Sujet Précédent Sujet Suivant

Ordinateur o_O (les virus)

Résolu/Fermé
shareaza15 Messages postés 667 Date d'inscription samedi 16 mai 2009 Statut Membre Dernière intervention 11 mai 2010 - 12 déc. 2009 à 17:26
plopus Messages postés 5962 Date d'inscription jeudi 1 janvier 2009 Statut Contributeur sécurité Dernière intervention 11 mars 2012 - 1 févr. 2010 à 17:02
Bonjour,tous le monde
Mon ordi ne marche pas bien ralenti et ya une erreur "exception processing message c0000013 Parameters (truc incopiable)"
J'ai fait un scan par comodo il a trouvé 67 virus donc j'ai eliminé des trucs de restauration comme virus mais un fichier dans C:\Windows \installer je n'ai pas eu le courage de le virer
Après ceci en essayant de faire un scan avec hitman pro il y a une erreur du fichier executable
Je suis deboussolé je ne sais pas quoi faire donc je vous demande conseil
voila un log de rsit:
Logfile of random's system information tool 1.06 (written by random/random)
Run by motec at 2009-12-12 17:17:40
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 30 GB (27%) free of 114 GB
Total RAM: 1982 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:19:10, on 12/12/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\UltraVNC Addons\uvnc_service.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\motec\Mes documents\M.I\docs\Logiciels\RSIT_1.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\trend micro\motec.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: SBCONVERT - {A1056498-D09A-41E4-864B-505EDD640D9E} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\DAP\DAPIEL~1.DLL
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [HitmanPro35] "C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe" /scan:boot
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON SX100 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE /FU "C:\DOCUME~1\motec\LOCALS~1\Temp\E_SA3.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{95B5D476-2D6C-4720-BD48-9788B4B976B7}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{E4148975-C818-485C-A0FA-27891A4FD8C0}: NameServer = 156.154.70.25 156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{FAC13AB6-DE94-4B22-9FEA-A5C0FCD34DD6}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Uvnc_service - Unknown owner - C:\Program Files\UltraVNC Addons\uvnc_service.exe
A voir également:

195 réponses

Précédent
Réponse 21 / 195
shareaza15 Messages postés 667 Date d'inscription samedi 16 mai 2009 Statut Membre Dernière intervention 11 mai 2010 26
20 déc. 2009 à 15:20
Bonjour , j'espere que ce que je vais te dire est suffisant et j'espere aussi que tu suis encore mon sujet
Donc, en cours du scan je ne peut meme pas ouvrir l'explorateur windows et le menu demarrer et inutilisable, et pour faire absolument ce scan je lui ait laissé tout le matin d'aujourd'hui mais a la fin, l'ordinateur avais tellement bugué que le raport etait irrecuperable, mais d'un autre coté je n'ai eu aucune alerte, pour te dire vrai, j'avais une TRES longue liste l'onglet "rootkit/malware"
Bon, si je peux te donner d'autres details de ce genre j'en serai ravi
Remarque : l'erreur que j'ai devient parfois une exception logicielle et elle est en liaison avec le processus csrss, et aussi il est remarquable qu'elle soit la raison pour laquelle des applications differentes tel que DAP buguent et ne se lance plus (avira est aussi un exemple)
Merci
0
Réponse 22 / 195
plopus Messages postés 5962 Date d'inscription jeudi 1 janvier 2009 Statut Contributeur sécurité Dernière intervention 11 mars 2012 293
20 déc. 2009 à 17:26
desactive ton antivirus et TOUTES tes protections

clic droit sur l'url ci dessous et choisit enregistré la cible du lien sous
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

tu choisit l'emplacement du BUREAU et tu RENOMME le fichier en ton prenom par exemple

puis lance combofix, suit les indications, il te sera demander d'installer la console de recuperation, fait le puis
DEBRANCHE LE CABLE INTERNET ou la wifi et poursuit la recherche des nuisibles

une fois le scan fait enregsitre le rapport et poste le ici dans ta prochaine reponse
0
Réponse 23 / 195
shareaza15 Messages postés 667 Date d'inscription samedi 16 mai 2009 Statut Membre Dernière intervention 11 mai 2010 26
20 déc. 2009 à 18:35
PFFFFF
il semblerait que des miettes de Avira sont detectées avec comfix et il me fait l'alerte rouge, alors est ce que je fonce dans le tas ou chercherais je une methodes de suppression manuelle dans Avira ??

Merci
0
Réponse 24 / 195
plopus Messages postés 5962 Date d'inscription jeudi 1 janvier 2009 Statut Contributeur sécurité Dernière intervention 11 mars 2012 293
20 déc. 2009 à 18:59
si tu n'utilise + antivir comme antivirus supprime ce dossier si encore present

C:\programfile\Avira

si tu n'as pas ou si meme après suppression tu as encore une alerte de combofix, continue quand meme la procedure
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 195
shareaza15 Messages postés 667 Date d'inscription samedi 16 mai 2009 Statut Membre Dernière intervention 11 mai 2010 26
21 déc. 2009 à 11:21
Bonjour
Voila le raport pour combofix :

ComboFix 09-12-19.03 - motec 21/12/2009 10:14:36.5.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1982.1606 [GMT 1:00]
Lancé depuis: c:\documents and settings\motec\Bureau\limportant.exe
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

-- Exécution préalable --

Une copie infectée de c:\windows\system32\midimap.dll a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\NiwradSoft Shell Pack\Backup\midimap.dll

--------

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ASC3360PR
-------\Service_asc3360pr
-------\Legacy_ASC3360PR
-------\Legacy_ASC3360PR
-------\Service_asc3360pr
-------\Legacy_ASC3360PR
-------\Service_asc3360pr
-------\Legacy_ASC3360PR
-------\Service_asc3360pr


((((((((((((((((((((((((((((( Fichiers créés du 2009-11-21 au 2009-12-21 ))))))))))))))))))))))))))))))))))))
.

2009-12-20 20:42 . 2009-12-20 20:52 -------- d-----w- C:\limportant
2009-12-20 19:14 . 2009-12-20 19:14 -------- d-----w- c:\program files\WinPcap
2009-12-20 19:14 . 2009-12-20 19:14 -------- d-----w- c:\program files\TubeMaster++
2009-12-19 19:43 . 2009-12-19 20:02 31330 ----a-w- c:\windows\xobglu32.dll
2009-12-19 19:41 . 1997-10-08 11:21 1390551 ----a-w- C:\SCHERING.EXE
2009-12-18 15:53 . 2009-12-18 15:53 -------- d-----w- c:\windows\system32\VIRepair
2009-12-18 15:34 . 2009-03-23 16:39 98304 ----a-w- c:\windows\system32\scrnrdr.exe
2009-12-18 14:33 . 2009-09-09 20:19 228332 ----a-w- c:\windows\system32\vilaunch.exe
2009-12-18 14:33 . 2009-12-18 15:57 -------- d-----w- c:\windows\system32\VITrans
2009-12-18 14:32 . 2009-12-18 14:33 -------- d-----w- C:\VTPFiles
2009-12-18 14:32 . 2006-12-03 16:15 19968 ----a-w- c:\windows\system32\reico.exe
2009-12-18 14:32 . 2006-12-03 16:15 69632 ----a-w- c:\windows\system32\moveex.exe
2009-12-18 14:32 . 2006-12-03 16:14 8636 ----a-w- c:\windows\system32\modifype.exe
2009-12-18 14:32 . 2004-11-27 18:00 167936 ----a-w- c:\windows\system32\pskill.exe
2009-12-18 09:49 . 2009-12-18 09:49 -------- d-----w- c:\program files\Crawler
2009-12-17 19:35 . 2001-08-23 16:47 155648 -c--a-w- c:\windows\system32\dllcache\stlnprop.dll
2009-12-17 19:34 . 2001-08-23 15:57 286848 -c--a-w- c:\windows\system32\dllcache\stlnata.sys
2009-12-17 14:05 . 2004-08-03 22:07 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys
2009-12-17 14:05 . 2004-08-03 21:31 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys
2009-12-17 14:05 . 2001-08-23 16:05 35402 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys
2009-12-17 14:05 . 2001-10-02 18:19 119808 -c--a-w- c:\windows\system32\dllcache\winmine.exe
2009-12-17 14:05 . 2001-10-02 18:19 35840 -c--a-w- c:\windows\system32\dllcache\winchat.exe
2009-12-17 14:05 . 2001-08-17 20:28 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2009-12-17 14:05 . 2001-08-23 16:47 54272 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll
2009-12-17 14:05 . 2001-08-23 16:47 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2009-12-17 14:05 . 2001-10-02 18:19 31360 -c--a-w- c:\windows\system32\dllcache\weitekp9.sys
2009-12-17 14:05 . 2001-10-02 18:19 41600 -c--a-w- c:\windows\system32\dllcache\weitekp9.dll
2009-12-17 14:03 . 2004-08-03 23:54 11325 -c--a-w- c:\windows\system32\dllcache\vchnt5.dll
2009-12-17 14:02 . 2001-10-02 18:19 32339 -c--a-w- c:\windows\system32\dllcache\uniansi.dll
2009-12-17 14:01 . 2001-08-17 21:01 241664 -c--a-w- c:\windows\system32\dllcache\tosdvd02.sys
2009-12-17 14:00 . 2001-08-17 21:07 32640 -c--a-w- c:\windows\system32\dllcache\symc8xx.sys
2009-12-17 13:59 . 2001-08-23 16:47 99840 -c--a-w- c:\windows\system32\dllcache\srusd.dll
2009-12-17 13:58 . 2004-08-03 23:55 32768 -c--a-w- c:\windows\system32\dllcache\snmp.exe
2009-12-17 13:57 . 2001-08-23 16:46 150144 -c--a-w- c:\windows\system32\dllcache\sis6306v.dll
2009-12-17 13:56 . 2001-08-23 16:20 17536 -c--a-w- c:\windows\system32\dllcache\scr111.sys
2009-12-17 13:55 . 2004-08-03 23:40 79360 -c--a-w- c:\windows\system32\dllcache\rocket.sys
2009-12-17 13:54 . 2001-08-17 20:52 49024 -c--a-w- c:\windows\system32\dllcache\ql1280.sys
2009-12-17 13:53 . 2001-08-17 21:07 19840 -c--a-w- c:\windows\system32\dllcache\philtune.sys
2009-12-17 13:52 . 2004-08-03 22:10 61056 -c--a-w- c:\windows\system32\dllcache\ohci1394.sys
2009-12-17 13:52 . 2001-08-23 16:46 123776 -c--a-w- c:\windows\system32\dllcache\nv3.dll
2009-12-17 13:52 . 2001-08-17 19:50 198144 -c--a-w- c:\windows\system32\dllcache\nv3.sys
2009-12-17 13:52 . 2004-08-03 21:41 180360 -c--a-w- c:\windows\system32\dllcache\ntmtlfax.sys
2009-12-17 13:52 . 2001-08-23 16:47 38912 -c--a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2009-12-17 13:52 . 2001-08-17 19:49 51552 -c--a-w- c:\windows\system32\dllcache\ntgrip.sys
2009-12-17 13:52 . 2001-08-23 16:11 9472 -c--a-w- c:\windows\system32\dllcache\ntapm.sys
2009-12-17 13:52 . 2001-08-17 20:53 7552 -c--a-w- c:\windows\system32\dllcache\nsmmc.sys
2009-12-17 13:52 . 2004-08-03 23:54 45056 -c--a-w- c:\windows\system32\dllcache\nsepm.dll
2009-12-17 13:52 . 2004-08-03 22:00 28672 -c--a-w- c:\windows\system32\dllcache\nscirda.sys
2009-12-17 13:50 . 2001-08-23 16:09 76928 -c--a-w- c:\windows\system32\dllcache\mxport.sys
2009-12-17 13:49 . 2001-08-17 21:00 2944 -c--a-w- c:\windows\system32\dllcache\msmpu401.sys
2009-12-17 13:49 . 2004-08-03 22:00 22016 -c--a-w- c:\windows\system32\dllcache\msircomm.sys
2009-12-17 13:49 . 2001-08-17 21:02 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys
2009-12-17 13:49 . 2001-08-17 20:48 6016 -c--a-w- c:\windows\system32\dllcache\msfsio.sys
2009-12-17 13:49 . 2004-08-03 22:10 51328 -c--a-w- c:\windows\system32\dllcache\msdv.sys
2009-12-17 13:47 . 2001-10-02 18:18 26624 -c--a-w- c:\windows\system32\dllcache\mdsync.dll
2009-12-17 13:46 . 2001-08-17 19:12 20573 -c--a-w- c:\windows\system32\dllcache\lne100.sys
2009-12-17 13:46 . 2004-08-03 23:54 33792 -c--a-w- c:\windows\system32\dllcache\lmmib2.dll
2009-12-17 13:46 . 2001-08-17 19:11 25065 -c--a-w- c:\windows\system32\dllcache\lmndis3.sys
2009-12-17 13:46 . 2001-08-23 16:00 16384 -c--a-w- c:\windows\system32\dllcache\lit220p.sys
2009-12-17 13:46 . 2004-08-03 21:59 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys
2009-12-17 13:46 . 2001-08-23 15:59 26922 -c--a-w- c:\windows\system32\dllcache\lanepic5.sys
2009-12-17 13:46 . 2001-08-17 19:12 19016 -c--a-w- c:\windows\system32\dllcache\ktc111.sys
2009-12-17 13:46 . 2001-08-23 16:47 37888 -c--a-w- c:\windows\system32\dllcache\kousd.dll
2009-12-17 13:46 . 2001-08-23 16:47 242688 -c--a-w- c:\windows\system32\dllcache\kdsusd.dll
2009-12-17 13:46 . 2001-08-23 16:47 46080 -c--a-w- c:\windows\system32\dllcache\kdsui.dll
2009-12-17 13:46 . 2004-08-03 23:45 14848 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2009-12-17 13:44 . 2001-10-02 18:18 6656 -c--a-w- c:\windows\system32\dllcache\iissync.exe
2009-12-17 13:43 . 2004-08-03 23:54 32285 -c--a-w- c:\windows\system32\dllcache\hsfcisp2.dll
2009-12-17 13:42 . 2001-08-23 16:18 17664 -c--a-w- c:\windows\system32\dllcache\gpr400.sys
2009-12-17 13:41 . 2001-08-17 19:13 27165 -c--a-w- c:\windows\system32\dllcache\fetnd5.sys
2009-12-17 13:40 . 2001-08-17 19:10 19996 -c--a-w- c:\windows\system32\dllcache\em556n4.sys
2009-12-17 13:39 . 2001-08-17 19:11 29696 -c--a-w- c:\windows\system32\dllcache\dm9pci5.sys
2009-12-17 13:38 . 2001-08-17 19:11 20928 -c--a-w- c:\windows\system32\dllcache\defpa.sys
2009-12-17 13:37 . 2001-08-23 16:07 61194 -c--a-w- c:\windows\system32\dllcache\cpqtrnd5.sys
2009-12-17 13:36 . 2004-08-03 21:31 480256 -c--a-w- c:\windows\system32\dllcache\cintsetp.exe
2009-12-17 13:35 . 2001-08-23 16:47 74240 -c--a-w- c:\windows\system32\dllcache\camexo20.dll
2009-12-17 13:35 . 2001-08-17 21:04 171264 -c--a-w- c:\windows\system32\dllcache\camdrv30.sys
2009-12-17 13:35 . 2001-08-17 21:04 223232 -c--a-w- c:\windows\system32\dllcache\camdrv21.sys
2009-12-17 13:35 . 2001-08-17 21:05 314752 -c--a-w- c:\windows\system32\dllcache\camdro21.sys
2009-12-17 13:33 . 2001-08-23 16:46 105472 -c--a-w- c:\windows\system32\dllcache\binlsvc.dll
2009-12-17 13:32 . 2001-08-17 19:49 17152 -c--a-w- c:\windows\system32\dllcache\atitvsnd.sys
2009-12-17 13:31 . 2001-08-17 20:52 26496 -c--a-w- c:\windows\system32\dllcache\asc.sys
2009-12-17 13:30 . 2004-08-03 21:32 84480 -c--a-w- c:\windows\system32\dllcache\ac97via.sys
2009-12-17 13:29 . 2001-10-02 18:19 7168 -c--a-w- c:\windows\system32\dllcache\wamregps.dll
2009-12-17 13:28 . 2004-08-03 23:54 47104 -c--a-w- c:\windows\system32\dllcache\coadmin.dll
2009-12-17 13:28 . 2003-03-24 14:52 188480 -c--a-w- c:\windows\system32\dllcache\cfgwiz.exe
2009-12-17 13:28 . 2003-03-24 14:52 20540 -c--a-w- c:\windows\system32\dllcache\author.dll
2009-12-17 13:28 . 2003-03-24 14:52 16439 -c--a-w- c:\windows\system32\dllcache\author.exe
2009-12-17 13:28 . 2004-08-03 23:54 43520 -c--a-w- c:\windows\system32\dllcache\admwprox.dll
2009-12-17 13:28 . 2004-08-03 23:54 290816 -c--a-w- c:\windows\system32\dllcache\adsiis51.dll
2009-12-17 13:28 . 2003-03-24 14:52 16439 -c--a-w- c:\windows\system32\dllcache\admin.exe
2009-12-17 13:28 . 2003-03-24 14:52 20540 -c--a-w- c:\windows\system32\dllcache\admin.dll
2009-12-14 19:02 . 2009-12-14 19:02 179792 ----a-w- c:\windows\system32\guard32.dll
2009-12-14 19:02 . 2009-12-14 19:02 -------- d-----w- c:\program files\COMODO
2009-12-14 18:43 . 2009-12-14 19:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Comodo
2009-12-14 18:43 . 2009-12-14 19:02 87104 ----a-w- c:\windows\system32\drivers\inspect.sys
2009-12-14 18:43 . 2009-12-14 19:02 25160 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2009-12-14 18:43 . 2009-12-14 19:02 132296 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2009-12-14 18:40 . 2009-12-19 17:01 -------- d-----w- c:\program files\CCleaner
2009-12-14 18:04 . 2009-12-18 10:00 -------- d-----w- C:\GenProc
2009-12-14 11:42 . 2009-12-14 11:42 -------- d-----w- c:\documents and settings\motec\Local Settings\Application Data\COMODO
2009-12-13 16:45 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-13 16:45 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-13 16:45 . 2009-12-20 14:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-12 17:04 . 2009-12-12 17:22 -------- d-----w- C:\UsbFix
2009-12-12 09:52 . 2009-12-14 18:45 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat
2009-12-10 17:35 . 2009-12-13 15:50 13952 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2009-12-10 17:35 . 2009-12-10 17:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Hitman Pro
2009-12-10 17:35 . 2009-12-10 17:35 -------- d-----w- c:\program files\Hitman Pro 3.5
2009-12-08 20:22 . 2009-12-12 11:09 -------- d-----w- c:\program files\ETAJV PC
2009-12-08 19:02 . 2009-12-08 19:02 -------- d-----w- c:\program files\Support Tools
2009-12-07 20:11 . 2009-12-07 20:11 -------- d-----w- c:\program files\ToniArts
2009-12-07 18:42 . 2009-09-28 20:57 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2009-12-03 17:12 . 2009-12-03 17:12 -------- d-----w- c:\documents and settings\All Users\Application Data\InterVideo
2009-12-03 17:12 . 2008-04-01 20:40 209040 ----a-w- c:\windows\system32\IVIresizeW7.dll
2009-12-03 17:12 . 2008-04-01 20:40 196752 ----a-w- c:\windows\system32\IVIresizeP6.dll
2009-12-03 17:12 . 2008-04-01 20:40 192656 ----a-w- c:\windows\system32\IVIresizePX.dll
2009-12-03 17:12 . 2008-04-01 20:40 196752 ----a-w- c:\windows\system32\IVIresizeM6.dll
2009-12-03 17:12 . 2008-04-01 20:40 204944 ----a-w- c:\windows\system32\IVIresizeA6.dll
2009-12-03 17:12 . 2008-04-01 20:40 24720 ----a-w- c:\windows\system32\IVIresize.dll
2009-12-03 17:11 . 2009-12-03 17:11 -------- d-----w- c:\program files\Fichiers communs\Ulead Systems
2009-12-01 17:20 . 2009-12-01 17:20 -------- d-----w- c:\program files\NaturalSoft
2009-12-01 17:03 . 2009-12-01 17:03 -------- d-----w- c:\program files\ScanSoft
2009-12-01 16:30 . 2009-12-01 16:30 -------- d-----w- c:\program files\Common Files
2009-12-01 16:30 . 2009-12-01 16:30 -------- d-----w- c:\program files\NCT

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-20 22:22 . 2009-09-06 17:04 -------- d-----w- c:\documents and settings\motec\Application Data\Skype
2009-12-20 21:12 . 2009-03-03 17:05 -------- d-----w- c:\documents and settings\motec\Application Data\skypePM
2009-12-20 19:13 . 2009-11-18 12:24 -------- d-----w- c:\documents and settings\motec\Application Data\vlc
2009-12-20 14:54 . 2007-01-14 23:29 117080 ----a-w- c:\documents and settings\motec\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-20 14:10 . 2009-11-07 16:24 -------- d-----w- c:\program files\Spyware Terminator
2009-12-20 09:18 . 2009-05-12 19:09 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-12-19 17:00 . 2009-11-07 16:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Spyware Terminator
2009-12-19 16:43 . 2009-05-15 09:20 -------- d-----w- c:\program files\DAP
2009-12-19 16:26 . 2009-11-07 16:24 -------- d-----w- c:\documents and settings\motec\Application Data\Spyware Terminator
2009-12-18 17:05 . 2004-08-03 23:54 219648 ----a-w- c:\windows\system32\uxtheme.dll
2009-12-16 17:23 . 2009-08-29 14:56 -------- d-----w- c:\documents and settings\motec\Application Data\LimeWire
2009-12-14 19:08 . 2009-10-21 21:40 -------- d-----w- c:\program files\LimeWire
2009-12-14 18:48 . 2009-02-09 11:21 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-12-14 14:24 . 2009-05-15 09:56 95744 ----a-w- c:\documents and settings\All Users\Application Data\SpeedBit\DAP\SDCondition.dll
2009-12-14 11:28 . 2009-02-09 11:28 -------- d-----w- c:\program files\Google
2009-12-13 19:10 . 2009-04-17 20:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-12-12 16:19 . 2009-02-22 17:26 -------- d-----w- c:\program files\Trend Micro
2009-12-12 11:09 . 2009-08-12 08:25 -------- d-----w- c:\program files\Notepad++
2009-12-12 09:57 . 2001-10-04 10:25 81626 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-12 09:57 . 2001-10-04 10:25 503656 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-11 18:40 . 2009-08-12 21:10 -------- d-----w- c:\documents and settings\motec\Application Data\dvdcss
2009-12-10 18:59 . 2009-04-25 13:11 -------- d-----w- c:\program files\Apple Software Update
2009-12-10 17:51 . 2009-11-09 17:21 -------- d-----w- c:\program files\SF
2009-12-10 17:42 . 2009-08-12 08:25 -------- d-----w- c:\documents and settings\motec\Application Data\Notepad++
2009-12-07 20:11 . 2007-01-14 23:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-07 19:21 . 2009-10-02 09:28 -------- d-----w- c:\program files\CDBurnerXP
2009-12-07 12:58 . 2009-09-12 20:00 -------- d-----w- c:\program files\wLite
2009-12-07 12:41 . 2009-04-21 14:33 -------- d-----w- c:\program files\SYSTEM 2K+
2009-12-07 12:36 . 2009-11-17 15:12 -------- d-----w- c:\program files\nCube
2009-12-06 19:18 . 2009-06-20 20:17 -------- d-----w- c:\documents and settings\motec\Application Data\Audacity
2009-12-04 18:46 . 2009-11-01 10:06 -------- d-----w- c:\program files\Core Design
2009-12-03 17:11 . 2009-11-16 17:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Ulead Systems
2009-12-03 17:11 . 2009-11-16 17:36 -------- d-----w- c:\program files\Corel
2009-12-01 09:10 . 2009-04-17 20:11 -------- d-----w- c:\program files\Microsoft Works
2009-11-28 18:14 . 2009-11-21 19:42 1754 ----a-w- c:\documents and settings\motec\Application Data\SAS7_000.DAT
2009-11-21 19:19 . 2007-01-14 23:30 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2009-11-21 16:42 . 2004-08-03 23:54 470528 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-17 10:29 . 2009-11-16 19:44 -------- d-----w- c:\program files\Fichiers communs\Real
2009-11-17 10:23 . 2009-11-11 17:08 -------- d-----w- c:\program files\Filzip
2009-11-16 19:53 . 2009-11-16 17:42 -------- d-----w- c:\documents and settings\motec\Application Data\Ulead Systems
2009-11-16 19:44 . 2003-03-18 18:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-11-16 19:44 . 2003-02-21 02:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-11-16 19:44 . 2009-11-16 19:44 -------- d-----w- c:\program files\Real
2009-11-16 17:39 . 2009-11-16 17:39 -------- d-----w- c:\program files\Windows Media Components
2009-11-16 08:40 . 2009-11-09 21:22 -------- d-----w- c:\program files\AVS4YOU
2009-11-16 07:13 . 2009-11-09 21:22 -------- d-----w- c:\program files\Fichiers communs\AVSMedia
2009-11-15 19:01 . 2009-11-15 19:01 -------- d-----w- c:\documents and settings\motec\Application Data\AVCWare Studio
2009-11-13 13:46 . 2009-04-17 20:11 -------- d-----w- c:\program files\MSBuild
2009-11-13 12:11 . 2009-11-13 12:10 -------- d-----w- c:\program files\Audacity 1.3 Beta (Unicode)
2009-11-10 17:11 . 2009-11-10 17:11 -------- d-----w- c:\documents and settings\motec\Application Data\aHisoft
2009-11-10 15:24 . 2009-11-10 15:22 -------- d-----w- c:\documents and settings\motec\Application Data\avidemux
2009-11-09 21:24 . 2009-11-09 21:24 -------- d-----w- c:\documents and settings\All Users\Application Data\AVS4YOU
2009-11-09 20:38 . 2009-11-09 20:38 86016 ----a-w- c:\windows\system32\OpenAL32.dll
2009-11-09 20:38 . 2009-11-09 20:38 262144 ----a-w- c:\windows\system32\wrap_oal.dll
2009-11-09 17:18 . 2009-04-25 13:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-11-09 17:18 . 2009-04-25 13:12 -------- d-----w- c:\documents and settings\motec\Application Data\Apple Computer
2009-11-09 17:18 . 2009-11-09 17:18 -------- d-----w- c:\documents and settings\motec\Application Data\Vso
2009-11-09 17:18 . 2009-11-09 17:18 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2009-11-09 17:18 . 2009-11-09 17:18 47360 ----a-w- c:\documents and settings\motec\Application Data\pcouffin.sys
2009-11-09 17:18 . 2009-11-09 17:18 47360 ----a-w- c:\documents and settings\motec\Application Data\pcouffin.sys
2009-11-08 08:16 . 2009-10-01 18:40 -------- d-----w- c:\program files\Opera
2009-11-07 16:54 . 2009-11-07 16:47 -------- d-----w- c:\program files\Ripp-it_AM
2009-11-07 16:24 . 2009-11-07 16:24 6144 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe
2009-11-07 16:24 . 2009-11-07 16:24 5632 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\fileobjinfo.sys
2009-11-07 16:24 . 2009-11-07 16:24 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2009-11-07 16:11 . 2009-11-07 16:09 -------- d-----w- c:\documents and settings\motec\Application Data\Download Manager
2009-11-07 16:06 . 2009-09-30 18:42 -------- d-----w- c:\program files\Fichiers communs\Nero
2009-11-07 16:06 . 2007-01-14 23:57 -------- d-----w- c:\program files\Nero
2009-11-07 16:06 . 2009-09-30 18:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-11-07 15:25 . 2009-09-06 17:04 -------- d-----r- c:\program files\Skype
2009-11-07 15:21 . 2009-04-08 18:23 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-07 15:21 . 2009-11-07 15:21 -------- d-----w- c:\program files\Java
2009-11-07 14:48 . 2009-10-30 19:33 -------- d-----w- c:\program files\UltraVNC Addons
2009-11-07 14:47 . 2009-11-07 14:47 -------- d-----w- c:\program files\FileHippo.com
2009-11-05 17:50 . 2009-11-05 17:50 -------- d-----w- c:\program files\E.M. PowerPoint Video Converter
2009-11-05 17:18 . 2009-11-05 11:23 -------- d-----w- c:\documents and settings\motec\Application Data\GeoVid
2009-11-05 11:22 . 2009-11-05 11:22 -------- d-----w- c:\program files\GeoVid
2009-11-04 21:14 . 2009-11-04 21:14 -------- d-----w- c:\documents and settings\motec\Application Data\VideoPPT
2009-11-04 21:13 . 2009-11-04 21:13 -------- d-----w- c:\program files\Fichiers communs\GeoVid
2009-11-04 21:13 . 2009-11-04 21:13 -------- d-----w- c:\program files\VideoPPT
2009-11-04 12:04 . 2009-11-04 12:04 38 ----a-w- C:\BdUninstallTool2009.11.04-01.04.14.reg
2009-11-04 07:44 . 2007-01-14 23:54 -------- d-----w- c:\program files\Alwil Software
2009-11-03 14:35 . 2009-10-03 20:23 -------- d-----w- c:\program files\PDFCreator
2009-11-03 14:33 . 2009-11-03 14:33 -------- d-----w- c:\program files\AviSynth 2.5
2009-11-03 14:30 . 2009-09-19 15:11 -------- d-----w- c:\program files\ABC Transdict
2009-11-03 14:17 . 2009-08-20 18:45 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2009-11-03 14:10 . 2009-09-30 19:21 -------- d-----w- c:\program files\QuickMediaConverter
2009-11-03 13:48 . 2009-11-03 13:48 -------- d-----w- c:\program files\Axon Data
2009-11-03 12:26 . 2009-02-09 11:53 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-11-02 21:02 . 2009-11-02 21:02 80816 ---ha-w- c:\windows\system32\mlfcache.dat
2009-11-01 09:57 . 2009-10-31 14:08 -------- d-----w- c:\program files\Pcsx2
2009-10-31 15:00 . 2009-07-05 14:39 -------- d-----w- c:\program files\Secret Maryo Chronicles
2009-10-30 19:43 . 2009-10-30 19:24 -------- d-----w- c:\program files\DebugMode
2009-10-30 00:29 . 2009-10-30 00:29 2146304 ----a-w- c:\windows\system32\GPhotos.scr
2009-10-29 18:13 . 2009-10-29 18:13 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-10-29 18:10 . 2009-10-29 18:10 -------- d-----w- c:\documents and settings\motec\Application Data\Media Player Classic
2009-10-27 14:21 . 2009-02-23 18:05 -------- d-----w- c:\program files\MSECache
2009-10-27 14:03 . 2009-09-30 19:39 -------- d-----w- c:\program files\OpenOffice.org 3
2009-10-27 14:00 . 2009-02-11 17:38 1 ----a-w- c:\documents and settings\motec\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-10-26 19:01 . 2009-02-07 12:35 -------- d-----w- c:\program files\Yahoo!
.

------- Sigcheck -------

[-] 2004-08-03 . BDBD27FA935D482A3D6890C69913F8A4 . 546304 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
[7] 2004-08-03 . D2DE785AEAB0BB8CA4C14A8A199DBE4E . 506368 . . [5.1.2600.2180] . . c:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe
[7] 2004-08-03 . D2DE785AEAB0BB8CA4C14A8A199DBE4E . 506368 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\8a2a5ecd72c62a4fe04757ab8c19e933\backup\winlogon.exe
[-] 2004-08-03 . BDBD27FA935D482A3D6890C69913F8A4 . 546304 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe
[-] 2004-08-03 . BDBD27FA935D482A3D6890C69913F8A4 . 546304 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\winlogon.exe

[7] 2008-04-14 . F92E6BEA9349D49341383F8403B4DFE5 . 1054208 . . [6.0] . . c:\windows\SoftwareDistribution\Download\8a2a5ecd72c62a4fe04757ab8c19e933\asms\60\msft\windows\common\controls\comctl32.dll
[7] 2008-04-14 . F92E6BEA9349D49341383F8403B4DFE5 . 1054208 . . [6.0] . . c:\windows\SoftwareDistribution\Download\8a2a5ecd72c62a4fe04757ab8c19e933\backup\comctl32.dll
[7] 2006-07-13 . 6E1F6582179FB6C0531599DD03EF380A . 925184 . . [6.0] . . c:\windows\SoftwareDistribution\Download\58ef93a94d01d24242f4e233677924c2\sp1qfe\asms\60\msft\windows\common\controls\comctl32.dll
[7] 2006-03-17 . 83F339913E0DC8CC16566D48C8310B13 . 925184 . . [6.0] . . c:\windows\SoftwareDistribution\Download\a124f301bc107cfa919de4d98c0ac25b\sp1qfe\asms\60\msft\windows\common\controls\comctl32.dll
[7] 2005-08-31 . 7BCD276EEE605DF05B160DBD265DEB05 . 925184 . . [6.0] . . c:\windows\SoftwareDistribution\Download\bfb658f079266514691301bd85c44ba3\sp1qfe\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2004-08-03 . 34775204500EADE94A3E81CF4B9D1C3D . 636928 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[-] 2004-08-03 . 34775204500EADE94A3E81CF4B9D1C3D . 636928 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll
[7] 2004-08-03 . A53B48B5AB9A5DA76ED247D61B0B0ADD . 611328 . . [5.82] . . c:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll
[-] 2004-08-03 . 34775204500EADE94A3E81CF4B9D1C3D . 636928 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2004-08-03 . 34775204500EADE94A3E81CF4B9D1C3D . 636928 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll

[7] 2009-10-29 . 09CF09FD79B523D72E63C7C87DA42B7B . 5940736 . . [8.00.6001.18854] . . c:\windows\SoftwareDistribution\Download\6d86819cf77d54eb0f61763399b09f55\SP3GDR\mshtml.dll
[7] 2009-10-29 . CAAC5BF7EB6B3D0E58C9E94C70ACA4FC . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[7] 2009-10-29 . CAAC5BF7EB6B3D0E58C9E94C70ACA4FC . 5944320 . . [8.00.6001.22945] . . c:\windows\SoftwareDistribution\Download\6d86819cf77d54eb0f61763399b09f55\SP3QFE\mshtml.dll
[7] 2009-10-22 . 15AF288B61A2E017B18D7E185080AC49 . 5939712 . . [8.00.6001.18852] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll
[7] 2009-10-22 . B6FCAFC596E6B91BBAACEAA65CBB3597 . 5943296 . . [8.00.6001.22942] . . c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll
[7] 2009-08-29 . 590162EA07145D620FA95D2454364FC4 . 5940224 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976749-IE8\mshtml.dll
[7] 2009-08-29 . 182C1908B26DD3BCEB58B735C3F97F7C . 5942272 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
[7] 2009-07-19 . 29AA8EA1DAA83DBEC54916669BF09077 . 5937152 . . [8.00.6001.18812] . . c:\windows\NiwradSoft Shell Pack\Backup\mshtml.dll
[-] 2009-07-19 . 5D085EA1C4CE231DFBE9AF84225DE4AD . 6098432 . . [8.00.6001.18812] . . c:\windows\system32\mshtml.dll
[-] 2009-07-19 . 5D085EA1C4CE231DFBE9AF84225DE4AD . 6098432 . . [8.00.6001.18812] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2009-07-19 . 19C9FC84B91467171674D76EB0224D48 . 5938176 . . [8.00.6001.22902] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll
[7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB974455-IE8\mshtml.dll
[-] 2009-01-16 . 0975BFBBCF2639C8BB5C0790F020DE6C . 3594752 . . [7.00.6000.16809] . . c:\windows\SoftwareDistribution\Download\e9a7a6846a2553591a8aa92d2f6f48fd\SP2GDR\mshtml.dll
[-] 2009-01-16 . F386435C5E0A5D86E9F90B659D4F6075 . 3596288 . . [7.00.6000.20996] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll
[-] 2009-01-16 . F386435C5E0A5D86E9F90B659D4F6075 . 3596288 . . [7.00.6000.20996] . . c:\windows\SoftwareDistribution\Download\e9a7a6846a2553591a8aa92d2f6f48fd\SP2QFE\mshtml.dll
[-] 2008-12-13 . 0AFB982529328ABAF64EFC6C85E0F09C . 3593216 . . [7.00.6000.16788] . . c:\windows\ie7updates\KB961260-IE7\mshtml.dll
[-] 2008-12-13 . CB7922B3AD4BC5BBEDA130F6C9E0656A . 3594752 . . [7.00.6000.20973] . . c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll
[-] 2008-12-12 . 19442577E63238262B8CA132E64FA5BE . 3088384 . . [6.00.2900.3492] . . c:\windows\$hf_mig$\KB960714\SP2QFE\mshtml.dll
[-] 2008-12-12 . 6F69E698F11B1214F05195873B73BED4 . 3088896 . . [6.00.2900.5726] . . c:\windows\$hf_mig$\KB960714\SP3QFE\mshtml.dll
[-] 2008-12-12 . A3C8A9D3F61F721FCA1A841164FB0CF2 . 3088896 . . [6.00.2900.5726] . . c:\windows\$hf_mig$\KB960714\SP3GDR\mshtml.dll
[-] 2008-10-17 . 74BF6087086364FA96BF047DA7C9EB38 . 3593216 . . [7.00.6000.16762] . . c:\windows\SoftwareDistribution\Download\9be74ccf2e967ebc45085789ed7bfc38\SP2GDR\mshtml.dll
[-] 2008-10-16 . EB75C0C66C633D0EFD0176450F8857F8 . 3595264 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll
[-] 2008-10-16 . EB75C0C66C633D0EFD0176450F8857F8 . 3595264 . . [7.00.6000.20935] . . c:\windows\SoftwareDistribution\Download\9be74ccf2e967ebc45085789ed7bfc38\SP2QFE\mshtml.dll
[-] 2008-10-16 . 14BBFF7E52B9FF4645AB4EF9D4CE6182 . 3088384 . . [6.00.2900.3462] . . c:\windows\$hf_mig$\KB958215\SP2QFE\mshtml.dll
[-] 2008-10-16 . 72299C6CD21801EAB5CBBC3F7B1DB195 . 3088896 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\mshtml.dll
[-] 2008-10-16 . CC8B4DA84F4621329ACA3F7A81584F83 . 3088896 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3GDR\mshtml.dll
[-] 2008-08-27 . 3CCDB836BBAB800FDED3181AF7EED38F . 3593216 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\mshtml.dll
[-] 2008-08-27 . 3CCDB836BBAB800FDED3181AF7EED38F . 3593216 . . [7.00.6000.16735] . . c:\windows\SoftwareDistribution\Download\a37a907ce729d9b027006f974e62dcad\SP2GDR\mshtml.dll
[-] 2008-08-26 . 0F345A2FE55C3DC9693AAAF2E983F4AD . 3594752 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
[-] 2008-08-26 . 0F345A2FE55C3DC9693AAAF2E983F4AD . 3594752 . . [7.00.6000.20900] . . c:\windows\SoftwareDistribution\Download\a37a907ce729d9b027006f974e62dcad\SP2QFE\mshtml.dll
[-] 2007-08-13 . 1B70DB042A98B52BBBFEA5CBF8AF3FD2 . 3851264 . . [7.00.5730.13] . . c:\windows\ie8\mshtml.dll
[7] 2004-08-03 . 3FE8D0C4C2F3B928192BD06DCEE34B32 . 3003392 . . [6.00.2900.2180] . . c:\windows\ie7\mshtml.dll

[7] 2009-08-04 . 263FA3A73C588A26306D3B403A45F5A9 . 2191232 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntoskrnl.exe
[7] 2009-08-04 . 63864AF70CAC631077A6C1223617336B . 2191360 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[7] 2009-08-04 . E23599BE2D89A295771CAD1212C7772A . 2188032 . . [5.1.2600.3610] . . c:\windows\$hf_mig$\KB971486\SP2QFE\ntoskrnl.exe
[7] 2009-08-04 . F478622DCBA4AF125885D62765C319EB . 2182400 . . [5.1.2600.3610] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[7] 2009-02-10 . BEF458B8424553279E95E250D1E0CE7E . 2191232 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-09 . F8A1ED5DB2CEF0A4F99DA838F5B4D4BA . 2299392 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[-] 2009-02-09 . F8A1ED5DB2CEF0A4F99DA838F5B4D4BA . 2299392 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
[7] 2009-02-09 . 8D57501F4865CFAC25034939E0FF6F8D . 2138112 . . [5.1.2600.3520] . . c:\windows\NiwradSoft Shell Pack\Backup\ntoskrnl.exe
[-] 2009-02-09 . F8A1ED5DB2CEF0A4F99DA838F5B4D4BA . 2299392 . . [5.1.2600.3520] . . c:\windows\system32\ntoskrnl.exe
[-] 2009-02-09 . F8A1ED5DB2CEF0A4F99DA838F5B4D4BA . 2299392 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\ntoskrnl.exe
[7] 2009-02-09 . B55AA66BC9269BC5257B915FFDAA790B . 2188160 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe
[7] 2009-02-09 . AB896577F35CF5FED7A9F87D3C3205ED . 2191104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[-] 2008-08-14 . D79210549BBF09B7638E860440504299 . 2191232 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[-] 2008-08-14 . D79210549BBF09B7638E860440504299 . 2191232 . . [5.1.2600.5657] . . c:\windows\SoftwareDistribution\Download\ce3fdd705c204e10a3af0769e281cace\SP3QFE\ntoskrnl.exe
[-] 2008-08-14 . 449566D74B5C261A3A54AA216F0C532B . 2182400 . . [5.1.2600.3427] . . c:\windows\SoftwareDistribution\Download\ce3fdd705c204e10a3af0769e281cace\SP2GDR\ntoskrnl.exe
[-] 2008-08-14 . C6649255E51F145B6E15C505AB68E459 . 2188032 . . [5.1.2600.3427] . . c:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe
[-] 2008-08-14 . C6649255E51F145B6E15C505AB68E459 . 2188032 . . [5.1.2600.3427] . . c:\windows\SoftwareDistribution\Download\ce3fdd705c204e10a3af0769e281cace\SP2QFE\ntoskrnl.exe
[-] 2008-08-14 . C8D4D5974F9671DA0A37175650912960 . 2191232 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
[-] 2008-08-14 . C8D4D5974F9671DA0A37175650912960 . 2191232 . . [5.1.2600.5657] . . c:\windows\SoftwareDistribution\Download\ce3fdd705c204e10a3af0769e281cace\SP3GDR\ntoskrnl.exe
[7] 2005-03-02 . 3E2A0A4A0C0B19FC113618A9562A3B2A . 2181632 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[7] 2004-08-03 . 7D38CE4398E6AA6339B4644FEADCC0D8 . 2183040 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\8a2a5ecd72c62a4fe04757ab8c19e933\backup\ntoskrnl.exe
[-] 2004-08-03 . 089B4C3D3CB991D591B01B715EE52234 . 2311680 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe

[7] 2007-03-08 . 4D88AAF39ADABFE45958EA1384E2C4FF . 579072 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[7] 2005-03-02 . C34920EB988CE98910BD6B0417F334EB . 578048 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[7] 2005-03-02 . 0DF75FB73F705B011630159A43D7C354 . 578048 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll
[-] 2004-08-03 . AEC6EC6B75F22AB88998E7690B8E32A4 . 578048 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2004-08-03 . AEC6EC6B75F22AB88998E7690B8E32A4 . 578048 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll
[7] 2004-08-03 . E46FB493E3B33704F0715020CF52106B . 578048 . . [5.1.2600.2180] . . c:\windows\NiwradSoft Shell Pack\Backup\user32.dll
[-] 2004-08-03 . AEC6EC6B75F22AB88998E7690B8E32A4 . 578048 . . [5.1.2600.2180] . . c:\windows\system32\user32.dll
[-] 2004-08-03 . AEC6EC6B75F22AB88998E7690B8E32A4 . 578048 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\user32.dll

[7] 2009-10-29 . AB28712FEB7BE2A52A9ABFA0FF94C1B6 . 916480 . . [8.00.6001.18854] . . c:\windows\SoftwareDistribution\Download\6d86819cf77d54eb0f61763399b09f55\SP3GDR\wininet.dll
[7] 2009-10-29 . F461ACD33F06BF1FB28FFF1EF345FE63 . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[7] 2009-10-29 . F461ACD33F06BF1FB28FFF1EF345FE63 . 916480 . . [8.00.6001.22945] . . c:\windows\SoftwareDistribution\Download\6d86819cf77d54eb0f61763399b09f55\SP3QFE\wininet.dll
[7] 2009-08-29 . 4CFF479B02819293167F42940B5EF12B . 916480 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
[7] 2009-08-29 . 39E483C39E0EED381977EC1121ADD2BF . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
[7] 2009-07-03 . B0249F1B9F68E55CB7D2656339D13323 . 915456 . . [8.00.6001.22896] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
[7] 2009-07-03 . 995E2754D7FB0203A45351A1376836ED . 915456 . . [8.00.6001.18806] . . c:\windows\NiwradSoft Shell Pack\Backup\wininet.dll
[-] 2009-07-03 . F45A0863D3098DE7CB6CAE578497FF36 . 982016 . . [8.00.6001.18806] . . c:\windows\system32\wininet.dll
[-] 2009-07-03 . F45A0863D3098DE7CB6CAE578497FF36 . 982016 . . [8.00.6001.18806] . . c:\windows\system32\dllcache\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB974455-IE8\wininet.dll
[-] 2008-12-20 . 4E192082A5FCE9EF19198A24CDEA3442 . 827904 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[-] 2008-12-20 . 4E192082A5FCE9EF19198A24CDEA3442 . 827904 . . [7.00.6000.20978] . . c:\windows\SoftwareDistribution\Download\e9a7a6846a2553591a8aa92d2f6f48fd\SP2QFE\wininet.dll
[-] 2008-12-20 . 0551C946E305CEE0A79BA744DC141BFC . 826368 . . [7.00.6000.16791] . . c:\windows\SoftwareDistribution\Download\e9a7a6846a2553591a8aa92d2f6f48fd\SP2GDR\wininet.dll
[-] 2008-10-16 . CFBFA47415E85018E2CDC509E5E3D011 . 826368 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll
[-] 2008-10-16 . CFBFA47415E85018E2CDC509E5E3D011 . 826368 . . [7.00.6000.16762] . . c:\windows\SoftwareDistribution\Download\9be74ccf2e967ebc45085789ed7bfc38\SP2GDR\wininet.dll
[-] 2008-10-16 . 37D1A1BFE3D9904F2C3D11592456F9C0 . 827904 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
[-] 2008-10-16 . 37D1A1BFE3D9904F2C3D11592456F9C0 . 827904 . . [7.00.6000.20935] . . c:\windows\SoftwareDistribution\Download\9be74ccf2e967ebc45085789ed7bfc38\SP2QFE\wininet.dll
[-] 2008-10-16 . F9AE6DBB4EC5B4D1A82BF2F0CB7EE200 . 671744 . . [6.00.2900.3462] . . c:\windows\$hf_mig$\KB958215\SP2QFE\wininet.dll
[-] 2008-10-16 . 1C6E9FDAB1F4CB983A39EFBA6F131ACC . 671232 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\wininet.dll
[-] 2008-10-16 . 05033943FF61ABD13B93C00337D04E92 . 670208 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3GDR\wininet.dll
[-] 2008-08-26 . 4B0E70D44297877A313045BD059770E1 . 827904 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
[-] 2008-08-26 . 4B0E70D44297877A313045BD059770E1 . 827904 . . [7.00.6000.20900] . . c:\windows\SoftwareDistribution\Download\a37a907ce729d9b027006f974e62dcad\SP2QFE\wininet.dll
[-] 2008-08-26 . E30CACD98479B36A3DBFA3267BF62DD0 . 826368 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\wininet.dll
[-] 2008-08-26 . E30CACD98479B36A3DBFA3267BF62DD0 . 826368 . . [7.00.6000.16735] . . c:\windows\SoftwareDistribution\Download\a37a907ce729d9b027006f974e62dcad\SP2GDR\wininet.dll
[-] 2007-08-13 . F284A6225A3057A1E19985E1D4B47ADA . 809472 . . [7.00.5730.13] . . c:\windows\ie8\wininet.dll
[7] 2004-08-03 . 58FE94EF42E074F4CAD8BF02E70E6478 . 660480 . . [6.00.2900.2180] . . c:\windows\ie7\wininet.dll

[7] 2007-06-13 . B795475444D6D57A572C14B9E1A29839 . 1037312 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2004-08-03 . 4BB0E5BBA13B426C51FE8C1B7B72CA33 . 1543168 . . [6.00.2900.2180] . . c:\windows\explorer.exe
[-] 2004-08-03 . 4BB0E5BBA13B426C51FE8C1B7B72CA33 . 1543168 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2004-08-03 . 4BB0E5BBA13B426C51FE8C1B7B72CA33 . 1543168 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe
[7] 2004-08-03 . 4C33E5B9A6197B6ED215F6CFBA0A2DAA . 1036288 . . [6.00.2900.2180] . . c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
[7] 2004-08-03 . 4C33E5B9A6197B6ED215F6CFBA0A2DAA . 1036288 . . [6.00.2900.2180] . . c:\windows\SoftwareDistribution\Download\8a2a5ecd72c62a4fe04757ab8c19e933\backup\explorer.exe
[-] 2004-08-03 . 4BB0E5BBA13B426C51FE8C1B7B72CA33 . 1543168 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\explorer.exe

[-] 2004-08-03 . 3B6A6717B558A079316E41586201CF12 . 40448 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
[7] 2004-08-03 . 5584247B568C2E53934873F4B655FE6A . 15360 . . [5.1.2600.2180] . . c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
[7] 2004-08-03 . 5584247B568C2E53934873F4B655FE6A . 15360 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\8a2a5ecd72c62a4fe04757ab8c19e933\backup\ctfmon.exe
[-] 2004-08-03 . 3B6A6717B558A079316E41586201CF12 . 40448 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe
[-] 2004-08-03 . 3B6A6717B558A079316E41586201CF12 . 40448 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ctfmon.exe

[7] 2009-08-04 . FE0C9C9035E3FDC193255C646BAC2C3D . 2068224 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[7] 2009-08-04 . 6472BC2A0D37D13D9D177CCC11F9726B . 2068096 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntkrnlpa.exe
[7] 2009-08-04 . 4DD301E924F866170FEF3B6AB15A3FF9 . 2065024 . . [5.1.2600.3610] . . c:\windows\$hf_mig$\KB971486\SP2QFE\ntkrnlpa.exe
[7] 2009-08-04 . 46C4C1C73B1DC56D19D2DCD9CBE4953E . 2059776 . . [5.1.2600.3610] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2009-02-10 . F751E041E682F53EAF34F7FAEA78994D . 2068096 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[-] 2009-02-09 . 929115AFB0F8239CCF09D1D8D9B472E1 . 2179072 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[-] 2009-02-09 . 929115AFB0F8239CCF09D1D8D9B472E1 . 2179072 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe
[7] 2009-02-09 . 0CEAF5FB401082156BE8EBAC8B923995 . 2017792 . . [5.1.2600.3520] . . c:\windows\NiwradSoft Shell Pack\Backup\ntkrnlpa.exe
[-] 2009-02-09 . 929115AFB0F8239CCF09D1D8D9B472E1 . 2179072 . . [5.1.2600.3520] . . c:\windows\system32\ntkrnlpa.exe
[-] 2009-02-09 . 929115AFB0F8239CCF09D1D8D9B472E1 . 2179072 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[7] 2009-02-09 . 0150FE5C1E07F8AE422FEC6C8E8A0C98 . 2065024 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe
[7] 2009-02-09 . ED5E20AE4AC5A63A4FF43FFE704A5153 . 2068224 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 . 755B50949D0DBC0F0136B0DB58765331 . 2068096 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 . 755B50949D0DBC0F0136B0DB58765331 . 2068096 . . [5.1.2600.5657] . . c:\windows\SoftwareDistribution\Download\ce3fdd705c204e10a3af0769e281cace\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 . F9720D61DF1E3E47614C4FC891F3FE44 . 2059776 . . [5.1.2600.3427] . . c:\windows\SoftwareDistribution\Download\ce3fdd705c204e10a3af0769e281cace\SP2GDR\ntkrnlpa.exe
[-] 2008-08-14 . DCBC1A6D150B5EE1BD6257186157B0F3 . 2065024 . . [5.1.2600.3427] . . c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlpa.exe
[-] 2008-08-14 . DCBC1A6D150B5EE1BD6257186157B0F3 . 2065024 . . [5.1.2600.3427] . . c:\windows\SoftwareDistribution\Download\ce3fdd705c204e10a3af0769e281cace\SP2QFE\ntkrnlpa.exe
[-] 2008-08-14 . 8DA71F1900721E1E4FCB5B02D55FB771 . 2068096 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
[-] 2008-08-14 . 8DA71F1900721E1E4FCB5B02D55FB771 . 2068096 . . [5.1.2600.5657] . . c:\windows\SoftwareDistribution\Download\ce3fdd705c204e10a3af0769e281cace\SP3GDR\ntkrnlpa.exe
[7] 2005-03-02 . 5311776074B6C13F983DC75BAEAC9C0C . 2059008 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
[-] 2004-08-04 . 0DE0141AB2C69C8F1D721782219AEF63 . 2178560 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[7] 2004-08-03 . F252FAE094C54572ECE38A039F2103C4 . 2058880 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\8a2a5ecd72c62a4fe04757ab8c19e933\backup\ntkrnlpa.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll

[HKLM\~\startupfolder\C:^Documents and Settings^motec^Menu Démarrer^Programmes^Démarrage^ImpulseNow.lnk]
path=c:\documents and settings\motec\Menu Démarrer\Programmes\Démarrage\ImpulseNow.lnk
backup=c:\windows\pss\ImpulseNow.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^motec^Menu Démarrer^Programmes^Démarrage^RocketDock.lnk]
path=c:\documents and settings\motec\Menu Démarrer\Programmes\Démarrage\RocketDock.lnk
backup=c:\windows\pss\RocketDock.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-09-04 11:08 1017208 ----a-r- c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO Internet Security]
2009-12-14 19:02 1799952 ----a-w- c:\program files\COMODO\COMODO Internet Security\cfp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2004-08-03 23:54 40448 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
2009-12-19 16:42 2872832 ----a-w- c:\program files\DAP\DAP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX100 Series]
2008-02-05 06:00 258560 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATIEDE.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileHippo.com]
2009-11-02 13:54 155648 ----a-w- c:\program files\FileHippo.com\UpdateChecker.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
2008-01-21 05:56 29831168 ----a-r- c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-02-16 15:15 151552 ----a-w- c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2009-12-03 15:14 1463632 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2007-06-24 20:08 8466432 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2007-06-24 20:08 81920 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 10:04 2879488 ----a-r- c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
2009-11-20 12:03 2166784 ----a-w- c:\program files\Spyware Terminator\SpywareTerminatorShield.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
2009-11-07 16:24 3055616 ----a-w- c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-11-07 15:21 223008 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS12 Preload]
c:\program files\Corel\Corel VideoStudio 12\uvPL.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp]
2005-10-31 20:15 237568 ----a-r- c:\windows\system32\VTTrayp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"SerialNumber"="A109A-K13-3ZXD-BAP5-TE"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\DAP\\DAP.exe"= c:\\Program Files\\DAP\\DAP.EXE
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorShield.exe"=
"c:\\WINDOWS\\system32\\wuauclt.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\WINWORD.EXE"=
"c:\\Program Files\\Hitman Pro 3.5\\HitmanPro35.exe"=
"c:\\Program Files\\VIA\\VIAudioi\\HDADeck\\HDeck.exe"=
"c:\\WINDOWS\\system32\\VTtrayp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\motec\\Bureau\\limportant.exe"=
"c:\\WINDOWS\\system32\\NiwradSoft.scr"=
"c:\\WINDOWS\\Explorer.EXE"=

R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [13/08/2007 23:21 16896]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [13/08/2007 23:21 52224]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [14/12/2009 19:43 132296]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [14/12/2009 19:43 25160]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [07/11/2009 17:24 142592]
R2 Uvnc_service;Uvnc_service;c:\program files\UltraVNC Addons\uvnc_service.exe [30/10/2009 20:33 63296]
R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [13/08/2007 23:22 714240]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [13/08/2007 23:23 215936]
S3 adiusbae;USB ADSL LAN Adapter;c:\windows\system32\drivers\adiusbae.sys [05/02/2009 22:11 117785]
S3 hitmanpro35;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro35.sys [10/12/2009 18:35 13952]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [06/11/2007 21:22 34064]
S3 vm331avs;VC0334 USB2.0 Digital Camera;c:\windows\system32\drivers\vm331avs.sys [06/05/2008 02:48 970624]
S3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\system32\drivers\WsAudioDevice_383.sys [19/07/2009 14:47 16640]
S4 TipCtrl;TipCtrl;"c:\program files\uTIPu\TipCtrl.exe" --> c:\program files\uTIPu\TipCtrl.exe [?]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - ASC3360PR

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-03-08 03:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
------- Examen supplémentaire -------
.
uStart Page = about:blank
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uDefault_Search_URL = hxxp://www.google.com/ie
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Crawler Search - tbr:iemenu
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\motec\Application Data\Mozilla\Firefox\Profiles\w6oproi7.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://search.imesh.com/
FF - prefs.js: keyword.URL - hxxp://search.imesh.com/webResults.html?src=ffb&q=
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
- - - - ORPHELINS SUPPRIMES - - - -

WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-ETAJV PC - c:\program files\ETAJV PC\uninst.exe
AddRemove-FormatFactory - c:\program files\FreeTime\FormatFactory\uninst.exe
AddRemove-Notepad++ - c:\program files\Notepad++\uninstall.exe
AddRemove-Seven Transformation Pack - c:\windows\system32\viwc.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-21 10:22
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwClose, ZwOpenFile

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-527237240-113007714-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-527237240-113007714-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*d*)*l%\OpenWithList]
@Class="Shell"
"a"="shimgvw.dll"
"MRUList"="ab"
"b"="PicasaPhotoViewer.exe"

[HKEY_USERS\S-1-5-21-527237240-113007714-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*d*)*l%\OpenWithProgids]
"d)+_auto_file"=hex(0):

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|þ»Ñw*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(776)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\cscui.dll

- - - - - - - > 'lsass.exe'(840)
c:\windows\system32\setupapi.dll
c:\windows\system32\psbase.dll

- - - - - - - > 'explorer.exe'(2548)
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\windows\system32\msi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Heure de fin: 2009-12-21 10:36:36 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-12-21 09:36

Avant-CF: 31 308 001 280 octets libres
Après-CF: 31 171 067 904 octets libres

- - End Of File - - D32FE82A05253E5F58EE909B0DEF6E18


Merci
0
Réponse 26 / 195
plopus Messages postés 5962 Date d'inscription jeudi 1 janvier 2009 Statut Contributeur sécurité Dernière intervention 11 mars 2012 293
21 déc. 2009 à 12:38
salut

ok

clic ici https://www.virustotal.com/gui/

- clic sur parcourir en milieu de page
- dans la nouvelle fentre copie colle sa

c:\windows\system32\midimap.dll

- clic sur ouvrir
- clic sur envoyer en milieu de page
- un rapport va s'etablir si on te dit le fichier a deja ete analyser clic sur Réanalyser
a la fin copie colle l'integralité du rapport + son line internet
0
Réponse 27 / 195
plopus Messages postés 5962 Date d'inscription jeudi 1 janvier 2009 Statut Contributeur sécurité Dernière intervention 11 mars 2012 293
21 déc. 2009 à 13:02
desinstalle spyware terminator, il n'est pas efficace et sa politique commercial laisse a desirer...


fait analyser ce fichier sur virus total comme expliquer precedamment et poste le rapport
c:\windows\system32\scrnrdr.exe

ensuite poste moi un nouveau RSIT

as tu encore des probleme qui persiste ?
nous allons voir ce qu'il te reste comme antivirus resent sur ton PC mais je te conseil de reinstaller antivir, jte mettrai al procedur eensuite
0
Réponse 28 / 195
shareaza15 Messages postés 667 Date d'inscription samedi 16 mai 2009 Statut Membre Dernière intervention 11 mai 2010 26
21 déc. 2009 à 20:05
Désolé, impossible d'acceder au site web

merci
0
Réponse 29 / 195
plopus Messages postés 5962 Date d'inscription jeudi 1 janvier 2009 Statut Contributeur sécurité Dernière intervention 11 mars 2012 293
21 déc. 2009 à 20:08
oO

passe au RSIt stp
0
Réponse 30 / 195
shareaza15 Messages postés 667 Date d'inscription samedi 16 mai 2009 Statut Membre Dernière intervention 11 mai 2010 26
21 déc. 2009 à 20:19
Voila le log de RSIT :

Logfile of random's system information tool 1.06 (written by random/random)
Run by motec at 2009-12-21 20:17:17
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 28 GB (25%) free of 114 GB
Total RAM: 1982 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:17:26, on 21/12/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\UltraVNC Addons\uvnc_service.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FAMTEDE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\motec\Mes documents\M.I\docs\Logiciels\RSIT_1.exe
C:\Program Files\trend micro\motec.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: SBCONVERT - {A1056498-D09A-41E4-864B-505EDD640D9E} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\DAP\DAPIEL~1.DLL
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [EPSON SX100 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE /FU "C:\WINDOWS\TEMP\E_SC5.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{E4148975-C818-485C-A0FA-27891A4FD8C0}: NameServer = 41.221.20.4 66.28.0.45
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Uvnc_service - Unknown owner - C:\Program Files\UltraVNC Addons\uvnc_service.exe
0
Réponse 31 / 195
plopus Messages postés 5962 Date d'inscription jeudi 1 janvier 2009 Statut Contributeur sécurité Dernière intervention 11 mars 2012 293
21 déc. 2009 à 21:17
Crée un fichier avec le bloc-note, clic droit sur le bureau et choisit nouveau/document texte
tu NOMME le fichier CFscript
copie colle le contenu ci-dessous a l'interieur du fichier texte (blocnote) :


killall::

file::
C:\SCHERING.EXE
c:\windows\system32\scrnrdr.exe
C:\TEXTE.TXT


Sauvegarde bien le fichier avec le nom suivant : CFScript.txt
Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe (que tu a renommer)
tu reste clic dessus le fichier Cfscript et tu le depose sur l'icone de combofix renommé

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
Une fois le scan achevé, un rapport va s'afficher: poste son contenu.

puis


lance ce fichier
C:\Program Files\trend micro\motec.exe

choisit do a scan only et coche les cases a gauche des lignes :

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab

puis clic sur fix checked



ensuite arrive tu as telecharger antivir car tu as PAS d'antivirus !!

http://www.commentcamarche.net/telecharger/telecharger-55-antivir
ou
https://www.clubic.com/telecharger-fiche10821-avira-antivir-personal-free-antivirus.html

installe le met le a jour et fait un scan et poste le rapport, supprime tous ce qu'il trouve
0
Réponse 32 / 195
plopus Messages postés 5962 Date d'inscription jeudi 1 janvier 2009 Statut Contributeur sécurité Dernière intervention 11 mars 2012 293
22 déc. 2009 à 09:19
au passage arrive tu aussi a installer les mises a jour windows car il t'en manque beaucoup, tu as donc de grosse faille de securité ce qui peut expliquer la difficulté que l'on rencontre face a cette infection...

va dans demarrer/tout les programme/windows update

et recherche et installe TOUTES les mises a jour dont le SP3 et redemarre ton PC, recommence l'operation jusqu'a ne + avoir de mises a jour
0
Réponse 33 / 195
shareaza15 Messages postés 667 Date d'inscription samedi 16 mai 2009 Statut Membre Dernière intervention 11 mai 2010 26
22 déc. 2009 à 12:01
Désolé
Le raport de combofix ne sort pas apres le redemarrage et puis pour avira, tant que l'erreur pas de disque et là antivir ne peux meme pas se lancer

Merci
0
Réponse 34 / 195
plopus Messages postés 5962 Date d'inscription jeudi 1 janvier 2009 Statut Contributeur sécurité Dernière intervention 11 mars 2012 293
22 déc. 2009 à 16:33
poste moi ce rapport C:\combofix.txt

ensuite c'est a quel moment que tu as l'erreur pas de disque ?

tu arrive a faire windows update et installer toutes les mises a jour ?
0
Réponse 35 / 195
shareaza15 Messages postés 667 Date d'inscription samedi 16 mai 2009 Statut Membre Dernière intervention 11 mai 2010 26
22 déc. 2009 à 20:01
Bonjour
Le raport n'existe pas
Cette erreur est TOUJOURS presente , quand j'ai vu dans le gestionnaire des taches j'ai vu qu'elle est liée au processus csrss, TIENT!!!!!! elle n'estpas là maintenant en exception (je vais donc essayer de mettre avira)
puis pour les mises a jours, pas de probleme

Merci
0
Réponse 36 / 195
plopus Messages postés 5962 Date d'inscription jeudi 1 janvier 2009 Statut Contributeur sécurité Dernière intervention 11 mars 2012 293
22 déc. 2009 à 20:01
lol

je vois rien dans ton poste...
0
Réponse 37 / 195
shareaza15 Messages postés 667 Date d'inscription samedi 16 mai 2009 Statut Membre Dernière intervention 11 mai 2010 26
22 déc. 2009 à 20:03
C:\combofix.txt N'EXISTE PAS--
C'est ça VIVE LE XHTML / CSS
0
Réponse 38 / 195
shareaza15 Messages postés 667 Date d'inscription samedi 16 mai 2009 Statut Membre Dernière intervention 11 mai 2010 26
22 déc. 2009 à 20:04
Et puis comme la ***** l'erreur vient d'apparaitre
0
Réponse 39 / 195
plopus Messages postés 5962 Date d'inscription jeudi 1 janvier 2009 Statut Contributeur sécurité Dernière intervention 11 mars 2012 293
22 déc. 2009 à 20:08
sa y'est je vois

tu réessayera de relancer combofix en + du reste
0
Réponse 40 / 195
shareaza15 Messages postés 667 Date d'inscription samedi 16 mai 2009 Statut Membre Dernière intervention 11 mai 2010 26
24 déc. 2009 à 13:15
Bonjour
Et voila le raport de CF, impossible de mettre avira toujours a cause de l'erreur, je fait les mises a jours, et pour hijackthis c'est fait , donc le raport :

ComboFix 09-12-19.03 - motec 24/12/2009 12:43:08.11.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1982.1542 [GMT 1:00]
Lancé depuis: c:\documents and settings\motec\Bureau\dfdf.exe
Commutateurs utilisés :: c:\documents and settings\motec\Bureau\CFScript.txt
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

FILE ::
"C:\SCHERING.EXE"
"C:\TEXTE.TXT"
"c:\windows\system32\scrnrdr.exe"
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Exécution préalable -------
.
c:\windows\xobglu16.dll

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ASC3360PR
-------\Service_asc3360pr
-------\Legacy_ASC3360PR
-------\Service_asc3360pr
-------\Legacy_ASC3360PR
-------\Service_asc3360pr
-------\Legacy_ASC3360PR
-------\Service_asc3360pr
-------\Legacy_ASC3360PR
-------\Service_asc3360pr
-------\Legacy_ASC3360PR
-------\Service_asc3360pr


((((((((((((((((((((((((((((( Fichiers créés du 2009-11-24 au 2009-12-24 ))))))))))))))))))))))))))))))))))))
.

2009-12-24 11:19 . 2009-12-24 11:42 -------- d-----w- C:\647541757
2009-12-23 17:44 . 2009-12-24 08:46 -------- d-----w- c:\documents and settings\motec\Application Data\DMCache
2009-12-23 17:44 . 2009-12-23 21:50 -------- d-----w- c:\documents and settings\motec\Application Data\IDM
2009-12-23 17:44 . 2009-12-23 18:08 -------- d-----w- c:\program files\Internet Download Manager
2009-12-22 15:29 . 2009-12-22 18:45 -------- d-----w- c:\documents and settings\motec\Local Settings\Application Data\AskToolbar
2009-12-22 14:43 . 2009-12-22 18:45 -------- d-----w- c:\program files\Ask.com
2009-12-22 14:41 . 2009-12-22 14:41 -------- d-----w- c:\program files\uTorrent
2009-12-22 14:39 . 2009-12-24 11:17 -------- d-----w- c:\documents and settings\motec\Application Data\uTorrent
2009-12-22 13:05 . 2009-12-22 13:05 -------- d-----w- c:\program files\Shareaza
2009-12-22 13:05 . 2009-12-22 13:05 -------- d-----w- c:\documents and settings\motec\Application Data\Shareaza
2009-12-22 09:36 . 2009-12-22 09:36 -------- d-----w- c:\program files\Pidgin
2009-12-21 20:52 . 2009-12-21 21:09 -------- d-----w- C:\7575757
2009-12-21 10:32 . 2009-12-21 10:32 -------- d-----w- c:\program files\VS Revo Group
2009-12-20 20:42 . 2009-12-20 20:52 -------- d-----w- C:\limportant
2009-12-20 19:14 . 2009-12-20 19:14 -------- d-----w- c:\program files\WinPcap
2009-12-20 19:14 . 2009-12-21 10:41 -------- d-----w- c:\program files\TubeMaster++
2009-12-19 19:43 . 2009-12-22 13:20 31330 ----a-w- c:\windows\xobglu32.dll
2009-12-18 15:53 . 2009-12-18 15:53 -------- d-----w- c:\windows\system32\VIRepair
2009-12-18 14:33 . 2009-09-09 20:19 228332 ----a-w- c:\windows\system32\vilaunch.exe
2009-12-18 14:33 . 2009-12-18 15:57 -------- d-----w- c:\windows\system32\VITrans
2009-12-18 14:32 . 2009-12-18 14:33 -------- d-----w- C:\VTPFiles
2009-12-18 14:32 . 2006-12-03 16:15 19968 ----a-w- c:\windows\system32\reico.exe
2009-12-18 14:32 . 2006-12-03 16:15 69632 ----a-w- c:\windows\system32\moveex.exe
2009-12-18 14:32 . 2006-12-03 16:14 8636 ----a-w- c:\windows\system32\modifype.exe
2009-12-18 14:32 . 2004-11-27 18:00 167936 ----a-w- c:\windows\system32\pskill.exe
2009-12-18 09:49 . 2009-12-18 09:49 -------- d-----w- c:\program files\Crawler
2009-12-17 19:35 . 2001-08-23 16:47 155648 -c--a-w- c:\windows\system32\dllcache\stlnprop.dll
2009-12-17 19:34 . 2001-08-23 15:57 286848 -c--a-w- c:\windows\system32\dllcache\stlnata.sys
2009-12-17 14:05 . 2004-08-03 22:07 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys
2009-12-17 14:05 . 2004-08-03 21:31 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys
2009-12-17 14:05 . 2001-08-23 16:05 35402 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys
2009-12-17 14:05 . 2001-10-02 18:19 119808 -c--a-w- c:\windows\system32\dllcache\winmine.exe
2009-12-17 14:05 . 2001-10-02 18:19 35840 -c--a-w- c:\windows\system32\dllcache\winchat.exe
2009-12-17 14:05 . 2001-08-17 20:28 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2009-12-17 14:05 . 2001-08-23 16:47 54272 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll
2009-12-17 14:05 . 2001-08-23 16:47 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2009-12-17 14:05 . 2001-10-02 18:19 31360 -c--a-w- c:\windows\system32\dllcache\weitekp9.sys
2009-12-17 14:05 . 2001-10-02 18:19 41600 -c--a-w- c:\windows\system32\dllcache\weitekp9.dll
2009-12-17 14:03 . 2004-08-03 23:54 11325 -c--a-w- c:\windows\system32\dllcache\vchnt5.dll
2009-12-17 14:02 . 2001-10-02 18:19 32339 -c--a-w- c:\windows\system32\dllcache\uniansi.dll
2009-12-17 14:01 . 2001-08-17 21:01 241664 -c--a-w- c:\windows\system32\dllcache\tosdvd02.sys
2009-12-17 14:00 . 2001-08-17 21:07 32640 -c--a-w- c:\windows\system32\dllcache\symc8xx.sys
2009-12-17 13:59 . 2001-08-23 16:47 99840 -c--a-w- c:\windows\system32\dllcache\srusd.dll
2009-12-17 13:58 . 2004-08-03 23:55 32768 -c--a-w- c:\windows\system32\dllcache\snmp.exe
2009-12-17 13:57 . 2001-08-23 16:46 150144 -c--a-w- c:\windows\system32\dllcache\sis6306v.dll
2009-12-17 13:56 . 2001-08-23 16:20 17536 -c--a-w- c:\windows\system32\dllcache\scr111.sys
2009-12-17 13:55 . 2004-08-03 23:40 79360 -c--a-w- c:\windows\system32\dllcache\rocket.sys
2009-12-17 13:54 . 2001-08-17 20:52 49024 -c--a-w- c:\windows\system32\dllcache\ql1280.sys
2009-12-17 13:53 . 2001-08-17 21:07 19840 -c--a-w- c:\windows\system32\dllcache\philtune.sys
2009-12-17 13:52 . 2004-08-03 22:10 61056 -c--a-w- c:\windows\system32\dllcache\ohci1394.sys
2009-12-17 13:52 . 2001-08-23 16:46 123776 -c--a-w- c:\windows\system32\dllcache\nv3.dll
2009-12-17 13:52 . 2001-08-17 19:50 198144 -c--a-w- c:\windows\system32\dllcache\nv3.sys
2009-12-17 13:52 . 2004-08-03 21:41 180360 -c--a-w- c:\windows\system32\dllcache\ntmtlfax.sys
2009-12-17 13:52 . 2001-08-23 16:47 38912 -c--a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2009-12-17 13:52 . 2001-08-17 19:49 51552 -c--a-w- c:\windows\system32\dllcache\ntgrip.sys
2009-12-17 13:52 . 2001-08-23 16:11 9472 -c--a-w- c:\windows\system32\dllcache\ntapm.sys
2009-12-17 13:52 . 2001-08-17 20:53 7552 -c--a-w- c:\windows\system32\dllcache\nsmmc.sys
2009-12-17 13:52 . 2004-08-03 23:54 45056 -c--a-w- c:\windows\system32\dllcache\nsepm.dll
2009-12-17 13:52 . 2004-08-03 22:00 28672 -c--a-w- c:\windows\system32\dllcache\nscirda.sys
2009-12-17 13:50 . 2001-08-23 16:09 76928 -c--a-w- c:\windows\system32\dllcache\mxport.sys
2009-12-17 13:49 . 2001-08-17 21:00 2944 -c--a-w- c:\windows\system32\dllcache\msmpu401.sys
2009-12-17 13:49 . 2004-08-03 22:00 22016 -c--a-w- c:\windows\system32\dllcache\msircomm.sys
2009-12-17 13:49 . 2001-08-17 21:02 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys
2009-12-17 13:49 . 2001-08-17 20:48 6016 -c--a-w- c:\windows\system32\dllcache\msfsio.sys
2009-12-17 13:49 . 2004-08-03 22:10 51328 -c--a-w- c:\windows\system32\dllcache\msdv.sys
2009-12-17 13:47 . 2001-10-02 18:18 26624 -c--a-w- c:\windows\system32\dllcache\mdsync.dll
2009-12-17 13:46 . 2001-08-17 19:12 20573 -c--a-w- c:\windows\system32\dllcache\lne100.sys
2009-12-17 13:46 . 2004-08-03 23:54 33792 -c--a-w- c:\windows\system32\dllcache\lmmib2.dll
2009-12-17 13:46 . 2001-08-17 19:11 25065 -c--a-w- c:\windows\system32\dllcache\lmndis3.sys
2009-12-17 13:46 . 2001-08-23 16:00 16384 -c--a-w- c:\windows\system32\dllcache\lit220p.sys
2009-12-17 13:46 . 2004-08-03 21:59 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys
2009-12-17 13:46 . 2001-08-23 15:59 26922 -c--a-w- c:\windows\system32\dllcache\lanepic5.sys
2009-12-17 13:46 . 2001-08-17 19:12 19016 -c--a-w- c:\windows\system32\dllcache\ktc111.sys
2009-12-17 13:46 . 2001-08-23 16:47 37888 -c--a-w- c:\windows\system32\dllcache\kousd.dll
2009-12-17 13:46 . 2001-08-23 16:47 242688 -c--a-w- c:\windows\system32\dllcache\kdsusd.dll
2009-12-17 13:46 . 2001-08-23 16:47 46080 -c--a-w- c:\windows\system32\dllcache\kdsui.dll
2009-12-17 13:46 . 2004-08-03 23:45 14848 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2009-12-17 13:44 . 2001-10-02 18:18 6656 -c--a-w- c:\windows\system32\dllcache\iissync.exe
2009-12-17 13:43 . 2004-08-03 23:54 32285 -c--a-w- c:\windows\system32\dllcache\hsfcisp2.dll
2009-12-17 13:42 . 2001-08-23 16:18 17664 -c--a-w- c:\windows\system32\dllcache\gpr400.sys
2009-12-17 13:41 . 2001-08-17 19:13 27165 -c--a-w- c:\windows\system32\dllcache\fetnd5.sys
2009-12-17 13:40 . 2001-08-17 19:10 19996 -c--a-w- c:\windows\system32\dllcache\em556n4.sys
2009-12-17 13:39 . 2001-08-17 19:11 29696 -c--a-w- c:\windows\system32\dllcache\dm9pci5.sys
2009-12-17 13:38 . 2001-08-17 19:11 20928 -c--a-w- c:\windows\system32\dllcache\defpa.sys
2009-12-17 13:37 . 2001-08-23 16:07 61194 -c--a-w- c:\windows\system32\dllcache\cpqtrnd5.sys
2009-12-17 13:36 . 2004-08-03 21:31 480256 -c--a-w- c:\windows\system32\dllcache\cintsetp.exe
2009-12-17 13:35 . 2001-08-23 16:47 74240 -c--a-w- c:\windows\system32\dllcache\camexo20.dll
2009-12-17 13:35 . 2001-08-17 21:04 171264 -c--a-w- c:\windows\system32\dllcache\camdrv30.sys
2009-12-17 13:35 . 2001-08-17 21:04 223232 -c--a-w- c:\windows\system32\dllcache\camdrv21.sys
2009-12-17 13:35 . 2001-08-17 21:05 314752 -c--a-w- c:\windows\system32\dllcache\camdro21.sys
2009-12-17 13:33 . 2001-08-23 16:46 105472 -c--a-w- c:\windows\system32\dllcache\binlsvc.dll
2009-12-17 13:32 . 2001-08-17 19:49 17152 -c--a-w- c:\windows\system32\dllcache\atitvsnd.sys
2009-12-17 13:31 . 2001-08-17 20:52 26496 -c--a-w- c:\windows\system32\dllcache\asc.sys
2009-12-17 13:30 . 2004-08-03 21:32 84480 -c--a-w- c:\windows\system32\dllcache\ac97via.sys
2009-12-17 13:29 . 2001-10-02 18:19 7168 -c--a-w- c:\windows\system32\dllcache\wamregps.dll
2009-12-17 13:28 . 2004-08-03 23:54 47104 -c--a-w- c:\windows\system32\dllcache\coadmin.dll
2009-12-17 13:28 . 2003-03-24 14:52 188480 -c--a-w- c:\windows\system32\dllcache\cfgwiz.exe
2009-12-17 13:28 . 2003-03-24 14:52 20540 -c--a-w- c:\windows\system32\dllcache\author.dll
2009-12-17 13:28 . 2003-03-24 14:52 16439 -c--a-w- c:\windows\system32\dllcache\author.exe
2009-12-17 13:28 . 2004-08-03 23:54 43520 -c--a-w- c:\windows\system32\dllcache\admwprox.dll
2009-12-17 13:28 . 2004-08-03 23:54 290816 -c--a-w- c:\windows\system32\dllcache\adsiis51.dll
2009-12-17 13:28 . 2003-03-24 14:52 16439 -c--a-w- c:\windows\system32\dllcache\admin.exe
2009-12-17 13:28 . 2003-03-24 14:52 20540 -c--a-w- c:\windows\system32\dllcache\admin.dll
2009-12-14 19:02 . 2009-12-14 19:02 179792 ----a-w- c:\windows\system32\guard32.dll
2009-12-14 19:02 . 2009-12-14 19:02 -------- d-----w- c:\program files\COMODO
2009-12-14 18:43 . 2009-12-14 19:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Comodo
2009-12-14 18:43 . 2009-12-14 19:02 87104 ----a-w- c:\windows\system32\drivers\inspect.sys
2009-12-14 18:43 . 2009-12-14 19:02 25160 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2009-12-14 18:43 . 2009-12-14 19:02 132296 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2009-12-14 18:40 . 2009-12-21 18:05 -------- d-----w- c:\program files\CCleaner
2009-12-14 18:04 . 2009-12-18 10:00 -------- d-----w- C:\GenProc
2009-12-14 11:42 . 2009-12-14 11:42 -------- d-----w- c:\documents and settings\motec\Local Settings\Application Data\COMODO
2009-12-13 16:45 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-13 16:45 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-13 16:45 . 2009-12-20 14:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-12 17:04 . 2009-12-12 17:22 -------- d-----w- C:\UsbFix
2009-12-12 09:52 . 2009-12-14 18:45 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat
2009-12-10 17:35 . 2009-12-13 15:50 13952 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2009-12-10 17:35 . 2009-12-10 17:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Hitman Pro
2009-12-10 17:35 . 2009-12-10 17:35 -------- d-----w- c:\program files\Hitman Pro 3.5
2009-12-08 20:22 . 2009-12-12 11:09 -------- d-----w- c:\program files\ETAJV PC
2009-12-08 19:02 . 2009-12-08 19:02 -------- d-----w- c:\program files\Support Tools
2009-12-07 20:11 . 2009-12-07 20:11 -------- d-----w- c:\program files\ToniArts
2009-12-07 18:42 . 2009-09-28 20:57 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2009-12-03 17:12 . 2009-12-03 17:12 -------- d-----w- c:\documents and settings\All Users\Application Data\InterVideo

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-24 11:14 . 2009-11-18 12:24 -------- d-----w- c:\documents and settings\motec\Application Data\vlc
2009-12-24 11:14 . 2009-09-06 17:04 -------- d-----w- c:\documents and settings\motec\Application Data\Skype
2009-12-24 11:13 . 2009-03-03 17:05 -------- d-----w- c:\documents and settings\motec\Application Data\skypePM
2009-12-23 18:49 . 2009-02-26 17:50 -------- d-----w- c:\program files\epson
2009-12-23 17:45 . 2009-12-23 17:45 165296 ----a-w- c:\documents and settings\motec\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
2009-12-23 11:11 . 2009-08-12 21:10 -------- d-----w- c:\documents and settings\motec\Application Data\dvdcss
2009-12-22 13:21 . 2009-08-29 14:56 -------- d-----w- c:\documents and settings\motec\Application Data\LimeWire
2009-12-22 13:17 . 2009-10-01 19:09 -------- d-----w- c:\documents and settings\motec\Application Data\.purple
2009-12-22 10:25 . 2009-02-22 17:26 -------- d-----w- c:\program files\Trend Micro
2009-12-21 13:19 . 2009-11-07 16:24 -------- d-----w- c:\documents and settings\motec\Application Data\Spyware Terminator
2009-12-21 12:45 . 2009-11-07 16:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Spyware Terminator
2009-12-20 14:54 . 2007-01-14 23:29 117080 ----a-w- c:\documents and settings\motec\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-20 14:10 . 2009-11-07 16:24 -------- d-----w- c:\program files\Spyware Terminator
2009-12-20 09:18 . 2009-05-12 19:09 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-12-19 16:43 . 2009-05-15 09:20 -------- d-----w- c:\program files\DAP
2009-12-18 17:05 . 2004-08-03 23:54 219648 ----a-w- c:\windows\system32\uxtheme.dll
2009-12-14 19:08 . 2009-10-21 21:40 -------- d-----w- c:\program files\LimeWire
2009-12-14 18:48 . 2009-02-09 11:21 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-12-14 14:24 . 2009-05-15 09:56 95744 ----a-w- c:\documents and settings\All Users\Application Data\SpeedBit\DAP\SDCondition.dll
2009-12-14 11:28 . 2009-02-09 11:28 -------- d-----w- c:\program files\Google
2009-12-13 19:10 . 2009-04-17 20:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-12-12 11:09 . 2009-08-12 08:25 -------- d-----w- c:\program files\Notepad++
2009-12-12 09:57 . 2001-10-04 10:25 81626 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-12 09:57 . 2001-10-04 10:25 503656 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-10 18:59 . 2009-04-25 13:11 -------- d-----w- c:\program files\Apple Software Update
2009-12-10 17:51 . 2009-11-09 17:21 -------- d-----w- c:\program files\SF
2009-12-10 17:42 . 2009-08-12 08:25 -------- d-----w- c:\documents and settings\motec\Application Data\Notepad++
2009-12-07 20:11 . 2007-01-14 23:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-07 19:21 . 2009-10-02 09:28 -------- d-----w- c:\program files\CDBurnerXP
2009-12-07 12:58 . 2009-09-12 20:00 -------- d-----w- c:\program files\wLite
2009-12-07 12:41 . 2009-04-21 14:33 -------- d-----w- c:\program files\SYSTEM 2K+
2009-12-07 12:36 . 2009-11-17 15:12 -------- d-----w- c:\program files\nCube
2009-12-06 19:18 . 2009-06-20 20:17 -------- d-----w- c:\documents and settings\motec\Application Data\Audacity
2009-12-04 18:46 . 2009-11-01 10:06 -------- d-----w- c:\program files\Core Design
2009-12-03 17:11 . 2009-11-16 17:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Ulead Systems
2009-12-03 17:11 . 2009-11-16 17:36 -------- d-----w- c:\program files\Corel
2009-12-01 09:10 . 2009-04-17 20:11 -------- d-----w- c:\program files\Microsoft Works
2009-11-28 18:14 . 2009-11-21 19:42 1754 ----a-w- c:\documents and settings\motec\Application Data\SAS7_000.DAT
2009-11-21 19:23 . 2009-11-21 19:23 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2009-11-21 19:23 . 2009-11-21 19:23 -------- d-----w- c:\documents and settings\motec\Application Data\Nuance
2009-11-21 19:19 . 2007-01-14 23:30 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2009-11-21 19:18 . 2009-11-21 19:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Nuance
2009-11-21 16:42 . 2004-08-03 23:54 470528 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-17 10:29 . 2009-11-16 19:44 -------- d-----w- c:\program files\Fichiers communs\Real
2009-11-17 10:23 . 2009-11-11 17:08 -------- d-----w- c:\program files\Filzip
2009-11-16 19:53 . 2009-11-16 17:42 -------- d-----w- c:\documents and settings\motec\Application Data\Ulead Systems
2009-11-16 19:44 . 2003-03-18 18:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-11-16 19:44 . 2003-02-21 02:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-11-16 19:44 . 2009-11-16 19:44 -------- d-----w- c:\program files\Real
2009-11-16 17:39 . 2009-11-16 17:39 -------- d-----w- c:\program files\Windows Media Components
2009-11-16 08:40 . 2009-11-09 21:22 -------- d-----w- c:\program files\AVS4YOU
2009-11-16 07:13 . 2009-11-09 21:22 -------- d-----w- c:\program files\Fichiers communs\AVSMedia
2009-11-15 19:01 . 2009-11-15 19:01 -------- d-----w- c:\documents and settings\motec\Application Data\AVCWare Studio
2009-11-13 13:46 . 2009-04-17 20:11 -------- d-----w- c:\program files\MSBuild
2009-11-13 12:11 . 2009-11-13 12:10 -------- d-----w- c:\program files\Audacity 1.3 Beta (Unicode)
2009-11-10 17:11 . 2009-11-10 17:11 -------- d-----w- c:\documents and settings\motec\Application Data\aHisoft
2009-11-10 15:24 . 2009-11-10 15:22 -------- d-----w- c:\documents and settings\motec\Application Data\avidemux
2009-11-09 21:24 . 2009-11-09 21:24 -------- d-----w- c:\documents and settings\All Users\Application Data\AVS4YOU
2009-11-09 20:38 . 2009-11-09 20:38 86016 ----a-w- c:\windows\system32\OpenAL32.dll
2009-11-09 20:38 . 2009-11-09 20:38 262144 ----a-w- c:\windows\system32\wrap_oal.dll
2009-11-09 17:18 . 2009-04-25 13:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-11-09 17:18 . 2009-04-25 13:12 -------- d-----w- c:\documents and settings\motec\Application Data\Apple Computer
2009-11-09 17:18 . 2009-11-09 17:18 -------- d-----w- c:\documents and settings\motec\Application Data\Vso
2009-11-09 17:18 . 2009-11-09 17:18 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2009-11-09 17:18 . 2009-11-09 17:18 47360 ----a-w- c:\documents and settings\motec\Application Data\pcouffin.sys
2009-11-09 17:18 . 2009-11-09 17:18 47360 ----a-w- c:\documents and settings\motec\Application Data\pcouffin.sys
2009-11-08 08:16 . 2009-10-01 18:40 -------- d-----w- c:\program files\Opera
2009-11-07 16:54 . 2009-11-07 16:47 -------- d-----w- c:\program files\Ripp-it_AM
2009-11-07 16:24 . 2009-11-07 16:24 6144 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe
2009-11-07 16:24 . 2009-11-07 16:24 5632 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\fileobjinfo.sys
2009-11-07 16:24 . 2009-11-07 16:24 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2009-11-07 16:11 . 2009-11-07 16:09 -------- d-----w- c:\documents and settings\motec\Application Data\Download Manager
2009-11-07 16:06 . 2009-09-30 18:42 -------- d-----w- c:\program files\Fichiers communs\Nero
2009-11-07 16:06 . 2007-01-14 23:57 -------- d-----w- c:\program files\Nero
2009-11-07 16:06 . 2009-09-30 18:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-11-07 15:25 . 2009-09-06 17:04 -------- d-----r- c:\program files\Skype
2009-11-07 15:21 . 2009-04-08 18:23 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-07 15:21 . 2009-11-07 15:21 -------- d-----w- c:\program files\Java
2009-11-07 14:48 . 2009-10-30 19:33 -------- d-----w- c:\program files\UltraVNC Addons
2009-11-07 14:47 . 2009-11-07 14:47 -------- d-----w- c:\program files\FileHippo.com
2009-11-05 17:50 . 2009-11-05 17:50 -------- d-----w- c:\program files\E.M. PowerPoint Video Converter
2009-11-05 17:18 . 2009-11-05 11:23 -------- d-----w- c:\documents and settings\motec\Application Data\GeoVid
2009-11-05 11:22 . 2009-11-05 11:22 -------- d-----w- c:\program files\GeoVid
2009-11-04 21:14 . 2009-11-04 21:14 -------- d-----w- c:\documents and settings\motec\Application Data\VideoPPT
2009-11-04 21:13 . 2009-11-04 21:13 -------- d-----w- c:\program files\Fichiers communs\GeoVid
2009-11-04 21:13 . 2009-11-04 21:13 -------- d-----w- c:\program files\VideoPPT
2009-11-04 12:04 . 2009-11-04 12:04 38 ----a-w- C:\BdUninstallTool2009.11.04-01.04.14.reg
2009-11-04 07:44 . 2007-01-14 23:54 -------- d-----w- c:\program files\Alwil Software
2009-11-03 14:35 . 2009-10-03 20:23 -------- d-----w- c:\program files\PDFCreator
2009-11-03 14:33 . 2009-11-03 14:33 -------- d-----w- c:\program files\AviSynth 2.5
2009-11-03 14:30 . 2009-09-19 15:11 -------- d-----w- c:\program files\ABC Transdict
2009-11-03 14:17 . 2009-08-20 18:45 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2009-11-03 14:10 . 2009-09-30 19:21 -------- d-----w- c:\program files\QuickMediaConverter
2009-11-03 13:48 . 2009-11-03 13:48 -------- d-----w- c:\program files\Axon Data
2009-11-03 12:26 . 2009-02-09 11:53 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-11-02 21:02 . 2009-11-02 21:02 80816 ---ha-w- c:\windows\system32\mlfcache.dat
2009-11-01 09:57 . 2009-10-31 14:08 -------- d-----w- c:\program files\Pcsx2
2009-10-31 15:00 . 2009-07-05 14:39 -------- d-----w- c:\program files\Secret Maryo Chronicles
2009-10-30 19:43 . 2009-10-30 19:24 -------- d-----w- c:\program files\DebugMode
2009-10-30 00:29 . 2009-10-30 00:29 2146304 ----a-w- c:\windows\system32\GPhotos.scr
.

------- Sigcheck -------

[-] 2004-08-03 . BDBD27FA935D482A3D6890C69913F8A4 . 546304 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
[7] 2004-08-03 . D2DE785AEAB0BB8CA4C14A8A199DBE4E . 506368 . . [5.1.2600.2180] . . c:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe
[7] 2004-08-03 . D2DE785AEAB0BB8CA4C14A8A199DBE4E . 506368 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\8a2a5ecd72c62a4fe04757ab8c19e933\backup\winlogon.exe
[-] 2004-08-03 . BDBD27FA935D482A3D6890C69913F8A4 . 546304 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe
[-] 2004-08-03 . BDBD27FA935D482A3D6890C69913F8A4 . 546304 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\winlogon.exe

[7] 2009-10-29 . CAAC5BF7EB6B3D0E58C9E94C70ACA4FC . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[7] 2009-10-22 . 15AF288B61A2E017B18D7E185080AC49 . 5939712 . . [8.00.6001.18852] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll
[7] 2009-10-22 . B6FCAFC596E6B91BBAACEAA65CBB3597 . 5943296 . . [8.00.6001.22942] . . c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll
[7] 2009-08-29 . 590162EA07145D620FA95D2454364FC4 . 5940224 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976749-IE8\mshtml.dll
[7] 2009-08-29 . 182C1908B26DD3BCEB58B735C3F97F7C . 5942272 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
[7] 2009-07-19 . 29AA8EA1DAA83DBEC54916669BF09077 . 5937152 . . [8.00.6001.18812] . . c:\windows\NiwradSoft Shell Pack\Backup\mshtml.dll
[-] 2009-07-19 . 5D085EA1C4CE231DFBE9AF84225DE4AD . 6098432 . . [8.00.6001.18812] . . c:\windows\system32\mshtml.dll
[-] 2009-07-19 . 5D085EA1C4CE231DFBE9AF84225DE4AD . 6098432 . . [8.00.6001.18812] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2009-07-19 . 19C9FC84B91467171674D76EB0224D48 . 5938176 . . [8.00.6001.22902] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll
[7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB974455-IE8\mshtml.dll
[-] 2009-01-16 . 0975BFBBCF2639C8BB5C0790F020DE6C . 3594752 . . [7.00.6000.16809] . . c:\windows\SoftwareDistribution\Download\e9a7a6846a2553591a8aa92d2f6f48fd\SP2GDR\mshtml.dll
[-] 2009-01-16 . F386435C5E0A5D86E9F90B659D4F6075 . 3596288 . . [7.00.6000.20996] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll
[-] 2009-01-16 . F386435C5E0A5D86E9F90B659D4F6075 . 3596288 . . [7.00.6000.20996] . . c:\windows\SoftwareDistribution\Download\e9a7a6846a2553591a8aa92d2f6f48fd\SP2QFE\mshtml.dll
[-] 2008-12-13 . 0AFB982529328ABAF64EFC6C85E0F09C . 3593216 . . [7.00.6000.16788] . . c:\windows\ie7updates\KB961260-IE7\mshtml.dll
[-] 2008-12-13 . CB7922B3AD4BC5BBEDA130F6C9E0656A . 3594752 . . [7.00.6000.20973] . . c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll
[-] 2008-12-12 . 19442577E63238262B8CA132E64FA5BE . 3088384 . . [6.00.2900.3492] . . c:\windows\$hf_mig$\KB960714\SP2QFE\mshtml.dll
[-] 2008-12-12 . 6F69E698F11B1214F05195873B73BED4 . 3088896 . . [6.00.2900.5726] . . c:\windows\$hf_mig$\KB960714\SP3QFE\mshtml.dll
[-] 2008-12-12 . A3C8A9D3F61F721FCA1A841164FB0CF2 . 3088896 . . [6.00.2900.5726] . . c:\windows\$hf_mig$\KB960714\SP3GDR\mshtml.dll
[-] 2008-10-17 . 74BF6087086364FA96BF047DA7C9EB38 . 3593216 . . [7.00.6000.16762] . . c:\windows\SoftwareDistribution\Download\9be74ccf2e967ebc45085789ed7bfc38\SP2GDR\mshtml.dll
[-] 2008-10-16 . EB75C0C66C633D0EFD0176450F8857F8 . 3595264 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll
[-] 2008-10-16 . EB75C0C66C633D0EFD0176450F8857F8 . 3595264 . . [7.00.6000.20935] . . c:\windows\SoftwareDistribution\Download\9be74ccf2e967ebc45085789ed7bfc38\SP2QFE\mshtml.dll
[-] 2008-10-16 . 14BBFF7E52B9FF4645AB4EF9D4CE6182 . 3088384 . . [6.00.2900.3462] . . c:\windows\$hf_mig$\KB958215\SP2QFE\mshtml.dll
[-] 2008-10-16 . 72299C6CD21801EAB5CBBC3F7B1DB195 . 3088896 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\mshtml.dll
[-] 2008-10-16 . CC8B4DA84F4621329ACA3F7A81584F83 . 3088896 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3GDR\mshtml.dll
[-] 2008-08-27 . 3CCDB836BBAB800FDED3181AF7EED38F . 3593216 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\mshtml.dll
[-] 2008-08-27 . 3CCDB836BBAB800FDED3181AF7EED38F . 3593216 . . [7.00.6000.16735] . . c:\windows\SoftwareDistribution\Download\a37a907ce729d9b027006f974e62dcad\SP2GDR\mshtml.dll
[-] 2008-08-26 . 0F345A2FE55C3DC9693AAAF2E983F4AD . 3594752 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
[-] 2008-08-26 . 0F345A2FE55C3DC9693AAAF2E983F4AD . 3594752 . . [7.00.6000.20900] . . c:\windows\SoftwareDistribution\Download\a37a907ce729d9b027006f974e62dcad\SP2QFE\mshtml.dll
[-] 2007-08-13 . 1B70DB042A98B52BBBFEA5CBF8AF3FD2 . 3851264 . . [7.00.5730.13] . . c:\windows\ie8\mshtml.dll
[7] 2004-08-03 . 3FE8D0C4C2F3B928192BD06DCEE34B32 . 3003392 . . [6.00.2900.2180] . . c:\windows\ie7\mshtml.dll

[7] 2009-10-29 . F461ACD33F06BF1FB28FFF1EF345FE63 . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[7] 2009-08-29 . 4CFF479B02819293167F42940B5EF12B . 916480 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
[7] 2009-08-29 . 39E483C39E0EED381977EC1121ADD2BF . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
[7] 2009-07-03 . B0249F1B9F68E55CB7D2656339D13323 . 915456 . . [8.00.6001.22896] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
[7] 2009-07-03 . 995E2754D7FB0203A45351A1376836ED . 915456 . . [8.00.6001.18806] . . c:\windows\NiwradSoft Shell Pack\Backup\wininet.dll
[-] 2009-07-03 . F45A0863D3098DE7CB6CAE578497FF36 . 982016 . . [8.00.6001.18806] . . c:\windows\system32\wininet.dll
[-] 2009-07-03 . F45A0863D3098DE7CB6CAE578497FF36 . 982016 . . [8.00.6001.18806] . . c:\windows\system32\dllcache\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB974455-IE8\wininet.dll
[-] 2008-12-20 . 4E192082A5FCE9EF19198A24CDEA3442 . 827904 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[-] 2008-12-20 . 4E192082A5FCE9EF19198A24CDEA3442 . 827904 . . [7.00.6000.20978] . . c:\windows\SoftwareDistribution\Download\e9a7a6846a2553591a8aa92d2f6f48fd\SP2QFE\wininet.dll
[-] 2008-12-20 . 0551C946E305CEE0A79BA744DC141BFC . 826368 . . [7.00.6000.16791] . . c:\windows\SoftwareDistribution\Download\e9a7a6846a2553591a8aa92d2f6f48fd\SP2GDR\wininet.dll
[-] 2008-10-16 . CFBFA47415E85018E2CDC509E5E3D011 . 826368 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll
[-] 2008-10-16 . CFBFA47415E85018E2CDC509E5E3D011 . 826368 . . [7.00.6000.16762] . . c:\windows\SoftwareDistribution\Download\9be74ccf2e967ebc45085789ed7bfc38\SP2GDR\wininet.dll
[-] 2008-10-16 . 37D1A1BFE3D9904F2C3D11592456F9C0 . 827904 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
[-] 2008-10-16 . 37D1A1BFE3D9904F2C3D11592456F9C0 . 827904 . . [7.00.6000.20935] . . c:\windows\SoftwareDistribution\Download\9be74ccf2e967ebc45085789ed7bfc38\SP2QFE\wininet.dll
[-] 2008-10-16 . F9AE6DBB4EC5B4D1A82BF2F0CB7EE200 . 671744 . . [6.00.2900.3462] . . c:\windows\$hf_mig$\KB958215\SP2QFE\wininet.dll
[-] 2008-10-16 . 1C6E9FDAB1F4CB983A39EFBA6F131ACC . 671232 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\wininet.dll
[-] 2008-10-16 . 05033943FF61ABD13B93C00337D04E92 . 670208 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3GDR\wininet.dll
[-] 2008-08-26 . 4B0E70D44297877A313045BD059770E1 . 827904 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
[-] 2008-08-26 . 4B0E70D44297877A313045BD059770E1 . 827904 . . [7.00.6000.20900] . . c:\windows\SoftwareDistribution\Download\a37a907ce729d9b027006f974e62dcad\SP2QFE\wininet.dll
[-] 2008-08-26 . E30CACD98479B36A3DBFA3267BF62DD0 . 826368 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\wininet.dll
[-] 2008-08-26 . E30CACD98479B36A3DBFA3267BF62DD0 . 826368 . . [7.00.6000.16735] . . c:\windows\SoftwareDistribution\Download\a37a907ce729d9b027006f974e62dcad\SP2GDR\wininet.dll
[-] 2007-08-13 . F284A6225A3057A1E19985E1D4B47ADA . 809472 . . [7.00.5730.13] . . c:\windows\ie8\wininet.dll
[7] 2004-08-03 . 58FE94EF42E074F4CAD8BF02E70E6478 . 660480 . . [6.00.2900.2180] . . c:\windows\ie7\wininet.dll

[-] 2004-08-03 . 3B6A6717B558A079316E41586201CF12 . 40448 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
[7] 2004-08-03 . 5584247B568C2E53934873F4B655FE6A . 15360 . . [5.1.2600.2180] . . c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
[7] 2004-08-03 . 5584247B568C2E53934873F4B655FE6A . 15360 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\8a2a5ecd72c62a4fe04757ab8c19e933\backup\ctfmon.exe
[-] 2004-08-03 . 3B6A6717B558A079316E41586201CF12 . 40448 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe
[-] 2004-08-03 . 3B6A6717B558A079316E41586201CF12 . 40448 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ctfmon.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll

[HKLM\~\startupfolder\C:^Documents and Settings^motec^Menu Démarrer^Programmes^Démarrage^ImpulseNow.lnk]
path=c:\documents and settings\motec\Menu Démarrer\Programmes\Démarrage\ImpulseNow.lnk
backup=c:\windows\pss\ImpulseNow.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^motec^Menu Démarrer^Programmes^Démarrage^RocketDock.lnk]
path=c:\documents and settings\motec\Menu Démarrer\Programmes\Démarrage\RocketDock.lnk
backup=c:\windows\pss\RocketDock.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-09-04 11:08 1017208 ----a-r- c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO Internet Security]
2009-12-14 19:02 1799952 ----a-w- c:\program files\COMODO\COMODO Internet Security\cfp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2004-08-03 23:54 40448 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
2009-12-19 16:42 2872832 ----a-w- c:\program files\DAP\DAP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileHippo.com]
2009-11-02 13:54 155648 ----a-w- c:\program files\FileHippo.com\UpdateChecker.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
2008-01-21 05:56 29831168 ----a-r- c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-02-16 15:15 151552 ----a-w- c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2009-12-03 15:14 1463632 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2007-06-24 20:08 8466432 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2007-06-24 20:08 81920 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 10:04 2879488 ----a-r- c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
2009-11-20 12:03 2166784 ----a-w- c:\program files\Spyware Terminator\SpywareTerminatorShield.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
2009-11-07 16:24 3055616 ----a-w- c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-11-07 15:21 223008 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2009-12-22 14:41 289584 ----a-w- c:\program files\uTorrent\uTorrent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS12 Preload]
c:\program files\Corel\Corel VideoStudio 12\uvPL.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp]
2005-10-31 20:15 237568 ----a-r- c:\windows\system32\VTTrayp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"SerialNumber"="A109A-K13-3ZXD-BAP5-TE"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\DAP\\DAP.exe"= c:\\Program Files\\DAP\\DAP.EXE
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorShield.exe"=
"c:\\WINDOWS\\system32\\wuauclt.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\WINWORD.EXE"=
"c:\\Program Files\\Hitman Pro 3.5\\HitmanPro35.exe"=
"c:\\Program Files\\VIA\\VIAudioi\\HDADeck\\HDeck.exe"=
"c:\\WINDOWS\\system32\\VTtrayp.exe"=
"c:\\WINDOWS\\system32\\NiwradSoft.scr"=
"c:\\Program Files\\Shareaza\\Shareaza.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\WINDOWS\\system32\\NIWRAD~2.SCR"=
"c:\\Program Files\\Google\\Picasa3\\PicasaPhotoViewer.exe"=
"c:\\Program Files\\Internet Download Manager\\IDMan.exe"=
"c:\\Program Files\\ABBYY FineReader 6.0 Sprint\\Sprint.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [13/08/2007 23:21 16896]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [13/08/2007 23:21 52224]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [14/12/2009 19:43 132296]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [14/12/2009 19:43 25160]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [07/11/2009 17:24 142592]
R2 Uvnc_service;Uvnc_service;c:\program files\UltraVNC Addons\uvnc_service.exe [30/10/2009 20:33 63296]
R3 adiusbae;USB ADSL LAN Adapter;c:\windows\system32\drivers\adiusbae.sys [05/02/2009 22:11 117785]
R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [13/08/2007 23:22 714240]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [13/08/2007 23:23 215936]
S3 hitmanpro35;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro35.sys [10/12/2009 18:35 13952]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [06/11/2007 21:22 34064]
S3 vm331avs;VC0334 USB2.0 Digital Camera;c:\windows\system32\drivers\vm331avs.sys [06/05/2008 02:48 970624]
S3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\system32\drivers\WsAudioDevice_383.sys [19/07/2009 14:47 16640]
S4 TipCtrl;TipCtrl;"c:\program files\uTIPu\TipCtrl.exe" --> c:\program files\uTIPu\TipCtrl.exe [?]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - ASC3360PR

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-03-08 03:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
------- Examen supplémentaire -------
.
uStart Page = about:blank
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uDefault_Search_URL = hxxp://www.google.com/ie
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Télécharger avec IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Télécharger le contenu de video FLV avec IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Télécharger tous les liens avec IDM - c:\program files\Internet Download Manager\IEGetAll.htm
FF - ProfilePath - c:\documents and settings\motec\Application Data\Mozilla\Firefox\Profiles\w6oproi7.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com?o=13170&l=dis
FF - prefs.js: keyword.URL - hxxp://search.imesh.com/webResults.html?src=ffb&q=
FF - component: c:\documents and settings\motec\Application Data\Mozilla\Firefox\Profiles\w6oproi7.default\extensions\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}\components\FFExternalAlert.dll
FF - component: c:\program files\DAP\DAPFireFox\components\DAPFireFox.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
- - - - ORPHELINS SUPPRIMES - - - -

Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-24 12:49
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwClose, ZwOpenFile

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-527237240-113007714-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-527237240-113007714-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*d*)*l%\OpenWithList]
@Class="Shell"
"a"="shimgvw.dll"
"MRUList"="ab"
"b"="PicasaPhotoViewer.exe"

[HKEY_USERS\S-1-5-21-527237240-113007714-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*d*)*l%\OpenWithProgids]
"d)+_auto_file"=hex(0):

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|þ»Ñw*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(940)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\cscui.dll

- - - - - - - > 'lsass.exe'(1004)
c:\windows\system32\setupapi.dll
c:\windows\system32\psbase.dll

- - - - - - - > 'Explorer.EXE'(392)
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\sfc_os.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Heure de fin: 2009-12-24 12:57:02 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-12-24 11:57
ComboFix2.txt 2009-12-21 09:36

Avant-CF: 25 591 250 944 octets libres
Après-CF: 25 435 721 728 octets libres

- - End Of File - - 4A8C104E8FAE58C6F732EBC90EB8056F


Merci
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
chaima csc
chaima -
chaima -

1 réponse
j'ai renversé de l'eau sur mon pc portable
sardine -
moudubulbe -

14 réponses
Comment taper l'arobase sur un pc hp ?
kadem -
Tatopoulosse -

5 réponses