Sujet Précédent Sujet Suivant

Virtumonde ! SOS !!

Résolu
MiSSZ24 Messages postés 43 Statut Membre -  
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
Gros problème ek Virtumonde. J'ai scanner avec Avast et il n'a rien trouvé mais SpyBot lui trouve quelque chose ...
http://img144.imageshack.us/img144/4981/viruscynthiatf9.jpg (Cliquer dessus pour l'agrandir) J'ai besoin d'aide pour m'en débarrasser ... je n'ai pas envie de reformater tout sa !

J'ai essayer ceci : http://www.commentcamarche.net/forum/affich 3092451 virtumonde
Et sa N'A PAS marcher !
Et Cela: http://www.malekal.com/Trojan.vundo.php
ET sa N'A PAS marcher non plus ... J'ai besoin d'aide rapidement ...

25 réponses

  • 1
  • 2
Réponse 1 / 25
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
slt,

colle un rapport hijackthis

http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

manuel :

https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html

Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.

ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste

Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."

_________________

combofix (colle le rapport)
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
0
Réponse 2 / 25
MiSSZ24 Messages postés 43 Statut Membre
 
Voici mon rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:18:53, on 2007-11-27
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\RtkBtMnt.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\Fonts\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Fonts\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://en.us.acer.yahoo.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Host Process] C:\WINDOWS\Fonts\svchost.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [0fbc282b] rundll32.exe "C:\WINDOWS\system32\qvvgsdge.dll",b
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MétéoIMédia] C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall.info.apple.com/mickey/fr/win/QuickTimeInstaller.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
0
Réponse 3 / 25
MiSSZ24 Messages postés 43 Statut Membre
 
Rapport ComboFix:

ComboFix 07-11-19.4 - Owner 2007-11-27 17:29:21.2 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.282 [GMT -5:00]
Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Owner\Application Data\inst.exe
C:\WINDOWS\system32\geeby.dll
C:\WINDOWS\system32\ybeeg.ini
C:\WINDOWS\system32\ybeeg.ini2

.
((((((((((((((((((((((((( Files Created from 2007-10-27 to 2007-11-27 )))))))))))))))))))))))))))))))
.

2007-11-27 16:06 <DIR> d-------- C:\Program Files\Trend Micro
2007-11-26 19:15 85,056 --a------ C:\WINDOWS\system32\qvvgsdge.dll
2007-11-26 19:15 414 ---hs---- C:\WINDOWS\system32\egdsgvvq.ini
2007-11-26 19:12 80,960 --a------ C:\WINDOWS\system32\qrkaxven.dll
2007-11-23 16:45 83,520 --a------ C:\WINDOWS\system32\ccekwryk.dll
2007-11-23 16:42 738,656 ---hs---- C:\WINDOWS\system32\kpbphsbu.ini
2007-11-23 16:42 85,056 --a------ C:\WINDOWS\system32\ubshpbpk.dll
2007-11-23 14:37 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Grisoft
2007-11-23 14:37 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-11-23 14:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-11-22 21:18 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-11-22 21:18 30,590 --a------ C:\WINDOWS\system32\pavas.ico
2007-11-22 21:18 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico
2007-11-22 21:18 1,406 --a------ C:\WINDOWS\system32\Help.ico
2007-11-22 20:24 <DIR> d-------- C:\Program Files\BHODemon 2
2007-11-22 19:52 <DIR> d-------- C:\VundoFix Backups
2007-11-22 15:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-22 15:45 738,596 ---hs---- C:\WINDOWS\system32\rmasrtwm.ini
2007-11-22 15:42 79,936 --a------ C:\WINDOWS\system32\jnmfsopx.dll
2007-11-21 11:08 80,960 --a------ C:\WINDOWS\system32\cnmenqst.dll
2007-11-21 11:02 714,461 ---hs---- C:\WINDOWS\system32\knastbuf.ini
2007-11-21 11:02 85,056 --a------ C:\WINDOWS\system32\fubtsank.dll
2007-11-21 02:59 2,321,792 --a------ C:\WINDOWS\system32\TUKernel.exe
2007-11-19 23:32 83,008 --a------ C:\WINDOWS\system32\eqexkaad.dll
2007-11-19 23:27 689,283 ---hs---- C:\WINDOWS\system32\ssggoeem.ini
2007-11-19 23:26 85,056 --a------ C:\WINDOWS\system32\meeoggss.dll
2007-11-19 21:22 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll
2007-11-19 21:19 37,376 --a------ C:\WINDOWS\system32\fccyxxx.dll
2007-11-19 21:19 260 --a------ C:\4063.bat
2007-11-19 21:19 120 --a------ C:\n.bat
2007-11-19 21:19 0 --a------ C:\z.dat
2007-11-19 21:19 0 --a------ C:\x.dat
2007-11-19 21:18 37,376 --a------ C:\WINDOWS\system32\mljjgef.dll.vir
2007-11-19 21:17 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-15 22:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2007-11-15 22:16 29,704 --a------ C:\WINDOWS\system32\uxtuneup.dll
2007-11-15 22:15 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-15 22:02 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\TuneUp Software
2007-11-12 21:17 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-11-12 21:16 <DIR> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2007-11-12 21:09 <DIR> d--hs---- C:\Program Files\Common Files\WindowsLiveInstaller
2007-11-12 21:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-07 23:23 <DIR> d-------- C:\Program Files\MSBuild
2007-11-07 23:23 <DIR> d-------- C:\Program Files\Microsoft Works
2007-11-07 23:22 <DIR> d-------- C:\Program Files\Microsoft.NET
2007-11-07 23:20 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8
2007-11-07 23:19 <DIR> d-------- C:\WINDOWS\SHELLNEW

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-26 03:34 8,460,288 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-18 16:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-10-12 03:39 --------- d-----w C:\Program Files\DivX
2007-10-12 03:35 --------- d-----w C:\Program Files\WinAVI Video Converter
2007-10-12 00:03 --------- d-----w C:\Program Files\WinAVI Video Capture
2007-10-08 20:59 --------- d-----w C:\Documents and Settings\Owner\Application Data\Ahead
2007-10-08 20:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ahead
2007-10-08 20:57 --------- d-----w C:\Program Files\Common Files\Ahead
2007-10-08 02:54 --------- d-----w C:\Program Files\LGE PC Portal
2007-10-08 02:52 --------- d-----w C:\Documents and Settings\Owner\Application Data\Destinator
2007-10-03 01:29 --------- d-----w C:\Program Files\Nicolas MERLET
2007-10-02 23:43 --------- d-----w C:\Program Files\Common Files\Simple Star Shared
2007-10-02 23:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Simple Star Shared
2007-10-02 23:42 --------- d-----w C:\Program Files\AskTBar
2007-10-02 23:42 --------- d-----w C:\Documents and Settings\Owner\Application Data\Simple Star
2007-09-30 21:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2007-09-30 20:47 --------- d-----w C:\Program Files\Alwil Software
2007-09-30 20:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avg7
2007-09-30 20:23 --------- d-----w C:\Program Files\Windows Live
2007-09-30 20:23 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-09-30 20:23 --------- d-----w C:\Program Files\Adverts
2007-07-23 01:39 47,360 ----a-w C:\Documents and Settings\Owner\Application Data\pcouffin.sys
2007-01-10 17:15 839,702 ----a-w C:\WINDOWS\Fonts\Crack.exe
2007-01-10 17:15 839,701 --sh--w C:\WINDOWS\Fonts\svchost.exe
2007-01-10 17:15 839,701 --sh--w C:\WINDOWS\Fonts\svchost.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{378d8fe8-8d3d-45a6-9fe7-498dbf5798aa}]
2007-11-26 19:12 80960 --a------ C:\WINDOWS\system32\qrkaxven.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7BFAEB8E-7545-4524-A927-B6C9F3C32B18}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C1F78710-EEDB-4E63-B180-23ABC0366671}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{d8f3f1e0-ce64-467f-a1bb-b1bed85f6e23}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 20:00]
"MétéoIMédia"="C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe" []
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-06 17:06]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 13:56]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 11:12]
"RTHDCPL"="RTHDCPL.EXE" [2006-08-16 11:23 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-08-16 11:21 C:\WINDOWS\SkyTel.exe]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2006-08-16 11:20]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-07-31 21:02]
"Acer ePresentation HPD"="C:\Acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-07-28 10:40]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-10 20:00]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 20:00]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 20:00]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 20:00]
"ePower_DMC"="C:\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-08-30 09:57]
"Boot"="C:\Acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 22:12]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-08-15 20:34]
"LManager"="C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE" [2006-09-07 19:52]
"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-06-01 14:40]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 18:30]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 00:02]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57]
"Host Process"="C:\WINDOWS\Fonts\svchost.exe" [2007-01-10 12:15]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-10 20:00 C:\WINDOWS\system32\bthprops.cpl]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 04:25]
"0fbc282b"="C:\WINDOWS\system32\qvvgsdge.dll" [2007-11-26 19:15]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-07-04 01:23]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06]
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2006-08-03 15:34:04]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\geeby.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime

R2 int15;int15;\??\C:\WINDOWS\system32\drivers\int15.sys
R2 tvicport;tvicport;\??\C:\WINDOWS\system32\drivers\tvicport.sys
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe -k netsvcs
R3 DKbFltr;Dritek Keyboard Filter Driver;C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
R3 EMSCR;EMSCR;C:\WINDOWS\system32\DRIVERS\EMS7SK.sys
R3 ESDCR;ESDCR;C:\WINDOWS\system32\DRIVERS\ESD7SK.sys
R3 ESMCR;ESMCR;C:\WINDOWS\system32\DRIVERS\ESM7SK.sys
R3 psdfilter;psdfilter;\??\C:\WINDOWS\system32\Drivers\psdfilter.sys
R3 psdvdisk;psdvdisk;\??\C:\WINDOWS\system32\Drivers\psdvdisk.sys
S3 sonypvs1;Sony Digital Imaging Video2;C:\WINDOWS\system32\DRIVERS\sonypvs1.sys

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

.
Contents of the 'Scheduled Tasks' folder
"2007-11-23 22:20:20 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- D:\TuneUpSecurity\SystemOptimizer.exe
.
**************************************************************************

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-27 17:38:39
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-27 17:42:51 - machine was rebooted
.
--- E O F ---
0
Réponse 4 / 25
MiSSZ24 Messages postés 43 Statut Membre
 
Voici mon rapport SpyBot après toute ca, je veux comprendre ... Merci !
[IMG]http://img144.imageshack.us/img144/4981/viruscynthiatf9.jpg[/IMG]
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 25
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
scan avec vundofix (colle le rapport)

Téléchargez VundoFix -> http://www.atribune.org/ccount/click.php?id=4

Double cliquez VundoFix.exe pour l'exécuter.
Quand VundoFix s'ouvre, cliquez sur le bouton Scan for Vundo.
Une fois le scan fini, cliquez sur le bouton Remove Vundo.
Vous recevrez un avertissement vous demandant si vous voulez effacer ces
fichiers répondez en cliquant sur YES
Une fois que vous avez cliqué yes, votre bureau deviendra vide au moment où il
enlève Vundo.

Quand c'est fini, il vous sera demandé de redémarrer votre ordinateur, cliquez
OK.

_______
puis :

virtumondebegone (colle le rapport)

http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe

______________

colle le rapport d'un scan en ligne
avec

Panda en ligne :
http://pandasoftware.fr

_________________

recolle un rapport hijackthis en le renommant et un nouveau rappport combofix

aplus
0
Réponse 6 / 25
MiSSZ24 Messages postés 43 Statut Membre
 
Scan VundiFix:

Beginning removal...

Performing Repairs to the registry.
Done!

VundoFix V6.6.2

Checking Java version...

Java version is 1.5.0.3
Old versions of java are exploitable and should be removed.

Scan started at 01:09:32 2007-11-28

Listing files found while scanning....

No infected files were found.

Scan VirtumondeBeGone:

[11/28/2007, 15:42:10] - VirtumundoBeGone v1.5 ( "D:\VirtumundoBeGone.exe" )
[11/28/2007, 15:42:46] - Detected System Information:
[11/28/2007, 15:42:46] - Windows Version: 5.1.2600, Service Pack 2
[11/28/2007, 15:42:46] - Current Username: Owner (Admin)
[11/28/2007, 15:42:46] - Windows is in NORMAL mode.
[11/28/2007, 15:42:46] - Searching for Browser Helper Objects:
[11/28/2007, 15:42:46] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[11/28/2007, 15:42:46] - BHO 2: {378d8fe8-8d3d-45a6-9fe7-498dbf5798aa} ()
[11/28/2007, 15:42:46] - WARNING: BHO has no default name. Checking for Winlogon reference.
[11/28/2007, 15:42:46] - Checking for HKLM\...\Winlogon\Notify\qrkaxven
[11/28/2007, 15:42:46] - Key not found: HKLM\...\Winlogon\Notify\qrkaxven, continuing.
[11/28/2007, 15:42:46] - BHO 3: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
[11/28/2007, 15:42:46] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[11/28/2007, 15:42:46] - BHO 5: {7BFAEB8E-7545-4524-A927-B6C9F3C32B18} ()
[11/28/2007, 15:42:46] - WARNING: BHO has no default name. Checking for Winlogon reference.
[11/28/2007, 15:42:46] - No filename found. Continuing.
[11/28/2007, 15:42:46] - BHO 6: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[11/28/2007, 15:42:46] - BHO 7: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[11/28/2007, 15:42:46] - BHO 8: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[11/28/2007, 15:42:46] - BHO 9: {C1F78710-EEDB-4E63-B180-23ABC0366671} ()
[11/28/2007, 15:42:46] - WARNING: BHO has no default name. Checking for Winlogon reference.
[11/28/2007, 15:42:46] - No filename found. Continuing.
[11/28/2007, 15:42:46] - BHO 10: {d8f3f1e0-ce64-467f-a1bb-b1bed85f6e23} ()
[11/28/2007, 15:42:46] - WARNING: BHO has no default name. Checking for Winlogon reference.
[11/28/2007, 15:42:46] - No filename found. Continuing.
[11/28/2007, 15:42:46] - Finished Searching Browser Helper Objects
[11/28/2007, 15:42:46] - Finishing up...
[11/28/2007, 15:42:46] - Nothing found! Exiting...

Scan avec Panda TotalSCan:
Résultats
Félicitations !
Aucun virus, logiciel espion, cheval de Troie ou aucune autre menace ACTIVE ou LATENTE n'a été détecté(e) sur votre PC.
Nous avons détecté que avast! antivirus 4.7.1074 [VPS 071128-0] est activé(e) et à jour.
El texto que corresponda en cada momento
Après l'analyse complète de votre PC, aucun logiciel malveillant ACTIF ou LATENT n'a été détecté.

Rapport Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:11:50, on 2007-11-28
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\Fonts\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Fonts\svchost.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\RtkBtMnt.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Owner\My Documents\Mes fichiers reçus\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://en.us.acer.yahoo.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: {aa8975fb-d894-7ef9-6a54-d3d88ef8d873} - {378d8fe8-8d3d-45a6-9fe7-498dbf5798aa} - C:\WINDOWS\system32\qrkaxven.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7BFAEB8E-7545-4524-A927-B6C9F3C32B18} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {C1F78710-EEDB-4E63-B180-23ABC0366671} - (no file)
O2 - BHO: (no name) - {d8f3f1e0-ce64-467f-a1bb-b1bed85f6e23} - (no file)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Host Process] C:\WINDOWS\Fonts\svchost.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [0fbc282b] rundll32.exe "C:\WINDOWS\system32\qvvgsdge.dll",b
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MétéoIMédia] C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall.info.apple.com/mickey/fr/win/QuickTimeInstaller.exe
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
0
Réponse 7 / 25
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
slt,

si tu as avast et norton vire un des deux

_________________

lance hijackthis, selectionne ces lignes puis fais fix cheked

O2 - BHO: {aa8975fb-d894-7ef9-6a54-d3d88ef8d873} - {378d8fe8-8d3d-45a6-9fe7-498dbf5798aa} - C:\WINDOWS\system32\qrkaxven.dll

O2 - BHO: (no name) - {C1F78710-EEDB-4E63-B180-23ABC0366671} - (no file)
O2 - BHO: (no name) - {d8f3f1e0-ce64-467f-a1bb-b1bed85f6e23} - (no file)

O4 - HKLM\..\Run: [0fbc282b] rundll32.exe "C:\WINDOWS\system32\qvvgsdge.dll",b
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
____________

télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

Citation :

C:\WINDOWS\system32\qvvgsdge.dll
C:\WINDOWS\system32\qrkaxven.dll
C:\WINDOWS\system32\mljjgef.dll.vir

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
http://img137.imageshack.us/img137/3558/refaitjk8.th.jpg

________________________

analyse ces fichiers sur virus total : https://www.virustotal.com/gui/

ceux qui sont inféctés tu les vires avec otmovit: comme precedement

C:\WINDOWS\system32\egdsgvvq.ini
C:\WINDOWS\system32\ccekwryk.dll
C:\WINDOWS\system32\kpbphsbu.ini
C:\WINDOWS\system32\ubshpbpk.dll
C:\WINDOWS\system32\rmasrtwm.ini
C:\WINDOWS\system32\jnmfsopx.dll
C:\WINDOWS\system32\cnmenqst.dll
C:\WINDOWS\system32\knastbuf.ini
C:\WINDOWS\system32\fubtsank.dll
C:\WINDOWS\system32\eqexkaad.dll
C:\WINDOWS\system32\ssggoeem.ini
C:\WINDOWS\system32\meeoggss.dll
C:\WINDOWS\system32\vbzip10.dll
C:\WINDOWS\system32\fccyxxx.dll

______________________

nettoie ton registre avec regcleaner:

http://manuelsdaide.com/RegCleaner/RegCleaner.htm

_______________________

installe
SPYWAREBLASTER pour immuniser le système contre vundo que tu avais mais en anglais (mais facile d'utilisation : il suffit de faire "update" pour mettre à jour tous les mois et ensuite" enable all protection" pour immuniser)...

_______________________

recolle un rapport combofix, hijakthis et surtout dis tes problemes
0
Réponse 8 / 25
MiSSZ24 Messages postés 43 Statut Membre
 
J'ai suivi les procédures plus haut et sa fonctionner avec l'aide de jlpjlp ! Merci
0
Réponse 9 / 25
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
parfait mais as tu fais le message 7 et analysé les fichiers pour voir si il faut les virer?
0
Réponse 10 / 25
MiSSZ24 Messages postés 43 Statut Membre
 
SVP JLPJLP !
Encore pogner ce maudit virus !!! VIRTUMONDE détecter avec Spybot:

Rapport Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:29:39, on 2008-08-12
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\VMSnap3.EXE
C:\WINDOWS\Domino.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\acc\acc.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Owner\Desktop\sanner.exe..exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.ca.acer.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.ca.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.ca.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://en.us.acer.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7BFAEB8E-7545-4524-A927-B6C9F3C32B18} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: {c8767520-8a74-b5c8-39a4-d8b01a800da9} - {9ad008a1-0b8d-4a93-8c5b-47a80257678c} - C:\WINDOWS\system32\hjdzaa.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {E482A951-26ED-4898-A1EB-09A942D95A52} - C:\WINDOWS\system32\pmnkhGaX.dll
*O2 - BHO: (no name) - {FFA69C76-13CA-4C7E-A7E0-822917C8066E} - C:\WINDOWS\system32\ljJaWQGa.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.EXE
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~1\STARDOCK\WINCUS~1\BOOTSKIN\BOOTSKIN.EXE" /StartupJobs
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe /idle
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [acc] C:\PROGRA~1\acc\acc.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall.info.apple.com/mickey/fr/win/QuickTimeInstaller.exe
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: intu-ir2007 - {52BAEC6B-9405-46F9-A131-6D50720A3CC4} - C:\Program Files\ImpotRapide 2007\ic2007pp.dll (file missing)
O20 - Winlogon Notify: pmnkhGaX - C:\WINDOWS\SYSTEM32\pmnkhGaX.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)

-
End of file - 12279 bytes
D'après moi le problème serais en gras ... Aidez-moi SVP !
0
Réponse 11 / 25
MiSSZ24 Messages postés 43 Statut Membre
 
Rapport CombiFix:

ComboFix 08-08-11.01 - Owner 2008-08-12 1:58:39.5 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.373 [GMT -4:00]
Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe
* Created a new restore point

[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Owner\Application Data\macromedia\Flash Player\#SharedObjects\SJ4B454P\interclick.com
C:\Documents and Settings\Owner\Application Data\macromedia\Flash Player\#SharedObjects\SJ4B454P\interclick.com\ud.sol
C:\Documents and Settings\Owner\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com
C:\Documents and Settings\Owner\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol
C:\WINDOWS\system32\aGQWaJjl.ini
C:\WINDOWS\system32\aGQWaJjl.ini2
C:\WINDOWS\system32\ddcyVnMG.dll
C:\WINDOWS\system32\egdsgvvq.ini
C:\WINDOWS\system32\eqodqptl.dll
C:\WINDOWS\system32\hjdzaa.dll
C:\WINDOWS\system32\knastbuf.ini
C:\WINDOWS\system32\kpbphsbu.ini
C:\WINDOWS\system32\ljJaWQGa.dll
C:\WINDOWS\system32\ltpqdoqe.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\pmnkhGaX.dll
C:\WINDOWS\system32\rmasrtwm.ini
C:\WINDOWS\system32\xingiuix.dll
C:\x.dat
C:\z.dat

.
((((((((((((((((((((((((( Files Created from 2008-07-12 to 2008-08-12 )))))))))))))))))))))))))))))))
.

2008-08-11 17:34 . 2008-08-11 17:34 <DIR> d-------- C:\Program Files\acc
2008-08-09 13:24 . 2008-08-09 13:24 1,071 --a------ C:\WINDOWS\AWMODEM.INF
2008-08-02 20:16 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-08-02 20:16 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\dllcache\usbscan.sys
2008-08-02 20:15 . 2008-08-02 20:15 <DIR> d-------- C:\Program Files\ScanSoft
2008-08-02 20:15 . 2008-08-02 20:15 <DIR> d-------- C:\Program Files\Common Files\ScanSoft Shared
2008-08-02 20:15 . 2008-08-02 20:15 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\ScanSoft
2008-08-02 20:15 . 2008-08-02 20:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ScanSoft
2008-08-02 20:15 . 2008-08-02 20:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-08-02 20:15 . 2008-08-02 20:15 412 --a------ C:\WINDOWS\MAXLINK.INI
2008-08-02 20:13 . 2008-08-02 20:13 <DIR> d-------- C:\Program Files\Common Files\CANON
2008-08-02 20:10 . 2008-08-02 20:10 <DIR> d--h----- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2008-08-02 20:10 . 2008-08-02 20:10 <DIR> d--h----- C:\Program Files\CanonBJ
2008-08-02 20:10 . 2008-08-02 20:11 <DIR> d--h----- C:\Documents and Settings\All Users\Application Data\CanonBJ
2008-08-02 20:10 . 2007-03-23 03:30 1,400,832 --a------ C:\WINDOWS\system32\CNC210C.DLL
2008-08-02 20:10 . 2007-03-18 16:00 215,040 --a------ C:\WINDOWS\system32\CNMLM8S.DLL
2008-08-02 20:10 . 2007-03-18 21:16 200,704 --a------ C:\WINDOWS\system32\CNC210L.DLL
2008-08-02 20:10 . 2007-03-15 01:12 188,416 --a------ C:\WINDOWS\system32\CNC210O.DLL
2008-08-02 20:10 . 2007-03-23 03:29 98,304 --a------ C:\WINDOWS\system32\CNC210I.DLL
2008-08-02 20:09 . 2008-08-02 20:09 <DIR> d-------- C:\Program Files\Canon
2008-07-27 20:10 . 2008-07-27 20:10 <DIR> d-------- C:\Program Files\Real
2008-07-27 20:10 . 2008-07-27 20:10 <DIR> d-------- C:\Program Files\Common Files\Real

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-28 00:10 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-06-20 17:41 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:41 245,248 ----a-w C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
2008-06-13 13:10 272,128 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-13 13:10 272,128 ----a-w C:\WINDOWS\system32\dllcache\bthport.sys
2007-07-23 00:39 47,360 ----a-w C:\Documents and Settings\Owner\Application Data\pcouffin.sys
2007-10-12 02:40 1,890 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2007-10-12 02:40 56 --sh--r C:\WINDOWS\system32\75F2130F9C.sys
.

((((((((((((((((((((((((((((( snapshot@2007-11-27_17.41.57.43 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-11-17 18:31:32 347,136 ------w C:\WINDOWS\$hf_mig$\KB873339\SP2QFE\hypertrm.dll
+ 2004-11-17 17:31:32 347,136 ------w C:\WINDOWS\$hf_mig$\KB873339\SP2QFE\hypertrm.dll
- 2004-10-14 15:34:52 7,168 ------w C:\WINDOWS\$hf_mig$\KB873339\spmsg.dll
+ 2004-10-14 14:34:52 7,168 ------w C:\WINDOWS\$hf_mig$\KB873339\spmsg.dll
- 2004-10-14 15:36:18 169,984 ------w C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
+ 2004-10-14 14:36:18 169,984 ------w C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
- 2004-10-14 15:36:16 21,504 ------w C:\WINDOWS\$hf_mig$\KB873339\update\spcustom.dll
+ 2004-10-14 14:36:16 21,504 ------w C:\WINDOWS\$hf_mig$\KB873339\update\spcustom.dll
- 2004-10-14 15:34:54 654,848 ------w C:\WINDOWS\$hf_mig$\KB873339\update\update.exe
+ 2004-10-14 14:34:54 654,848 ------w C:\WINDOWS\$hf_mig$\KB873339\update\update.exe
- 2004-10-28 02:28:18 721,920 ------w C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\lsasrv.dll
+ 2004-10-28 01:28:18 721,920 ------w C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\lsasrv.dll
- 2004-10-28 02:15:16 448,128 ------w C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\mrxsmb.sys
+ 2004-10-28 01:15:16 448,128 ------w C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\mrxsmb.sys
- 2004-10-28 02:14:56 174,592 ------w C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\rdbss.sys
+ 2004-10-28 01:14:56 174,592 ------w C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\rdbss.sys
- 2004-10-14 16:34:52 7,168 ------w C:\WINDOWS\$hf_mig$\KB885835\spmsg.dll
+ 2004-10-14 15:34:52 7,168 ------w C:\WINDOWS\$hf_mig$\KB885835\spmsg.dll
- 2004-10-14 16:36:18 169,984 ------w C:\WINDOWS\$hf_mig$\KB885835\spuninst.exe
+ 2004-10-14 15:36:18 169,984 ------w C:\WINDOWS\$hf_mig$\KB885835\spuninst.exe
- 2004-10-14 16:36:16 21,504 ------w C:\WINDOWS\$hf_mig$\KB885835\update\spcustom.dll
+ 2004-10-14 15:36:16 21,504 ------w C:\WINDOWS\$hf_mig$\KB885835\update\spcustom.dll
- 2004-10-14 16:34:54 654,848 ------w C:\WINDOWS\$hf_mig$\KB885835\update\update.exe
+ 2004-10-14 15:34:54 654,848 ------w C:\WINDOWS\$hf_mig$\KB885835\update\update.exe
- 2004-10-14 16:34:52 7,168 ------w C:\WINDOWS\$hf_mig$\KB885836\spmsg.dll
+ 2004-10-14 15:34:52 7,168 ------w C:\WINDOWS\$hf_mig$\KB885836\spmsg.dll
- 2004-10-14 16:36:18 169,984 ------w C:\WINDOWS\$hf_mig$\KB885836\spuninst.exe
+ 2004-10-14 15:36:18 169,984 ------w C:\WINDOWS\$hf_mig$\KB885836\spuninst.exe
- 2004-10-14 16:36:16 21,504 ------w C:\WINDOWS\$hf_mig$\KB885836\update\spcustom.dll
+ 2004-10-14 15:36:16 21,504 ------w C:\WINDOWS\$hf_mig$\KB885836\update\spcustom.dll
- 2004-10-14 16:34:54 654,848 ------w C:\WINDOWS\$hf_mig$\KB885836\update\update.exe
+ 2004-10-14 15:34:54 654,848 ------w C:\WINDOWS\$hf_mig$\KB885836\update\update.exe
- 2004-09-29 23:31:18 134,912 ------w C:\WINDOWS\$hf_mig$\KB886185\SP2QFE\ipnat.sys
+ 2004-09-29 22:31:18 134,912 ------w C:\WINDOWS\$hf_mig$\KB886185\SP2QFE\ipnat.sys
- 2004-10-14 19:34:52 7,168 ------w C:\WINDOWS\$hf_mig$\KB886185\spmsg.dll
+ 2004-10-14 18:34:52 7,168 ------w C:\WINDOWS\$hf_mig$\KB886185\spmsg.dll
- 2004-10-14 19:36:16 169,984 ------w C:\WINDOWS\$hf_mig$\KB886185\spuninst.exe
+ 2004-10-14 18:36:16 169,984 ------w C:\WINDOWS\$hf_mig$\KB886185\spuninst.exe
- 2004-10-14 19:36:16 21,504 ------w C:\WINDOWS\$hf_mig$\KB886185\update\spcustom.dll
+ 2004-10-14 18:36:16 21,504 ------w C:\WINDOWS\$hf_mig$\KB886185\update\spcustom.dll
- 2004-10-14 19:34:52 654,848 ------w C:\WINDOWS\$hf_mig$\KB886185\update\update.exe
+ 2004-10-14 18:34:52 654,848 ------w C:\WINDOWS\$hf_mig$\KB886185\update\update.exe
- 2004-10-13 17:21:24 1,694,208 ------w C:\WINDOWS\$hf_mig$\KB887472\SP2QFE\msmsgs.exe
+ 2004-10-13 16:21:24 1,694,208 ------w C:\WINDOWS\$hf_mig$\KB887472\SP2QFE\msmsgs.exe
- 2004-10-14 16:34:52 7,168 ------w C:\WINDOWS\$hf_mig$\KB887472\spmsg.dll
+ 2004-10-14 15:34:52 7,168 ------w C:\WINDOWS\$hf_mig$\KB887472\spmsg.dll
- 2004-10-14 16:36:18 169,984 ------w C:\WINDOWS\$hf_mig$\KB887472\spuninst.exe
+ 2004-10-14 15:36:18 169,984 ------w C:\WINDOWS\$hf_mig$\KB887472\spuninst.exe
- 2004-10-14 16:36:16 21,504 ------w C:\WINDOWS\$hf_mig$\KB887472\update\spcustom.dll
+ 2004-10-14 15:36:16 21,504 ------w C:\WINDOWS\$hf_mig$\KB887472\update\spcustom.dll
- 2004-10-14 16:34:54 654,848 ------w C:\WINDOWS\$hf_mig$\KB887472\update\update.exe
+ 2004-10-14 15:34:54 654,848 ------w C:\WINDOWS\$hf_mig$\KB887472\update\update.exe
- 2004-12-07 20:29:20 96,768 ------w C:\WINDOWS\$hf_mig$\KB888302\SP2QFE\srvsvc.dll
+ 2004-12-07 19:29:20 96,768 ------w C:\WINDOWS\$hf_mig$\KB888302\SP2QFE\srvsvc.dll
- 2004-11-30 19:46:38 7,168 ------w C:\WINDOWS\$hf_mig$\KB888302\spmsg.dll
+ 2004-11-30 18:46:38 7,168 ------w C:\WINDOWS\$hf_mig$\KB888302\spmsg.dll
- 2004-12-01 01:22:42 169,984 ------w C:\WINDOWS\$hf_mig$\KB888302\spuninst.exe
+ 2004-12-01 00:22:42 169,984 ------w C:\WINDOWS\$hf_mig$\KB888302\spuninst.exe
- 2004-12-01 01:22:40 21,504 ------w C:\WINDOWS\$hf_mig$\KB888302\update\spcustom.dll
+ 2004-12-01 00:22:40 21,504 ------w C:\WINDOWS\$hf_mig$\KB888302\update\spcustom.dll
- 2004-11-30 19:46:40 654,848 ------w C:\WINDOWS\$hf_mig$\KB888302\update\update.exe
+ 2004-11-30 18:46:40 654,848 ------w C:\WINDOWS\$hf_mig$\KB888302\update\update.exe
- 2005-04-22 06:18:52 57,344 ------w C:\WINDOWS\$hf_mig$\KB890046\SP2QFE\agentdpv.dll
+ 2005-04-22 05:18:52 57,344 ------w C:\WINDOWS\$hf_mig$\KB890046\SP2QFE\agentdpv.dll
- 2005-05-17 01:26:30 17,920 ------w C:\WINDOWS\$hf_mig$\KB890046\SP2QFE\xpsp3res.dll
+ 2005-05-17 00:26:30 17,920 ------w C:\WINDOWS\$hf_mig$\KB890046\SP2QFE\xpsp3res.dll
- 2005-02-25 01:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB890046\spmsg.dll
+ 2005-02-25 00:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB890046\spmsg.dll
- 2005-02-25 01:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB890046\spuninst.exe
+ 2005-02-25 00:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB890046\spuninst.exe
- 2005-02-25 01:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB890046\update\spcustom.dll
+ 2005-02-25 00:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB890046\update\spcustom.dll
- 2005-02-25 01:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB890046\update\update.exe
+ 2005-02-25 00:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB890046\update\update.exe
- 2005-02-25 01:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB890046\update\updspapi.dll
+ 2005-02-25 00:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB890046\update\updspapi.dll
- 2005-03-02 19:19:56 62,464 ------w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\authz.dll
+ 2005-03-02 18:19:56 62,464 ------w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\authz.dll
- 2005-03-02 02:02:14 2,135,552 ------w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlmp.exe
+ 2005-03-02 01:02:14 2,135,552 ------w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlmp.exe
- 2005-03-02 01:36:40 2,056,832 ------w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
+ 2005-03-02 00:36:40 2,056,832 ------w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
- 2005-03-02 01:36:42 2,015,232 ------w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrpamp.exe
+ 2005-03-02 00:36:42 2,015,232 ------w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrpamp.exe
- 2005-03-02 02:04:22 2,179,456 ------w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
+ 2005-03-02 01:04:22 2,179,456 ------w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
- 2005-03-02 19:19:56 577,024 ------w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
+ 2005-03-02 18:19:56 577,024 ------w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
- 2005-03-02 02:11:26 1,836,160 ------w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\win32k.sys
+ 2005-03-02 01:11:26 1,836,160 ------w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\win32k.sys
- 2005-03-02 19:19:56 291,328 ------w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\winsrv.dll
+ 2005-03-02 18:19:56 291,328 ------w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\winsrv.dll
- 2005-02-25 00:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB890859\spmsg.dll
+ 2005-02-24 23:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB890859\spmsg.dll
- 2005-02-25 00:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB890859\spuninst.exe
+ 2005-02-24 23:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB890859\spuninst.exe
- 2005-02-25 00:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB890859\update\spcustom.dll
+ 2005-02-24 23:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB890859\update\spcustom.dll
- 2005-02-25 00:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB890859\update\update.exe
+ 2005-02-24 23:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB890859\update\update.exe
- 2005-02-25 00:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB890859\update\updspapi.dll
+ 2005-02-24 23:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB890859\update\updspapi.dll
- 2004-11-30 19:46:38 7,168 ------w C:\WINDOWS\$hf_mig$\KB891781\spmsg.dll
+ 2004-11-30 18:46:38 7,168 ------w C:\WINDOWS\$hf_mig$\KB891781\spmsg.dll
- 2004-12-01 01:22:42 169,984 ------w C:\WINDOWS\$hf_mig$\KB891781\spuninst.exe
+ 2004-12-01 00:22:42 169,984 ------w C:\WINDOWS\$hf_mig$\KB891781\spuninst.exe
- 2004-12-01 01:22:40 21,504 ------w C:\WINDOWS\$hf_mig$\KB891781\update\spcustom.dll
+ 2004-12-01 00:22:40 21,504 ------w C:\WINDOWS\$hf_mig$\KB891781\update\spcustom.dll
- 2004-11-30 19:46:40 654,848 ------w C:\WINDOWS\$hf_mig$\KB891781\update\update.exe
+ 2004-11-30 18:46:40 654,848 ------w C:\WINDOWS\$hf_mig$\KB891781\update\update.exe
- 2005-07-08 17:28:58 249,344 ------w C:\WINDOWS\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
+ 2005-07-08 16:28:58 249,344 ------w C:\WINDOWS\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
- 2005-02-25 01:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB893756\spmsg.dll
+ 2005-02-25 00:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB893756\spmsg.dll
- 2005-02-25 01:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB893756\spuninst.exe
+ 2005-02-25 00:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB893756\spuninst.exe
- 2005-07-08 00:27:08 30,720 ------w C:\WINDOWS\$hf_mig$\KB893756\update\arpidfix.exe
+ 2005-07-07 23:27:08 30,720 ------w C:\WINDOWS\$hf_mig$\KB893756\update\arpidfix.exe
- 2005-02-25 01:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB893756\update\spcustom.dll
+ 2005-02-25 00:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB893756\update\spcustom.dll
- 2005-02-25 01:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB893756\update\update.exe
+ 2005-02-25 00:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB893756\update\update.exe
- 2005-02-25 01:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB893756\update\updspapi.dll
+ 2005-02-25 00:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB893756\update\updspapi.dll
- 2005-04-28 20:35:02 1,286,144 ------w C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\ole32.dll
+ 2005-04-28 19:35:02 1,286,144 ------w C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\ole32.dll
- 2005-04-28 20:35:02 74,752 ------w C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\olecli32.dll
+ 2005-04-28 19:35:02 74,752 ------w C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\olecli32.dll
- 2005-04-28 20:35:02 37,376 ------w C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\olecnv32.dll
+ 2005-04-28 19:35:02 37,376 ------w C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\olecnv32.dll
- 2005-04-28 20:35:02 396,288 ------w C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\rpcss.dll
+ 2005-04-28 19:35:02 396,288 ------w C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\rpcss.dll
- 2005-02-25 01:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB894391\spmsg.dll
+ 2005-02-25 00:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB894391\spmsg.dll
- 2005-02-25 01:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB894391\spuninst.exe
+ 2005-02-25 00:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB894391\spuninst.exe
- 2005-02-25 01:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB894391\update\spcustom.dll
+ 2005-02-25 00:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB894391\update\spcustom.dll
- 2005-02-25 01:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB894391\update\update.exe
+ 2005-02-25 00:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB894391\update\update.exe
- 2005-02-25 01:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB894391\update\updspapi.dll
+ 2005-02-25 00:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB894391\update\updspapi.dll
- 2005-05-27 00:26:50 10,752 ------w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\hh.exe
+ 2005-05-26 23:26:50 10,752 ------w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\hh.exe
- 2005-05-27 03:09:00 41,472 ------w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\hhsetup.dll
+ 2005-05-27 02:09:00 41,472 ------w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\hhsetup.dll
- 2005-05-27 03:09:00 155,136 ------w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\itircl.dll
+ 2005-05-27 02:09:00 155,136 ------w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\itircl.dll
- 2005-05-27 03:09:00 137,216 ------w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\itss.dll
+ 2005-05-27 02:09:00 137,216 ------w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\itss.dll
- 2005-02-25 01:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB896358\spmsg.dll
+ 2005-02-25 00:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB896358\spmsg.dll
- 2005-02-25 01:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB896358\spuninst.exe
+ 2005-02-25 00:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB896358\spuninst.exe
- 2005-02-25 01:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB896358\update\spcustom.dll
+ 2005-02-25 00:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB896358\update\spcustom.dll
- 2005-02-25 01:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB896358\update\update.exe
+ 2005-02-25 00:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB896358\update\update.exe
- 2005-02-25 01:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB896358\update\updspapi.dll
+ 2005-02-25 00:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB896358\update\updspapi.dll
- 2005-06-11 01:17:14 57,856 ------w C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
+ 2005-06-11 00:17:14 57,856 ------w C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
- 2005-02-25 01:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB896423\spmsg.dll
+ 2005-02-25 00:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB896423\spmsg.dll
- 2005-02-25 01:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB896423\spuninst.exe
+ 2005-02-25 00:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB896423\spuninst.exe
- 2005-06-29 21:54:32 30,720 ------w C:\WINDOWS\$hf_mig$\KB896423\update\arpidfix.exe
+ 2005-06-29 20:54:32 30,720 ------w C:\WINDOWS\$hf_mig$\KB896423\update\arpidfix.exe
- 2005-02-25 01:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB896423\update\spcustom.dll
+ 2005-02-25 00:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB896423\update\spcustom.dll
- 2005-02-25 01:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB896423\update\update.exe
+ 2005-02-25 00:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB896423\update\update.exe
- 2005-02-25 01:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB896423\update\updspapi.dll
+ 2005-02-25 00:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB896423\update\updspapi.dll
- 2005-05-11 00:51:10 75,776 ------w C:\WINDOWS\$hf_mig$\KB896428\SP2QFE\telnet.exe
+ 2005-05-10 23:51:10 75,776 ------w C:\WINDOWS\$hf_mig$\KB896428\SP2QFE\telnet.exe
- 2005-02-25 01:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB896428\spmsg.dll
+ 2005-02-25 00:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB896428\spmsg.dll
- 2005-02-25 01:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB896428\spuninst.exe
+ 2005-02-25 00:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB896428\spuninst.exe
- 2005-02-25 01:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB896428\update\spcustom.dll
+ 2005-02-25 00:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB896428\update\spcustom.dll
- 2005-02-25 01:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB896428\update\update.exe
+ 2005-02-25 00:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB896428\update\update.exe
- 2005-02-25 01:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB896428\update\updspapi.dll
+ 2005-02-25 00:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB896428\update\updspapi.dll
- 2005-02-25 04:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB898461\spmsg.dll
+ 2005-02-25 03:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB898461\spmsg.dll
- 2005-02-25 04:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB898461\spuninst.exe
+ 2005-02-25 03:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB898461\spuninst.exe
- 2005-02-25 04:35:06 22,752 ------w C:\WINDOWS\$hf_mig$\KB898461\spupdsvc.exe
+ 2005-02-25 03:35:06 22,752 ------w C:\WINDOWS\$hf_mig$\KB898461\spupdsvc.exe
- 2005-02-25 04:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB898461\update\spcustom.dll
+ 2005-02-25 03:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB898461\update\spcustom.dll
- 2005-02-25 04:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB898461\update\update.exe
+ 2005-02-25 03:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB898461\update\update.exe
- 2005-02-25 04:35:06 371,936 ------w C:\WINDOWS\$hf_mig$\KB898461\update\updspapi.dll
+ 2005-02-25 03:35:06 371,936 ------w C:\WINDOWS\$hf_mig$\KB898461\update\updspapi.dll
- 2005-06-15 18:42:36 297,984 ------w C:\WINDOWS\$hf_mig$\KB899587\SP2QFE\kerberos.dll
+ 2005-06-15 17:42:36 297,984 ------w C:\WINDOWS\$hf_mig$\KB899587\SP2QFE\kerberos.dll
- 2005-02-25 01:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB899587\spmsg.dll
+ 2005-02-25 00:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB899587\spmsg.dll
- 2005-02-25 01:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB899587\spuninst.exe
+ 2005-02-25 00:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB899587\spuninst.exe
- 2005-06-29 21:54:32 30,720 ------w C:\WINDOWS\$hf_mig$\KB899587\update\arpidfix.exe
+ 2005-06-29 20:54:32 30,720 ------w C:\WINDOWS\$hf_mig$\KB899587\update\arpidfix.exe
- 2005-02-25 01:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB899587\update\spcustom.dll
+ 2005-02-25 00:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB899587\update\spcustom.dll
- 2005-02-25 01:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB899587\update\update.exe
+ 2005-02-25 00:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB899587\update\update.exe
- 2005-02-25 01:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB899587\update\updspapi.dll
+ 2005-02-25 00:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB899587\update\updspapi.dll
- 2005-06-10 05:06:02 139,528 ------w C:\WINDOWS\$hf_mig$\KB899591\SP2QFE\rdpwd.sys
+ 2005-06-10 04:06:02 139,528 ------w C:\WINDOWS\$hf_mig$\KB899591\SP2QFE\rdpwd.sys
- 2005-02-25 01:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB899591\spmsg.dll
+ 2005-02-25 00:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB899591\spmsg.dll
- 2005-02-25 01:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB899591\spuninst.exe
+ 2005-02-25 00:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB899591\spuninst.exe
- 2005-06-29 21:54:32 30,720 ------w C:\WINDOWS\$hf_mig$\KB899591\update\arpidfix.exe
+ 2005-06-29 20:54:32 30,720 ------w C:\WINDOWS\$hf_mig$\KB899591\update\arpidfix.exe
- 2005-02-25 01:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB899591\update\spcustom.dll
+ 2005-02-25 00:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB899591\update\spcustom.dll
- 2005-02-25 01:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB899591\update\update.exe
+ 2005-02-25 00:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB899591\update\update.exe
- 2005-02-25 01:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB899591\update\updspapi.dll
+ 2005-02-25 00:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB899591\update\updspapi.dll
- 2006-02-15 01:30:08 142,464 ------w C:\WINDOWS\$hf_mig$\KB900485\SP2QFE\aec.sys
+ 2006-02-15 00:30:08 142,464 ------w C:\WINDOWS\$hf_mig$\KB900485\SP2QFE\aec.sys
- 2005-10-13 00:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB900485\spmsg.dll
+ 2005-10-12 23:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB900485\spmsg.dll
- 2005-10-13 00:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB900485\spuninst.exe
+ 2005-10-12 23:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB900485\spuninst.exe
- 2005-10-13 00:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB900485\update\spcustom.dll
+ 2005-10-12 23:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB900485\update\spcustom.dll
- 2005-10-13 00:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB900485\update\update.exe
+ 2005-10-12 23:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB900485\update\update.exe
- 2005-10-13 00:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB900485\update\updspapi.dll
+ 2005-10-12 23:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB900485\update\updspapi.dll
- 2005-09-01 02:44:04 19,968 ------w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
+ 2005-09-01 01:44:04 19,968 ------w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
- 2005-09-23 04:18:20 8,452,608 ------w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\shell32.dll
+ 2005-09-23 03:18:20 8,452,608 ------w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\shell32.dll
- 2005-09-03 00:53:42 474,112 ------w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\shlwapi.dll
+ 2005-09-02 23:53:42 474,112 ------w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\shlwapi.dll
- 2005-09-01 02:44:06 291,840 ------w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\winsrv.dll
+ 2005-09-01 01:44:06 291,840 ------w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\winsrv.dll
- 2005-09-27 01:29:46 21,504 ------w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\xpsp3res.dll
+ 2005-09-27 00:29:46 21,504 ------w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\xpsp3res.dll
- 2005-02-25 01:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB900725\spmsg.dll
+ 2005-02-25 00:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB900725\spmsg.dll
- 2005-02-25 01:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB900725\spuninst.exe
+ 2005-02-25 00:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB900725\spuninst.exe
- 2005-09-26 22:36:24 30,720 ------w C:\WINDOWS\$hf_mig$\KB900725\update\arpidfix.exe
+ 2005-09-26 21:36:24 30,720 ------w C:\WINDOWS\$hf_mig$\KB900725\update\arpidfix.exe
- 2005-02-25 01:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB900725\update\spcustom.dll
+ 2005-02-25 00:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB900725\update\spcustom.dll
- 2005-02-25 01:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB900725\update\update.exe
+ 2005-02-25 00:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB900725\update\update.exe
- 2005-02-25 01:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB900725\update\updspapi.dll
+ 2005-02-25 00:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB900725\update\updspapi.dll
- 2005-09-10 02:48:48 2,068,480 ------w C:\WINDOWS\$hf_mig$\KB901017\SP2QFE\cdosys.dll
+ 2005-09-10 01:48:48 2,068,480 ------w C:\WINDOWS\$hf_mig$\KB901017\SP2QFE\cdosys.dll
- 2005-02-25 01:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB901017\spmsg.dll
+ 2005-02-25 00:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB901017\spmsg.dll
- 2005-02-25 01:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB901017\spuninst.exe
+ 2005-02-25 00:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB901017\spuninst.exe
- 2005-09-09 21:26:26 30,720 ------w C:\WINDOWS\$hf_mig$\KB901017\update\arpidfix.exe
+ 2005-09-09 20:26:26 30,720 ------w C:\WINDOWS\$hf_mig$\KB901017\update\arpidfix.exe
- 2005-02-25 01:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB901017\update\spcustom.dll
+ 2005-02-25 00:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB901017\update\spcustom.dll
- 2005-02-25 01:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB901017\update\update.exe
+ 2005-02-25 00:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB901017\update\update.exe
- 2005-02-25 01:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB901017\update\updspapi.dll
+ 2005-02-25 00:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB901017\update\updspapi.dll
- 2005-10-13 00:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB901190\spmsg.dll
+ 2005-10-12 23:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB901190\spmsg.dll
- 2005-10-13 00:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB901190\spuninst.exe
+ 2005-10-12 23:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB901190\spuninst.exe
- 2005-10-13 00:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB901190\update\spcustom.dll
+ 2005-10-12 23:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB901190\update\spcustom.dll
- 2005-10-13 00:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB901190\update\update.exe
+ 2005-10-12 23:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB901190\update\update.exe
- 2005-10-13 00:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB901190\update\updspapi.dll
+ 2005-10-12 23:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB901190\update\updspapi.dll
- 2005-06-29 02:49:56 254,976 ------w C:\WINDOWS\$hf_mig$\KB901214\SP2QFE\icm32.dll
+ 2005-06-29 01:49:56 254,976 ------w C:\WINDOWS\$hf_mig$\KB901214\SP2QFE\icm32.dll
- 2005-06-29 02:49:56 73,728 ------w C:\WINDOWS\$hf_mig$\KB901214\SP2QFE\mscms.dll
+ 2005-06-29 01:49:56 73,728 ------w C:\WINDOWS\$hf_mig$\KB901214\SP2QFE\mscms.dll
- 2005-02-25 01:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB901214\spmsg.dll
+ 2005-02-25 00:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB901214\spmsg.dll
- 2005-02-25 01:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB901214\spuninst.exe
+ 2005-02-25 00:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB901214\spuninst.exe
- 2005-02-25 01:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB901214\update\spcustom.dll
+ 2005-02-25 00:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB901214\update\spcustom.dll
- 2005-02-25 01:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB901214\update\update.exe
+ 2005-02-25 00:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB901214\update\update.exe
- 2005-02-25 01:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB901214\update\updspapi.dll
+ 2005-02-25 00:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB901214\update\updspapi.dll
- 2005-07-26 05:20:24 225,792 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\catsrv.dll
+ 2005-07-26 04:20:24 225,792 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\catsrv.dll
- 2005-07-26 05:20:24 625,152 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\catsrvut.dll
+ 2005-07-26 04:20:24 625,152 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\catsrvut.dll
- 2005-07-26 05:20:24 110,080 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\clbcatex.dll
+ 2005-07-26 04:20:24 110,080 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\clbcatex.dll
- 2005-07-26 05:20:24 498,688 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\clbcatq.dll
+ 2005-07-26 04:20:24 498,688 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\clbcatq.dll
- 2005-07-26 05:20:24 60,416 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\colbact.dll
+ 2005-07-26 04:20:24 60,416 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\colbact.dll
- 2005-07-26 05:20:24 195,072 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comadmin.dll
+ 2005-07-26 04:20:24 195,072 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comadmin.dll
- 2005-07-26 05:20:26 97,792 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comrepl.dll
+ 2005-07-26 04:20:26 97,792 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comrepl.dll
- 2005-07-26 05:20:28 1,267,200 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comsvcs.dll
+ 2005-07-26 04:20:28 1,267,200 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comsvcs.dll
- 2005-07-26 05:20:28 540,160 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comuid.dll
+ 2005-07-26 04:20:28 540,160 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comuid.dll
- 2005-07-26 05:20:28 243,200 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\es.dll
+ 2005-07-26 04:20:28 243,200 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\es.dll
- 2005-07-26 00:42:36 8,704 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\migregdb.exe
+ 2005-07-25 23:42:36 8,704 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\migregdb.exe
- 2005-07-26 05:20:30 425,472 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\msdtcprx.dll
+ 2005-07-26 04:20:30 425,472 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\msdtcprx.dll
- 2005-07-26 05:20:32 945,152 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\msdtctm.dll
+ 2005-07-26 04:20:32 945,152 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\msdtctm.dll
- 2005-07-26 05:20:32 161,280 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\msdtcuiu.dll
+ 2005-07-26 04:20:32 161,280 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\msdtcuiu.dll
- 2005-07-26 05:20:40 66,560 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\mtxclu.dll
+ 2005-07-26 04:20:40 66,560 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\mtxclu.dll
- 2005-07-26 05:20:40 91,136 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\mtxoci.dll
+ 2005-07-26 04:20:40 91,136 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\mtxoci.dll
- 2005-07-26 05:20:40 1,285,632 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\ole32.dll
+ 2005-07-26 04:20:40 1,285,632 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\ole32.dll
- 2005-07-26 05:20:40 74,752 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\olecli32.dll
+ 2005-07-26 04:20:40 74,752 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\olecli32.dll
- 2005-07-26 05:20:40 37,376 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\olecnv32.dll
+ 2005-07-26 04:20:40 37,376 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\olecnv32.dll
- 2005-07-26 05:20:40 398,336 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\rpcss.dll
+ 2005-07-26 04:20:40 398,336 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\rpcss.dll
- 2005-07-26 05:20:40 101,376 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\txflog.dll
+ 2005-07-26 04:20:40 101,376 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\txflog.dll
- 2005-07-26 05:20:40 11,776 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\xolehlp.dll
+ 2005-07-26 04:20:40 11,776 ------w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\xolehlp.dll
- 2005-02-25 01:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB902400\spmsg.dll
+ 2005-02-25 00:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB902400\spmsg.dll
- 2005-02-25 01:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB902400\spuninst.exe
+ 2005-02-25 00:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB902400\spuninst.exe
- 2005-07-26 00:21:18 30,720 ------w C:\WINDOWS\$hf_mig$\KB902400\update\arpidfix.exe
+ 2005-07-25 23:21:18 30,720 ------w C:\WINDOWS\$hf_mig$\KB902400\update\arpidfix.exe
- 2005-02-25 01:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB902400\update\spcustom.dll
+ 2005-02-25 00:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB902400\update\spcustom.dll
- 2005-02-25 01:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB902400\update\update.exe
+ 2005-02-25 00:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB902400\update\update.exe
- 2005-02-25 01:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB902400\update\updspapi.dll
+ 2005-02-25 00:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB902400\update\updspapi.dll
- 2005-08-22 19:24:56 197,632 ------w C:\WINDOWS\$hf_mig$\KB905414\SP2QFE\netman.dll
+ 2005-08-22 18:24:56 197,632 ------w C:\WINDOWS\$hf_mig$\KB905414\SP2QFE\netman.dll
- 2005-02-25 04:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB905414\spmsg.dll
+ 2005-02-25 03:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB905414\spmsg.dll
- 2005-02-25 04:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB905414\spuninst.exe
+ 2005-02-25 03:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB905414\spuninst.exe
- 2005-08-20 00:50:32 30,720 ------w C:\WINDOWS\$hf_mig$\KB905414\update\arpidfix.exe
+ 2005-08-19 23:50:32 30,720 ------w C:\WINDOWS\$hf_mig$\KB905414\update\arpidfix.exe
- 2005-02-25 04:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB905414\update\spcustom.dll
+ 2005-02-25 03:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB905414\update\spcustom.dll
- 2005-02-25 04:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB905414\update\update.exe
+ 2005-02-25 03:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB905414\update\update.exe
- 2005-02-25 04:35:06 371,936 ------w C:\WINDOWS\$hf_mig$\KB905414\update\updspapi.dll
+ 2005-02-25 03:35:06 371,936 ------w C:\WINDOWS\$hf_mig$\KB905414\update\updspapi.dll
- 2005-08-23 04:39:54 123,392 ------w C:\WINDOWS\$hf_mig$\KB905749\SP2QFE\umpnpmgr.dll
+ 2005-08-23 03:39:54 123,392 ------w C:\WINDOWS\$hf_mig$\KB905749\SP2QFE\umpnpmgr.dll
- 2005-02-25 01:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB905749\spmsg.dll
+ 2005-02-25 00:35:06 14,048 ------w C:\WINDOWS\$hf_mig$\KB905749\spmsg.dll
- 2005-02-25 01:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB905749\spuninst.exe
+ 2005-02-25 00:35:06 209,632 ------w C:\WINDOWS\$hf_mig$\KB905749\spuninst.exe
- 2005-08-22 23:01:30 30,720 ------w C:\WINDOWS\$hf_mig$\KB905749\update\arpidfix.exe
+ 2005-08-22 22:01:30 30,720 ------w C:\WINDOWS\$hf_mig$\KB905749\update\arpidfix.exe
- 2005-02-25 01:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB905749\update\spcustom.dll
+ 2005-02-25 00:35:06 22,240 ------w C:\WINDOWS\$hf_mig$\KB905749\update\spcustom.dll
- 2005-02-25 01:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB905749\update\update.exe
+ 2005-02-25 00:35:06 718,048 ------w C:\WINDOWS\$hf_mig$\KB905749\update\update.exe
- 2005-02-25 01:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB905749\update\updspapi.dll
+ 2005-02-25 00:35:08 371,936 ------w C:\WINDOWS\$hf_mig$\KB905749\update\updspapi.dll
- 2005-10-17 22:21:20 80,896 ------w C:\WINDOWS\$hf_mig$\KB908519\SP2QFE\fontsub.dll
+ 2005-10-17 21:21:20 80,896 ------w C:\WINDOWS\$hf_mig$\KB908519\SP2QFE\fontsub.dll
- 2005-10-17 22:21:20 117,760 ------w C:\WINDOWS\$hf_mig$\KB908519\SP2QFE\t2embed.dll
+ 2005-10-17 21:21:20 117,760 ------w C:\WINDOWS\$hf_mig$\KB908519\SP2QFE\t2embed.dll
- 2005-10-13 00:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB908519\spmsg.dll
+ 2005-10-12 23:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB908519\spmsg.dll
- 2005-10-13 00:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB908519\spuninst.exe
+ 2005-10-12 23:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB908519\spuninst.exe
- 2005-10-13 00:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB908519\update\spcustom.dll
+ 2005-10-12 23:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB908519\update\spcustom.dll
- 2005-10-13 00:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB908519\update\update.exe
+ 2005-10-12 23:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB908519\update\update.exe
- 2005-10-13 00:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB908519\update\updspapi.dll
+ 2005-10-12 23:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB908519\update\updspapi.dll
- 2006-03-17 05:46:32 8,454,656 ------w C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\shell32.dll
+ 2006-03-17 04:46:32 8,454,656 ------w C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\shell32.dll
- 2006-03-17 02:05:36 28,672 ------w C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\verclsid.exe
+ 2006-03-17 01:05:36 28,672 ------w C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\verclsid.exe
- 2006-03-22 02:29:44 23,040 ------w C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\xpsp3res.dll
+ 2006-03-22 01:29:44 23,040 ------w C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\xpsp3res.dll
- 2005-10-13 00:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB908531\spmsg.dll
+ 2005-10-12 23:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB908531\spmsg.dll
- 2005-10-13 00:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB908531\spuninst.exe
+ 2005-10-12 23:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB908531\spuninst.exe
- 2005-10-13 00:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB908531\update\spcustom.dll
+ 2005-10-12 23:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB908531\update\spcustom.dll
- 2005-10-13 00:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB908531\update\update.exe
+ 2005-10-12 23:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB908531\update\update.exe
- 2005-10-13 00:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB908531\update\updspapi.dll
+ 2005-10-12 23:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB908531\update\updspapi.dll
- 2005-10-20 23:26:40 1,082,368 ------w C:\WINDOWS\$hf_mig$\KB910437\SP2QFE\esent.dll
+ 2005-10-20 22:26:40 1,082,368 ------w C:\WINDOWS\$hf_mig$\KB910437\SP2QFE\esent.dll
- 2005-10-13 00:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB910437\spmsg.dll
+ 2005-10-12 23:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB910437\spmsg.dll
- 2005-10-13 00:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB910437\spuninst.exe
+ 2005-10-12 23:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB910437\spuninst.exe
- 2005-10-13 00:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB910437\update\spcustom.dll
+ 2005-10-12 23:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB910437\update\spcustom.dll
- 2005-10-13 00:12:28 716,000 ------w C:\WINDOWS\$hf_mig$\KB910437\update\update.exe
+ 2005-10-12 23:12:28 716,000 ------w C:\WINDOWS\$hf_mig$\KB910437\update\update.exe
- 2005-10-13 00:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB910437\update\updspapi.dll
+ 2005-10-12 23:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB910437\update\updspapi.dll
- 2006-06-22 11:36:52 180,736 ------w C:\WINDOWS\$hf_mig$\KB911280\SP2QFE\rasmans.dll
+ 2006-06-22 10:36:52 180,736 ------w C:\WINDOWS\$hf_mig$\KB911280\SP2QFE\rasmans.dll
- 2005-10-13 00:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB911280\spmsg.dll
+ 2005-10-12 23:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB911280\spmsg.dll
- 2005-10-13 00:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB911280\spuninst.exe
+ 2005-10-12 23:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB911280\spuninst.exe
- 2005-10-13 00:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB911280\update\spcustom.dll
+ 2005-10-12 23:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB911280\update\spcustom.dll
- 2005-10-13 00:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB911280\update\update.exe
+ 2005-10-12 23:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB911280\update\update.exe
- 2005-10-13 00:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB911280\update\updspapi.dll
+ 2005-10-12 23:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB911280\update\updspapi.dll
- 2006-03-23 06:53:08 143,360 ------w C:\WINDOWS\$hf_mig$\KB911562\SP2QFE\msadco.dll
+ 2006-03-23 05:53:08 143,360 ------w C:\WINDOWS\$hf_mig$\KB911562\SP2QFE\msadco.dll
- 2005-10-13 00:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB911562\spmsg.dll
+ 2005-10-12 23:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB911562\spmsg.dll
- 2005-10-13 00:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB911562\spuninst.exe
+ 2005-10-12 23:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB911562\spuninst.exe
- 2005-10-13 00:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB911562\update\spcustom.dll
+ 2005-10-12 23:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB911562\update\spcustom.dll
- 2005-10-13 00:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB911562\update\update.exe
+ 2005-10-12 23:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB911562\update\update.exe
- 2005-10-13 00:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB911562\update\updspapi.dll
+ 2005-10-12 23:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB911562\update\updspapi.dll
- 2006-01-04 05:18:34 68,096 ------w C:\WINDOWS\$hf_mig$\KB911927\SP2QFE\webclnt.dll
+ 2006-01-04 04:18:34 68,096 ------w C:\WINDOWS\$hf_mig$\KB911927\SP2QFE\webclnt.dll
- 2005-10-13 00:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB911927\spmsg.dll
+ 2005-10-12 23:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB911927\spmsg.dll
- 2005-10-13 00:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB911927\spuninst.exe
+ 2005-10-12 23:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB911927\spuninst.exe
- 2005-10-13 00:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB911927\update\spcustom.dll
+ 2005-10-12 23:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB911927\update\spcustom.dll
- 2005-10-13 00:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB911927\update\update.exe
+ 2005-10-12 23:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB911927\update\update.exe
- 2005-10-13 00:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB911927\update\updspapi.dll
+ 2005-10-12 23:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB911927\update\updspapi.dll
- 2006-03-01 20:34:20 426,496 ------w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\msdtcprx.dll
+ 2006-03-01 19:34:20 426,496 ------w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\msdtcprx.dll
- 2006-03-01 20:34:20 956,416 ------w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\msdtctm.dll
+ 2006-03-01 19:34:20 956,416 ------w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\msdtctm.dll
- 2006-03-01 20:34:20 161,280 ------w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\msdtcuiu.dll
+ 2006-03-01 19:34:20 161,280 ------w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\msdtcuiu.dll
- 2006-03-01 20:34:20 66,560 ------w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\mtxclu.dll
+ 2006-03-01 19:34:20 66,560 ------w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\mtxclu.dll
- 2006-03-01 20:34:20 91,136 ------w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\mtxoci.dll
+ 2006-03-01 19:34:20 91,136 ------w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\mtxoci.dll
- 2006-03-01 20:34:20 11,776 ------w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\xolehlp.dll
+ 2006-03-01 19:34:20 11,776 ------w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\xolehlp.dll
- 2005-10-13 00:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB913580\spmsg.dll
+ 2005-10-12 23:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB913580\spmsg.dll
- 2005-10-13 00:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB913580\spuninst.exe
+ 2005-10-12 23:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB913580\spuninst.exe
- 2005-10-13 00:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB913580\update\spcustom.dll
+ 2005-10-12 23:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB913580\update\spcustom.dll
- 2005-10-13 00:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB913580\update\update.exe
+ 2005-10-12 23:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB913580\update\update.exe
- 2005-10-13 00:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB913580\update\updspapi.dll
+ 2005-10-12 23:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB913580\update\updspapi.dll
- 2006-05-19 14:46:40 112,128 ------w C:\WINDOWS\$hf_mig$\KB914388\SP2QFE\dhcpcsvc.dll
+ 2006-05-19 13:46:40 112,128 ------w C:\WINDOWS\$hf_mig$\KB914388\SP2QFE\dhcpcsvc.dll
- 2006-05-19 14:46:40 147,456 ------w C:\WINDOWS\$hf_mig$\KB914388\SP2QFE\dnsapi.dll
+ 2006-05-19 13:46:40 147,456 ------w C:\WINDOWS\$hf_mig$\KB914388\SP2QFE\dnsapi.dll
- 2006-05-19 14:46:40 94,720 ------w C:\WINDOWS\$hf_mig$\KB914388\SP2QFE\iphlpapi.dll
+ 2006-05-19 13:46:40 94,720 ------w C:\WINDOWS\$hf_mig$\KB914388\SP2QFE\iphlpapi.dll
- 2005-10-13 00:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB914388\spmsg.dll
+ 2005-10-12 23:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB914388\spmsg.dll
- 2005-10-13 00:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB914388\spuninst.exe
+ 2005-10-12 23:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB914388\spuninst.exe
- 2005-10-13 00:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB914388\update\spcustom.dll
+ 2005-10-12 23:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB914388\update\spcustom.dll
- 2005-10-13 00:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB914388\update\update.exe
+ 2005-10-12 23:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB914388\update\update.exe
- 2005-10-13 00:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB914388\update\updspapi.dll
+ 2005-10-12 23:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB914388\update\updspapi.dll
- 2006-05-05 11:16:40 454,400 ------w C:\WINDOWS\$hf_mig$\KB914389\SP2QFE\mrxsmb.sys
+ 2006-05-05 10:16:40 454,400 ------w C:\WINDOWS\$hf_mig$\KB914389\SP2QFE\mrxsmb.sys
- 2006-05-05 11:22:52 174,592 ------w C:\WINDOWS\$hf_mig$\KB914389\SP2QFE\rdbss.sys
+ 2006-05-05 10:22:52 174,592 ------w C:\WINDOWS\$hf_mig$\KB914389\SP2QFE\rdbss.sys
- 2005-10-13 00:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB914389\spmsg.dll
+ 2005-10-12 23:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB914389\spmsg.dll
- 2005-10-13 00:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB914389\spuninst.exe
+ 2005-10-12 23:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB914389\spuninst.exe
- 2005-10-13 00:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB914389\update\spcustom.dll
+ 2005-10-12 23:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB914389\update\spcustom.dll
- 2005-10-13 00:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB914389\update\update.exe
+ 2005-10-12 23:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB914389\update\update.exe
- 2005-10-13 00:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB914389\update\updspapi.dll
+ 2005-10-12 23:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB914389\update\updspapi.dll
- 2006-03-17 02:08:10 262,656 ------w C:\WINDOWS\$hf_mig$\KB916595\SP2QFE\http.sys
+ 2006-03-17 01:08:10 262,656 ------w C:\WINDOWS\$hf_mig$\KB916595\SP2QFE\http.sys
- 2005-10-13 00:16:50 14,048 ------w C:\WINDOWS\$hf_mig$\KB916595\spmsg.dll
+ 2005-10-12 23:16:50 14,048 ------w C:\WINDOWS\$hf_mig$\KB916595\spmsg.dll
- 2005-10-13 00:16:50 213,216 ------w C:\WINDOWS\$hf_mig$\KB916595\spuninst.exe
+ 2005-10-12 23:16:50 213,216 ------w C:\WINDOWS\$hf_mig$\KB916595\spuninst.exe
- 2005-10-13 00:16:50 22,752 ------w C:\WINDOWS\$hf_mig$\KB916595\update\spcustom.dll
+ 2005-10-12 23:16:50 22,752 ------w C:\WINDOWS\$hf_mig$\KB916595\update\spcustom.dll
- 2005-10-13 00:16:52 716,000 ------w C:\WINDOWS\$hf_mig$\KB916595\update\update.exe
+ 2005-10-12 23:16:52 716,000 ------w C:\WINDOWS\$hf_mig$\KB916595\update\update.exe
- 2005-10-13 00:16:56 371,424 ------w C:\WINDOWS\$hf_mig$\KB916595\update\updspapi.dll
+ 2005-10-12 23:16:56 371,424 ------w C:\WINDOWS\$hf_mig$\KB916595\update\updspapi.dll
- 2006-05-18 06:37:44 450,560 ------w C:\WINDOWS\$hf_mig$\KB917344\SP2QFE\jscript.dll
+ 2006-05-18 05:37:44 450,560 ------w C:\WINDOWS\$hf_mig$\KB917344\SP2QFE\jscript.dll
- 2005-10-13 00:16:50 14,048 ------w C:\WINDOWS\$hf_mig$\KB917344\spmsg.dll
+ 2005-10-12 23:16:50 14,048 ------w C:\WINDOWS\$hf_mig$\KB917344\spmsg.dll
- 2005-10-13 00:16:50 213,216 ------w C:\WINDOWS\$hf_mig$\KB917344\spuninst.exe
+ 2005-10-12 23:16:50 213,216 ------w C:\WINDOWS\$hf_mig$\KB917344\spuninst.exe
- 2005-10-13 00:16:50 22,752 ------w C:\WINDOWS\$hf_mig$\KB917344\update\spcustom.dll
+ 2005-10-12 23:16:50 22,752 ------w C:\WINDOWS\$hf_mig$\KB917344\update\spcustom.dll
- 2005-10-13 00:16:52 716,000 ------w C:\WINDOWS\$hf_mig$\KB917344\update\update.exe
+ 2005-10-12 23:16:52 716,000 ------w C:\WINDOWS\$hf_mig$\KB917344\update\update.exe
- 2005-10-13 00:16:56 371,424 ------w C:\WINDOWS\$hf_mig$\KB917344\update\updspapi.dll
+ 2005-10-12 23:16:56 371,424 ------w C:\WINDOWS\$hf_mig$\KB917344\update\updspapi.dll
- 2006-04-20 13:18:36 360,576 ------w C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
+ 2006-04-20 12:18:36 360,576 ------w C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
- 2005-10-13 00:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB917953\spmsg.dll
+ 2005-10-12 23:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB917953\spmsg.dll
- 2005-10-13 00:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB917953\spuninst.exe
+ 2005-10-12 23:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB917953\spuninst.exe
- 2005-10-13 00:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB917953\update\spcustom.dll
+ 2005-10-12 23:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB917953\update\spcustom.dll
- 2005-10-13 00:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB917953\update\update.exe
+ 2005-10-12 23:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB917953\update\update.exe
- 2005-10-13 00:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB917953\update\updspapi.dll
+ 2005-10-12 23:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB917953\update\updspapi.dll
- 2006-11-27 16:17:10 539,136 ------w C:\WINDOWS\$hf_mig$\KB918118\SP2QFE\msftedit.dll
+ 2006-11-27 15:17:10 539,136 ------w C:\WINDOWS\$hf_mig$\KB918118\SP2QFE\msftedit.dll
- 2006-11-27 16:17:10 433,664 ------w C:\WINDOWS\$hf_mig$\KB918118\SP2QFE\riched20.dll
+ 2006-11-27 15:17:10 433,664 ------w C:\WINDOWS\$hf_mig$\KB918118\SP2QFE\riched20.dll
- 2005-10-13 00:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB918118\spmsg.dll
+ 2005-10-12 23:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB918118\spmsg.dll
- 2005-10-13 00:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB918118\spuninst.exe
+ 2005-10-12 23:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB918118\spuninst.exe
- 2005-10-13 00:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB918118\update\spcustom.dll
+ 2005-10-12 23:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB918118\update\spcustom.dll
- 2005-10-13 00:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB918118\update\update.exe
+ 2005-10-12 23:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB918118\update\update.exe
- 2005-10-13 00:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB918118\update\updspapi.dll
+ 2005-10-12 23:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB918118\update\updspapi.dll
- 2006-06-01 20:39:42 163,840 ------w C:\WINDOWS\$hf_mig$\KB918439\SP2QFE\jgdw400.dll
+ 2006-06-01 19:39:42 163,840 ------w C:\WINDOWS\$hf_mig$\KB918439\SP2QFE\jgdw400.dll
- 2006-06-01 20:39:42 27,648 ------w C:\WINDOWS\$hf_mig$\KB918439\SP2QFE\jgpl400.dll
+ 2006-06-01 19:39:42 27,648 ------w C:\WINDOWS\$hf_mig$\KB918439\SP2QFE\jgpl400.dll
- 2005-10-13 00:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB918439\spmsg.dll
+ 2005-10-12 23:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB918439\spmsg.dll
- 2005-10-13 00:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB918439\spuninst.exe
+ 2005-10-12 23:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB918439\spuninst.exe
- 2005-10-13 00:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB918439\update\spcustom.dll
+ 2005-10-12 23:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB918439\update\spcustom.dll
- 2005-10-13 00:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB918439\update\update.exe
+ 2005-10-12 23:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB918439\update\update.exe
- 2005-10-13 00:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB918439\update\updspapi.dll
+ 2005-10-12 23:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB918439\update\updspapi.dll
- 2006-07-13 12:43:08 202,496 ------w C:\WINDOWS\$hf_mig$\KB919007\SP2QFE\rmcast.sys
+ 2006-07-13 11:43:08 202,496 ------w C:\WINDOWS\$hf_mig$\KB919007\SP2QFE\rmcast.sys
- 2005-10-13 00:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB919007\spmsg.dll
+ 2005-10-12 23:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB919007\spmsg.dll
- 2005-10-13 00:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB919007\spuninst.exe
+ 2005-10-12 23:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB919007\spuninst.exe
- 2005-10-13 00:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB919007\update\spcustom.dll
+ 2005-10-12 23:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB919007\update\spcustom.dll
- 2005-10-13 00:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB919007\update\update.exe
+ 2005-10-12 23:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB919007\update\update.exe
- 2005-10-13 00:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB919007\update\updspapi.dll
+ 2005-10-12 23:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB919007\update\updspapi.dll
- 2006-07-21 09:26:50 72,704 ------w C:\WINDOWS\$hf_mig$\KB920670\SP2QFE\hlink.dll
+ 2006-07-21 08:26:50 72,704 ------w C:\WINDOWS\$hf_mig$\KB920670\SP2QFE\hlink.dll
- 2005-10-13 00:16:50 14,048 ------w C:\WINDOWS\$hf_mig$\KB920670\spmsg.dll
+ 2005-10-12 23:16:50 14,048 ------w C:\WINDOWS\$hf_mig$\KB920670\spmsg.dll
- 2005-10-13 00:16:50 213,216 ------w C:\WINDOWS\$hf_mig$\KB920670\spuninst.exe
+ 2005-10-12 23:16:50 213,216 ------w C:\WINDOWS\$hf_mig$\KB920670\spuninst.exe
- 2005-10-13 00:16:50 22,752 ------w C:\WINDOWS\$hf_mig$\KB920670\update\spcustom.dll
+ 2005-10-12 23:16:50 22,752 ------w C:\WINDOWS\$hf_mig$\KB920670\update\spcustom.dll
- 2005-10-13 00:16:52 716,000 ------w C:\WINDOWS\$hf_mig$\KB920670\update\update.exe
+ 2005-10-12 23:16:52 716,000 ------w C:\WINDOWS\$hf_mig$\KB920670\update\update.exe
- 2005-10-13 00:16:56 371,424 ------w C:\WINDOWS\$hf_mig$\KB920670\update\updspapi.dll
+ 2005-10-12 23:16:56 371,424 ------w C:\WINDOWS\$hf_mig$\KB920670\update\updspapi.dll
- 2006-06-26 18:45:20 147,456 ------w C:\WINDOWS\$hf_mig$\KB920683\SP2QFE\dnsapi.dll
+ 2006-06-26 17:45:20 147,456 ------w C:\WINDOWS\$hf_mig$\KB920683\SP2QFE\dnsapi.dll
- 2006-06-26 18:45:20 7,680 ------w C:\WINDOWS\$hf_mig$\KB920683\SP2QFE\rasadhlp.dll
+ 2006-06-26 17:45:20 7,680 ------w C:\WINDOWS\$hf_mig$\KB920683\SP2QFE\rasadhlp.dll
- 2005-10-13 00:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB920683\spmsg.dll
+ 2005-10-12 23:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB920683\spmsg.dll
- 2005-10-13 00:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB920683\spuninst.exe
+ 2005-10-12 23:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB920683\spuninst.exe
- 2005-10-13 00:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB920683\update\spcustom.dll
+ 2005-10-12 23:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB920683\update\spcustom.dll
- 2005-10-13 00:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB920683\update\update.exe
+ 2005-10-12 23:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB920683\update\update.exe
- 2005-10-13 00:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB920683\update\updspapi.dll
+ 2005-10-12 23:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB920683\update\updspapi.dll
- 2006-06-22 06:22:04 69,120 ------w C:\WINDOWS\$hf_mig$\KB920685\SP2QFE\ciodm.dll
+ 2006-06-22 05:22:04 69,120 ------w C:\WINDOWS\$hf_mig$\KB920685\SP2QFE\ciodm.dll
- 2006-06-22 06:22:06 1,435,648 ------w C:\WINDOWS\$hf_mig$\KB920685\SP2QFE\query.dll
+ 2006-06-22 05:22:06 1,435,648 ------w C:\WINDOWS\$hf_mig$\KB920685\SP2QFE\query.dll
- 2005-10-13 00:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB920685\spmsg.dll
+ 2005-10-12 23:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB920685\spmsg.dll
- 2005-10-13 00:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB920685\spuninst.exe
+ 2005-10-12 23:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB920685\spuninst.exe
- 2005-10-13 00:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB920685\update\spcustom.dll
+ 2005-10-12 23:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB920685\update\spcustom.dll
- 2005-10-13 00:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB920685\update\update.exe
+ 2005-10-12 23:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB920685\update\update.exe
- 2005-10-13 00:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB920685\update\updspapi.dll
+ 2005-10-12 23:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB920685\update\updspapi.dll
- 2006-06-14 09:50:20 172,416 ------w C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\kmixer.sys
+ 2006-06-14 08:50:20 172,416 ------w C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\kmixer.sys
- 2006-06-14 09:50:20 6,272 ------w C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\splitter.sys
+ 2006-06-14 08:50:20 6,272 ------w C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\splitter.sys
- 2006-06-14 10:17:04 82,944 ------w C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\wdmaud.sys
+ 2006-06-14 09:17:04 82,944 ------w C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\wdmaud.sys
- 2005-10-13 00:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB920872\spmsg.dll
+ 2005-10-12 23:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB920872\spmsg.dll
- 2005-10-13 00:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB920872\spuninst.exe
+ 2005-10-12 23:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB920872\spuninst.exe
- 2005-10-13 00:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB920872\update\spcustom.dll
+ 2005-10-12 23:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB920872\update\spcustom.dll
- 2005-10-13 00:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB920872\update\update.exe
+ 2005-10-12 23:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB920872\update\update.exe
- 2005-10-13 00:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB920872\update\updspapi.dll
+ 2005-10-12 23:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB920872\update\updspapi.dll
- 2007-05-17 12:25:22 549,888 ------w C:\WINDOWS\$hf_mig$\KB921503\SP2QFE\oleaut32.dll
+ 2007-05-17 11:25:22 549,888 ------w C:\WINDOWS\$hf_mig$\KB921503\SP2QFE\oleaut32.dll
- 2005-10-13 00:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB921503\spmsg.dll
+ 2005-10-12 23:12:26 14,048 ------w C:\WINDOWS\$hf_mig$\KB921503\spmsg.dll
- 2005-10-13 00:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB921503\spuninst.exe
+ 2005-10-12 23:12:26 213,216 ------w C:\WINDOWS\$hf_mig$\KB921503\spuninst.exe
- 2005-10-13 00:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB921503\update\spcustom.dll
+ 2005-10-12 23:12:26 22,752 ------w C:\WINDOWS\$hf_mig$\KB921503\update\spcustom.dll
- 2005-10-13 00:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB921503\update\update.exe
+ 2005-10-12 23:12:30 716,000 ------w C:\WINDOWS\$hf_mig$\KB921503\update\update.exe
- 2005-10-13 00:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB921503\update\updspapi.dll
+ 2005-10-12 23:12:34 371,424 ------w C:\WINDOWS\$hf_mig$\KB921503\update\updspapi.dll
- 2006-08-21 13:26:44 16,896 ------w C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltlib.dll
+ 2006-08-21 12:26:44 16,896 ------w C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltlib.dll
- 2006-08-21 10:43:32 23,040 ------w C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltmc.exe
+ 2006-08-21 09:43:32 23,040 ------w C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltmc.exe
- 2006-08-21 10:43:32 128,768 ------w C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltmgr.sys
+ 2006-08-21 09:43:32 128,768 ------w C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltmgr.
0
Réponse 12 / 25
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
recolles hijakthis et surtout dis tes problemes
0
Réponse 13 / 25
MiSSZ24 Messages postés 43 Statut Membre
 
Mon ordi colle, je pers le bureau et la barre des taches et tout revient. Quand je suis sur internet, ya toujours une fenêtre qui souvre m'offrant a downloader un anti-virus bizarre ...

Je recolle le rapport Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:37:11, on 2008-08-12
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\VMSnap3.EXE
C:\WINDOWS\Domino.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\acc\acc.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner\Desktop\sanner.exe..exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.ca.acer.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.ca.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://en.us.acer.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~1\STARDOCK\WINCUS~1\BOOTSKIN\BOOTSKIN.EXE" /StartupJobs
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe /idle
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [acc] C:\PROGRA~1\acc\acc.exe
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall.info.apple.com/mickey/fr/win/QuickTimeInstaller.exe
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{51882884-9552-439B-99FF-2F81B62E8B2E}: NameServer = 142.169.1.16 199.84.242.22
O18 - Protocol: intu-ir2007 - {52BAEC6B-9405-46F9-A131-6D50720A3CC4} - C:\Program Files\ImpotRapide 2007\ic2007pp.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)
0
Réponse 14 / 25
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
colles un rapport avec antivir que tu as
0
Réponse 15 / 25
MiSSZ24 Messages postés 43 Statut Membre
 
Voici:

Avira AntiVir Personal
Report file date: Monday, August 11, 2008 19:35

Scanning for 1547103 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: ACER-1424F82190

Version information:
BUILD.DAT : 8.1.0.326 16933 Bytes 2008-07-11 12:57:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-07-25 15:17:08
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-07-25 15:17:08
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-07-25 15:17:08
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-07-25 15:17:08
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 19:27:16
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 00:45:24
ANTIVIR2.VDF : 7.0.5.207 2316800 Bytes 2008-08-04 22:15:26
ANTIVIR3.VDF : 7.0.5.240 229376 Bytes 2008-08-11 19:24:16
Engineversion : 8.1.1.19
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-04-16 00:01:22
AESCRIPT.DLL : 8.1.0.63 311673 Bytes 2008-08-06 22:15:22
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-15 21:25:00
AERDL.DLL : 8.1.0.20 418165 Bytes 2008-04-28 12:20:20
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 21:24:58
AEOFFICE.DLL : 8.1.0.21 192891 Bytes 2008-07-25 15:17:10
AEHEUR.DLL : 8.1.0.47 1368437 Bytes 2008-08-06 22:15:20
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-05-29 23:33:30
AEGEN.DLL : 8.1.0.35 315764 Bytes 2008-08-06 22:15:14
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-08-01 20:22:38
AECORE.DLL : 8.1.1.8 172406 Bytes 2008-08-01 20:22:36
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-25 15:17:10
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-25 15:17:08
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-07-25 15:17:08
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-08-01 20:22:36
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-07-25 15:17:08
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-04-16 00:01:20
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-07-25 15:17:08
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-04-16 00:01:22
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-07-25 15:17:08
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-04-16 00:01:22
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-07-25 15:16:58
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-07-25 15:16:58

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, F:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: Monday, August 11, 2008 19:35

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'CLI.EXE' - '1' Module(s) have been scanned
Scan process 'CLI.EXE' - '1' Module(s) have been scanned
Scan process 'RtkBtMnt.exe' - '1' Module(s) have been scanned
Scan process 'unsecapp.exe' - '1' Module(s) have been scanned
Scan process 'Acer.Empowering.Framework.Launcher.exe' - '1' Module(s) have been scanned
Scan process 'acc.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'WeatherEye.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'MSMSGS.EXE' - '1' Module(s) have been scanned
Scan process 'RUNDLL32.EXE' - '1' Module(s) have been scanned
Scan process 'OpWareSE4.exe' - '1' Module(s) have been scanned
Scan process 'BJMyPrt.exe' - '1' Module(s) have been scanned
Scan process 'WMIPRVSE.EXE' - '1' Module(s) have been scanned
Scan process 'EHMSAS.EXE' - '1' Module(s) have been scanned
Scan process 'AVGNT.EXE' - '1' Module(s) have been scanned
Scan process 'Domino.EXE' - '1' Module(s) have been scanned
Scan process 'VMSnap3.EXE' - '1' Module(s) have been scanned
Scan process 'RUNDLL32.EXE' - '1' Module(s) have been scanned
Scan process 'PIFSvc.exe' - '1' Module(s) have been scanned
Scan process 'JUSCHED.EXE' - '1' Module(s) have been scanned
Scan process 'eRAgent.exe' - '1' Module(s) have been scanned
Scan process 'QtZgAcer.EXE' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'ePower_DMC.exe' - '1' Module(s) have been scanned
Scan process 'ePresentation.exe' - '1' Module(s) have been scanned
Scan process 'eDSloader.exe' - '1' Module(s) have been scanned
Scan process 'CLI.EXE' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'EHTRAY.EXE' - '1' Module(s) have been scanned
Scan process 'WMIPRVSE.EXE' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'WSCNTFY.EXE' - '1' Module(s) have been scanned
Scan process 'ALG.EXE' - '1' Module(s) have been scanned
Scan process 'DLLHOST.EXE' - '1' Module(s) have been scanned
Scan process 'eLockServ.exe' - '1' Module(s) have been scanned
Scan process 'WMIAPSRV.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'PIFSvc.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'ehRecvr.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AluSchedulerSvc.exe' - '1' Module(s) have been scanned
Scan process 'SCHED.EXE' - '1' Module(s) have been scanned
Scan process 'MemCheck.exe' - '1' Module(s) have been scanned
Scan process 'AVGUARD.EXE' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'ATI2EVXX.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'ATI2EVXX.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
67 processes with 67 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '80' files ).

Starting the file scan:

Begin scan in 'C:\' <ACER>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\hiberfil.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <ACERDATA>
Begin scan in 'F:\' <Cynthia Disc Externe>

End of the scan: Monday, August 11, 2008 20:12
Used time: 37:19 Minute(s)

The scan has been done completely.

8130 Scanning directories
318898 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
318896 Files not concerned
9685 Archives were scanned
2 Warnings
0 Notes
0
Réponse 16 / 25
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
pour ad aware il est dépassé vire le (si tu y tiens vraiment mais au moins la version 2008)

et mets a la place malwarebyte's antimalware et colle un rapport et vires ce qui est trouvé

https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

______________
mets a jour internet explorer ici:

https://www.01net.com/telecharger/windows/Internet/navigateur/fiches/33081.html

______________

analyse ces fichiers sur virus total et si inféctés tu les vires avec otmovit comme tu l'as déjà fait

C:\WINDOWS\VMSnap3.EXE
C:\WINDOWS\Domino.EXE
C:\PROGRA~1\acc\acc.exe

_______________

recolles un rapport hijackthis et dis tes soucis actuels
0
Réponse 17 / 25
MiSSZ24 Messages postés 43 Statut Membre
 
Merci mille fois ! Je fais tout cela et je te revient avec les rapports ! Merci encore !
0
Réponse 18 / 25
MiSSZ24 Messages postés 43 Statut Membre
 
Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1045
Windows 5.1.2600 Service Pack 2

16:25:22 2008-08-12
mbam-log-8-12-2008 (16-25-22).txt

Type de recherche: Examen complet (C:\|D:\|F:\|)
Eléments examinés: 131538
Temps écoulé: 40 minute(s), 59 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 7

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\System Volume Information\_restore{840F8D40-D2B2-4CA1-A56C-AE9B7E3B083F}\RP123\A0023909.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{840F8D40-D2B2-4CA1-A56C-AE9B7E3B083F}\RP183\A0033285.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{840F8D40-D2B2-4CA1-A56C-AE9B7E3B083F}\RP183\A0033286.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\xingiuix.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qoobox\Quarantine\C\WINDOWS\system32\hjdzaa.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{840F8D40-D2B2-4CA1-A56C-AE9B7E3B083F}\RP180\A0033115.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\n.bat (Malware.Trace) -> Quarantined and deleted successfully.

Fichier analysé avec Virus Total:

Fichier VMSnap3.EXE reçu le 2008.08.13 00:31:54 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 0/36 (0%)

Fichier Domino.EXE reçu le 2008.08.13 00:34:58 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 1/36 (2.78%) Worm.Win32.Anilogo.i

Fichier acc.exe reçu le 2008.08.13 06:15:54 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 0/35 (0%)

RAPPORT HIJACKTHIS:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:19:52, on 2008-08-13
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\VMSnap3.EXE
C:\WINDOWS\Domino.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Owner\Desktop\sanner.exe..exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.ca.acer.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.ca.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://en.us.acer.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~1\STARDOCK\WINCUS~1\BOOTSKIN\BOOTSKIN.EXE" /StartupJobs
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe /idle
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall.info.apple.com/mickey/fr/win/QuickTimeInstaller.exe
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: intu-ir2007 - {52BAEC6B-9405-46F9-A131-6D50720A3CC4} - C:\Program Files\ImpotRapide 2007\ic2007pp.dll (file missing)
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)
0
Réponse 19 / 25
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
désactive ta resauration systeme puis redemarre ton ordi puis réactive là
http://service1.symantec.com/support/inter/tsgeninfointl.Nsf/fr_docid/20020830101856924

________________

encore des soucis???
0
Réponse 20 / 25
pimpon
 
il suffit de télécharger chez microsoft WindowsDefender c'est gratuit Un premier scan puis arret complte de la bécanne puis de nouveau relancer le programme en ayant soin de télécharger les mises à jour enfin supprimer le virus c'est tous simple bon courage
0