\System32\Drivers\ov530vid.sys [2005-03-15 161792]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-20 152984]
S2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2009-01-19 552064]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe [2009-01-26 68096]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
-----------------EOF-----------------
crapoulou
Messages postés
28158
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
16 avril 2024
7 990
30 janv. 2009 à 15:40
30 janv. 2009 à 15:40
Télécharge RavAntivirus d’Evosla :
= = = = >>> En cliquant ici <<< = = = =
* Si tu as une clé USB, disque dur externe, etc., branche-les sans les ouvrir avant de lancer ce FIX
* Fais un clic droit sur le fichier .ZIP > Extraire sur > le Bureau
* Double clique sur >> RAV.exe << afin de lancer l’outil.
* Une fois RAV ANTIVIRUS lancé, laisse-le réagir, il scanne automatiquement tout les lecteurs (disques fixes et amovibles)
* Si infection > un log s’établira, sinon le soft affichera (très rapide) ==>Votre Ordinateur est sain .
* Retire tes disques amovibles et redémarrez votre ordinateur.
* Poste le rapport, si infection!
= = = = >>> En cliquant ici <<< = = = =
* Si tu as une clé USB, disque dur externe, etc., branche-les sans les ouvrir avant de lancer ce FIX
* Fais un clic droit sur le fichier .ZIP > Extraire sur > le Bureau
* Double clique sur >> RAV.exe << afin de lancer l’outil.
* Une fois RAV ANTIVIRUS lancé, laisse-le réagir, il scanne automatiquement tout les lecteurs (disques fixes et amovibles)
* Si infection > un log s’établira, sinon le soft affichera (très rapide) ==>Votre Ordinateur est sain .
* Retire tes disques amovibles et redémarrez votre ordinateur.
* Poste le rapport, si infection!
crapoulou
Messages postés
28158
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
16 avril 2024
7 990
1 févr. 2009 à 13:21
1 févr. 2009 à 13:21
Pas de nouvelle, bonne nouvelle ??
yassouah225
Messages postés
50
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
25 janvier 2011
1 mars 2009 à 23:11
1 mars 2009 à 23:11
dsl mon ordi a pri un coup a la suite j'ai du en acheter un new
comme quoi "pas de nouvelle; onne nouvelle"
Merci c'est très gentile de m'avoir aidé.
:)
comme quoi "pas de nouvelle; onne nouvelle"
Merci c'est très gentile de m'avoir aidé.
:)
crapoulou
Messages postés
28158
Date d'inscription
mercredi 28 novembre 2007
Statut
Modérateur, Contributeur sécurité
Dernière intervention
16 avril 2024
7 990
1 mars 2009 à 23:18
1 mars 2009 à 23:18
Ok.
Pas de souci.
Bonne continuation.
A+.
Crapoulou.
Pas de souci.
Bonne continuation.
A+.
Crapoulou.
