Sujet Précédent Sujet Suivant

Messages d erreur dll

mushu14 -  
 mushu14 -
Bonjour a tous et d avance merci pour le temps que vous passerez sur ce topic,

quelques precisions tout d abord, ce n est pas mon pc (je rend service et n ai donc pas acces au pc tout le temps), et je ne debute pas en informatique.

suite au telechargement d une video sur emule (bien ou pas bien, le probleme n est pas la) plusieurs dysfonctionnements du pc sont apparus, a savoir:

- fenetres IE8 qui se ferment toutes seules
- messages d erreur sur des dll qui sont presentes et saines (analyse Virustotal)

la video a été eradiquée avec difficulté apparement, mais pas par moi (donc impossible de savoir ce que c etait)
les messages d erreur concernent les dll suivantes:

hotplug.dll (ejection de peripheriques usb)
cnmsm86.dll (spouleur d une imprimante)
shimgvw.dll (overture de pieces jointes en jpg sous outlook express)
il est possible que d autres dll soient touchées

malgré les messages d erreur, les actions s executent correctement sauf pour les pieces jointes en jpg qui sont inouvrables a moins de les enregistrer

un scan minutieux avec bitdefebder 2010 n a rien trouvé
un scan avec malwarebyte n a rien donné non plus
un hijackthis a été effectué, et ne trouvant rien dedans et pour me donner une piste sur l infection j ai voulu lancer genproc
la fenetre est apparue 1/2 seconde et plus rien

un scan rsit a été effectué, (je le posterais en bas de ce message) et plusieurs personnes presentes sur ce forum l ont analysé et m ont demandé de realiser un certain nombre d actions
passer smitfraudfix, et usbfix et ensuite ccleaner

smitfraudfix et usbfix ont fait comme genproc (la fenetre s ouvre et se referme)
j ai essayé de relancer les tools en MSE, toujours rien

le pc est sous xp home avec bitdefender 2010 a jour
j attend un nouveau rapport mabam et je vous le poste, en attendant faites vous les dents sur le rsit, je suis prenneur de toutes solutions realistes que vous pourriez proposer

et merci encore d avance

Logfile of random's system information tool 1.06 (written by random/random)
Run by Utilisateur at 2009-10-03 15:07:12
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 142 GB (46%) free of 305 GB
Total RAM: 959 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:07:28, on 03/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe
C:\Program Files\Cobian Backup 9\cbService.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Utilisateur\Application Data\U3\0000180CB770ECB2\LaunchPad.exe
C:\Documents and Settings\Utilisateur\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Utilisateur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Consulter les dictionnaires (SYSTRAN) - res://C:\Program Files\SYSTRAN\6\\GUIres.dll/lookup.js
O8 - Extra context menu item: Traduire (SYSTRAN) - res://C:\Program Files\SYSTRAN\6\\GUIres.dll/translate.js
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E171146-E2F5-4FA2-A896-4B88C91F44AB}: NameServer = 212.27.40.240,212.27.40.241
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Serveur Arrakis (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: Cobian Backup 9 service (CobianBackupAmanita) - Luis Cobian - C:\Program Files\Cobian Backup 9\cbService.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

44 réponses

Précédent
Réponse 21 / 44
mushu14
 
j ai oublié, IE8 a de nouveau des problèmes de fermeture de fenêtres intempestives

quand a l analyse VT, un seul résultat sur 41 me semble être un faux positif, mais sait on jamais.....
0
Réponse 22 / 44
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Bonsoir,

je viens de scanner sur VT mon fichier beep.sys.

J'ai le même résultat d'analyse (eSafe) avec les mêmes caractéristiques (MD5, Sha1 et Sha26).

J'ai passé un combofix cet après-midi sans rien dans le sigcheck.

Edit :

pas tout à fait identique :

http://www.virustotal.com/fr/analisis/5a81a46a3bdd19dafc6c87d277267a5d44f3a1b5302f2cc1111d84b7bad5610d-1255718683
0
Réponse 23 / 44
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Re,

un problème identique ici : https://forums.commentcamarche.net/forum/affich-13923017-virus-system32-autre?page=4#72
0
Réponse 24 / 44
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Re,

on va utiliser la même méthode.

Le tutoriel avec lien de téléchargement :

https://forum.malekal.com/viewtopic.php?t=19657&start=

La liste des fichiers : 

c:\windows\system32\browser.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\cryptsvc.dll
c:\windows\system32\drivers\asyncmac.sys
c:\windows\system32\drivers\beep.sys
c:\windows\system32\drivers\kbdclass.sys
c:\windows\system32\drivers\ndis.sys
c:\windows\system32\drivers\ntfs.sys
c:\windows\system32\drivers\null.sys
c:\windows\system32\drivers\tcpip.sys
c:\windows\system32\es.dll
c:\windows\system32\imm32.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\lpk.dll
c:\windows\system32\lsass.exe
c:\windows\system32\mswsock.dll
c:\windows\system32\netlogon.dll
c:\windows\system32\netman.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\qmgr.dll
c:\windows\system32\bits\qmgr.dll
c:\windows\system32\rpcss.dll
c:\windows\system32\scecli.dll
c:\windows\system32\services.exe
c:\windows\system32\sfc.dll
c:\windows\system32\spoolsv.exe
c:\windows\system32\svchost.exe
c:\windows\system32\tapisrv.dll
c:\windows\system32\user32.dll
c:\windows\system32\userinit.exe
c:\windows\system32\winlogon.exe
c:\windows\system32\ws2_32.dll
c:\windows\explorer.exe
c:\windows\system32\msvcrt.dll
c:\windows\system32\srsvc.dll
c:\windows\system32\wscntfy.exe
c:\windows\system32\xmlprov.dll
c:\windows\system32\eventlog.dll
c:\windows\system32\sfcfiles.dll
c:\windows\system32\ctfmon.exe
c:\windows\system32\regsvc.dll
c:\windows\system32\schedsvc.dll
c:\windows\system32\shsvcs.dll
c:\windows\system32\ssdpsrv.dll
c:\windows\system32\termsrv.dll
c:\windows\system32\drivers\agp440.sys
c:\windows\system32\drivers\acpiec.sys
c:\windows\system32\drivers\aec.sys
c:\windows\system32\drivers\ip6fw.sys
c:\windows\system32\mfc40u.dll
c:\windows\system32\msgsvc.dll
c:\windows\system32\mspmsnsv.dll
c:\windows\system32\ntmssvc.dll
c:\windows\system32\upnphost.dll
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 44
mushu14
 
bonjour,

je vous met le rapport panda, et je vois pour ce qui est demandé un peu plus tard

;***********************************************************************************************************************************************************************************
ANALYSIS: 2009-10-16 23:53:20
PROTECTIONS: 1
MALWARE: 14
SUSPECTS: 10
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
BitDefender Antivirus 13.0.16 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00135558 adware/searchforit Adware No 0 Yes No c:\program files\sf
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Cookies\utilisateur@247realmedia[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Cookies\utilisateur@xiti[1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Cookies\utilisateur@ad.yieldmanager[1].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Cookies\utilisateur@serving-sys[2].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Cookies\utilisateur@bs.serving-sys[1].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Cookies\utilisateur@weborama[1].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Cookies\utilisateur@adtech[1].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Utilisateur\Cookies\utilisateur@smartadserver[1].txt
00484705 Application/IEDefender HackTools No 0 Yes No C:\Documents and Settings\Utilisateur\Bureau\nettoyage\SmitfraudFix\IEDFix.C.exe
00921467 Generic Malware Virus/Trojan No 0 Yes No C:\Documents and Settings\Utilisateur\Bureau\nettoyage\SmitfraudFix\404Fix.exe
00967264 Trj/Agent.MFH Virus/Trojan No 0 Yes No C:\Documents and Settings\Utilisateur\Mes documents\telechargement\sld.codec.pack.2.2.exe
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{41F18DCA-6D57-4E83-B318-C3B8F45671E3}\RP218\A0055450.sys
03074964 Trj/CI.A Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{41F18DCA-6D57-4E83-B318-C3B8F45671E3}\RP213\A0054437.exe
;===================================================================================================================================================================================
SUSPECTS
Sent Location
;===================================================================================================================================================================================
No C:\Documents and Settings\Utilisateur\Bureau\nettoyage\ComboFix.exe[32788R22FWJFW\pev.exe]
No C:\Documents and Settings\Utilisateur\Bureau\nettoyage\SmitfraudFix.exe
No C:\Program Files\BitDefender\BitDefender 2010\wslib.dll
No C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\WSLib.dll
No C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\WSLib.dll
No C:\Program Files\Fichiers communs\BitDefender\Setup Information\{E182458E-5796-4736-97A3-3EEC01D1D2D6}\bdis.msi[unk_0100][WSLib.dll]
No C:\System Volume Information\_restore{41F18DCA-6D57-4E83-B318-C3B8F45671E3}\RP172\A0047538.msi[unk_0100][WSLib.dll]
No C:\System Volume Information\_restore{41F18DCA-6D57-4E83-B318-C3B8F45671E3}\RP208\A0053840.exe
No C:\System Volume Information\_restore{41F18DCA-6D57-4E83-B318-C3B8F45671E3}\RP218\A0055507.exe
No C:\WINDOWS\PEV.exe
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description
;===================================================================================================================================================================================
;===================================================================================================================================================================================
0
Réponse 26 / 44
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Bonjour,

je voudrais aussi que tu fasses ceci :

tu ouvres l'Explorateur Windows, tu cherches C:\Qoobox et tu renommes Combofix-quarantined-files.txt en Combofix-quarantined-files-0.txt.

Quand tu auras terminé la manip avec Winreplace, refais tourner Combofix et poste le rapport.
--
@+
Avez vous une sauvegarde de vos données personnelles ?
Même si Windows ne démarre plus, nous savons encore les sauver. Ne formatez pas !
0
Réponse 27 / 44
mushu14
 
bonjour lyonnais92,
on abandonne le scan SF pour l instant ?
0
Réponse 28 / 44
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Re,

non, fais le, même si il ne devrait pas nous apporter d'informations complémentaires.
0
Réponse 29 / 44
mushu14
 
bonjour a tous,
j ai recup le pc pour une journée et demi, on va pouvoir bosser
je fais les manip demandées de suite et je poste les rapports
0
Réponse 30 / 44
mushu14
 
y a un soucis avec winfilereplace
il ne se lance pas
je renomme combofix et je le relance, pour voir si apres un bref nettoyage les outils passent
0
Réponse 31 / 44
mushu14
 
nouveau rapport combofix

ComboFix 09-10-22.01 - Utilisateur 23/10/2009 14:13.2.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.959.599 [GMT 2:00]
Lancé depuis: c:\documents and settings\Utilisateur\Bureau\nettoyage\ludo.exe
AV: BitDefender Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: BitDefender Pare-feu *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-09-23 au 2009-10-23 ))))))))))))))))))))))))))))))))))))
.

2009-10-23 11:59 . 2009-10-23 12:00 -------- d-----w- C:\WinFileReplace
2009-10-16 16:20 . 2008-06-19 15:24 28544 ----a-w- c:\windows\system32\drivers\pavboot.sys
2009-10-16 16:20 . 2009-10-16 16:20 -------- d-----w- c:\program files\Panda Security
2009-10-15 19:26 . 2009-10-15 19:26 -------- d-----w- c:\program files\Fichiers communs\Borland Shared
2009-10-15 19:26 . 1999-01-20 03:01 210032 ----a-w- c:\windows\system32\DBCLIENT.DLL
2009-10-15 19:26 . 2009-10-15 19:26 -------- d-----w- c:\program files\ZebHelpProcess
2009-10-09 15:58 . 2007-12-24 15:37 138384 ------w- c:\windows\system32\drivers\tmcomm.sys
2009-10-09 15:57 . 2009-10-09 21:30 -------- d-----w- c:\documents and settings\Utilisateur\Application Data\HouseCall 6.6
2009-10-09 15:57 . 2009-10-09 15:57 -------- d-----w- c:\windows\system32\HouseCall 6.6
2009-10-07 18:37 . 2009-10-23 12:05 -------- d-----w- c:\program files\SF
2009-10-05 17:07 . 2009-10-05 17:07 -------- d-sh--w- c:\documents and settings\Administrateur\IETldCache
2009-10-05 17:03 . 2009-10-08 17:53 -------- d-----w- C:\UsbFix
2009-10-05 16:43 . 2009-10-09 21:46 2256 ------w- c:\windows\current_settings.bin
2009-10-03 13:07 . 2009-10-03 13:07 -------- d-----w- C:\rsit
2009-10-03 08:38 . 2009-10-03 08:38 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonBJ
2009-09-27 06:46 . 2006-09-05 19:28 38480 ------w- c:\windows\system32\IJRMF.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-23 11:47 . 2004-08-05 12:00 85404 ----a-w- c:\windows\system32\perfc00C.dat
2009-10-23 11:47 . 2004-08-05 12:00 513080 ----a-w- c:\windows\system32\perfh00C.dat
2009-10-23 11:41 . 2009-08-25 19:06 132 ----a-w- c:\windows\system32\rezumatenoi.dat
2009-10-17 07:07 . 2007-03-06 06:45 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-10-09 11:23 . 2009-06-29 12:12 152328 ------w- c:\windows\system32\drivers\bdfm.sys
2009-10-03 13:14 . 2009-01-15 21:11 -------- d-----w- c:\documents and settings\Utilisateur\Application Data\U3
2009-10-03 11:04 . 2009-01-02 21:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-03 10:52 . 2006-03-02 12:00 440320 ------w- c:\windows\system32\shimgvw.dll
2009-10-03 10:45 . 2007-03-01 06:41 -------- d-----w- c:\program files\eMule
2009-10-01 17:59 . 2007-10-06 12:37 -------- d-----w- c:\program files\Canon
2009-09-24 17:08 . 2009-06-29 12:12 105736 ------w- c:\windows\system32\drivers\bdhv.sys
2009-09-14 17:06 . 2009-08-06 14:34 110856 ------w- c:\windows\system32\drivers\bdfndisf.sys
2009-09-11 14:18 . 2008-10-17 12:16 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-10 12:54 . 2009-01-02 21:28 38224 ------w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 12:53 . 2009-01-02 21:28 19160 ------w- c:\windows\system32\drivers\mbam.sys
2009-09-04 21:04 . 2006-03-02 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:56 . 2006-03-02 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-08-26 08:01 . 2006-03-02 12:00 247326 ------w- c:\windows\system32\strmdll.dll
2009-08-25 21:00 . 2009-07-28 19:48 -------- d-----w- c:\program files\Java
2009-08-25 20:42 . 2009-08-25 20:42 0 ------w- c:\windows\system32\wsbl.dat
2009-08-25 20:42 . 2009-08-25 20:42 0 ------w- c:\windows\system32\ph_summ.dat
2009-08-25 20:41 . 2009-08-25 20:41 0 ------w- c:\windows\system32\ph_white.dat
2009-08-25 20:41 . 2009-08-25 20:41 0 ------w- c:\windows\system32\ph_black.dat
2009-08-25 20:41 . 2009-08-25 20:41 0 ------w- c:\windows\system32\pcwords2.dat
2009-08-25 20:41 . 2009-08-25 20:41 0 ------w- c:\windows\system32\pcwords.dat
2009-08-25 19:04 . 2007-02-24 14:05 91568 ------w- c:\documents and settings\Utilisateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-25 19:03 . 2009-08-25 19:00 -------- d-----w- c:\documents and settings\All Users\Application Data\BitDefender
2009-08-25 19:01 . 2009-08-25 19:01 -------- d-----w- c:\documents and settings\Utilisateur\Application Data\BitDefender
2009-08-25 19:00 . 2008-08-22 09:35 -------- d-----w- c:\program files\BitDefender
2009-08-25 19:00 . 2008-08-22 09:29 -------- d-----w- c:\program files\Fichiers communs\BitDefender
2009-08-25 18:52 . 2007-08-24 19:05 81984 ------w- c:\windows\system32\bdod.bin
2009-08-05 09:00 . 2006-03-02 12:00 205312 ------w- c:\windows\system32\mswebdvd.dll
2009-08-04 20:58 . 2008-10-17 12:16 2191232 ------w- c:\windows\system32\ntoskrnl.exe
2009-08-04 17:28 . 2008-10-17 12:16 2068096 ------w- c:\windows\system32\ntkrnlpa.exe
2009-09-24 17:07 . 2009-08-25 19:04 47104 ------w- c:\program files\mozilla firefox\components\FFComm.dll
2008-12-21 20:46 . 2007-02-24 14:02 848 --sh--w- c:\windows\system32\KGyGaAvL.sys
.

------- Sigcheck -------

[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys

[-] 2006-03-02 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2006-03-02 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys

[-] 2008-04-14 . 16813155807C6881F4BFBF6657424659 . 25216 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-14 . 16813155807C6881F4BFBF6657424659 . 25216 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys

[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys

[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys

[-] 2006-03-02 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2006-03-02 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys

[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys

[-] 2008-04-14 . 06B54A7B1EF7CB16BFD0E208D343FA71 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
[-] 2008-04-14 . 06B54A7B1EF7CB16BFD0E208D343FA71 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll

[-] 2008-04-14 . 91E6024D6D4DCDECDB36C43ECF9BBECB . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 . 91E6024D6D4DCDECDB36C43ECF9BBECB . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe

[-] 2008-04-14 . BE0CB143FA427D93440DED18DB8C918B . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2008-04-14 . BE0CB143FA427D93440DED18DB8C918B . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2005-08-22 . 31748843AD5811351B115CC52CEA8D77 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll

[-] 2008-04-14 . BAA0B6E647C1AD593E9BAE5CC31BCFFB . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . BAA0B6E647C1AD593E9BAE5CC31BCFFB . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . BAA0B6E647C1AD593E9BAE5CC31BCFFB . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll

[-] 2009-02-09 . F83B964469D230F445613C44DF9FE25D . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . 0203B1AAD358F206CB0A3C1F93CCE17A . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . 0203B1AAD358F206CB0A3C1F93CCE17A . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2008-04-14 . 3D65EB82E1FA6DB15A33E024C9E03CAB . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2005-07-26 . B38D431ACE730452CD1FEE4FB7ECD6E2 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[-] 2005-04-28 . FD292BFE003558F4C39AA3D44F420AC7 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll

[-] 2009-02-09 . C3FB1D70CB88722267949694BA51759E . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . C3FB1D70CB88722267949694BA51759E . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . 62789101F9C2401ED598AA2CDE7450C0 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-14 . 54CB50058851D95E56EC70D09F70857F . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe

[-] 2008-04-14 . 460E4CE148BD07218DA0B6A3D31885A9 . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2008-04-14 . 460E4CE148BD07218DA0B6A3D31885A9 . 57856 . . [5.1.2600.5512] . . c:\windows\system32\spoolsv.exe
[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe

[-] 2008-04-14 . DD73D6B9F6B4CB630CF35B438B540174 . 512000 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . DD73D6B9F6B4CB630CF35B438B540174 . 512000 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe

[-] 2008-04-14 . B4AA331468315B6A174C3F0D5B3BC135 . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . B4AA331468315B6A174C3F0D5B3BC135 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll

[-] 2008-04-14 . 7A6D0B71035E123FDDA2156A25578AD3 . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . 7A6D0B71035E123FDDA2156A25578AD3 . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll

[-] 2008-07-07 20:28 . EC16AE9B37EACF871629227A3F3913FD . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[-] 2008-07-07 20:28 . EC16AE9B37EACF871629227A3F3913FD . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:28 . EC16AE9B37EACF871629227A3F3913FD . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:24 . 157F9C595FD0D10502497DC4C1348D17 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-07-07 20:18 . 74ECF4DDC685BD3249CAB323405FCC49 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[-] 2008-04-14 02:33 . 9FD4A0615BF3E9388A46EDF8774C7294 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2005-07-26 04:29 . B56B69129181FF63BAED5EDE65DCC9B1 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll

[-] 2008-04-14 . 0469B73DB32E5520F342C5E163AA3CCA . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . 0469B73DB32E5520F342C5E163AA3CCA . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll

[-] 2009-03-21 . 98F08549604D090B6B2514AF845F329F . 1054720 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . 98F08549604D090B6B2514AF845F329F . 1054720 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . C3AF0EEE26B59484E674673E3016AAB7 . 1056768 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-04-14 . 3AC8886DFA5AB641417DF4D3B7F5512E . 1054720 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2007-04-16 . 62E3F0E9ABFCBCEE62C51546F622C455 . 1051136 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[-] 2006-07-05 . FB85EF2A6713E3A58A497E093626B93C . 1050112 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll

[-] 2008-04-14 . 5C64008E661307C4A3C3C25D9086CDE7 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . 5C64008E661307C4A3C3C25D9086CDE7 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2005-09-01 . D9BD4CCA0533401B6609E47FF74F40DC . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll

[-] 2008-04-14 . 982B2C204337C3B12211E1E1D9BA8C9C . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . 982B2C204337C3B12211E1E1D9BA8C9C . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll

[-] 2008-04-14 . 3891413139EAABFEFE9B0CA49B5CD395 . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . 3891413139EAABFEFE9B0CA49B5CD395 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll

[-] 2008-06-20 . 58AF8498C62E1E1DAB5AE59C6E08C180 . 247808 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 58AF8498C62E1E1DAB5AE59C6E08C180 . 247808 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-04-14 . 196CCC3FDD21665DCAA9F83FFC03B41A . 247808 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll

[-] 2008-04-14 . 04821179C3171554C1BD1F9888A113E2 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2008-04-14 . 04821179C3171554C1BD1F9888A113E2 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll

[-] 2008-04-14 . 9F2C862E39BF8E8FC51C3F6A6BCEB415 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 . 9F2C862E39BF8E8FC51C3F6A6BCEB415 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll

[-] 2008-04-14 . 973B36634C544948C663E8269AA1B3A3 . 187392 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2008-04-14 . 973B36634C544948C663E8269AA1B3A3 . 187392 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll

[-] 2008-04-14 . 9A4E7ECBB5B7FB86F3B926AB039F4FEC . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2008-04-14 . 9A4E7ECBB5B7FB86F3B926AB039F4FEC . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll

[-] 2008-04-14 . E4BDF223CD75478BF44567B4D5C2634D . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 . E4BDF223CD75478BF44567B4D5C2634D . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe

[-] 2008-04-14 . 8E5231171AD6595FF002E848CC54FCD7 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2008-04-14 . 8E5231171AD6595FF002E848CC54FCD7 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2005-07-08 . C9FA05D271A0066764FE75BE38E24D69 . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll

[-] 2008-04-14 . E853F84D3CE2FAA2A802E33CF89AC023 . 579584 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . E853F84D3CE2FAA2A802E33CF89AC023 . 579584 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2007-03-08 . 4D88AAF39ADABFE45958EA1384E2C4FF . 579072 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2005-03-02 . C34920EB988CE98910BD6B0417F334EB . 578048 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll

[-] 2008-04-14 . E74DDB12188C2FF57A78624DBF7332FC . 26624 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . E74DDB12188C2FF57A78624DBF7332FC . 26624 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe

[-] 2008-04-14 . FB836F9E62D82904C983AD21296A5D9C . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . FB836F9E62D82904C983AD21296A5D9C . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll

[-] 2008-04-14 . F2317622D29F9FF0F88AEECD5F60F0DD . 1037824 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . F2317622D29F9FF0F88AEECD5F60F0DD . 1037824 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 . B795475444D6D57A572C14B9E1A29839 . 1037312 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe

[-] 2008-04-14 . 6ED29124A1C83BD0CF6B26BD01CA6F6F . 171520 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 6ED29124A1C83BD0CF6B26BD01CA6F6F . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll

[-] 2008-04-14 . 02DA31AB433A6C1110A736C85701DECA . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2008-04-14 . 02DA31AB433A6C1110A736C85701DECA . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe

[-] 2008-04-14 . F92A87FDDA0C11C8604FBC2B864FA726 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2008-04-14 . F92A87FDDA0C11C8604FBC2B864FA726 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll

[-] 2008-04-14 . 4EC800BDF80521B0207BD2301DFC7D14 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2008-04-14 . 4EC800BDF80521B0207BD2301DFC7D14 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll

[-] 2008-04-14 . E17C85D5B5CF477638433B851A98499E . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 . E17C85D5B5CF477638433B851A98499E . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll

[-] 2008-04-14 . 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe

[-] 2008-04-14 . B9F20D71E5B6CE89A7A94B38351FDBDC . 135680 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2008-04-14 . B9F20D71E5B6CE89A7A94B38351FDBDC . 135680 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll
[-] 2006-12-19 . 1839CDF416A5AA8BF2EFE377F57452CC . 135680 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll

[-] 2008-04-14 . E598D81197E2E0EC42A0C55772BB00E8 . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2008-04-14 . E598D81197E2E0EC42A0C55772BB00E8 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll

[-] 2008-04-14 . 55F5C5C1BE1A78E285033E432BA01597 . 194560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . 55F5C5C1BE1A78E285033E432BA01597 . 194560 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll

[-] 2008-04-14 . EA9E0DB8684CEF2FD3BADD671DF5A112 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . EA9E0DB8684CEF2FD3BADD671DF5A112 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll

[-] 2008-04-14 . 710BC85A8C22626EE094439E3EA0D38C . 297984 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 . 710BC85A8C22626EE094439E3EA0D38C . 297984 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll

[-] 2006-03-02 . E4ABC1212B70BB03D35E60681C447210 . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys

[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys

[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys

[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys

[-] 2008-04-14 02:33 . CE21FE79AD3B913A79E0C742BED6BF85 . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
[-] 2008-04-14 02:33 . CE21FE79AD3B913A79E0C742BED6BF85 . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll

[-] 2008-04-14 . E67A66A3781C1A483F0F8992664CBE0D . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2008-04-14 . E67A66A3781C1A483F0F8992664CBE0D . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll

[-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2004-08-11 00:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[-] 2004-08-05 12:00 . 762B2A5F0E8B0164A5DB6741959DFB0C . 52736 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll

[-] 2008-04-14 02:33 . 037D92B3A7853A183FCAB77FB1D13D6C . 438272 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2008-04-14 02:33 . 037D92B3A7853A183FCAB77FB1D13D6C . 438272 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll

[-] 2008-04-14 . BD8166A495B02308F364B36249475F22 . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2008-04-14 . BD8166A495B02308F364B36249475F22 . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2007-02-05 . 385DB2591BF11955F26E0A97728B1B31 . 185344 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-10-15_19.15.03 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-08-05 12:00 . 2009-10-15 18:23 71904 c:\windows\system32\perfc009.dat
+ 2004-08-05 12:00 . 2009-10-23 11:47 71904 c:\windows\system32\perfc009.dat
+ 2009-10-15 20:13 . 2009-10-15 20:13 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\8acb476a0d4ee17a12881e17ae74a6af\System.Windows.Presentation.ni.dll
+ 2009-10-15 20:13 . 2009-10-15 20:13 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\4b87ca3482a3c0ee733e028ecee7de65\System.Web.DynamicData.Design.ni.dll
+ 2009-10-15 20:11 . 2009-10-15 20:11 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\a0c71055364bd356971791284c3fb910\System.ComponentModel.DataAnnotations.ni.dll
+ 2009-10-15 20:11 . 2009-10-15 20:11 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f9a75bbdc2ce7db578b5977766a09b99\System.AddIn.Contract.ni.dll
+ 2009-10-15 20:12 . 2009-10-15 20:12 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f2673aec397c52796aef05bb9d2668df\Microsoft.Vsa.ni.dll
+ 2009-10-15 20:11 . 2009-10-15 20:11 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\c5d504724d7f351b1d034615dbb72a2a\Microsoft.Build.Framework.ni.dll
+ 2009-10-15 20:10 . 2009-10-15 20:10 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\a664ccab020f93f1d533919f57131190\dfsvc.ni.exe
- 2004-08-05 12:00 . 2009-10-15 18:23 444028 c:\windows\system32\perfh009.dat
+ 2004-08-05 12:00 . 2009-10-23 11:47 444028 c:\windows\system32\perfh009.dat
+ 2009-08-04 12:06 . 2009-08-04 12:06 132352 c:\windows\Downloaded Program Files\as2stubie.dll
+ 2009-10-15 20:11 . 2009-10-15 20:11 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\e2098e43d115155d6ba91ba3a7e577cf\WsatConfig.ni.exe
+ 2009-10-15 20:13 . 2009-10-15 20:13 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\eb23b78564687badff1bd1f1d0a0ec97\System.Xml.Linq.ni.dll
+ 2009-10-15 20:13 . 2009-10-15 20:13 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\e7666364bf9f3ba5f4833c9efedd8218\System.Web.Routing.ni.dll
+ 2009-10-15 20:13 . 2009-10-15 20:13 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\884eacddf339b8b342f66aedff5f8ef9\System.Web.Extensions.Design.ni.dll
+ 2009-10-15 20:13 . 2009-10-15 20:13 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\9e199645bd26f1afe58ebe185d1e7f0f\System.Web.Entity.ni.dll
+ 2009-10-15 20:13 . 2009-10-15 20:13 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\652017ebe962ab2eb271c2524f31cd61\System.Web.Entity.Design.ni.dll
+ 2009-10-15 20:13 . 2009-10-15 20:13 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\d0070c1c1a642ae30394e00bc0d82336\System.Web.DynamicData.ni.dll
+ 2009-10-15 20:13 . 2009-10-15 20:13 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\1896753d02d146be1988d32241300f51\System.Web.Abstractions.ni.dll
+ 2009-10-15 20:12 . 2009-10-15 20:12 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\5f74a84e9d28c2332c51f6e30da0e125\System.Net.ni.dll
+ 2009-10-15 20:13 . 2009-10-15 20:13 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\8ad38ebb07c0d5b5bbf15f8f3c11c6be\System.Messaging.ni.dll
+ 2009-10-15 20:12 . 2009-10-15 20:12 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\2c208e4c5521f31057ea7d6e93c6a567\System.Management.ni.dll
+ 2009-10-15 20:12 . 2009-10-15 20:12 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\818b20a7c6f3b2fe97bf008ca24080c1\System.Management.Instrumentation.ni.dll
+ 2009-10-15 20:10 . 2009-10-15 20:10 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\6c273eb9d1ee8b66b5ecb073de4b785d\System.IO.Log.ni.dll
+ 2009-10-15 20:10 . 2009-10-15 20:10 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\7222db518afb4eaaa138824278249bc7\System.IdentityModel.Selectors.ni.dll
+ 2009-10-15 20:12 . 2009-10-15 20:12 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c92fc19800e701c90f90ab7a2ab44c47\System.DirectoryServices.AccountManagement.ni.dll
+ 2009-10-15 20:12 . 2009-10-15 20:12 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\b91b44015859163646f210d284f7166a\System.Data.Services.Client.ni.dll
+ 2009-10-15 20:12 . 2009-10-15 20:12 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1b35297e07b85071daecdb06f96750a1\System.Data.Services.Design.ni.dll
+ 2009-10-15 20:12 . 2009-10-15 20:12 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\cf906bf9146d1f0013451ec63b58e064\System.Data.Entity.Design.ni.dll
+ 2009-10-15 20:11 . 2009-10-15 20:11 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\4ff4134b0d490c090e03d74e104517c4\System.Data.DataSetExtensions.ni.dll
+ 2009-10-15 20:11 . 2009-10-15 20:11 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\cba35f47925431a54d0e6ae147a292f1\System.AddIn.ni.dll
+ 2009-10-15 20:11 . 2009-10-15 20:11 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6af32fe5cbec0aa54e2efa6910c73651\SMSvcHost.ni.exe
+ 2009-10-15 20:10 . 2009-10-15 20:10 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\7602d7687fb9bd21cd9ae60d2b187c99\SMDiagnostics.ni.dll
+ 2009-10-15 20:10 . 2009-10-15 20:10 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\a23dc25782df04533a13e348203e4dc5\ServiceModelReg.ni.exe
+ 2009-10-15 20:11 . 2009-10-15 20:11 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\eade8c1c9c1e8e5ffb50e6c9b9af0f6a\MSBuild.ni.exe
+ 2009-10-15 20:11 . 2009-10-15 20:11 459264 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\19ff0cf56365378ffd31976cdc84cfb9\Microsoft.VisualStudio.Tools.Applications.Runtime.ni.dll
+ 2009-10-15 20:10 . 2009-10-15 20:10 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fc4d66e0a92b3767006a84f2519d2457\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2009-10-15 20:11 . 2009-10-15 20:11 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4dd43724dd92026577c6f588270137a0\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-10-15 20:11 . 2009-10-15 20:11 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\8c651f75bb741330370986dcad8e9e5b\Microsoft.Build.Engine.ni.dll
+ 2009-10-15 20:11 . 2009-10-15 20:11 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\a6dcbae619ccd938bfe808c54d6d3ae0\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2009-10-15 20:11 . 2009-10-15 20:11 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\77688ce14f221ed94a9f442ae4736123\CustomMarshalers.ni.dll
+ 2009-10-15 20:10 . 2009-10-15 20:10 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a17c65f0cffaa4f792dd38d50df9d526\ComSvcConfig.ni.exe
+ 2009-10-15 20:09 . 2009-10-15 20:09 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\85d7c111956b478766d90625b35d963f\AspNetMMCExt.ni.dll
+ 2009-10-17 07:07 . 2009-10-17 07:07 3968000 c:\windows\Installer\2fe9a0.msi
+ 2009-10-15 20:13 . 2009-10-15 20:13 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\fa48917b13629d8effa80dd4a2f2973d\System.WorkflowServices.ni.dll
+ 2009-10-15 20:13 . 2009-10-15 20:13 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\6fe66ee6f3c81996bc148f1ebe7ec030\System.Workflow.Runtime.ni.dll
+ 2009-10-15 20:13 . 2009-10-15 20:13 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\9d0b61f2f1ebdc300bd970f594c422ef\System.Workflow.ComponentModel.ni.dll
+ 2009-10-15 20:13 . 2009-10-15 20:13 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\65328898148a720d394f802f192fc2a0\System.Workflow.Activities.ni.dll
+ 2009-10-15 20:13 . 2009-10-15 20:13 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\29e2f8b1fb691ced973acf49fcee6ec1\System.Web.Mobile.ni.dll
+ 2009-10-15 20:13 . 2009-10-15 20:13 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\981dea02bc63c0c083e335adf9018788\System.Web.Extensions.ni.dll
+ 2009-10-15 20:12 . 2009-10-15 20:12 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\e182695d05ea57257568bc5f3208aca7\System.ServiceModel.Web.ni.dll
+ 2009-10-15 20:10 . 2009-10-15 20:10 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\67ad55827f2542552b576170f0a7dc56\System.Runtime.Serialization.ni.dll
+ 2009-10-15 20:10 . 2009-10-15 20:10 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c3b18fef5c6dc3bcdbe5df699fd21a55\System.IdentityModel.ni.dll
+ 2009-10-15 20:12 . 2009-10-15 20:12 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\112a48e34620a0210eb850040da8a31b\System.Data.Services.ni.dll
+ 2009-10-15 20:12 . 2009-10-15 20:12 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\9012cac7819660f61f1c69cf8e4f2ccf\System.Data.Entity.ni.dll
+ 2009-10-15 20:11 . 2009-10-15 20:11 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6eee9b772b6d12d3dbd82f118c2ab2e5\Microsoft.VisualBasic.ni.dll
+ 2009-10-15 20:10 . 2009-10-15 20:10 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f19e9b439636d0744597fff1331cad04\Microsoft.Transactions.Bridge.ni.dll
+ 2009-10-15 20:12 . 2009-10-15 20:12 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\5b1af7b5be24c7ace065fe1c81c2b650\Microsoft.JScript.ni.dll
+ 2009-10-15 20:11 . 2009-10-15 20:11 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\9eec1cc7ac37e0c7f3205e8156149c5a\Microsoft.Build.Tasks.ni.dll
+ 2009-10-15 20:11 . 2009-10-15 20:11 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\28c0730288453d57d5dcd62903c4d31b\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2009-10-15 20:11 . 2009-10-15 20:11 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\5dd4f58999eed37c12aee7ea9f9863ac\Microsoft.Build.Engine.ni.dll
+ 2009-10-15 20:10 . 2009-10-15 20:10 17317888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\06d6eab93282d2b136a377bd50b7c5a9\System.ServiceModel.ni.dll
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BDAgent"="c:\program files\BitDefender\BitDefender 2010\bdagent.exe" [2009-09-24 1114536]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2010\IEShow.exe" [2009-09-24 71152]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^EPSON Status Monitor 3 Environment Check 2.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\EPSON Status Monitor 3 Environment Check 2.lnk
backup=c:\windows\pss\EPSON Status Monitor 3 Environment Check 2.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Acrobat.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Acrobat.lnk
backup=c:\windows\pss\Lancement rapide d'Adobe Acrobat.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\RealVNC\\VNC4\\winvnc4.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [16/10/2009 18:20 28544]
R2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2010\bdvedisk.sys [01/04/2009 11:25 82696]
R2 CobianBackupAmanita;Cobian Backup 9 service;c:\program files\Cobian Backup 9\cbService.exe [15/10/2008 21:09 583168]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [27/08/2009 17:05 92008]
R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [29/06/2009 14:12 152328]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\drivers\bdfndisf.sys [06/08/2009 16:34 110856]
S3 Arrakis3;BitDefender Serveur Arrakis;c:\program files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [25/06/2009 16:04 183880]
S3 EPUSBSTOR;EPSON USB Storage Driver;c:\windows\system32\drivers\epusbsto.sys [10/09/2001 01:00 17976]
S3 PMTOOL;SAPPHIRE USB Device ;c:\windows\system32\drivers\Sapphire.sys [21/02/2008 16:20 19328]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - HTTPFILTER

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
.
Contenu du dossier 'Tâches planifiées'

2009-10-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 12:57]

2009-10-23 c:\windows\Tasks\User_Feed_Synchronization-{1464665A-CAFA-476B-95F3-CAC8807E8DEF}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
IE: Consulter les dictionnaires (SYSTRAN) - c:\program files\SYSTRAN\6\\GUIres.dll/lookup.js
IE: Traduire (SYSTRAN) - c:\program files\SYSTRAN\6\\GUIres.dll/translate.js
Trusted Zone: creditmutuel.fr\www
TCP: {4E171146-E2F5-4FA2-A896-4B88C91F44AB} = 212.27.40.240,212.27.40.241
DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20091016111722
FF - ProfilePath - c:\documents and settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\74xju6qq.default\
FF - prefs.js: browser.search.selectedEngine - qtl
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-23 14:20
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(812)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\eappprxy.dll
.
Heure de fin: 2009-10-23 14:23
ComboFix-quarantined-files-0.txt 2009-10-15 19:19
ComboFix-quarantined-files.txt 2009-10-23 12:23
ComboFix2.txt 2009-10-15 19:19

Avant-CF: 146 452 582 400 octets libres
Après-CF: 146 489 810 944 octets libres

- - End Of File - - F9AC2DCBAF31E8C797B807485961D3D8
0
Réponse 32 / 44
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Bonjour,

poste le contenu de Combofix-quarantined-files.txt dans C:\Qoobox

comment va l'ordi après Combofix ?
0
Réponse 33 / 44
mushu14
 
quarantaine de combofix

2009-10-15 19:18:06 . 2009-10-15 19:18:06 185 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-ISUSPM.reg.dat
2009-10-15 19:10:27 . 2009-10-23 12:17:43 5,810 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2009-10-15 19:04:11 . 2009-10-23 12:12:22 153 ----a-w- C:\Qoobox\Quarantine\catchme.log
2008-09-07 07:46:58 . 2006-03-02 12:00:00 382,464 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004689_.tmp.dll.vir
2007-02-24 10:32:33 . 2007-02-24 10:32:33 29,696 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\Installer\7ab5b.msi.vir
2007-02-23 15:03:32 . 2004-08-05 12:00:00 382,464 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004296_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 132,096 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004629_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 146,944 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004630_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 102,400 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004631_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 1,836,032 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004632_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 96,768 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004639_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 22,040 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004640_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 50,688 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004641_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 1,003,520 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004642_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 108,544 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004644_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 144,896 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004645_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 431,104 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004648_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 64,000 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004649_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 58,880 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004651_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 61,440 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004652_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 685,056 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004653_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 237,056 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004655_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 34,304 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004658_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 553,472 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004659_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 8,192 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004663_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 733,184 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004664_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 129,536 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004666_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 728,576 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004669_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 344,576 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004671_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 249,270 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004672_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 13,824 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004673_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 1,048,576 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004674_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 144,384 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004675_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 111,616 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004678_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 138,240 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004679_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 32,768 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004680_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 281,088 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004681_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 611,328 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004682_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 685,056 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004687_.tmp.dll.vir
2004-08-05 12:00:00 . 2006-08-17 12:29:49 132,096 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004236_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 146,944 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004237_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 102,400 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004238_.tmp.dll.vir
2004-08-05 12:00:00 . 2008-03-20 08:09:22 1,845,376 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004239_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-12-07 19:34:00 96,768 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004246_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 22,040 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004247_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 50,688 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004248_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 1,003,520 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004249_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 108,544 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004251_.tmp.dll.vir
2004-08-05 12:00:00 . 2007-04-25 14:22:35 144,896 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004252_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 431,104 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004255_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 64,000 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004256_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 58,880 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004258_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 61,440 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004259_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 685,056 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004260_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 237,056 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004262_.tmp.dll.vir
2004-08-05 12:00:00 . 2005-07-26 04:40:00 37,888 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004265_.tmp.dll.vir
2004-08-05 12:00:00 . 2007-12-04 18:41:36 550,912 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004266_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 8,192 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004270_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 733,184 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004271_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 129,536 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004273_.tmp.dll.vir
2004-08-05 12:00:00 . 2007-11-07 09:28:31 728,576 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004276_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 344,576 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004278_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 249,270 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004279_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 13,824 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004280_.tmp.dll.vir
2004-08-05 12:00:00 . 2007-04-16 15:53:11 1,049,600 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004281_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 144,384 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004282_.tmp.dll.vir
2004-08-05 12:00:00 . 2006-05-19 13:23:35 112,128 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004285_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 138,240 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004286_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 32,768 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004287_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 281,088 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004288_.tmp.dll.vir
2004-08-05 12:00:00 . 2006-08-25 15:51:14 617,472 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004289_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 685,056 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004294_.tmp.dll.vir
0
Réponse 34 / 44
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Re,

tu peux aussi poster le backup de l'ancienne version de la quarantaine (post 27) ?
0
Réponse 35 / 44
mushu14
 
le pc " semble " aller bien, les pieces jointes outlook express s ouvrent

par contre j ai essayé de lancer winfilreplace pour voir, et il ne se lance toujours pas
0
Réponse 36 / 44
mushu14
 
ancienne quarantaine de combofix pour comparer

2009-10-15 19:18:06 . 2009-10-15 19:18:06 185 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-ISUSPM.reg.dat
2009-10-15 19:10:27 . 2009-10-15 19:10:27 5,824 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2009-10-15 19:04:11 . 2009-10-15 19:04:11 51 ----a-w- C:\Qoobox\Quarantine\catchme.log
2008-09-07 07:46:58 . 2006-03-02 12:00:00 382,464 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004689_.tmp.dll.vir
2007-02-24 10:32:33 . 2007-02-24 10:32:33 29,696 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\Installer\7ab5b.msi.vir
2007-02-23 15:03:32 . 2004-08-05 12:00:00 382,464 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004296_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 132,096 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004629_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 146,944 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004630_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 102,400 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004631_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 1,836,032 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004632_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 96,768 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004639_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 22,040 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004640_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 50,688 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004641_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 1,003,520 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004642_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 108,544 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004644_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 144,896 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004645_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 431,104 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004648_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 64,000 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004649_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 58,880 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004651_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 61,440 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004652_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 685,056 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004653_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 237,056 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004655_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 34,304 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004658_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 553,472 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004659_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 8,192 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004663_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 733,184 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004664_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 129,536 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004666_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 728,576 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004669_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 344,576 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004671_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 249,270 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004672_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 13,824 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004673_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 1,048,576 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004674_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 144,384 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004675_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 111,616 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004678_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 138,240 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004679_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 32,768 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004680_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 281,088 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004681_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 611,328 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004682_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 685,056 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004687_.tmp.dll.vir
2004-08-05 12:00:00 . 2006-08-17 12:29:49 132,096 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004236_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 146,944 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004237_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 102,400 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004238_.tmp.dll.vir
2004-08-05 12:00:00 . 2008-03-20 08:09:22 1,845,376 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004239_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-12-07 19:34:00 96,768 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004246_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 22,040 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004247_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 50,688 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004248_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 1,003,520 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004249_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 108,544 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004251_.tmp.dll.vir
2004-08-05 12:00:00 . 2007-04-25 14:22:35 144,896 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004252_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 431,104 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004255_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 64,000 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004256_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 58,880 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004258_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 61,440 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004259_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 685,056 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004260_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 237,056 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004262_.tmp.dll.vir
2004-08-05 12:00:00 . 2005-07-26 04:40:00 37,888 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004265_.tmp.dll.vir
2004-08-05 12:00:00 . 2007-12-04 18:41:36 550,912 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004266_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 8,192 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004270_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 733,184 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004271_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 129,536 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004273_.tmp.dll.vir
2004-08-05 12:00:00 . 2007-11-07 09:28:31 728,576 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004276_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 344,576 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004278_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 249,270 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004279_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 13,824 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004280_.tmp.dll.vir
2004-08-05 12:00:00 . 2007-04-16 15:53:11 1,049,600 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004281_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 144,384 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004282_.tmp.dll.vir
2004-08-05 12:00:00 . 2006-05-19 13:23:35 112,128 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004285_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 138,240 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004286_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 32,768 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004287_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 281,088 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004288_.tmp.dll.vir
2004-08-05 12:00:00 . 2006-08-25 15:51:14 617,472 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004289_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 685,056 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004294_.tmp.dll.vir
0
Réponse 37 / 44
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Re,

fais redémarrer l'ordi et regarde si le fichier C\WINDOWS\Installer\7ab5b.msi est revenu.

Regarde aussi un ou deux fichiers C\WINDOWS\system32\_xxxxxxx_.tmp.dll
0
Réponse 38 / 44
mushu14
 
nouveau rapport combofix apres reparation du systeme et sans sp3
comme ccm ne veut pas du rapport, je le met sur ci joint

http://www.cijoint.fr/cjlink.php?file=cj200910/cij0iAhzPy.txt
0
Réponse 39 / 44
mushu14
 
nouveau fichier de quarantaine combofix

2009-10-15 19:18:06 . 2009-10-15 19:18:06 185 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-ISUSPM.reg.dat
2009-10-15 19:10:27 . 2009-10-23 12:17:43 5,810 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2009-10-15 19:04:11 . 2009-10-23 12:12:22 153 ----a-w- C:\Qoobox\Quarantine\catchme.log
2008-09-07 07:46:58 . 2006-03-02 12:00:00 382,464 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004689_.tmp.dll.vir
2007-02-24 10:32:33 . 2007-02-24 10:32:33 29,696 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\Installer\7ab5b.msi.vir
2007-02-23 15:03:32 . 2004-08-05 12:00:00 382,464 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004296_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 132,096 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004629_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 146,944 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004630_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 102,400 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004631_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 1,836,032 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004632_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 96,768 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004639_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 22,040 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004640_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 50,688 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004641_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 1,003,520 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004642_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 108,544 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004644_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 144,896 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004645_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 431,104 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004648_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 64,000 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004649_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 58,880 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004651_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 61,440 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004652_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 685,056 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004653_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 237,056 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004655_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 34,304 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004658_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 553,472 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004659_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 8,192 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004663_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 733,184 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004664_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 129,536 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004666_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 728,576 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004669_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 344,576 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004671_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 249,270 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004672_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 13,824 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004673_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 1,048,576 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004674_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 144,384 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004675_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 111,616 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004678_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 138,240 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004679_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 32,768 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004680_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 281,088 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004681_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 611,328 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004682_.tmp.dll.vir
2006-03-02 12:00:00 . 2006-03-02 12:00:00 685,056 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004687_.tmp.dll.vir
2004-08-05 12:00:00 . 2006-08-17 12:29:49 132,096 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004236_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 146,944 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004237_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 102,400 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004238_.tmp.dll.vir
2004-08-05 12:00:00 . 2008-03-20 08:09:22 1,845,376 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004239_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-12-07 19:34:00 96,768 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004246_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 22,040 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004247_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 50,688 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004248_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 1,003,520 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004249_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 108,544 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004251_.tmp.dll.vir
2004-08-05 12:00:00 . 2007-04-25 14:22:35 144,896 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004252_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 431,104 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004255_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 64,000 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004256_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 58,880 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004258_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 61,440 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004259_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 685,056 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004260_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 237,056 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004262_.tmp.dll.vir
2004-08-05 12:00:00 . 2005-07-26 04:40:00 37,888 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004265_.tmp.dll.vir
2004-08-05 12:00:00 . 2007-12-04 18:41:36 550,912 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004266_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 8,192 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004270_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 733,184 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004271_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 129,536 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004273_.tmp.dll.vir
2004-08-05 12:00:00 . 2007-11-07 09:28:31 728,576 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004276_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 344,576 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004278_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 249,270 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004279_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 13,824 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004280_.tmp.dll.vir
2004-08-05 12:00:00 . 2007-04-16 15:53:11 1,049,600 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004281_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 144,384 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004282_.tmp.dll.vir
2004-08-05 12:00:00 . 2006-05-19 13:23:35 112,128 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004285_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 138,240 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004286_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 32,768 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004287_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 281,088 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004288_.tmp.dll.vir
2004-08-05 12:00:00 . 2006-08-25 15:51:14 617,472 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004289_.tmp.dll.vir
2004-08-05 12:00:00 . 2004-08-05 12:00:00 685,056 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\_004294_.tmp.dll.vir
0
Réponse 40 / 44
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Re,

rien de visible dans le rapport Combo.
0

Discussions similaires

XINPUT1_3.dll manquant (missing)
Maxirugue -
dan -

39 réponses
Erreur 3005 sur France TV
Cambodgil -
JeanPierre -

6 réponses
Probleme d'installation jeu pc (il manquerait " XINPUT1_3.dll)
Rogerleraton -
Rogerleraton -

6 réponses
Problème streaming France 2
95 indomptable -
robmat2005 -

1 réponse
Erreur Upes 1025
ejb971 -
MPMP10 -

1 réponse