Sujet Précédent Sujet Suivant

Virus msn help please

kyra -  
J_O_J_O Messages postés 1730 Statut Membre -
Bonjour,

Comme d'habitude j'ai encore un probléme avec mon ordi. Ma soeur à reçu sur msn un virus "foto" avec un lien. Résultat qaund je me suis connecter, sa l'a envoyé à tous mes contact.

Probléme, j'arrive plus à me contecter sur msn sans qu'il n'arrête n'envoyé le lien. Je peux plus aller sur internet sans que plusieur fênetre de pub ne s'ouvre et finis par me faire bugé l'ordi en m'affichant une fênêtre me disant de faire un scan avec antivirus 2009.

Je peux plus rien faire sur l'ordi. J'ai même les mises à jours de windows qui ont été bloqué.

J'ai fait un scan avec avast et spybot, mais sa marche toujours pas. J'ai aussi déinstaller msn, mais toujours rien.

Que dois-je faire svp?

Merci d'avance.
A voir également:

29 réponses

  • 1
  • 2
Réponse 1 / 29
J_O_J_O Messages postés 1730 Statut Membre 92
 
Salut ^^ Ta la totale Pour pas cher en plus ;) :: *Télécharges et installes le logiciel HijackThis de Merijn(programme de diagnostic !) :

*ici : http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe

*Ouvre et click sur: "do you scan systeme and save log file" a la fin du scan poste le rapport ici :)
0
Réponse 2 / 29
kyra
 
Merci^^

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:52:00, on 26/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Apps\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
c:\Apps\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Windows UDP Control Center] fxstaller.exe
O4 - HKLM\..\RunOnce: [SpybotDeletingA8733] command /c del "C:\WINDOWS\system32\ivcnlfqs.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4416] cmd /c del "C:\WINDOWS\system32\ivcnlfqs.dll_old"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?d44cce06468f4dc4b858e0b8a965e42a
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?d44cce06468f4dc4b858e0b8a965e42a
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Belkin Wireless USB Network Adapter (Belkin Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\Apps\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\Apps\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
0
Réponse 3 / 29
J_O_J_O Messages postés 1730 Statut Membre 92
 
Alors télécharge msnfix https://www.malekal.com/supprimer-virus-desinfecter-pc/ fait ce qui est demander et poste le rapport ici ;)

Msnfix !! ::: http://sosvirus.changelog.fr/MSNFix.exe voilà prend le ici ;)
0
Réponse 4 / 29
J_O_J_O Messages postés 1730 Statut Membre 92
 
Hopp escuse moi j'ai oublier de te faire désactiver le tea timer de spybot qui va géner la désinfection !!!

Lance spybot !
Menu mode : clic sur "avancé"puis sur "outils" clic sur l'icone "résident" ensuite à droite décoche Tea timer

Ps : retourne à msnfix ^^
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 29
kyra
 
C'est normal que ça reste bloquer à "Scan ... Check service" aprés avoir mis R puis Entrer?
0
Réponse 6 / 29
kyra
 
oups désolé j'ai oublier spybot, je recommence^^
0
Réponse 7 / 29
kyra
 
Même en désactivant la case sur spybot sa reste bloquer sur "Scan ... Check service"
0
Réponse 8 / 29
J_O_J_O Messages postés 1730 Statut Membre 92
 
Ah ? Nan mais touche à rien durant le scan n'ouvre aucun programme,t'attend ... :D
0
Réponse 9 / 29
kyra
 
C'est bon^^

Alors il m'a dit que j'avais des fichiers infecter, et de redémarré pour tout enlevé. Donc j'ai redémarrer.

Au redémarrer ya une classeur de fichier nommé "Upload_me" qui es appararu et un fichier txt dont voici le contenue :

read file error: C:\DOCUME~1\Owner\LOCALS~1\Temp\winlogon.exe, Le fichier spécifié est introuvable.
read file error: C:\DOCUME~1\Owner\LOCALS~1\Temp\services.exe, Le fichier spécifié est introuvable.
read file error: C:\WINDOWS\system32\cftmon.exe, Le fichier spécifié est introuvable.
read file error: C:\DOCUME~1\Owner\LOCALS~1\Temp\winlogon.exe, Le fichier spécifié est introuvable.
read file error: C:\DOCUME~1\Owner\LOCALS~1\Temp\services.exe, Le fichier spécifié est introuvable.
read file error: C:\WINDOWS\system32\cftmon.exe, Le fichier spécifié est introuvable.
read file error: C:\DOCUME~1\Owner\LOCALS~1\Temp\winlogon.exe, Le fichier spécifié est introuvable.
read file error: C:\DOCUME~1\Owner\LOCALS~1\Temp\services.exe, Le fichier spécifié est introuvable.
read file error: C:\WINDOWS\system32\cftmon.exe, Le fichier spécifié est introuvable.
read file error: C:\DOCUME~1\Owner\LOCALS~1\Temp\winlogon.exe, Le fichier spécifié est introuvable.
read file error: C:\DOCUME~1\Owner\LOCALS~1\Temp\services.exe, Le fichier spécifié est introuvable.
read file error: C:\WINDOWS\system32\cftmon.exe, Le fichier spécifié est introuvable.
0
Réponse 10 / 29
kyra
 
En gros j'crois que j'suis mal barré, il me trouve des truc qui sont introuvable, lol.

Je sais pas si sa compte mais j'avais déinstaller le programme "msn" et "windows live messenger". Pour "msn" je penser que c'était le "live messenger", lol.
0
Réponse 11 / 29
J_O_J_O Messages postés 1730 Statut Membre 92
 
Ah :/ ... Tu peux réinstaller windows live messenger si tu veux ... [ ce que j'essaye de faire en ce moment même la 8.5 elle veut pas s'installer :@ donc si t'y arrive dit le moi ] bref ont continue ::

Télécharge et installe Malwarebyte's Anti-Malware:

http://www.malwarebytes.org/mbam/program/mbam-setup.exe

*met le a jours !!
*redémarre en mode sans échec ! (tapote la touche f8 ou f5 au démarrage du pc et choisi ta session habituel)
*ouvre malwaresbyte's ! et scan avec (exécute un scan complet !)à la fin du scan fait afficher les éléments infectés et supprime les !!
*a la fin tout ce qui trouvera tu supprimera :)
*a la fin un rapport sera généré(bloc note s'ouvre) garde le et poste le ici

Ps : Ont verra msnfix plus tard ...

Comment redémarrer en mode sans échec :: https://forums.cnetfrance.fr
0
Réponse 12 / 29
kyra
 
C'est possible de ne pas faire ça en mode sans échec, car mon ordi refuse de se redémarrer en mode sans échec, lol.

J'ai tenter plusieurs fois, mais il me bloque sur une page noir et mon ordi plante^^

C'est pas grave si je fait le scan en normal?

Pour msn si je le réinstalle, va t-il continuer à envoyé les liens à tous le monde?
0
Réponse 13 / 29
J_O_J_O Messages postés 1730 Statut Membre 92
 
Si je te désinfecte "non" ^^ Par contre je suis pressé mais j'essaye de t'aider ... Donc fait un scan rapide en mode normal ! et poste le rapport de mbam ici ! Ont verra plus tard pour le mode sans échec ...
0
Réponse 14 / 29
kyra
 
Désolé sa à pris plus d'une heure ...

Ils m'a trouvé plus de 33 fichiers infectés

Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1551
Windows 5.1.2600 Service Pack 2

26/12/2008 23:38:25
mbam-log-2008-12-26 (23-38-25).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 120665
Temps écoulé: 1 hour(s), 1 minute(s), 57 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 16
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 20

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\ssqqqQge.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\efcDUnLe.dll (Trojan.Vundo) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\efcdunle (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c95d5edc-3900-4b28-8b83-773b57f3cc01} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{c95d5edc-3900-4b28-8b83-773b57f3cc01} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f1ed44f0-0469-41d1-8b22-3dea6d4c6877} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f1ed44f0-0469-41d1-8b22-3dea6d4c6877} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f1ed44f0-0469-41d1-8b22-3dea6d4c6877} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\ssqqqqge -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\ssqqqqge -> Delete on reboot.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\system32\efcDUnLe.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\ssqqqQge.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\egQqqqss.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\egQqqqss.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gnqzcw.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\0DC18VIF\index[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7AFC631D-71A6-4CBE-9F8F-EFDBDC0F94C6}\RP180\A0098078.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7AFC631D-71A6-4CBE-9F8F-EFDBDC0F94C6}\RP181\A0099188.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7AFC631D-71A6-4CBE-9F8F-EFDBDC0F94C6}\RP181\A0099189.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cbXNhhfe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fccaXNFY.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ojbmti.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psamdvfg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rqRIabaa.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssqNEurs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tuvUKBuv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vnqfbllh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xxyASIBq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yayvWNFx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pmnlIYss.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
0
Réponse 15 / 29
J_O_J_O Messages postés 1730 Statut Membre 92
 
Mici kyra :D ! Voila qui est fait ! ensuite fait ceci !

Télécharge combofix.exe (par sUBs) sur ton Bureau.

-> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Avant d'utiliser ComboFix :

-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.

Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.
surtout durant le scan de touche pas a la sourit sa pourrai figer le pc ne touche a rien ni au clavier

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redémarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

ccleaner Pour nettoyer ^^

*Télécharge et installe CCleaner https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html ( à l'installation, pense à DECOCHER l'installation de Yahoo toolbar !!!).

*Lance CCleaner
Option --> avancé --> décoche « effacer uniquement les fichiers plus vieux que 48h »
Puis nettoyeur --> Analyse > Lancer le nettoyage, puis sur OK dans la fenêtre qui s' affiche. Et coche toute les cases vides dans application et windows ;) .

Relance le nettoyage une deuxième fois enfin le tps qu'il ne te trouve plus rien ou quelques "ko" ^^

*Enfin, registre --> corrige toutes les erreurs, et recommence jusqu'à ce qu'il ne trouve plus d'erreurs.

*(garde ce logiciel et utilise le régulièrement ainsi que malwaresbytes à jour !).

hijackthis

*Refait un scan avec hijackthis et poste le nouveau rapport ;P Puis Apres la désinfection On passera à ta sécurité et au nettoyage...

Ps : Bonne chance :) Moi je reviens dans la soirée genre 2-4h donc si t'es encore là on continue si t'es plus là on continuera demain :) Bonne soirée .
0
Réponse 16 / 29
kyra
 
Voici le rapport :

ComboFix 08-12-26.03 - Owner 2008-12-27 0:28:01.6 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.446.163 [GMT 1:00]
Lancé depuis: c:\documents and settings\Owner\Bureau\ComboFix.exe
AV: avast! antivirus 4.8.1229 [VPS 081226-0] *On-access scanning disabled* (Outdated)
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\windows\IE4 Error Log.txt

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-11-26 au 2008-12-26 ))))))))))))))))))))))))))))))))))))
.

2008-12-26 23:52 . 2008-12-26 23:54 <REP> d--hsc--- c:\program files\Fichiers communs\WindowsLiveInstaller
2008-12-26 23:51 . 2008-12-26 23:51 <REP> d-------- c:\documents and settings\All Users\Application Data\WLInstaller
2008-12-26 23:47 . 2008-12-26 23:47 <REP> d-------- c:\program files\Fichiers communs\Windows Live
2008-12-26 22:27 . 2008-12-26 22:28 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-26 22:27 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-26 22:27 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-12-26 21:32 . 2008-12-26 22:04 <REP> d-------- c:\program files\MSNFix
2008-12-26 19:59 . 2008-12-26 19:59 68 --a------ c:\windows\nerropl.ini
2008-12-26 19:59 . 2008-12-26 19:59 18 --a------ c:\windows\pnrebp.ini
2008-12-25 14:36 . 2008-12-25 14:36 95 --a------ c:\windows\wininit.ini
2008-12-25 14:12 . 2008-12-25 14:12 <REP> d-------- c:\documents and settings\Owner\Application Data\MSNInstaller
2008-11-26 12:21 . 2004-03-09 01:00 662,288 --a------ c:\windows\system32\MSCOMCT2.OCX
2008-11-26 12:21 . 2008-11-26 12:21 253,139 --a------ c:\windows\PDFCreator_Toolbar_Uninstaller_2750.exe
2008-11-26 12:21 . 1998-06-24 01:00 137,000 --a------ c:\windows\system32\MSMAPI32.OCX
2008-11-26 12:21 . 2001-10-28 17:42 116,224 --a------ c:\windows\system32\pdfcmnnt.dll
2008-11-26 12:20 . 2008-11-26 12:21 <REP> d-------- c:\program files\PDFCreator
2008-11-26 12:20 . 1998-07-13 02:08 141,312 --a------ c:\windows\system32\MSCMCFR.DLL
2008-11-26 12:20 . 2000-10-02 04:00 119,568 --a------ c:\windows\system32\VB6FR.DLL
2008-11-26 12:20 . 1998-07-13 02:08 59,904 --a------ c:\windows\system32\MSCC2FR.DLL
2008-11-26 12:20 . 1998-07-06 01:00 23,552 --a------ c:\windows\system32\MSMPIDE.DLL

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-26 23:01 --------- d-----w c:\program files\Windows Live
2008-12-26 18:58 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2008-12-25 13:15 --------- d-----w c:\program files\MSN Messenger
2008-12-24 11:09 --------- d-----w c:\documents and settings\Owner\Application Data\Canon
2008-12-12 17:35 3,081,216 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-11-26 20:39 --------- d-----w c:\documents and settings\Owner\Application Data\dvdcss
2008-11-26 11:21 --------- d-----w c:\program files\PDFCreator Toolbar
2008-11-25 22:13 --------- d-----w c:\documents and settings\All Users\Application Data\Messenger Plus!
2008-11-25 20:04 --------- d-----w c:\program files\Messenger Plus! Live
2008-11-24 15:46 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-24 15:45 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-10-24 11:10 453,632 ------w c:\windows\system32\dllcache\mrxsmb.sys
2008-10-23 13:00 283,648 ----a-w c:\windows\system32\gdi32.dll
2008-10-23 13:00 283,648 ----a-w c:\windows\system32\dllcache\gdi32.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll
2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-15 16:59 332,800 ----a-w c:\windows\system32\dllcache\netapi32.dll
2008-10-15 09:45 18,432 ----a-w c:\windows\system32\dllcache\iedw.exe
2008-10-03 10:17 247,326 ----a-w c:\windows\system32\strmdll.dll
2008-10-03 10:17 247,326 ----a-w c:\windows\system32\dllcache\strmdll.dll
2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
.

((((((((((((((((((((((((((((( snapshot_2008-08-08_16.14.22.00 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-10-12 23:15:25 15,072 ----a-w c:\windows\$hf_mig$\KB901190\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w c:\windows\$hf_mig$\KB901190\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w c:\windows\$hf_mig$\KB901190\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w c:\windows\$hf_mig$\KB901190\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w c:\windows\$hf_mig$\KB901190\update\updspapi.dll
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB938464\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB938464\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB938464\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB938464\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB938464\update\updspapi.dll
+ 2008-05-02 13:33:12 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP2QFE\msgsc.dll
+ 2008-05-02 14:01:52 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3GDR\msgsc.dll
+ 2008-05-02 13:44:40 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3QFE\msgsc.dll
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB946648\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB946648\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB946648\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB946648\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB946648\update\updspapi.dll
+ 2008-07-07 20:18:27 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:28:20 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:24:11 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:26 767,352 ----a-w c:\windows\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:29 406,392 ----a-w c:\windows\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-04-11 18:40:33 683,520 ----a-w c:\windows\$hf_mig$\KB951066\SP2QFE\inetcomm.dll
+ 2008-04-11 19:05:22 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3GDR\inetcomm.dll
+ 2008-04-11 22:23:04 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3QFE\inetcomm.dll
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB951066\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB951066\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB951066\update\spcustom.dll
+ 2007-12-03 15:25:43 767,352 ----a-w c:\windows\$hf_mig$\KB951066\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB951066\update\updspapi.dll
+ 2008-07-14 11:03:00 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2008-05-01 15:04:51 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP2QFE\msadce.dll
+ 2008-05-01 14:36:26 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3GDR\msadce.dll
+ 2008-05-01 14:39:23 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3QFE\msadce.dll
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB952287\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB952287\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB952287\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB952287\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB952287\update\updspapi.dll
+ 2008-06-24 16:30:27 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:44:02 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:53:52 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB952954\update\updspapi.dll
+ 2008-06-23 16:15:33 1,024,512 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\browseui.dll
+ 2008-06-23 16:15:34 152,064 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\cdfview.dll
+ 2008-06-23 16:15:35 1,056,768 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\danim.dll
+ 2008-06-23 16:15:35 357,888 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\dxtmsft.dll
+ 2008-06-23 16:15:35 205,312 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\dxtrans.dll
+ 2008-06-23 16:15:35 55,808 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\extmgr.dll
+ 2008-06-23 09:53:58 18,432 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\iedw.exe
+ 2008-06-23 16:15:36 251,904 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\iepeers.dll
+ 2008-06-23 16:15:36 96,768 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\inseng.dll
+ 2008-06-23 16:15:36 16,384 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\jsproxy.dll
+ 2008-06-23 16:15:39 3,088,384 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\mshtml.dll
+ 2008-06-23 16:15:40 449,024 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\mshtmled.dll
+ 2008-06-23 16:15:40 146,432 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\msrating.dll
+ 2008-06-23 16:15:41 532,480 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\mstime.dll
+ 2008-06-23 16:15:41 39,424 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\pngfilt.dll
+ 2008-06-23 16:15:42 1,499,648 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\shdocvw.dll
+ 2008-06-23 16:15:43 474,624 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\shlwapi.dll
+ 2008-07-03 09:42:35 370,176 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\spru040c.dll
+ 2008-06-23 16:15:43 620,544 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\urlmon.dll
+ 2008-06-23 16:15:44 671,232 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\wininet.dll
+ 2008-06-23 15:10:27 3,088,384 ----a-w c:\windows\$hf_mig$\KB953838\SP3GDR\mshtml.dll
+ 2008-06-26 08:13:32 1,499,648 ----a-w c:\windows\$hf_mig$\KB953838\SP3GDR\shdocvw.dll
+ 2008-06-26 08:13:32 620,544 ----a-w c:\windows\$hf_mig$\KB953838\SP3GDR\urlmon.dll
+ 2008-06-23 15:10:27 670,208 ----a-w c:\windows\$hf_mig$\KB953838\SP3GDR\wininet.dll
+ 2008-06-25 04:26:28 3,088,896 ----a-w c:\windows\$hf_mig$\KB953838\SP3QFE\mshtml.dll
+ 2008-06-26 08:00:28 1,499,648 ----a-w c:\windows\$hf_mig$\KB953838\SP3QFE\shdocvw.dll
+ 2008-06-26 08:00:28 620,544 ----a-w c:\windows\$hf_mig$\KB953838\SP3QFE\urlmon.dll
+ 2008-06-23 14:56:26 670,720 ----a-w c:\windows\$hf_mig$\KB953838\SP3QFE\wininet.dll
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB953838\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB953838\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB953838\update\spcustom.dll
+ 2007-11-30 12:39:26 767,352 ----a-w c:\windows\$hf_mig$\KB953838\update\update.exe
+ 2007-11-30 12:39:29 406,392 ----a-w c:\windows\$hf_mig$\KB953838\update\updspapi.dll
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB953839\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB953839\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB953839\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB953839\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB953839\update\updspapi.dll
+ 2008-09-15 15:14:42 1,847,040 ----a-w c:\windows\$hf_mig$\KB954211\SP2QFE\win32k.sys
+ 2008-09-15 15:26:07 1,846,528 ----a-w c:\windows\$hf_mig$\KB954211\SP3GDR\win32k.sys
+ 2008-09-15 15:20:39 1,847,040 ----a-w c:\windows\$hf_mig$\KB954211\SP3QFE\win32k.sys
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB954211\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB954211\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB954211\update\spcustom.dll
+ 2008-07-09 07:40:26 767,352 ----a-w c:\windows\$hf_mig$\KB954211\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB954211\update\updspapi.dll
+ 2008-09-04 16:34:21 1,106,944 ----a-w c:\windows\$hf_mig$\KB955069\SP2QFE\msxml3.dll
+ 2008-09-04 17:16:10 1,106,944 ----a-w c:\windows\$hf_mig$\KB955069\SP3GDR\msxml3.dll
+ 2008-09-04 17:12:47 1,106,944 ----a-w c:\windows\$hf_mig$\KB955069\SP3QFE\msxml3.dll
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB955069\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB955069\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB955069\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB955069\update\update.exe
+ 2008-07-09 12:10:36 406,392 ----a-w c:\windows\$hf_mig$\KB955069\update\updspapi.dll
+ 2008-08-20 05:33:47 1,024,512 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\browseui.dll
+ 2008-08-20 05:33:44 152,064 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\cdfview.dll
+ 2008-08-20 05:33:44 1,056,768 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\danim.dll
+ 2008-08-20 05:33:45 357,888 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\dxtmsft.dll
+ 2008-08-20 05:33:45 205,312 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\dxtrans.dll
+ 2008-08-20 05:33:45 55,808 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\extmgr.dll
+ 2008-08-19 09:38:57 18,432 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\iedw.exe
+ 2008-08-20 05:33:45 251,904 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\iepeers.dll
+ 2008-08-20 05:33:45 96,768 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\inseng.dll
+ 2008-08-20 05:33:46 16,384 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\jsproxy.dll
+ 2008-08-20 05:33:48 3,088,384 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\mshtml.dll
+ 2008-08-20 05:33:46 449,024 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\mshtmled.dll
+ 2008-08-20 05:33:45 146,432 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\msrating.dll
+ 2008-08-20 05:33:45 532,480 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\mstime.dll
+ 2008-08-20 05:33:45 39,424 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\pngfilt.dll
+ 2008-08-20 05:33:46 1,499,648 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\shdocvw.dll
+ 2008-08-20 05:33:46 474,624 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\shlwapi.dll
+ 2008-08-19 09:51:37 370,176 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\spru040c.dll
+ 2008-08-20 05:33:47 621,056 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\urlmon.dll
+ 2008-08-20 05:33:46 671,744 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\wininet.dll
+ 2008-08-20 05:10:12 3,088,896 ----a-w c:\windows\$hf_mig$\KB956390\SP3GDR\mshtml.dll
+ 2008-08-20 05:10:11 1,499,648 ----a-w c:\windows\$hf_mig$\KB956390\SP3GDR\shdocvw.dll
+ 2008-08-20 05:10:11 620,544 ----a-w c:\windows\$hf_mig$\KB956390\SP3GDR\urlmon.dll
+ 2008-08-20 05:10:11 670,208 ----a-w c:\windows\$hf_mig$\KB956390\SP3GDR\wininet.dll
+ 2008-08-20 05:07:31 3,088,896 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\mshtml.dll
+ 2008-08-20 05:07:27 1,499,648 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\shdocvw.dll
+ 2008-08-20 05:07:28 621,056 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\urlmon.dll
+ 2008-08-20 05:07:28 670,720 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\wininet.dll
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956390\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956390\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956390\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956390\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB956390\update\updspapi.dll
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB956391\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB956391\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB956391\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956391\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB956391\update\updspapi.dll
+ 2008-08-14 09:48:52 138,368 ----a-w c:\windows\$hf_mig$\KB956803\SP2QFE\afd.sys
+ 2008-08-14 10:04:36 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3GDR\afd.sys
+ 2008-08-14 10:34:26 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3QFE\afd.sys
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956803\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956803\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956803\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB956803\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB956803\update\updspapi.dll
+ 2008-08-14 13:39:07 2,144,768 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlmp.exe
+ 2008-08-14 13:39:12 2,065,024 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlpa.exe
+ 2008-08-14 13:39:03 2,022,912 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrpamp.exe
+ 2008-08-14 13:39:11 2,188,032 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe
+ 2008-08-14 13:23:44 2,147,328 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlmp.exe
+ 2008-08-14 13:23:49 2,068,096 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
+ 2008-08-14 13:23:44 2,025,984 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrpamp.exe
+ 2008-08-14 13:23:49 2,191,232 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
+ 2008-08-14 13:55:54 2,147,328 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlmp.exe
+ 2008-08-14 17:26:00 2,068,096 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
+ 2008-08-14 13:55:47 2,025,984 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrpamp.exe
+ 2008-08-14 17:26:02 2,191,232 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956841\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956841\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956841\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956841\update\update.exe
+ 2008-07-09 07:40:35 406,392 ----a-w c:\windows\$hf_mig$\KB956841\update\updspapi.dll
+ 2008-08-28 10:35:33 333,056 ----a-w c:\windows\$hf_mig$\KB957095\SP2QFE\srv.sys
+ 2008-09-08 10:41:42 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3GDR\srv.sys
+ 2008-09-08 11:37:19 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3QFE\srv.sys
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB957095\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB957095\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB957095\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB957095\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB957095\update\updspapi.dll
+ 2008-10-24 11:25:29 455,936 ----a-w c:\windows\$hf_mig$\KB957097\SP2QFE\mrxsmb.sys
+ 2008-10-24 11:21:09 455,296 ----a-w c:\windows\$hf_mig$\KB957097\SP3GDR\mrxsmb.sys
+ 2008-10-24 11:41:11 455,936 ----a-w c:\windows\$hf_mig$\KB957097\SP3QFE\mrxsmb.sys
+ 2008-07-08 13:03:54 18,296 ----a-w c:\windows\$hf_mig$\KB957097\spmsg.dll
+ 2008-07-08 13:03:55 234,872 ----a-w c:\windows\$hf_mig$\KB957097\spuninst.exe
+ 2008-07-08 13:03:54 26,488 ----a-w c:\windows\$hf_mig$\KB957097\update\spcustom.dll
+ 2008-07-08 13:03:57 767,352 ----a-w c:\windows\$hf_mig$\KB957097\update\update.exe
+ 2008-07-08 13:04:05 406,392 ----a-w c:\windows\$hf_mig$\KB957097\update\updspapi.dll
+ 2008-10-15 16:55:13 339,456 ----a-w c:\windows\$hf_mig$\KB958644\SP2QFE\netapi32.dll
+ 2008-10-15 16:35:43 337,408 ----a-w c:\windows\$hf_mig$\KB958644\SP3GDR\netapi32.dll
+ 2008-10-15 16:31:32 339,456 ----a-w c:\windows\$hf_mig$\KB958644\SP3QFE\netapi32.dll
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB958644\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB958644\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB958644\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB958644\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB958644\update\updspapi.dll
+ 2005-10-12 23:15:26 216,800 -c----w c:\windows\$NtUninstallKB901190$\spuninst\spuninst.exe
+ 2005-10-12 23:15:45 394,976 -c----w c:\windows\$NtUninstallKB901190$\spuninst\updspapi.dll
+ 2007-11-30 12:39:29 234,872 -c----w c:\windows\$NtUninstallKB938464$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB938464$\spuninst\updspapi.dll
+ 2004-08-04 00:07:10 82,944 -c----w c:\windows\$NtUninstallKB946648$\msgsc.dll
+ 2007-11-30 12:39:29 234,872 -c----w c:\windows\$NtUninstallKB946648$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB946648$\spuninst\updspapi.dll
+ 2005-07-26 04:39:57 243,200 -c----w c:\windows\$NtUninstallKB950974$\es.dll
+ 2007-11-30 12:39:29 234,872 -c----w c:\windows\$NtUninstallKB950974$\spuninst\spuninst.exe
+ 2007-11-30 12:39:29 406,392 -c----w c:\windows\$NtUninstallKB950974$\spuninst\updspapi.dll
+ 2007-08-21 06:17:23 683,520 -c----w c:\windows\$NtUninstallKB951066$\inetcomm.dll
+ 2007-11-30 12:39:29 234,872 -c----w c:\windows\$NtUninstallKB951066$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB951066$\spuninst\updspapi.dll
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB951072-v2$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB951072-v2$\spuninst\updspapi.dll
+ 2007-11-13 11:31:11 60,416 -c----w c:\windows\$NtUninstallKB951072-v2$\tzchange.exe
+ 2004-08-05 12:00:00 331,776 -c----w c:\windows\$NtUninstallKB952287$\msadce.dll
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB952287$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w c:\windows\$NtUninstallKB952287$\spuninst\updspapi.dll
+ 2005-06-29 01:49:41 74,240 -c----w c:\windows\$NtUninstallKB952954$\mscms.dll
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB952954$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB952954$\spuninst\updspapi.dll
+ 2008-04-21 07:02:27 1,024,000 -c----w c:\windows\$NtUninstallKB953838$\browseui.dll
+ 2008-04-21 07:02:27 152,064 -c----w c:\windows\$NtUninstallKB953838$\cdfview.dll
+ 2008-04-21 07:02:28 1,056,768 -c----w c:\windows\$NtUninstallKB953838$\danim.dll
+ 2008-04-21 07:02:28 357,888 -c----w c:\windows\$NtUninstallKB953838$\dxtmsft.dll
+ 2008-04-21 07:02:28 205,312 -c----w c:\windows\$NtUninstallKB953838$\dxtrans.dll
+ 2008-04-21 07:02:28 55,808 -c----w c:\windows\$NtUninstallKB953838$\extmgr.dll
+ 2008-04-17 10:52:54 18,432 -c----w c:\windows\$NtUninstallKB953838$\iedw.exe
+ 2008-04-21 07:02:29 251,392 -c----w c:\windows\$NtUninstallKB953838$\iepeers.dll
+ 2008-04-21 07:02:29 96,768 -c----w c:\windows\$NtUninstallKB953838$\inseng.dll
+ 2008-04-21 07:02:29 16,384 -c----w c:\windows\$NtUninstallKB953838$\jsproxy.dll
+ 2008-04-21 07:02:34 3,080,704 -c----w c:\windows\$NtUninstallKB953838$\mshtml.dll
+ 2008-04-21 07:02:34 449,024 -c----w c:\windows\$NtUninstallKB953838$\mshtmled.dll
+ 2008-04-21 07:02:34 146,432 -c----w c:\windows\$NtUninstallKB953838$\msrating.dll
+ 2008-04-21 07:02:35 532,480 -c----w c:\windows\$NtUninstallKB953838$\mstime.dll
+ 2008-04-21 07:02:35 39,424 -c----w c:\windows\$NtUninstallKB953838$\pngfilt.dll
+ 2008-04-21 07:02:37 1,495,040 -c----w c:\windows\$NtUninstallKB953838$\shdocvw.dll
+ 2008-04-21 07:02:38 474,624 -c----w c:\windows\$NtUninstallKB953838$\shlwapi.dll
+ 2007-11-30 12:39:29 234,872 -c----w c:\windows\$NtUninstallKB953838$\spuninst\spuninst.exe
+ 2007-11-30 12:39:29 406,392 -c----w c:\windows\$NtUninstallKB953838$\spuninst\updspapi.dll
+ 2008-04-21 07:02:39 617,984 -c----w c:\windows\$NtUninstallKB953838$\urlmon.dll
+ 2008-04-21 07:02:40 663,552 -c----w c:\windows\$NtUninstallKB953838$\wininet.dll
+ 2008-04-17 11:03:45 370,176 -c----w c:\windows\$NtUninstallKB953838$\xpsp3res.dll
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB953839$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w c:\windows\$NtUninstallKB953839$\spuninst\updspapi.dll
+ 2007-11-30 12:39:29 234,872 -c----w c:\windows\$NtUninstallKB954211$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB954211$\spuninst\updspapi.dll
+ 2008-03-20 08:09:22 1,845,376 -c----w c:\windows\$NtUninstallKB954211$\win32k.sys
+ 2007-06-26 06:09:14 1,104,896 -c----w c:\windows\$NtUninstallKB955069$\msxml3.dll
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB955069$\spuninst\spuninst.exe
+ 2008-07-09 12:10:36 406,392 -c----w c:\windows\$NtUninstallKB955069$\spuninst\updspapi.dll
+ 2008-06-23 15:39:58 1,024,000 -c----w c:\windows\$NtUninstallKB956390$\browseui.dll
+ 2008-06-23 15:39:58 152,064 -c----w c:\windows\$NtUninstallKB956390$\cdfview.dll
+ 2008-06-23 15:39:59 1,056,768 -c----w c:\windows\$NtUninstallKB956390$\danim.dll
+ 2008-06-23 15:40:00 357,888 -c----w c:\windows\$NtUninstallKB956390$\dxtmsft.dll
+ 2008-06-23 15:40:00 205,312 -c----w c:\windows\$NtUninstallKB956390$\dxtrans.dll
+ 2008-06-23 15:40:00 55,808 -c----w c:\windows\$NtUninstallKB956390$\extmgr.dll
+ 2008-06-23 09:49:29 18,432 -c----w c:\windows\$NtUninstallKB956390$\iedw.exe
+ 2008-06-23 15:40:00 251,392 -c----w c:\windows\$NtUninstallKB956390$\iepeers.dll
+ 2008-06-23 15:40:00 96,768 -c----w c:\windows\$NtUninstallKB956390$\inseng.dll
+ 2008-06-23 15:40:00 16,384 -c----w c:\windows\$NtUninstallKB956390$\jsproxy.dll
+ 2008-06-23 15:40:02 3,080,704 -c----w c:\windows\$NtUninstallKB956390$\mshtml.dll
+ 2008-06-23 15:40:03 449,024 -c----w c:\windows\$NtUninstallKB956390$\mshtmled.dll
+ 2008-06-23 15:40:03 146,432 -c----w c:\windows\$NtUninstallKB956390$\msrating.dll
+ 2008-06-23 15:40:04 532,480 -c----w c:\windows\$NtUninstallKB956390$\mstime.dll
+ 2008-06-23 15:40:04 39,424 -c----w c:\windows\$NtUninstallKB956390$\pngfilt.dll
+ 2008-06-23 15:40:05 1,495,040 -c----w c:\windows\$NtUninstallKB956390$\shdocvw.dll
+ 2008-06-23 15:40:06 474,624 -c----w c:\windows\$NtUninstallKB956390$\shlwapi.dll
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB956390$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB956390$\spuninst\updspapi.dll
+ 2008-06-23 15:40:06 617,984 -c----w c:\windows\$NtUninstallKB956390$\urlmon.dll
+ 2008-06-23 15:40:08 663,552 -c----w c:\windows\$NtUninstallKB956390$\wininet.dll
+ 2008-07-03 09:42:35 370,176 -c----w c:\windows\$NtUninstallKB956390$\xpsp3res.dll
+ 2007-11-30 12:39:29 234,872 -c----w c:\windows\$NtUninstallKB956391$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB956391$\spuninst\updspapi.dll
+ 2008-06-20 10:44:38 138,368 -c----w c:\windows\$NtUninstallKB956803$\afd.sys
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB956803$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w c:\windows\$NtUninstallKB956803$\spuninst\updspapi.dll
+ 2007-02-28 16:02:21 2,138,112 -c----w c:\windows\$NtUninstallKB956841$\ntkrnlmp.exe
+ 2007-02-28 16:02:36 2,059,648 -c----w c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
+ 2007-02-28 16:02:21 2,017,792 -c----w c:\windows\$NtUninstallKB956841$\ntkrpamp.exe
+ 2007-02-28 16:02:36 2,182,400 -c----w c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB956841$\spuninst\spuninst.exe
+ 2008-07-09 07:40:35 406,392 -c----w c:\windows\$NtUninstallKB956841$\spuninst\updspapi.dll
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB957095$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w c:\windows\$NtUninstallKB957095$\spuninst\updspapi.dll
+ 2006-08-14 10:34:41 332,928 -c----w c:\windows\$NtUninstallKB957095$\srv.sys
+ 2006-05-05 09:41:45 453,120 -c----w c:\windows\$NtUninstallKB957097$\mrxsmb.sys
+ 2008-07-08 13:03:55 234,872 -c----w c:\windows\$NtUninstallKB957097$\spuninst\spuninst.exe
+ 2008-07-08 13:04:05 406,392 -c----w c:\windows\$NtUninstallKB957097$\spuninst\updspapi.dll
+ 2006-08-17 12:29:49 332,288 -c----w c:\windows\$NtUninstallKB958644$\netapi32.dll
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB958644$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w c:\windows\$NtUninstallKB958644$\spuninst\updspapi.dll
- 2006-05-05 09:41:45 453,120 ----a-w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 ----a-w c:\windows\Driver Cache\i386\mrxsmb.sys
- 2007-02-28 16:02:21 2,138,112 ----a-w c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 13:44:35 2,138,112 ----a-w c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2007-02-28 16:02:36 2,059,648 ----a-w c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 13:44:39 2,059,776 ----a-w c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2007-02-28 16:02:21 2,017,792 ----a-w c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 13:44:33 2,017,792 ----a-w c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2007-02-28 16:02:36 2,182,400 ----a-w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-08-14 13:44:37 2,182,400 ----a-w c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2005-10-20 18:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2004-08-05 12:00:00 175,104 ----a-w c:\windows\ime\chsime\applets\PINTLCSA.DLL
+ 2004-08-05 12:00:00 53,760 ----a-w c:\windows\ime\chsime\applets\PINTLCSD.DLL
+ 2004-08-05 12:00:00 97,792 ----a-w c:\windows\ime\CHTIME\Applets\CHTMBX.DLL
+ 2004-08-05 12:00:00 56,320 ----a-w c:\windows\ime\CHTIME\Applets\CHTSKDIC.DLL
+ 2004-08-05 12:00:00 173,568 ----a-w c:\windows\ime\CHTIME\Applets\CHTSKF.DLL
+ 2004-08-05 12:00:00 10,096,640 ----a-w c:\windows\ime\CHTIME\Applets\HWXCHT.DLL
+ 2004-08-05 12:00:00 13,463,552 ----a-w c:\windows\ime\imjp8_1\applets\hwxjpn.dll
+ 2004-08-05 12:00:00 471,102 ----a-w c:\windows\ime\imjp8_1\applets\imskdic.dll
+ 2004-08-05 12:00:00 315,452 ----a-w c:\windows\ime\imjp8_1\applets\imskf.dll
+ 2004-08-05 12:00:00 229,439 ----a-w c:\windows\ime\imjp8_1\applets\multibox.dll
+ 2004-08-05 12:00:00 143,422 ----a-w c:\windows\ime\imjp8_1\applets\softkey.dll
+ 2004-08-05 12:00:00 426,041 ----a-w c:\windows\ime\imjp8_1\applets\voicepad.dll
+ 2004-08-05 12:00:00 86,073 ----a-w c:\windows\ime\imjp8_1\applets\voicesub.dll
+ 2004-08-05 12:00:00 57,399 ----a-w c:\windows\ime\imjp8_1\cplexe.exe
+ 2004-08-05 12:00:00 368,696 ----a-w c:\windows\ime\imjp8_1\imjpcic.dll
+ 2004-08-05 12:00:00 716,856 ----a-w c:\windows\ime\imjp8_1\imjpcus.dll
+ 2004-08-05 12:00:00 57,398 ----a-w c:\windows\ime\imjp8_1\imjpdadm.exe
+ 2004-08-05 12:00:00 81,976 ----a-w c:\windows\ime\imjp8_1\imjpdct.dll
+ 2004-08-05 12:00:00 307,257 ----a-w c:\windows\ime\imjp8_1\imjpdct.exe
+ 2004-08-05 12:00:00 155,705 ----a-w c:\windows\ime\imjp8_1\imjpdsvr.exe
+ 2004-08-05 12:00:00 196,665 ----a-w c:\windows\ime\imjp8_1\imjpinst.exe
+ 2004-08-05 12:00:00 208,952 ----a-w c:\windows\ime\imjp8_1\imjpmig.exe
+ 2004-08-05 12:00:00 233,527 ----a-w c:\windows\ime\imjp8_1\imjprw.exe
+ 2004-08-05 12:00:00 45,109 ----a-w c:\windows\ime\imjp8_1\imjpuex.exe
+ 2004-08-05 12:00:00 262,200 ----a-w c:\windows\ime\imjp8_1\imjputy.exe
+ 2004-08-05 12:00:00 274,489 ----a-w c:\windows\ime\imjp8_1\imjputyc.dll
+ 2004-08-05 12:00:00 10,129,408 ----a-w c:\windows\ime\imkr6_1\applets\hwxkor.dll
+ 2004-08-05 12:00:00 86,016 ----a-w c:\windows\ime\imkr6_1\applets\imekrmbx.dll
+ 2004-08-05 12:00:00 36,864 ----a-w c:\windows\ime\imkr6_1\dicts\hanjadic.dll
+ 2004-08-05 12:00:00 106,496 ----a-w c:\windows\ime\imkr6_1\imekrcic.dll
+ 2004-08-05 12:00:00 44,032 ----a-w c:\windows\ime\imkr6_1\imekrmig.exe
+ 2004-08-05 12:00:00 59,904 ----a-w c:\windows\ime\imkr6_1\imkrinst.exe
+ 2004-08-05 12:00:00 102,463 ----a-w c:\windows\ime\shared\imepadsm.dll
+ 2004-08-05 12:00:00 311,359 ----a-w c:\windows\ime\shared\imepadsv.exe
+ 2004-08-05 12:00:00 102,456 ----a-w c:\windows\ime\shared\imlang.dll
+ 2004-08-05 12:00:00 15,872 ----a-w c:\windows\ime\shared\res\PADRS404.DLL
+ 2004-08-05 12:00:00 36,927 ----a-w c:\windows\ime\shared\res\padrs411.dll
+ 2004-08-05 12:00:00 14,336 ----a-w c:\windows\ime\shared\res\padrs412.dll
+ 2004-08-05 12:00:00 15,360 ----a-w c:\windows\ime\shared\res\padrs804.dll
+ 2007-04-19 12:09:30 167,256 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\IETAG.DLL
+ 2007-05-31 11:35:22 6,420,320 ----a-r c:\windows\Installer\$PatchCache$\Managed\C040110900063D11C8EF10054038389C\11.0.8173\POWERPNT.EXE
+ 2008-11-12 16:07:02 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
- 2008-07-09 10:31:33 593,920 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-12-12 16:00:33 593,920 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-07-09 10:31:33 12,288 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-12-12 16:00:34 12,288 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-07-09 10:31:33 86,016 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-12-12 16:00:34 86,016 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-07-09 10:31:33 135,168 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-12-12 16:00:33 135,168 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-07-09 10:31:33 11,264 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-12-12 16:00:34 11,264 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-07-09 10:31:33 27,136 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-12-12 16:00:34 27,136 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-07-09 10:31:33 4,096 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-12-12 16:00:34 4,096 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-07-09 10:31:33 794,624 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-12-12 16:00:34 794,624 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-07-09 10:31:33 249,856 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-12-12 16:00:33 249,856 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-07-09 10:31:33 61,440 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-12-12 16:00:33 61,440 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-07-09 10:31:33 23,040 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-12-12 16:00:34 23,040 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-07-09 10:31:33 286,720 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-12-12 16:00:33 286,720 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-07-09 10:31:32 409,600 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-12-12 16:00:32 409,600 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-12-26 23:11:10 29,926 ----a-r c:\windows\Installer\{BADF6744-3787-48F6-B8C9-4C4995401D65}\MsblIco.Exe
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\msagent\intl\agt0404.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\msagent\intl\agt0411.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\msagent\intl\agt0412.dll
+ 2004-08-05 12:00:00 19,456 ----a-w c:\windows\msagent\intl\agt0804.dll
- 2000-08-31 06:00:00 28,672 ----a-w c:\windows\Nircmd.exe
+ 2000-08-31 07:00:00 28,672 ----a-w c:\windows\Nircmd.exe
- 2000-08-31 06:00:00 161,792 ----a-w c:\windows\swreg.exe
+ 2000-08-31 07:00:00 161,792 ----a-w c:\windows\swreg.exe
- 2008-04-21 07:02:27 1,024,000 ----a-w c:\windows\system32\browseui.dll
+ 2008-10-16 10:38:30 1,024,000 ----a-w c:\windows\system32\browseui.dll
+ 2004-08-05 12:00:00 218,112 ----a-w c:\windows\system32\c_g18030.dll
+ 2004-08-05 12:00:00 6,656 ----a-w c:\windows\system32\c_is2022.dll
- 2008-04-21 07:02:27 152,064 ----a-w c:\windows\system32\cdfview.dll
+ 2008-10-16 10:38:27 152,064 ----a-w c:\windows\system32\cdfview.dll
+ 2004-08-05 12:00:00 1,677,824 ----a-w c:\windows\system32\chsbrkr.dll
+ 2004-08-05 12:00:00 838,144 ----a-w c:\windows\system32\chtbrkr.dll
- 2008-06-05 18:50:37 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2008-12-26 19:00:15 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2008-06-05 18:50:37 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2008-12-26 19:00:15 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
- 2008-06-05 18:50:37 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-12-26 19:00:15 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-12-26 19:00:23 78,924 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\PhishingFilter\45E13EC5-3DB7-4B3D-9F80-073A58AB5E82.dat
- 2008-04-21 07:02:28 1,056,768 ----a-w c:\windows\system32\danim.dll
+ 2008-10-16 10:38:27 1,056,768 ----a-w c:\windows\system32\danim.dll
+ 2008-09-16 00:11:56 683,520 ----a-w c:\windows\system32\DivX.dll
+ 2008-09-16 00:11:58 823,296 ----a-w c:\windows\system32\divx_xx07.dll
+ 2008-09-16 00:11:58 815,104 ----a-w c:\windows\system32\divx_xx0a.dll
+ 2008-09-16 00:11:58 823,296 ----a-w c:\windows\system32\divx_xx0c.dll
+ 2008-09-16 00:11:58 802,816 ----a-w c:\windows\system32\divx_xx11.dll
+ 2008-09-16 00:11:28 161,096 ----a-w c:\windows\system32\DivXCodecVersionChecker.exe
+ 2008-09-16 00:14:26 524,288 ----a-w c:\windows\system32\DivXsm.exe
+ 2008-09-16 00:11:10 12,288 ----a-w c:\windows\system32\DivXWMPExtType.dll
- 2008-06-20 10:44:38 138,368 ----a-w c:\windows\system32\dllcache\afd.sys
+ 2008-08-14 09:51:43 138,368 ----a-w c:\windows\system32\dllcache\afd.sys
- 2008-04-21 07:02:27 1,024,000 ----a-w c:\windows\system32\dllcache\browseui.dll
+ 2008-10-16 10:38:30 1,024,000 ----a-w c:\windows\system32\dllcache\browseui.dll
- 2008-04-21 07:02:27 152,064 ----a-w c:\windows\system32\dllcache\cdfview.dll
+ 2008-10-16 10:38:27 152,064 ----a-w c:\windows\system32\dllcache\cdfview.dll
+ 2004-08-05 12:00:00 1,677,824 ----a-w c:\windows\system32\dllcache\chsbrkr.dll
+ 2004-08-05 12:00:00 838,144 ----a-w c:\windows\system32\dllcache\chtbrkr.dll
+ 2004-08-05 12:00:00 97,792 ----a-w c:\windows\system32\dllcache\chtmbx.dll
+ 2004-08-05 12:00:00 56,320 ----a-w c:\windows\system32\dllcache\chtskdic.dll
+ 2004-08-05 12:00:00 173,568 ----a-w c:\windows\system32\dllcache\chtskf.dll
+ 2004-08-05 12:00:00 198,656 ----a-w c:\windows\system32\dllcache\cintime.dll
+ 2004-08-05 12:00:00 480,256 ----a-w c:\windows\system32\dllcache\cintsetp.exe
+ 2004-08-05 12:00:00 57,399 ----a-w c:\windows\system32\dllcache\cplexe.exe
- 2008-04-21 07:02:28 1,056,768 ----a-w c:\windows\system32\dllcache\danim.dll
+ 2008-10-16 10:38:27 1,056,768 ----a-w c:\windows\system32\dllcache\danim.dll
- 2008-04-21 07:02:28 357,888 ----a-w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-10-16 10:38:27 357,888 ----a-w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-04-21 07:02:28 205,312 ----a-w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-10-16 10:38:28 205,312 ----a-w c:\windows\system32\dllcache\dxtrans.dll
- 2005-07-26 04:39:57 243,200 ----a-w c:\windows\system32\dllcache\es.dll
+ 2008-07-07 20:31:48 253,952 ----a-w c:\windows\system32\dllcache\es.dll
- 2008-04-21 07:02:28 55,808 ----a-w c:\windows\system32\dllcache\extmgr.dll
+ 2008-10-16 10:38:28 55,808 ----a-w c:\windows\system32\dllcache\extmgr.dll
+ 2004-08-05 12:00:00 36,864 ----a-w c:\windows\system32\dllcache\hanjadic.dll
+ 2004-08-05 12:00:00 10,096,640 ----a-w c:\windows\system32\dllcache\hwxcht.dll
+ 2004-08-05 12:00:00 13,463,552 ----a-w c:\windows\system32\dllcache\hwxjpn.dll
+ 2004-08-05 12:00:00 10,129,408 ----a-w c:\windows\system32\dllcache\hwxkor.dll
- 2008-04-21 07:02:29 251,392 ----a-w c:\windows\system32\dllcache\iepeers.dll
+ 2008-10-16 10:38:28 251,392 ----a-w c:\windows\system32\dllcache\iepeers.dll
+ 2004-08-05 12:00:00 106,496 ----a-w c:\windows\system32\dllcache\imekrcic.dll
+ 2004-08-05 12:00:00 86,016 ----a-w c:\windows\system32\dllcache\imekrmbx.dll
+ 2004-08-05 12:00:00 44,032 ----a-w c:\windows\system32\dllcache\imekrmig.exe
+ 2004-08-05 12:00:00 102,463 ----a-w c:\windows\system32\dllcache\imepadsm.dll
+ 2004-08-05 12:00:00 311,359 ----a-w c:\windows\system32\dllcache\imepadsv.exe
+ 2004-08-05 12:00:00 811,064 ----a-w c:\windows\system32\dllcache\imjp81k.dll
+ 2004-08-05 12:00:00 368,696 ----a-w c:\windows\system32\dllcache\imjpcic.dll
+ 2004-08-05 12:00:00 716,856 ----a-w c:\windows\system32\dllcache\imjpcus.dll
+ 2004-08-05 12:00:00 57,398 ----a-w c:\windows\system32\dllcache\imjpdadm.exe
+ 2004-08-05 12:00:00 81,976 ----a-w c:\windows\system32\dllcache\imjpdct.dll
+ 2004-08-05 12:00:00 307,257 ----a-w c:\windows\system32\dllcache\imjpdct.exe
+ 2004-08-05 12:00:00 155,705 ----a-w c:\windows\system32\dllcache\imjpdsvr.exe
+ 2004-08-05 12:00:00 196,665 ----a-w c:\windows\system32\dllcache\imjpinst.exe
+ 2004-08-05 12:00:00 208,952 ----a-w c:\windows\system32\dllcache\imjpmig.exe
+ 2004-08-05 12:00:00 233,527 ----a-w c:\windows\system32\dllcache\imjprw.exe
+ 2004-08-05 12:00:00 45,109 ----a-w c:\windows\system32\dllcache\imjpuex.exe
+ 2004-08-05 12:00:00 262,200 ----a-w c:\windows\system32\dllcache\imjputy.exe
+ 2004-08-05 12:00:00 274,489 ----a-w c:\windows\system32\dllcache\imjputyc.dll
+ 2004-08-05 12:00:00 59,904 ----a-w c:\windows\system32\dllcache\imkrinst.exe
+ 2004-08-05 12:00:00 102,456 ----a-w c:\windows\system32\dllcache\imlang.dll
+ 2004-08-05 12:00:00 59,392 ----a-w c:\windows\system32\dllcache\imscinst.exe
+ 2004-08-05 12:00:00 471,102 ----a-w c:\windows\system32\dllcache\imskdic.dll
+ 2004-08-05 12:00:00 315,452 ----a-w c:\windows\system32\dllcache\imskf.dll
- 2007-08-21 06:17:23 683,520 ----a-w c:\windows\system32\dllcache\inetcomm.dll
+ 2008-04-11 18:51:06 683,520 ----a-w c:\windows\system32\dllcache\inetcomm.dll
- 2008-04-21 07:02:29 96,768 ----a-w c:\windows\system32\dllcache\inseng.dll
+ 2008-10-16 10:38:28 96,768 ----a-w c:\windows\system32\dllcache\inseng.dll
- 2008-04-21 07:02:29 16,384 ----a-w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-10-16 10:38:29 16,384 ----a-w c:\windows\system32\dllcache\jsproxy.dll
+ 2001-08-17 21:55:56 6,144 ----a-w c:\windows\system32\dllcache\kbd101b.dll
+ 2001-08-17 21:55:56 6,144 ----a-w c:\windows\system32\dllcache\kbd101c.dll
+ 2001-08-17 21:55:56 5,632 ----a-w c:\windows\system32\dllcache\kbd103.dll
+ 2001-08-17 21:55:56 6,144 ----a-w c:\windows\system32\dllcache\kbd106.dll
+ 2001-08-23 16:47:06 8,704 ----a-w c:\windows\system32\dllcache\kbdjpn.dll
+ 2001-08-23 16:47:06 8,192 ----a-w c:\windows\system32\dllcache\kbdkor.dll
+ 2004-08-05 12:00:00 70,656 ----a-w c:\windows\system32\dllcache\korwbrkr.dll
- 2004-08-10 20:46:46 96,768 ----a-w c:\windows\system32\dllcache\logagent.exe
+ 2008-06-10 08:17:42 96,768 ----a-w c:\windows\system32\dllcache\logagent.exe
- 2004-08-05 12:00:00 331,776 ----a-w c:\windows\system32\dllcache\msadce.dll
+ 2008-05-01 14:31:48 331,776 ----a-w c:\windows\system32\dllcache\msadce.dll
- 2005-06-29 01:49:41 74,240 ----a-w c:\windows\system32\dllcache\mscms.dll
+ 2008-06-24 16:23:56 74,240 ----a-w c:\windows\system32\dllcache\mscms.dll
- 2008-04-21 07:02:34 449,024 ----a-w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-10-16 10:38:29 449,024 ----a-w c:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-05 12:00:00 98,304 ----a-w c:\windows\system32\dllcache\msir3jp.dll
- 2008-04-21 07:02:34 146,432 ----a-w c:\windows\system32\dllcache\msrating.dll
+ 2008-10-16 10:38:28 146,432 ----a-w c:\windows\system32\dllcache\msrating.dll
- 2008-04-21 07:02:35 532,480 ----a-w c:\windows\system32\dllcache\mstime.dll
+ 2008-10-16 10:38:28 532,480 ----a-w c:\windows\system32\dllcache\mstime.dll
- 2007-06-26 06:09:14 1,104,896 ----a-w c:\windows\system32\dllcache\msxml3.dll
+ 2008-09-04 16:45:11 1,106,944 ----a-w c:\windows\system32\dllcache\msxml3.dll
+ 2004-08-05 12:00:00 229,439 ----a-w c:\windows\system32\dllcache\multibox.dll
- 2007-02-28 16:02:21 2,138,112 ------w c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-08-14 13:44:35 2,138,112 ------w c:\windows\system32\dllcache\ntkrnlmp.exe
- 2007-02-28 16:02:36 2,059,648 ------w c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-08-14 13:44:39 2,059,776 ------w c:\windows\system32\dllcache\ntkrnlpa.exe
- 2007-02-28 16:02:21 2,017,792 ------w c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-08-14 13:44:33 2,017,792 ------w c:\windows\system32\dllcache\ntkrpamp.exe
- 2007-02-28 16:02:36 2,182,400 ------w c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-08-14 13:44:37 2,182,400 ------w c:\windows\system32\dllcache\ntoskrnl.exe
+ 2004-08-05 12:00:00 15,872 ----a-w c:\windows\system32\dllcache\padrs404.dll
+ 2004-08-05 12:00:00 36,927 ----a-w c:\windows\system32\dllcache\padrs411.dll
+ 2004-08-05 12:00:00 14,336 ----a-w c:\windows\system32\dllcache\padrs412.dll
+ 2004-08-05 12:00:00 15,360 ----a-w c:\windows\system32\dllcache\padrs804.dll
+ 2004-08-05 12:00:00 175,104 ----a-w c:\windows\system32\dllcache\pintlcsa.dll
+ 2004-08-05 12:00:00 53,760 ----a-w c:\windows\system32\dllcache\pintlcsd.dll
+ 2004-08-05 12:00:00 70,144 ----a-w c:\windows\system32\dllcache\pintlphr.exe
+ 2004-08-05 12:00:00 67,584 ----a-w c:\windows\system32\dllcache\pmigrate.dll
- 2008-04-21 07:02:35 39,424 ----a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-10-16 10:38:28 39,424 ----a-w c:\windows\system32\dllcache\pngfilt.dll
- 2008-04-21 07:02:37 1,495,040 ----a-w c:\windows\system32\dllcache\shdocvw.dll
+ 2008-10-16 10:38:29 1,495,040 ----a-w c:\windows\system32\dllcache\shdocvw.dll
- 2008-04-21 07:02:38 474,624 ----a-w c:\windows\system32\dllcache\shlwapi.dll
+ 2008-10-16 10:38:29 474,624 ----a-w c:\windows\system32\dllcache\shlwapi.dll
+ 2004-08-05 12:00:00 143,422 ----a-w c:\windows\system32\dllcache\softkey.dll
- 2006-08-14 10:34:41 332,928 ----a-w c:\windows\system32\dllcache\srv.sys
+ 2008-08-28 10:04:17 333,056 ----a-w c:\windows\system32\dllcache\srv.sys
+ 2004-08-05 12:00:00 44,032 ----a-w c:\windows\system32\dllcache\tintlphr.exe
+ 2004-08-05 12:00:00 455,168 ----a-w c:\windows\system32\dllcache\tintsetp.exe
+ 2004-08-05 12:00:00 10,240 ----a-w c:\windows\system32\dllcache\tmigrate.dll
+ 2004-08-05 12:00:00 76,288 ----a-w c:\windows\system32\dllcache\uniime.dll
- 2008-04-21 07:02:39 617,984 ----a-w c:\windows\system32\dllcache\urlmon.dll
+ 2008-10-16 10:38:30 617,984 ----a-w c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-05 12:00:00 426,041 ----a-w c:\windows\system32\dllcache\voicepad.dll
+ 2004-08-05 12:00:00 86,073 ----a-w c:\windows\system32\dllcache\voicesub.dll
- 2008-03-20 08:09:22 1,845,376 ----a-w c:\windows\system32\dllcache\win32k.sys
+ 2008-09-15 15:39:16 1,846,144 ----a-w c:\windows\system32\dllcache\win32k.sys
- 2008-04-21 07:02:40 663,552 ----a-w c:\windows\system32\dllcache\wininet.dll
+ 2008-10-16 10:38:29 663,552 ----a-w c:\windows\system32\dllcache\wininet.dll
- 2004-08-10 23:41:04 1,027,072 ----a-w c:\windows\system32\dllcache\wmnetmgr.dll
+ 2008-06-10 10:37:02 1,026,048 ----a-w c:\windows\system32\dllcache\WMNetmgr.dll
- 2006-12-07 06:40:49 2,362,184 ----a-w c:\windows\system32\dllcache\wmvcore.dll
+ 2008-06-10 10:57:40 2,364,472 ----a-w c:\windows\system32\dllcache\WMVCore.dll
+ 2008-09-16 00:12:02 81,920 ----a-w c:\windows\system32\dpl100.dll
+ 2008-09-16 00:12:00 294,912 ----a-w c:\windows\system32\dpu10.dll
+ 2008-09-16 00:12:00 294,912 ----a-w c:\windows\system32\dpu11.dll
+ 2008-09-16 00:12:00 53,248 ----a-w c:\windows\system32\dpuGUI10.dll
+ 2008-09-16 00:12:00 593,920 ----a-w c:\windows\system32\dpuGUI11.dll
+ 2008-09-16 00:12:00 344,064 ----a-w c:\windows\system32\dpus11.dll
+ 2008-09-16 00:12:00 57,344 ----a-w c:\windows\system32\dpv11.dll
- 2008-06-20 10:44:38 138,368 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-08-14 09:51:43 138,368 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-07-23 16:50:48 9,336 ------w c:\windows\system32\drivers\cdr4_xp.sys
+ 2008-07-23 16:50:48 9,464 ------w c:\windows\system32\drivers\cdralw2k.sys
- 2006-05-05 09:41:45 453,120 ----a-w c:\windows\system32\drivers\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
- 2004-10-21 01:03:00 20,576 ----a-w c:\windows\system32\drivers\pxhelp20.sys
+ 2008-07-23 16:50:48 43,528 ------w c:\windows\system32\drivers\pxhelp20.sys
- 2006-08-14 10:34:41 332,928 ----a-w c:\windows\system32\drivers\srv.sys
+ 2008-08-28 10:04:17 333,056 ----a-w c:\windows\system32\drivers\srv.sys
+ 2008-09-16 00:12:02 196,608 ----a-w c:\windows\system32\dtu100.dll
- 2008-04-21 07:02:28 357,888 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-10-16 10:38:27 357,888 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-04-21 07:02:28 205,312 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-10-16 10:38:28 205,312 ----a-w c:\windows\system32\dxtrans.dll
- 2005-07-26 04:39:57 243,200 ----a-w c:\windows\system32\es.dll
+ 2008-07-07 20:31:48 253,952 ----a-w c:\windows\system32\es.dll
- 2008-04-21 07:02:28 55,808 ----a-w c:\windows\system32\extmgr.dll
+ 2008-10-16 10:38:28 55,808 ----a-w c:\windows\system32\extmgr.dll
+ 2004-08-05 12:00:00 7,168 ----a-w c:\windows\system32\f3ahvoas.dll
- 2008-08-04 18:45:54 1,575,920 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2008-11-13 11:06:17 1,618,984 ----a-w c:\windows\system32\FNTCACHE.DAT
- 2008-04-21 07:02:29 251,392 ----a-w c:\windows\system32\iepeers.dll
+ 2008-10-16 10:38:28 251,392 ----a-w c:\windows\system32\iepeers.dll
+ 2004-08-05 12:00:00 198,656 ----a-w c:\windows\system32\IME\CINTLGNT\CINTIME.DLL
+ 2004-08-05 12:00:00 480,256 ----a-w c:\windows\system32\IME\CINTLGNT\CINTSETP.EXE
+ 2004-08-05 12:00:00 59,392 ----a-w c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE
+ 2004-08-05 12:00:00 70,144 ----a-w c:\windows\system32\IME\PINTLGNT\PINTLPHR.EXE
+ 2004-08-05 12:00:00 67,584 ----a-w c:\windows\system32\IME\PINTLGNT\PMIGRATE.DLL
+ 2004-08-05 12:00:00 44,032 ----a-w c:\windows\system32\IME\TINTLGNT\TINTLPHR.EXE
+ 2004-08-05 12:00:00 455,168 ----a-w c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
+ 2004-08-05 12:00:00 10,240 ----a-w c:\windows\system32\IME\TINTLGNT\TMIGRATE.DLL
+ 2004-08-05 12:00:00 811,064 ----a-w c:\windows\system32\imjp81k.dll
- 2007-08-21 06:17:23 683,520 ----a-w c:\windows\system32\inetcomm.dll
+ 2008-04-11 18:51:06 683,520 ----a-w c:\windows\system32\inetcomm.dll
- 2008-04-21 07:02:29 96,768 ----a-w c:\windows\system32\inseng.dll
+ 2008-10-16 10:38:28 96,768 ----a-w c:\windows\system32\inseng.dll
- 2008-04-21 07:02:29 16,384 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-10-16 10:38:29 16,384 ----a-w c:\windows\system32\jsproxy.dll
+ 2004-08-05 12:00:00 6,144 ----a-w c:\windows\system32\kbd101.dll
+ 2004-08-05 12:00:00 6,144 ----a-w c:\windows\system32\kbd101a.dll
+ 2001-08-17 21:55:56 6,144 ----a-w c:\windows\system32\kbd101b.dll
+ 2001-08-17 21:55:56 6,144 ----a-w c:\windows\system32\kbd101c.dll
+ 2001-08-17 21:55:56 5,632 ----a-w c:\windows\system32\kbd103.dll
+ 2001-08-17 21:55:56 6,144 ----a-w c:\windows\system32\kbd106.dll
+ 2004-08-05 12:00:00 6,144 ----a-w c:\windows\system32\kbd106n.dll
+ 2004-08-05 12:00:00 6,144 ----a-w c:\windows\system32\kbdax2.dll
+ 2004-08-05 12:00:00 7,168 ----a-w c:\windows\system32\kbdibm02.dll
+ 2001-08-23 16:47:06 8,704 ----a-w c:\windows\system32\kbdjpn.dll
+ 2001-08-23 16:47:06 8,192 ----a-w c:\windows\system32\kbdkor.dll
+ 2004-08-05 12:00:00 6,656 ----a-w c:\windows\system32\kbdlk41a.dll
+ 2004-08-05 12:00:00 6,144 ----a-w c:\windows\system32\kbdlk41j.dll
+ 2004-08-05 12:00:00 7,168 ----a-w c:\windows\system32\kbdnec95.dll
+ 2004-08-05 12:00:00 9,216 ----a-w c:\windows\system32\kbdnecAT.dll
+ 2004-08-05 12:00:00 7,680 ----a-w c:\windows\system32\kbdnecNT.dll
+ 2004-08-05 12:00:00 70,656 ----a-w c:\windows\system32\korwbrkr.dll
- 2007-11-29 22:30:16 1,044,480 ----a-w c:\windows\system32\libdivx.dll
+ 2008-09-16 00:12:54 1,044,480 ----a-w c:\windows\system32\libdivx.dll
- 2004-08-10 20:46:46 96,768 ----a-w c:\windows\system32\logagent.exe
+ 2008-06-10 08:17:42 96,768 ----a-w c:\windows\system32\logagent.exe
+ 2008-10-05 03:16:26 235,936 ----a-r c:\windows\system32\Macromed\Flash\FlashUtil10a.exe
- 2008-06-30 17:18:49 74,137 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2008-10-31 13:51:49 88,590 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2008-09-21 16:10:03 53,248 ----a-w c:\windows\system32\Macromed\Shockwave 10\PostUpdate.exe
- 2008-06-25 16:15:46 17,972,344 ----a-w c:\windows\system32\MRT.exe
+ 2008-12-09 23:24:37 17,593,280 ----a-w c:\windows\system32\MRT.exe
- 2005-06-29 01:49:41 74,240 ----a-w c:\windows\system32\mscms.dll
+ 2008-06-24 16:23:56 74,240 ----a-w c:\windows\system32\mscms.dll
- 2008-04-21 07:02:34 3,080,704 ----a-w c:\windows\system32\mshtml.dll
+ 2008-12-12 17:35:12 3,081,216 ----a-w c:\windows\system32\mshtml.dll
- 2008-04-21 07:02:34 449,024 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-10-16 10:38:29 449,024 ----a-w c:\windows\system32\mshtmled.dll
+ 2004-08-05 12:00:00 98,304 ----a-w c:\windows\system32\msir3jp.dll
- 2008-04-21 07:02:34 146,432 ----a-w c:\windows\system32\msrating.dll
+ 2008-10-16 10:38:28 146,432 ----a-w c:\windows\system32\msrating.dll
- 2008-04-21 07:02:35 532,480 ----a-w c:\windows\system32\mstime.dll
+ 2008-10-16 10:38:28 532,480 ----a-w c:\windows\system32\mstime.dll
- 2007-06-26 06:09:14 1,104,896 ----a-w c:\windows\system32\msxml3.dll
+ 2008-09-04 16:45:11 1,106,944 ----a-w c:\windows\system32\msxml3.dll
- 2007-05-15 14:43:10 1,320,800 ----a-w c:\windows\system32\msxml6.dll
+ 2008-08-29 19:06:44 1,350,664 ----a-w c:\windows\system32\msxml6.dll
- 2006-08-17 12:29:49 332,288 ----a-w c:\windows\system32\netapi32.dll
+ 2008-10-15 16:59:28 332,800 ----a-w c:\windows\system32\netapi32.dll
- 2007-02-28 16:02:36 2,059,648 ----a-w c:\windows\system32\ntkrnlpa.exe
+ 2008-08-14 13:44:39 2,059,776 ----a-w c:\windows\system32\ntkrnlpa.exe
- 2007-02-28 16:02:36 2,182,400 ----a-w c:\windows\system32\ntoskrnl.exe
+ 2008-08-14 13:44:37 2,182,400 ----a-w c:\windows\system32\ntoskrnl.exe
- 2008-05-16 13:35:40 68,404 ----a-w c:\windows\system32\perfc009.dat
+ 2008-12-26 23:04:06 68,664 ----a-w c:\windows\system32\perfc009.dat
- 2008-05-16 13:35:40 81,678 ----a-w c:\windows\system32\perfc00C.dat
+ 2008-12-26 23:04:06 81,988 ----a-w c:\windows\system32\perfc00C.dat
- 2008-05-16 13:35:40 435,760 ----a-w c:\windows\system32\perfh009.dat
+ 2008-12-26 23:04:06 436,020 ----a-w c:\windows\system32\perfh009.dat
- 2008-05-16 13:35:40 503,650 ----a-w c:\windows\system32\perfh00C.dat
+ 2008-12-26 23:04:06 503,944 ----a-w c:\windows\system32\perfh00C.dat
- 2008-04-21 07:02:35 39,424 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-10-16 10:38:28 39,424 ----a-w c:\windows\system32\pngfilt.dll
- 2004-10-19 15:56:36 360,448 ----a-w c:\windows\system32\Px.dll
+ 2008-07-23 16:50:46 551,672 ------w c:\windows\system32\Px.dll
+ 2008-07-23 16:50:46 129,784 ------w c:\windows\system32\pxafs.dll
+ 2008-07-23 16:50:46 66,296 ------w c:\windows\system32\pxcpya64.exe
+ 2008-07-23 16:50:48 120,056 ------w c:\windows\system32\pxcpyi64.exe
- 2005-01-17 00:01:00 401,408 ----a-w c:\windows\system32\pxdrv.dll
+ 2008-07-23 16:50:48 518,904 ------w c:\windows\system32\pxdrv.dll
+ 2008-07-23 16:50:48 72,440 ------w c:\windows\system32\pxhpinst.exe
+ 2008-07-23 16:50:46 64,760 ------w c:\windows\system32\pxinsa64.exe
+ 2008-07-23 16:50:46 118,520 ------w c:\windows\system32\pxinsi64.exe
- 2004-10-19 15:55:44 155,648 ----a-w c:\windows\system32\pxmas.dll
+ 2008-07-23 16:50:50 187,128 ------w c:\windows\system32\pxmas.dll
+ 2008-07-23 16:50:48 1,628,920 ------w c:\windows\system32\pxsfs.dll
- 2004-10-19 15:55:16 339,968 ----a-w c:\windows\system32\PxWave.dll
+ 2008-07-23 16:50:48 379,640 ------w c:\windows\system32\PxWave.dll
+ 2008-09-16 00:14:24 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll
+ 2008-12-26 19:34:48 308,616 ----a-w c:\windows\system32\Restore\rstrlog.dat
- 2008-04-21 07:02:37 1,495,040 ----a-w c:\windows\system32\shdocvw.dll
+ 2008-10-16 10:38:29 1,495,040 ----a-w c:\windows\system32\shdocvw.dll
- 2008-04-21 07:02:38 474,624 ----a-w c:\windows\system32\shlwapi.dll
+ 2008-10-16 10:38:29 474,624 ----a-w c:\windows\system32\shlwapi.dll
- 2007-01-19 10:53:04 51,056 ----a-w c:\windows\system32\sirenacm.dll
+ 2007-10-18 10:31:46 51,224 ----a-w c:\windows\system32\sirenacm.dll
+ 2008-07-18 20:10:20 36,552 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.784\wups.dll
+ 2008-10-16 13:08:58 34,328 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.788\wups.dll
+ 2008-07-18 20:10:40 45,768 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.784\wups2.dll
+ 2008-10-16 13:09:44 43,544 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.788\wups2.dll
- 2005-06-25 12:16:48 138,240 ----a-w c:\windows\system32\spool\drivers\w32x86\3\PS5UI.DLL
+ 2005-06-25 13:16:50 138,240 ----a-w c:\windows\system32\spool\drivers\w32x86\3\PS5UI.DLL
- 2005-06-25 12:16:50 480,256 ----a-w c:\windows\system32\spool\drivers\w32x86\3\PSCRIPT5.DLL
+ 2005-06-25 13:16:52 480,256 ----a-w c:\windows\system32\spool\drivers\w32x86\3\PSCRIPT5.DLL
- 2007-11-29 22:30:16 200,704 ----a-w c:\windows\system32\ssldivx.dll
+ 2008-09-16 00:12:54 200,704 ----a-w c:\windows\system32\ssldivx.dll
- 2007-11-13 11:31:11 60,416 ------w c:\windows\system32\tzchange.exe
+ 2008-10-22 09:47:07 62,976 ------w c:\windows\system32\tzch
0
Réponse 17 / 29
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
...
0
Réponse 18 / 29
kyra
 
Bonjour,

Je viens de faire le nettoyage avec ccleaner^^ Quand tu dit qu'il faut coché toute les cases, il faut même cocher celle dans Windows => Avancé.

Car je les ai toute coché sauf celle du avancé ...

Je poste le rapport dans le prochain post^^

Merci
0
Réponse 19 / 29
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Bonjour

Attention avec ccleaner

C - Ccleaner :
(nettoyeur de registre, cookies+temps+tempos+prefetch+historique+etc.)
* Télécharge CCleaner.
(attention à l'installation penser à DECOCHER l'installation de Yahoo toolbar discrètement proposé en plus de CCleaner).

https://www.pcastuces.com/logitheque/ccleaner.htm
http://www.commentcamarche.net/telecharger/telecharger 168 ccleaner
Installe le dans un répertoire dédié.
Décoche pendant l'installation
--- les deux cases "Ajouter l'option ... "
--- Contrôler les mises à jour
* Lance Ccleaner pour un nettoyage complet.
Tutorial ici:
https://kerio.probb.fr/t242-tuto-ccleaner-v-2
https://www.malekal.com/tutoriel-ccleaner/
ET
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm

0
Réponse 20 / 29
kyra
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:51:58, on 27/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
c:\Apps\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\Apps\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {4C0C9A00-C2B9-4899-88E3-2853E5015735} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6D2B7BDE-27A9-4E2E-9820-02B466399878} - (no file)
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - (no file)
O2 - BHO: (no name) - {7215AE25-E169-4E0A-9BEB-72526E7F247E} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: (no name) - {f1ed44f0-0469-41d1-8b22-3dea6d4c6877} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?d44cce06468f4dc4b858e0b8a965e42a
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?d44cce06468f4dc4b858e0b8a965e42a
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O20 - Winlogon Notify: efcDUnLe - C:\WINDOWS\
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Belkin Wireless USB Network Adapter (Belkin Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\Apps\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\Apps\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
symboles et écritures pour nick msn
Pando -
roro -

20 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses