Sujet Précédent Sujet Suivant

Trojan.virtumonde

Fermé
emiliano - 4 déc. 2007 à 21:07
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 - 19 déc. 2007 à 18:29
Bonjour,
j'ai donc été infecté par un trojan le trojan.virtumonde

voici le scan de Hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 21:03:50, on 4/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\LSUpdateManager.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Aware2007.exe
C:\Program Files\CCleaner\ccleaner.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: (no name) - {DD87866A-34C6-431E-85F1-BC621B81286C} - C:\WINDOWS\system32\vtsqn.dll
O2 - BHO: {b7c9ee7f-c431-ad6a-70c4-c2d1c59fd1ee} - {ee1df95c-1d2c-4c07-a6da-134cf7ee9c7b} - C:\WINDOWS\system32\oactpsju.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [e0b9feae] rundll32.exe "C:\WINDOWS\system32\sgjimuun.dll",b
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00A0D4C.dat
O20 - Winlogon Notify: lekonqib - lekonqib.dll (file missing)
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: printers - {69AAB65A-5A4B-4CCB-B8A1-943CCF771BFD} - libcintles3.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\uemmgaym.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

56 réponses

Précédent
Réponse 41 / 56
emiliano
7 déc. 2007 à 23:42
je n'arrive plus à faire un combofix! soit le site ne fonctionne pas soit mcafee me le supprime parsqu'il y aurai un cheval de troie dedans.

que dois je faire ?
0
Réponse 42 / 56
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
7 déc. 2007 à 23:49
salut

deconnect toi du net et arrete mc afee et passe combofix

je regarderais ca demain

bonne nuit

@+
0
Réponse 43 / 56
emiliano
7 déc. 2007 à 23:59
maintenant que j'ai pu le telecharger mon ordinateur ne veut plus le lancer je n'ai pas l'icone du combofix mais l'icone d'un fichiers que tu sais pas vraiment utilser ( rectangle blanc avec une petite barre bleu au dessus)
0
Réponse 44 / 56
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
8 déc. 2007 à 12:04
salut emiliano,

supprime ce que tu as sur ton bueau et reprends le ici :

Télécharge combofix.exe (par sUBs) sur ton Bureau.

-> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

@+
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 45 / 56
emiliendiego Messages postés 45 Date d'inscription mardi 4 décembre 2007 Statut Membre Dernière intervention 19 janvier 2008 4
8 déc. 2007 à 20:42
ComboFix 07-12-08.1 - Emilien 2007-12-08 19:53:16.4 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.333 [GMT 1:00]
Running from: C:\Documents and Settings\Emilien\Bureau\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Emilien\Application Data\macromedia\Flash Player\#SharedObjects\H4XYMQXH\iforex.com
C:\Documents and Settings\Emilien\Application Data\macromedia\Flash Player\#SharedObjects\H4XYMQXH\iforex.com\Emerp\Events\flash_object.swf\user_data.sol
C:\Documents and Settings\Emilien\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com
C:\Documents and Settings\Emilien\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com\settings.sol

.
((((((((((((((((((((((((((((( Fichiers créés 2007-11-08 to 2007-12-08 ))))))))))))))))))))))))))))))))))))
.

2007-12-07 22:24 . 2007-12-07 22:24 <REP> d-------- C:\WINDOWS\ERUNT
2007-12-05 16:17 . 2007-12-05 16:24 1,005 --a------ C:\WINDOWS\Active Setup Log.BAK
2007-12-05 15:52 . 2007-12-05 15:52 <REP> d-------- C:\WINDOWS\system32\fr-fr
2007-12-05 15:31 . 2007-08-20 10:59 6,058,496 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-12-05 15:31 . 2007-04-17 10:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2007-12-05 15:31 . 2007-03-08 06:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2007-12-05 15:31 . 2007-08-20 10:59 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-12-05 15:31 . 2007-08-20 10:59 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-12-05 15:31 . 2007-08-20 10:59 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-12-05 15:31 . 2007-08-20 10:59 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2007-12-05 15:31 . 2007-08-20 10:59 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-12-05 15:31 . 2007-08-17 11:20 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-12-05 15:28 . 2007-08-13 18:54 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll
2007-12-04 20:59 . 2007-12-05 12:59 <REP> d-------- C:\Program Files\Hijackthis Version Française
2007-12-04 20:29 . 2007-12-04 20:29 <REP> d-------- C:\Program Files\Lavasoft
2007-12-04 20:28 . 2007-12-04 20:28 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-12-04 19:06 . 2007-12-04 19:06 <REP> d-------- C:\Documents and Settings\myriam\Application Data\Grisoft
2007-12-04 19:05 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-12-04 17:05 . 2007-12-07 18:02 <REP> d-------- C:\Program Files\Spyware Doctor
2007-12-04 17:05 . 2007-12-04 17:05 <REP> d-------- C:\Documents and Settings\myriam\Application Data\PC Tools
2007-12-04 17:05 . 2005-09-23 08:29 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-12-04 17:05 . 2007-10-18 00:16 79,688 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2007-12-04 17:05 . 2007-10-18 00:15 62,280 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2007-12-04 17:05 . 2007-10-18 00:14 41,288 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2007-12-04 17:05 . 2007-10-18 00:16 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2007-12-04 16:51 . 2007-12-07 21:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2007-12-03 21:15 . 2007-12-03 21:15 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2007-12-03 20:23 . 2007-12-03 20:46 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-11-28 16:11 . 2007-11-28 16:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Firefly Studios
2007-11-28 13:46 . 2007-11-28 13:46 98,304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2007-11-28 13:45 . 2007-11-28 13:45 <REP> d-------- C:\Program Files\GameShadow
2007-11-28 13:44 . 2007-11-28 13:44 <REP> d-------- C:\WINDOWS\Downloaded Installations
2007-11-28 13:33 . 2007-11-28 13:33 <REP> d-------- C:\Program Files\Firefly Studios
2007-11-15 21:12 . 2007-11-15 21:15 <REP> d-------- C:\Program Files\CDRWIN 6
2007-11-15 21:11 . 2007-12-04 20:27 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2007-11-09 11:56 . 2007-11-09 11:56 <REP> d-------- C:\WINDOWS\Profiles
2007-11-09 11:55 . 2007-11-09 11:55 <REP> d-------- C:\WINDOWS\system32\Adobe
2007-11-09 11:55 . 2007-11-09 11:55 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2007-11-09 11:55 . 2007-11-09 11:55 <REP> d-------- C:\Program Files\directx
2007-11-09 11:55 . 2007-11-09 11:55 <REP> d-------- C:\Documents and Settings\Emilien\Application Data\InterTrust
2007-11-09 11:55 . 1998-10-07 13:54 327,168 --a------ C:\WINDOWS\IsUn0415.exe
2007-11-09 11:51 . 2007-11-09 11:51 <REP> d-------- C:\Program Files\Enlight Software

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-05 17:55 --------- d-----w C:\Program Files\Adverts
2007-12-04 19:35 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2007-12-04 19:35 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-12-04 15:51 --------- d-----w C:\Program Files\Google
2007-12-03 20:08 --------- d-----w C:\Program Files\Windows Live
2007-12-03 19:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-12-01 20:43 --------- d-----w C:\Documents and Settings\Emilien\Application Data\Azureus
2007-11-28 12:33 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-26 14:01 --------- d-----w C:\Documents and Settings\maxime\Application Data\Apple Computer
2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-10-16 18:55 --------- d-----w C:\Program Files\Azureus
2007-10-10 08:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Bags Plus Online Chin
2007-10-09 14:11 --------- d-----w C:\Documents and Settings\maurice\Application Data\Sports Interactive
2007-10-08 20:05 --------- d-----w C:\Program Files\LimeWire
2005-05-10 18:49 37,376 ----a-w C:\WINDOWS\inf\hpz3l3xu.dll
2005-05-10 18:49 1,055,232 ----a-w C:\WINDOWS\inf\hpz3r3xu.dll
2005-05-10 18:48 72,192 ----a-w C:\WINDOWS\inf\hpzpr3xu.dll
2005-05-10 18:48 67,072 ----a-w C:\WINDOWS\inf\hpzpp3xu.dll
2005-05-10 18:48 515,584 ----a-w C:\WINDOWS\inf\hpzev3xu.dll
2005-05-10 18:48 1,963,008 ----a-w C:\WINDOWS\inf\hpzui3xu.dll
2005-05-10 18:48 1,264,640 ----a-w C:\WINDOWS\inf\hpz3a3xu.dll
2005-05-10 18:20 557,056 ----a-w C:\WINDOWS\inf\hpzss3xu.dll
2005-05-10 17:22 2,954,752 ----a-w C:\WINDOWS\inf\hpzst3xu.dll
2005-04-27 18:37 77,824 ----a-w C:\WINDOWS\inf\hpzids01.dll
2005-03-22 13:31 1,323,008 ----a-w C:\WINDOWS\inf\hpbcfgre.dll
2005-03-08 11:52 21,744 ----a-w C:\WINDOWS\inf\HPZius12.sys
2005-03-08 11:52 16,800 ----a-w C:\WINDOWS\inf\hppaufd0.sys
2005-02-21 15:58 7,718,400 ----a-w C:\WINDOWS\inf\hpfig3xu.dll
2005-02-21 15:58 177,152 ----a-w C:\WINDOWS\inf\hpfie3xu.dll
2005-02-04 17:09 16,384 ----a-w C:\WINDOWS\inf\hpfrs3xu.dll
2004-09-30 08:49 274,432 ----a-w C:\WINDOWS\inf\HPZc3212.dll
2004-09-29 23:27 16,880 ----a-w C:\WINDOWS\inf\ctpdusb.sys
2004-09-29 11:38 18,336 ----a-w C:\WINDOWS\inf\hpzuci12.dll
2004-09-28 12:18 200,704 ----a-w C:\WINDOWS\inf\CTPdeSrv.exe
2004-09-28 12:09 28,672 ----a-w C:\WINDOWS\inf\PdeSrvps.dll
2004-09-28 12:09 233,472 ----a-w C:\WINDOWS\inf\CTPmsMan.dll
2004-09-15 14:27 385,109 ----a-w C:\WINDOWS\inf\ctjb2sp.dll
2004-08-15 23:02 28,672 ----a-w C:\WINDOWS\inf\Jb4Inst.dll
2004-08-04 10:24 620,544 ----a-w C:\WINDOWS\inf\UNIRES.DLL
2004-06-29 13:06 659,456 ----a-w C:\WINDOWS\inf\hpcdmc32.dll
2003-11-04 23:00 49,152 ----a-w C:\WINDOWS\inf\ctpde.dll
2003-10-17 03:52 754,560 ----a-w C:\WINDOWS\inf\cmuda.sys
2003-10-15 10:37 114,688 ----a-w C:\WINDOWS\inf\cmuda.dll
2003-10-15 08:26 1,454,080 ----a-w C:\WINDOWS\inf\SMWIZARD.EXE
2003-08-20 10:46 233,472 ----a-w C:\WINDOWS\inf\cmirmdrv.exe
2003-07-31 12:15 143,360 ----a-w C:\WINDOWS\inf\CTPmsWma.dll
2003-04-24 05:29 32,768 ----a-w C:\WINDOWS\inf\udaprop.dll
2003-02-18 10:26 28,672 ----a-w C:\WINDOWS\inf\cmirmdrv.dll
2002-11-19 11:17 65,536 ----a-w C:\WINDOWS\inf\carpdll.dll
2002-11-19 11:17 4,608 ----a-w C:\WINDOWS\inf\carpserv.exe
2002-11-19 11:17 22,400 ----a-w C:\WINDOWS\inf\strmdisp.sys
2002-11-19 11:13 166,144 ----a-w C:\WINDOWS\inf\HSFHWBS2.sys
2002-11-19 11:11 585,472 ----a-w C:\WINDOWS\inf\HSF_CNXT.sys
2002-11-19 11:09 1,067,008 ----a-w C:\WINDOWS\inf\HSF_DP.sys
2002-11-12 02:59 479,232 ----a-w C:\WINDOWS\inf\HXFSetup.exe
2002-11-07 06:56 11,011 ----a-w C:\WINDOWS\inf\mdmxsdk.sys
2002-11-07 05:47 69,632 ----a-w C:\WINDOWS\inf\mdmxsdk.dll
2002-10-29 09:33 27,786 ----a-w C:\WINDOWS\inf\HSFCI005.dll
2002-08-29 09:45 252,416 ----a-w C:\WINDOWS\inf\unidrv.dll
2002-08-29 09:45 199,168 ----a-w C:\WINDOWS\inf\unidrvui.dll
2002-07-10 15:39 32,256 ----a-w C:\WINDOWS\inf\sisnic.sys
2002-04-29 07:04 917,504 ----a-w C:\WINDOWS\inf\CMIDS3D.DLL
2002-02-18 23:00 32,768 ----a-w C:\WINDOWS\inf\PdePgHlp.dll
2001-12-31 16:04 5,099,520 ----a-w C:\WINDOWS\inf\nvoglnt.dll
2001-12-31 16:04 46,080 ----a-w C:\WINDOWS\inf\nvmctray.dll
2001-12-31 16:04 4,130,560 ----a-w C:\WINDOWS\inf\nv4_disp.dll
2001-12-31 16:04 38,400 ----a-w C:\WINDOWS\inf\nvwddi.dll
2001-12-31 16:04 32,256 ----a-w C:\WINDOWS\inf\nvcodins.dll
2001-12-31 16:04 32,256 ----a-w C:\WINDOWS\inf\nvcod.dll
2001-12-31 16:04 3,756,032 ----a-w C:\WINDOWS\inf\nvcpl.dll
2001-12-31 16:04 241,664 ----a-w C:\WINDOWS\inf\nvnt4cpl.dll
2001-12-31 16:04 2,167,552 ----a-w C:\WINDOWS\inf\nv4_mini.sys
2001-12-31 16:04 114,755 ----a-w C:\WINDOWS\inf\nvsvc32.exe
2001-11-23 04:08 712,704 ----a-w C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
2001-11-23 04:08 712,704 ----a-w C:\WINDOWS\inf\Audio3D.dll
2001-11-23 04:08 712,704 ----a-w C:\WINDOWS\inf\a3d.dll
2001-08-23 03:00 4,608 ----a-w C:\WINDOWS\inf\mspqm.sys
2001-08-07 02:53 37,376 ----a-w C:\WINDOWS\inf\uninst.exe
.

((((((((((((((((((((((((((((( snapshot@2007-12-04_22.27.57.76 )))))))))))))))))))))))))))))))))))))))))
.
- 2006-12-19 21:49:47 8,509,952 -c----w C:\WINDOWS\$NtUninstallKB943460$\shell32.dll
- 2007-08-21 10:53:25 121,856 -c----w C:\WINDOWS\$NtUninstallKB943460$\xpsp3res.dll
- 2007-11-27 02:58:11 140,288 ----a-w C:\WINDOWS\catchme.exe
+ 2007-12-08 02:32:45 141,824 ----a-w C:\WINDOWS\catchme.exe
+ 2007-12-05 19:19:42 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2007-12-07 21:24:54 5,459,968 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2007-12-07 21:24:54 495,616 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000002\UsrClass.dat
+ 2007-12-05 19:19:42 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2007-12-07 21:24:40 5,459,968 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2007-12-07 21:24:41 495,616 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000002\UsrClass.dat
+ 2004-08-19 14:09:20 61,440 -c----w C:\WINDOWS\ie7\admparse.dll
+ 2004-08-19 14:09:20 101,888 -c----w C:\WINDOWS\ie7\advpack.dll
+ 2004-08-19 14:09:22 35,328 -c----w C:\WINDOWS\ie7\corpol.dll
+ 2006-06-02 19:32:20 33,792 -c----w C:\WINDOWS\ie7\custsat.dll
+ 2007-08-22 13:13:05 357,888 -c----w C:\WINDOWS\ie7\dxtmsft.dll
+ 2007-08-22 13:13:05 205,312 -c----w C:\WINDOWS\ie7\dxtrans.dll
+ 2007-08-22 13:13:05 55,808 -c----w C:\WINDOWS\ie7\extmgr.dll
+ 2004-08-19 14:09:28 38,912 -c----w C:\WINDOWS\ie7\hmmapi.dll
+ 2004-08-19 14:09:56 34,304 -c----w C:\WINDOWS\ie7\ie4uinit.exe
+ 2004-08-19 14:09:28 139,264 -c----w C:\WINDOWS\ie7\ieakeng.dll
+ 2004-08-19 14:09:28 221,696 -c----w C:\WINDOWS\ie7\ieaksie.dll
+ 2001-09-28 13:00:00 245,760 -c----w C:\WINDOWS\ie7\ieakui.dll
+ 2004-08-19 14:09:28 323,584 -c----w C:\WINDOWS\ie7\iedkcs32.dll
+ 2007-08-21 10:30:45 18,432 -c----w C:\WINDOWS\ie7\iedw.exe
+ 2004-08-19 14:09:28 81,920 -c----w C:\WINDOWS\ie7\ieencode.dll
+ 2007-08-22 13:13:05 251,392 -c----w C:\WINDOWS\ie7\iepeers.dll
+ 2004-08-19 14:09:28 49,152 -c----w C:\WINDOWS\ie7\iernonce.dll
+ 2004-08-19 14:09:28 63,488 -c----w C:\WINDOWS\ie7\iesetup.dll
+ 2004-08-19 14:09:56 93,184 -c----w C:\WINDOWS\ie7\iexplore.exe
+ 2004-08-19 14:09:30 35,840 -c----w C:\WINDOWS\ie7\imgutil.dll
+ 2007-08-22 13:13:06 96,768 -c----w C:\WINDOWS\ie7\inseng.dll
+ 2006-05-18 05:31:21 450,560 -c----w C:\WINDOWS\ie7\jscript.dll
+ 2007-08-22 13:13:06 16,384 -c----w C:\WINDOWS\ie7\jsproxy.dll
+ 2004-08-19 14:09:32 22,528 -c----w C:\WINDOWS\ie7\licmgr10.dll
+ 2004-08-19 14:10:00 29,184 -c----w C:\WINDOWS\ie7\mshta.exe
+ 2007-08-22 13:13:07 3,079,168 -c----w C:\WINDOWS\ie7\mshtml.dll
+ 2007-08-22 13:13:07 449,024 -c----w C:\WINDOWS\ie7\mshtmled.dll
+ 2004-08-19 14:08:28 57,344 -c----w C:\WINDOWS\ie7\mshtmler.dll
+ 2001-09-28 13:00:00 146,432 -c----w C:\WINDOWS\ie7\msls31.dll
+ 2007-08-22 13:13:07 146,432 -c----w C:\WINDOWS\ie7\msrating.dll
+ 2007-08-22 13:13:07 532,480 -c----w C:\WINDOWS\ie7\mstime.dll
+ 2004-08-19 14:09:38 97,280 -c----w C:\WINDOWS\ie7\occache.dll
+ 2007-08-22 13:13:07 39,424 -c----w C:\WINDOWS\ie7\pngfilt.dll
+ 2007-08-13 17:54:42 32,960 -c----w C:\WINDOWS\ie7\spuninst\iecustom.dll
+ 2007-08-13 17:52:06 66,048 -c--a-w C:\WINDOWS\ie7\spuninst\ieResetIcons.exe
+ 2006-09-06 16:43:16 213,216 -c----w C:\WINDOWS\ie7\spuninst\spuninst.exe
+ 2006-09-06 16:43:18 371,424 -c----w C:\WINDOWS\ie7\spuninst\updspapi.dll
+ 2004-08-19 14:09:48 37,888 -c----w C:\WINDOWS\ie7\url.dll
+ 2007-08-22 13:13:08 617,472 -c----w C:\WINDOWS\ie7\urlmon.dll
+ 2004-08-19 14:09:48 417,792 -c----w C:\WINDOWS\ie7\vbscript.dll
+ 2007-06-26 13:56:54 851,968 -c----w C:\WINDOWS\ie7\vgx.dll
+ 2004-08-19 14:09:48 281,600 -c----w C:\WINDOWS\ie7\webcheck.dll
+ 2007-08-22 13:13:08 663,040 -c----w C:\WINDOWS\ie7\wininet.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\updspapi.dll
+ 2007-08-13 17:54:10 765,952 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\vgx.dll
+ 2007-08-13 17:39:00 123,904 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\advpack.dll
+ 2007-08-13 17:39:00 123,904 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\advpack.dll.000
+ 2007-08-13 17:35:38 214,528 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\dxtrans.dll
+ 2007-08-13 17:54:10 131,584 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\extmgr.dll
+ 2007-08-13 17:36:26 61,952 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\icardie.dll
+ 2007-08-13 17:39:06 54,784 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ie4uinit.exe
+ 2007-08-13 17:39:06 54,784 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ie4uinit.exe.000
+ 2007-08-13 17:39:26 152,064 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieakeng.dll
+ 2007-08-13 17:39:26 152,064 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieakeng.dll.000
+ 2007-08-13 17:39:54 229,376 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieaksie.dll
+ 2007-08-13 17:39:54 229,376 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieaksie.dll.000
+ 2007-08-13 16:56:54 161,792 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieakui.dll
+ 2007-02-12 15:10:12 2,451,312 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieapfltr.dat
+ 2007-07-11 11:27:48 383,488 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieapfltr.dll
+ 2007-08-13 17:39:50 382,976 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\iedkcs32.dll
+ 2007-08-13 17:39:50 382,976 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\iedkcs32.dll.000
+ 2007-08-13 17:54:10 6,049,280 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieframe.dll
+ 2007-08-13 17:39:10 43,008 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\iernonce.dll
+ 2007-08-13 17:39:10 43,008 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\iernonce.dll.000
+ 2007-08-13 17:34:04 266,752 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\iertutil.dll
+ 2007-08-13 17:39:10 13,312 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieudinit.exe
+ 2007-08-13 17:43:56 622,080 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\iexplore.exe
+ 2007-08-13 17:43:56 622,080 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\iexplore.exe.000
+ 2007-08-13 17:54:10 27,136 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\jsproxy.dll
+ 2007-08-13 17:54:10 458,752 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\msfeeds.dll
+ 2007-08-13 17:54:10 50,688 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\msfeedsbs.dll
+ 2007-08-13 17:54:12 3,578,368 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\mshtml.dll
+ 2007-08-13 17:54:10 475,648 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\mshtmled.dll
+ 2007-08-13 17:44:26 192,000 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\msrating.dll
+ 2007-08-13 17:54:10 670,720 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\mstime.dll
+ 2007-08-13 17:44:06 101,376 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\occache.dll
+ 2007-08-13 17:44:06 101,376 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\occache.dll.000
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\updspapi.dll
+ 2007-08-13 17:44:30 105,984 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\url.dll
+ 2007-08-13 17:44:30 105,984 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\url.dll.000
+ 2007-08-13 17:54:10 1,162,240 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\urlmon.dll
+ 2007-08-13 17:54:10 231,424 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\webcheck.dll
+ 2007-08-13 17:54:10 231,424 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\webcheck.dll.000
+ 2007-08-13 17:54:10 818,688 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\wininet.dll
+ 2006-06-02 19:32:20 33,792 ------w C:\WINDOWS\network diagnostic\custsat.dll
+ 2006-10-10 12:44:50 557,568 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe
+ 2007-06-29 16:34:24 187,422 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Config\Cache\Professional_32_1036.dat
+ 2007-06-29 16:34:24 187,422 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Config\Cache\Professional_32_1036.dat.bak
- 2004-08-19 14:09:20 61,440 ----a-w C:\WINDOWS\system32\admparse.dll
+ 2007-08-13 17:39:20 71,680 ----a-w C:\WINDOWS\system32\admparse.dll
- 2004-08-19 14:09:20 101,888 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2007-08-20 09:59:29 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2007-08-13 17:39:20 71,680 -c----w C:\WINDOWS\system32\dllcache\admparse.dll
+ 2007-08-20 09:59:29 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2007-08-13 17:42:54 17,408 -c----w C:\WINDOWS\system32\dllcache\corpol.dll
- 2007-08-22 13:13:05 357,888 -c----w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2007-08-13 17:35:46 346,624 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2007-08-22 13:13:05 205,312 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2007-08-20 09:59:29 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2007-08-22 13:13:05 55,808 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2007-08-20 09:59:29 132,608 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2007-08-13 17:18:02 60,416 -c----w C:\WINDOWS\system32\dllcache\hmmapi.dll
+ 2007-08-17 10:22:11 63,488 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2007-08-20 09:59:29 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2007-08-20 09:59:29 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2001-09-28 13:00:00 245,760 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2007-08-17 07:34:25 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2007-08-20 09:59:29 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2007-08-21 10:30:45 18,432 -c----w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2007-08-13 17:44:02 69,120 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2007-08-13 17:45:18 78,336 -c----w C:\WINDOWS\system32\dllcache\ieencode.dll
- 2007-08-22 13:13:05 251,392 -c----w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2007-08-13 17:54:10 191,488 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2007-08-20 09:59:29 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2007-08-13 17:39:12 55,296 -c----w C:\WINDOWS\system32\dllcache\iesetup.dll
+ 2007-08-17 10:22:32 625,152 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2007-08-13 17:36:06 36,352 -c----w C:\WINDOWS\system32\dllcache\imgutil.dll
- 2007-08-22 13:13:06 96,768 -c----w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2007-08-13 17:39:02 92,672 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
- 2006-05-18 05:31:21 450,560 -c----w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2007-08-13 17:38:04 491,520 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
- 2007-08-22 13:13:06 16,384 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2007-08-20 09:59:30 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2007-08-13 17:44:18 40,960 -c----w C:\WINDOWS\system32\dllcache\licmgr10.dll
+ 2007-08-13 17:32:30 45,568 -c----w C:\WINDOWS\system32\dllcache\mshta.exe
- 2007-08-22 13:13:07 3,079,168 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2007-08-20 14:29:32 3,584,512 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-08-22 13:13:07 449,024 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2007-08-20 09:59:30 477,696 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2007-08-13 17:01:12 48,128 -c----w C:\WINDOWS\system32\dllcache\mshtmler.dll
- 2001-09-28 13:00:00 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll
+ 2007-08-13 17:54:10 156,160 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll
- 2007-08-22 13:13:07 146,432 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2007-08-20 09:59:30 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
- 2007-08-22 13:13:07 532,480 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2007-08-20 09:59:30 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2007-08-20 09:59:31 102,400 -c----w C:\WINDOWS\system32\dllcache\occache.dll
- 2007-08-22 13:13:07 39,424 -c----w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2007-08-13 17:36:12 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2007-10-25 16:56:24 8,510,976 -c----w C:\WINDOWS\system32\dllcache\shell32.dll
+ 2007-10-25 16:43:25 8,516,608 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll
+ 2007-08-20 09:59:31 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
- 2007-08-22 13:13:08 617,472 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2007-08-20 09:59:31 1,152,000 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2007-08-13 17:54:10 413,696 -c----w C:\WINDOWS\system32\dllcache\vbscript.dll
- 2007-06-26 13:56:54 851,968 -c----w C:\WINDOWS\system32\dllcache\vgx.dll
+ 2007-07-12 23:30:52 765,952 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll
+ 2007-08-20 09:59:31 232,960 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2007-08-22 13:13:08 663,040 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2007-08-20 09:59:31 824,832 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2004-08-03 21:00:08 29,056 ----a-w C:\WINDOWS\system32\drivers\ip6fw.sys
- 2007-08-22 13:13:05 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2007-08-13 17:35:46 346,624 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2007-08-22 13:13:05 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2007-08-20 09:59:29 214,528 ------w C:\WINDOWS\system32\dxtrans.dll
- 2007-08-22 13:13:05 55,808 ------w C:\WINDOWS\system32\extmgr.dll
+ 2007-08-20 09:59:29 132,608 ------w C:\WINDOWS\system32\extmgr.dll
+ 2007-08-20 09:59:29 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2006-06-29 07:05:44 26,112 ------w C:\WINDOWS\system32\idndl.dll
- 2004-08-19 14:09:56 34,304 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2007-08-17 10:22:11 63,488 ------w C:\WINDOWS\system32\ie4uinit.exe
- 2004-08-19 14:09:28 139,264 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2007-08-20 09:59:29 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
- 2004-08-19 14:09:28 221,696 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2007-08-20 09:59:29 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
- 2001-09-28 13:00:00 245,760 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2007-08-17 07:34:25 161,792 ------w C:\WINDOWS\system32\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\system32\ieapfltr.dat
+ 2007-08-20 09:59:29 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2004-08-19 14:09:28 323,584 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2007-08-20 09:59:29 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
- 2004-08-19 14:09:28 81,920 ------w C:\WINDOWS\system32\ieencode.dll
+ 2007-08-13 17:45:18 78,336 ----a-w C:\WINDOWS\system32\ieencode.dll
+ 2007-08-20 09:59:29 6,058,496 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2007-08-22 13:13:05 251,392 ----a-w C:\WINDOWS\system32\iepeers.dll
+ 2007-08-13 17:54:10 191,488 ----a-w C:\WINDOWS\system32\iepeers.dll
- 2004-08-19 14:09:28 49,152 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2007-08-20 09:59:29 44,544 ------w C:\WINDOWS\system32\iernonce.dll
+ 2007-08-20 09:59:30 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2004-08-19 14:09:28 63,488 ----a-w C:\WINDOWS\system32\iesetup.dll
+ 2007-08-13 17:39:12 55,296 ----a-w C:\WINDOWS\system32\iesetup.dll
+ 2007-08-17 10:20:54 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2007-08-13 17:54:10 180,736 ------w C:\WINDOWS\system32\ieui.dll
- 2004-08-19 14:09:30 35,840 ----a-w C:\WINDOWS\system32\imgutil.dll
+ 2007-08-13 17:36:06 36,352 ----a-w C:\WINDOWS\system32\imgutil.dll
- 2007-08-22 13:13:06 96,768 ----a-w C:\WINDOWS\system32\inseng.dll
+ 2007-08-13 17:39:02 92,672 ----a-w C:\WINDOWS\system32\inseng.dll
- 2006-05-18 05:31:21 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2007-08-13 17:38:04 491,520 ----a-w C:\WINDOWS\system32\jscript.dll
- 2007-08-22 13:13:06 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2007-08-20 09:59:30 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
- 2004-08-19 14:09:32 22,528 ----a-w C:\WINDOWS\system32\licmgr10.dll
+ 2007-08-13 17:44:18 40,960 ----a-w C:\WINDOWS\system32\licmgr10.dll
+ 2007-08-20 09:59:30 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2007-08-20 09:59:30 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2007-08-13 17:36:40 12,288 ------w C:\WINDOWS\system32\msfeedssync.exe
- 2004-08-19 14:10:00 29,184 ----a-w C:\WINDOWS\system32\mshta.exe
+ 2007-08-13 17:32:30 45,568 ----a-w C:\WINDOWS\system32\mshta.exe
- 2007-08-22 13:13:07 3,079,168 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2007-08-20 14:29:32 3,584,512 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2007-08-22 13:13:07 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2007-08-20 09:59:30 477,696 ------w C:\WINDOWS\system32\mshtmled.dll
- 2004-08-19 14:08:28 57,344 ----a-w C:\WINDOWS\system32\mshtmler.dll
+ 2007-08-13 17:01:12 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll
- 2001-09-28 13:00:00 146,432 ----a-w C:\WINDOWS\system32\msls31.dll
+ 2007-08-13 17:54:10 156,160 ----a-w C:\WINDOWS\system32\msls31.dll
- 2007-08-22 13:13:07 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2007-08-20 09:59:30 193,024 ------w C:\WINDOWS\system32\msrating.dll
- 2007-08-22 13:13:07 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2007-08-20 09:59:30 671,232 ------w C:\WINDOWS\system32\mstime.dll
+ 2006-06-28 16:59:26 24,576 ------w C:\WINDOWS\system32\nlsdl.dll
+ 2006-06-29 07:05:44 23,552 ------w C:\WINDOWS\system32\normaliz.dll
- 2004-08-19 14:09:38 97,280 ----a-w C:\WINDOWS\system32\occache.dll
+ 2007-08-20 09:59:31 102,400 ------w C:\WINDOWS\system32\occache.dll
- 2007-08-22 13:13:07 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2007-08-13 17:36:12 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2007-10-25 16:56:24 8,510,976 ----a-w C:\WINDOWS\system32\shell32.dll
+ 2007-10-25 16:43:25 8,516,608 ----a-w C:\WINDOWS\system32\shell32.dll
- 2004-08-19 14:09:48 37,888 ----a-w C:\WINDOWS\system32\url.dll
+ 2007-08-20 09:59:31 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2007-08-22 13:13:08 617,472 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2007-08-20 09:59:31 1,152,000 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2004-08-19 14:09:48 417,792 ----a-w C:\WINDOWS\system32\vbscript.dll
+ 2007-08-13 17:54:10 413,696 ----a-w C:\WINDOWS\system32\vbscript.dll
- 2004-08-19 14:09:48 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll
+ 2006-03-24 04:37:52 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll
- 2004-08-19 14:09:48 281,600 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2007-08-20 09:59:31 232,960 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2007-08-13 17:45:16 206,336 ------w C:\WINDOWS\system32\WinFXDocObj.exe
- 2007-08-22 13:13:08 663,040 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2007-08-20 09:59:31 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2006-07-14 15:51:51 121,856 ------w C:\WINDOWS\system32\xmllite.dll
- 2007-10-29 15:35:14 121,856 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2007-10-29 15:07:16 369,152 ----a-w C:\WINDOWS\system32\xpsp3res.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\flash]
@={AFCE5F03-76B3-92AE-630C-0ED5D3256EE8}
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Offline Files]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" []
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-04-03 23:29]
"DvdGrid"="C:\DOCUME~1\Emilien\APPLIC~1\KNOBCI~1\body way mail.exe" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15:09]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VSOCheckTask"="C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" [2005-07-08 18:18]
"VirusScan Online"="C:\Program Files\McAfee.com\VSO\mcvsshld.exe" [2005-08-10 12:49]
"OASClnt"="C:\Program Files\McAfee.com\VSO\oasclnt.exe" [2005-08-11 22:02]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [2005-09-22 18:29]
"MCUpdateExe"="c:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [2006-01-11 12:05]
"Zone Labs Client"="C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe" [2003-11-18 09:08]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-19 15:10 C:\WINDOWS\system32\rundll32.exe]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-07 15:55]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-08-06 21:35]
"SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2006-01-07 02:36]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-11-02 17:24]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 15:09]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio]
RunDll32 cmicnfg.cpl,CMICtrlWnd

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2004-08-19 15:09 15360 --a------ C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2005-05-11 23:12 49152 --a------ C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2007-09-07 15:55 267064 --a------ C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Online chin internet bolt]
C:\Documents and Settings\All Users\Application Data\Bags Plus Online Chin\Soap 16.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SsAAD.exe]
2006-01-07 02:36 81920 --a------ C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2007-07-12 03:00 132496 --a------ C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot


.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-11-27 20:43:46 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1331 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-08 20:00:21
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwClose

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-08 20:03:13
C:\ComboFix2.txt ... 2007-12-05 12:54
C:\ComboFix3.txt ... 2007-12-04 22:30
.
--- E O F ---
0
Réponse 46 / 56
emiliendiego Messages postés 45 Date d'inscription mardi 4 décembre 2007 Statut Membre Dernière intervention 19 janvier 2008 4
9 déc. 2007 à 19:28
que dois je faire maintenant?
0
Réponse 47 / 56
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
9 déc. 2007 à 21:19
salut,

repost un hijack this stp

@+
0
Réponse 48 / 56
emiliendiego Messages postés 45 Date d'inscription mardi 4 décembre 2007 Statut Membre Dernière intervention 19 janvier 2008 4
12 déc. 2007 à 12:41
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:41:11, on 12/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\Emilien\LOCALS~1\Temp\Rar$EX01.109\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [DvdGrid] C:\DOCUME~1\Emilien\APPLIC~1\KNOBCI~1\body way mail.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1614895754-776561741-725345543-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'maxime')
O4 - HKUS\S-1-5-21-1614895754-776561741-725345543-1006\..\Run: [e0b9feae] rundll32.exe "C:\DOCUME~1\maxime\LOCALS~1\Temp\uoovmtbw.dll",b (User 'maxime')
O4 - HKUS\S-1-5-21-1614895754-776561741-725345543-1006\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'maxime')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 49 / 56
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
12 déc. 2007 à 17:40
salut,

fais ceci :

Copie le texte ci-dessous :

File::
C:\DOCUME~1\Emilien\APPLIC~1\KNOBCI~1\body way mail.exe
C:\DOCUME~1\maxime\LOCALS~1\Temp\uoovmtbw.dll

Folder::
C:\Program Files\Adverts

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DvdGrid"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayide ntifiers\flash]
@=-

Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

http://serveur1.archive-host.com/membres/up/1366464061/CFScript.gif

Cela va relancer Combofix,

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de rédémarrage, poste quand même les rapports.

et

nettoie tes fichiers temporaires avec ceci : atf cleaner, regarde le tuto...

http://www.infosecu.fr/atf.html

telecharge le ici :

http://serveur1.archive-host.com/membres/up/1366464061/ATF-Cleaner.rar

@+
0
Réponse 50 / 56
emiliendiego Messages postés 45 Date d'inscription mardi 4 décembre 2007 Statut Membre Dernière intervention 19 janvier 2008 4
14 déc. 2007 à 21:15
ComboFix 07-12-08.1 - Emilien 2007-12-14 20:57:30.5 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.285 [GMT 1:00]
Running from: C:\Documents and Settings\Emilien\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Emilien\Bureau\CFScript.txt..txt
* Created a new restore point

FILE
C:\DOCUME~1\Emilien\APPLIC~1\KNOBCI~1\body way mail.exe
C:\DOCUME~1\maxime\LOCALS~1\Temp\uoovmtbw.dll
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Adverts

.
((((((((((((((((((((((((((((( Fichiers créés 2007-11-14 to 2007-12-14 ))))))))))))))))))))))))))))))))))))
.

2007-12-14 20:09 . 2007-12-14 20:09 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-12-07 22:24 . 2007-12-07 22:24 <REP> d-------- C:\WINDOWS\ERUNT
2007-12-05 16:17 . 2007-12-05 16:24 1,005 --a------ C:\WINDOWS\Active Setup Log.BAK
2007-12-05 15:52 . 2007-12-05 15:52 <REP> d-------- C:\WINDOWS\system32\fr-fr
2007-12-05 15:31 . 2007-10-11 00:49 6,065,664 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-12-05 15:31 . 2007-04-17 10:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2007-12-05 15:31 . 2007-03-08 06:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2007-12-05 15:31 . 2007-10-11 00:49 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-12-05 15:31 . 2007-10-11 00:49 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-12-05 15:31 . 2007-10-11 00:49 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-12-05 15:31 . 2007-10-11 00:49 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2007-12-05 15:31 . 2007-10-11 00:49 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-12-05 15:31 . 2007-10-10 11:59 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-12-05 15:28 . 2007-08-13 18:54 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll
2007-12-04 20:59 . 2007-12-05 12:59 <REP> d-------- C:\Program Files\Hijackthis Version Française
2007-12-04 20:29 . 2007-12-04 20:29 <REP> d-------- C:\Program Files\Lavasoft
2007-12-04 20:28 . 2007-12-04 20:28 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-12-04 19:06 . 2007-12-04 19:06 <REP> d-------- C:\Documents and Settings\myriam\Application Data\Grisoft
2007-12-04 19:05 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-12-04 17:05 . 2007-12-14 20:07 <REP> d-------- C:\Program Files\Spyware Doctor
2007-12-04 17:05 . 2007-12-04 17:05 <REP> d-------- C:\Documents and Settings\myriam\Application Data\PC Tools
2007-12-04 17:05 . 2005-09-23 08:29 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-12-04 17:05 . 2007-12-14 14:10 74,240 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2007-12-04 17:05 . 2007-12-14 14:10 56,832 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2007-12-04 17:05 . 2007-10-18 00:14 41,288 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2007-12-04 17:05 . 2007-10-18 00:16 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2007-12-04 16:51 . 2007-12-13 11:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2007-12-03 21:15 . 2007-12-03 21:15 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2007-12-03 20:23 . 2007-12-03 20:46 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-11-28 16:11 . 2007-11-28 16:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Firefly Studios
2007-11-28 13:46 . 2007-11-28 13:46 98,304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2007-11-28 13:45 . 2007-11-28 13:45 <REP> d-------- C:\Program Files\GameShadow
2007-11-28 13:44 . 2007-11-28 13:44 <REP> d-------- C:\WINDOWS\Downloaded Installations
2007-11-28 13:33 . 2007-11-28 13:33 <REP> d-------- C:\Program Files\Firefly Studios
2007-11-15 21:12 . 2007-11-15 21:15 <REP> d-------- C:\Program Files\CDRWIN 6
2007-11-15 21:11 . 2007-12-04 20:27 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-08 20:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2007-12-04 19:35 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2007-12-04 19:35 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-12-04 15:51 --------- d-----w C:\Program Files\Google
2007-12-03 20:08 --------- d-----w C:\Program Files\Windows Live
2007-12-03 19:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-12-01 20:43 --------- d-----w C:\Documents and Settings\Emilien\Application Data\Azureus
2007-11-28 12:33 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-09 10:55 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-11-09 10:55 --------- d-----w C:\Program Files\directx
2007-11-09 10:55 --------- d-----w C:\Documents and Settings\Emilien\Application Data\InterTrust
2007-11-09 10:51 --------- d-----w C:\Program Files\Enlight Software
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-26 14:01 --------- d-----w C:\Documents and Settings\maxime\Application Data\Apple Computer
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-10-16 18:55 --------- d-----w C:\Program Files\Azureus
2005-05-10 18:49 37,376 ----a-w C:\WINDOWS\inf\hpz3l3xu.dll
2005-05-10 18:49 1,055,232 ----a-w C:\WINDOWS\inf\hpz3r3xu.dll
2005-05-10 18:48 72,192 ----a-w C:\WINDOWS\inf\hpzpr3xu.dll
2005-05-10 18:48 67,072 ----a-w C:\WINDOWS\inf\hpzpp3xu.dll
2005-05-10 18:48 515,584 ----a-w C:\WINDOWS\inf\hpzev3xu.dll
2005-05-10 18:48 1,963,008 ----a-w C:\WINDOWS\inf\hpzui3xu.dll
2005-05-10 18:48 1,264,640 ----a-w C:\WINDOWS\inf\hpz3a3xu.dll
2005-05-10 18:20 557,056 ----a-w C:\WINDOWS\inf\hpzss3xu.dll
2005-05-10 17:22 2,954,752 ----a-w C:\WINDOWS\inf\hpzst3xu.dll
2005-04-27 18:37 77,824 ----a-w C:\WINDOWS\inf\hpzids01.dll
2005-03-22 13:31 1,323,008 ----a-w C:\WINDOWS\inf\hpbcfgre.dll
2005-03-08 11:52 21,744 ----a-w C:\WINDOWS\inf\HPZius12.sys
2005-03-08 11:52 16,800 ----a-w C:\WINDOWS\inf\hppaufd0.sys
2005-02-21 15:58 7,718,400 ----a-w C:\WINDOWS\inf\hpfig3xu.dll
2005-02-21 15:58 177,152 ----a-w C:\WINDOWS\inf\hpfie3xu.dll
2005-02-04 17:09 16,384 ----a-w C:\WINDOWS\inf\hpfrs3xu.dll
2004-09-30 08:49 274,432 ----a-w C:\WINDOWS\inf\HPZc3212.dll
2004-09-29 23:27 16,880 ----a-w C:\WINDOWS\inf\ctpdusb.sys
2004-09-29 11:38 18,336 ----a-w C:\WINDOWS\inf\hpzuci12.dll
2004-09-28 12:18 200,704 ----a-w C:\WINDOWS\inf\CTPdeSrv.exe
2004-09-28 12:09 28,672 ----a-w C:\WINDOWS\inf\PdeSrvps.dll
2004-09-28 12:09 233,472 ----a-w C:\WINDOWS\inf\CTPmsMan.dll
2004-09-15 14:27 385,109 ----a-w C:\WINDOWS\inf\ctjb2sp.dll
2004-08-15 23:02 28,672 ----a-w C:\WINDOWS\inf\Jb4Inst.dll
2004-08-04 10:24 620,544 ----a-w C:\WINDOWS\inf\UNIRES.DLL
2004-06-29 13:06 659,456 ----a-w C:\WINDOWS\inf\hpcdmc32.dll
2003-11-04 23:00 49,152 ----a-w C:\WINDOWS\inf\ctpde.dll
2003-10-17 03:52 754,560 ----a-w C:\WINDOWS\inf\cmuda.sys
2003-10-15 10:37 114,688 ----a-w C:\WINDOWS\inf\cmuda.dll
2003-10-15 08:26 1,454,080 ----a-w C:\WINDOWS\inf\SMWIZARD.EXE
2003-08-20 10:46 233,472 ----a-w C:\WINDOWS\inf\cmirmdrv.exe
2003-07-31 12:15 143,360 ----a-w C:\WINDOWS\inf\CTPmsWma.dll
2003-04-24 05:29 32,768 ----a-w C:\WINDOWS\inf\udaprop.dll
2003-02-18 10:26 28,672 ----a-w C:\WINDOWS\inf\cmirmdrv.dll
2002-11-19 11:17 65,536 ----a-w C:\WINDOWS\inf\carpdll.dll
2002-11-19 11:17 4,608 ----a-w C:\WINDOWS\inf\carpserv.exe
2002-11-19 11:17 22,400 ----a-w C:\WINDOWS\inf\strmdisp.sys
2002-11-19 11:13 166,144 ----a-w C:\WINDOWS\inf\HSFHWBS2.sys
2002-11-19 11:11 585,472 ----a-w C:\WINDOWS\inf\HSF_CNXT.sys
2002-11-19 11:09 1,067,008 ----a-w C:\WINDOWS\inf\HSF_DP.sys
2002-11-12 02:59 479,232 ----a-w C:\WINDOWS\inf\HXFSetup.exe
2002-11-07 06:56 11,011 ----a-w C:\WINDOWS\inf\mdmxsdk.sys
2002-11-07 05:47 69,632 ----a-w C:\WINDOWS\inf\mdmxsdk.dll
2002-10-29 09:33 27,786 ----a-w C:\WINDOWS\inf\HSFCI005.dll
2002-08-29 09:45 252,416 ----a-w C:\WINDOWS\inf\unidrv.dll
2002-08-29 09:45 199,168 ----a-w C:\WINDOWS\inf\unidrvui.dll
2002-07-10 15:39 32,256 ----a-w C:\WINDOWS\inf\sisnic.sys
2002-04-29 07:04 917,504 ----a-w C:\WINDOWS\inf\CMIDS3D.DLL
2002-02-18 23:00 32,768 ----a-w C:\WINDOWS\inf\PdePgHlp.dll
2001-12-31 16:04 5,099,520 ----a-w C:\WINDOWS\inf\nvoglnt.dll
2001-12-31 16:04 46,080 ----a-w C:\WINDOWS\inf\nvmctray.dll
2001-12-31 16:04 4,130,560 ----a-w C:\WINDOWS\inf\nv4_disp.dll
2001-12-31 16:04 38,400 ----a-w C:\WINDOWS\inf\nvwddi.dll
2001-12-31 16:04 32,256 ----a-w C:\WINDOWS\inf\nvcodins.dll
2001-12-31 16:04 32,256 ----a-w C:\WINDOWS\inf\nvcod.dll
2001-12-31 16:04 3,756,032 ----a-w C:\WINDOWS\inf\nvcpl.dll
2001-12-31 16:04 241,664 ----a-w C:\WINDOWS\inf\nvnt4cpl.dll
2001-12-31 16:04 2,167,552 ----a-w C:\WINDOWS\inf\nv4_mini.sys
2001-12-31 16:04 114,755 ----a-w C:\WINDOWS\inf\nvsvc32.exe
2001-11-23 04:08 712,704 ----a-w C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
2001-11-23 04:08 712,704 ----a-w C:\WINDOWS\inf\Audio3D.dll
2001-11-23 04:08 712,704 ----a-w C:\WINDOWS\inf\a3d.dll
2001-08-23 03:00 4,608 ----a-w C:\WINDOWS\inf\mspqm.sys
2001-08-07 02:53 37,376 ----a-w C:\WINDOWS\inf\uninst.exe
.

((((((((((((((((((((((((((((( snapshot_2007-12-08_20.01.07,77 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-07-06 09:52:38 72,960 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqac.sys
+ 2007-07-06 13:09:51 138,240 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqad.dll
+ 2007-07-06 13:09:51 47,104 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqdscli.dll
+ 2007-07-06 13:09:51 16,896 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqise.dll
+ 2007-07-06 13:09:51 660,992 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqqm.dll
+ 2007-07-06 13:09:51 177,152 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqrt.dll
+ 2007-07-06 13:09:51 95,744 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqsec.dll
+ 2007-07-06 13:09:51 48,640 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqupgrd.dll
+ 2007-07-06 13:09:51 527,360 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqutil.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB937894\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB937894\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\updspapi.dll
+ 2007-10-29 22:36:31 1,293,824 ----a-w C:\WINDOWS\$hf_mig$\KB941568\SP2QFE\quartz.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB941568\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB941568\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\updspapi.dll
+ 2007-10-10 23:22:14 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\advpack.dll
+ 2007-10-10 23:22:14 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\dxtrans.dll
+ 2007-10-10 23:22:14 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\extmgr.dll
+ 2007-10-10 23:22:14 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\icardie.dll
+ 2007-10-10 08:16:47 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ie4uinit.exe
+ 2007-10-10 23:22:14 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieakeng.dll
+ 2007-10-10 23:22:14 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieaksie.dll
+ 2007-10-10 05:47:20 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieapfltr.dat
+ 2007-10-10 23:22:14 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieapfltr.dll
+ 2007-10-10 23:22:15 388,096 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iedkcs32.dll
+ 2007-10-10 23:22:16 6,067,200 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieframe.dll
+ 2007-10-10 23:22:16 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iernonce.dll
+ 2007-10-10 23:22:16 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iertutil.dll
+ 2007-10-10 08:16:47 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieudinit.exe
+ 2007-10-10 08:16:56 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iexplore.exe
+ 2007-10-10 23:22:16 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\jsproxy.dll
+ 2007-10-10 23:22:16 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msfeeds.dll
+ 2007-10-10 23:22:16 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msfeedsbs.dll
+ 2007-10-30 23:40:57 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll
+ 2007-10-10 23:22:18 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mshtmled.dll
+ 2007-10-10 23:22:18 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msrating.dll
+ 2007-10-10 23:22:18 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mstime.dll
+ 2007-10-10 23:22:18 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\occache.dll
+ 2007-10-10 23:22:18 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\url.dll
+ 2007-10-10 23:22:19 1,162,240 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\urlmon.dll
+ 2007-10-10 23:22:19 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\webcheck.dll
+ 2007-10-10 23:22:19 825,344 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\updspapi.dll
+ 2007-11-13 11:02:46 60,416 ----a-w C:\WINDOWS\$hf_mig$\KB942763\SP2QFE\tzchange.exe
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\updspapi.dll
+ 2007-11-13 08:47:45 20,480 ----a-w C:\WINDOWS\$hf_mig$\KB944653\SP2QFE\secdrv.sys
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\updspapi.dll
+ 2007-08-20 09:59:29 124,928 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\advpack.dll
+ 2007-08-20 09:59:29 214,528 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\dxtrans.dll
+ 2007-08-20 09:59:29 132,608 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\extmgr.dll
+ 2007-08-20 09:59:29 63,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\icardie.dll
+ 2007-08-17 10:22:11 63,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ie4uinit.exe
+ 2007-08-20 09:59:29 153,088 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakeng.dll
+ 2007-08-20 09:59:29 230,400 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieaksie.dll
+ 2007-08-17 07:34:25 161,792 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakui.dll
+ 2007-08-20 09:59:29 383,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dll
+ 2007-08-20 09:59:29 384,512 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iedkcs32.dll
+ 2007-08-20 09:59:29 6,058,496 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieframe.dll
+ 2007-08-20 09:59:29 44,544 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iernonce.dll
+ 2007-08-20 09:59:30 267,776 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iertutil.dll
+ 2007-08-17 10:20:54 13,824 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieudinit.exe
+ 2007-08-17 10:22:32 625,152 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe
+ 2007-08-20 09:59:30 27,648 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\jsproxy.dll
+ 2007-08-20 09:59:30 459,264 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeeds.dll
+ 2007-08-20 09:59:30 52,224 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeedsbs.dll
+ 2007-08-20 14:29:32 3,584,512 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtml.dll
+ 2007-08-20 09:59:30 477,696 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtmled.dll
+ 2007-08-20 09:59:30 193,024 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msrating.dll
+ 2007-08-20 09:59:30 671,232 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mstime.dll
+ 2007-08-20 09:59:31 102,400 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\occache.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\updspapi.dll
+ 2007-08-20 09:59:31 105,984 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\url.dll
+ 2007-08-20 09:59:31 1,152,000 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\urlmon.dll
+ 2007-08-20 09:59:31 232,960 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\webcheck.dll
+ 2007-08-20 09:59:31 824,832 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
- 2007-11-14 19:28:35 593,920 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2007-12-13 09:35:48 593,920 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2007-11-14 19:28:35 12,288 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2007-12-13 09:35:48 12,288 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2007-11-14 19:28:36 86,016 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2007-12-13 09:35:48 86,016 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2007-11-14 19:28:34 135,168 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2007-12-13 09:35:47 135,168 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2007-11-14 19:28:36 11,264 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2007-12-13 09:35:48 11,264 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2007-11-14 19:28:36 27,136 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2007-12-13 09:35:49 27,136 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2007-11-14 19:28:36 4,096 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2007-12-13 09:35:49 4,096 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2007-11-14 19:28:37 794,624 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2007-12-13 09:35:49 794,624 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2007-11-14 19:28:35 249,856 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2007-12-13 09:35:48 249,856 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2007-11-14 19:28:35 61,440 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2007-12-13 09:35:47 61,440 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2007-11-14 19:28:37 23,040 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2007-12-13 09:35:49 23,040 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2007-11-14 19:28:34 286,720 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2007-12-13 09:35:47 286,720 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2007-11-14 19:28:34 409,600 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2007-12-13 09:35:46 409,600 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2007-08-20 09:59:29 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2007-10-10 23:49:42 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2007-08-20 09:59:29 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2007-10-10 23:49:42 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
- 2007-08-20 09:59:29 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2007-10-10 23:49:42 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2007-08-20 09:59:29 132,608 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2007-10-10 23:49:42 132,608 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2007-08-17 10:22:11 63,488 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2007-10-10 11:00:41 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2007-08-20 09:59:29 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2007-10-10 23:49:42 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2007-08-20 09:59:29 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2007-10-10 23:49:42 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2007-08-17 07:34:25 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2007-10-10 05:46:55 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2007-08-20 09:59:29 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2007-10-10 23:49:42 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2007-08-20 09:59:29 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2007-10-10 23:49:43 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2007-08-17 10:22:32 625,152 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2007-10-10 11:00:59 625,152 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2007-08-20 09:59:30 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2007-10-10 23:49:44 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2007-07-06 10:05:47 72,960 -c----w C:\WINDOWS\system32\dllcache\mqac.sys
+ 2007-07-06 12:50:47 138,240 -c----w C:\WINDOWS\system32\dllcache\mqad.dll
+ 2007-07-06 12:50:47 47,104 -c----w C:\WINDOWS\system32\dllcache\mqdscli.dll
+ 2007-07-06 12:50:47 16,896 -c----w C:\WINDOWS\system32\dllcache\mqise.dll
+ 2007-07-06 12:50:47 660,992 -c----w C:\WINDOWS\system32\dllcache\mqqm.dll
+ 2007-07-06 12:50:47 177,152 -c----w C:\WINDOWS\system32\dllcache\mqrt.dll
+ 2007-07-06 12:50:47 95,744 -c----w C:\WINDOWS\system32\dllcache\mqsec.dll
+ 2007-07-06 12:50:47 48,640 -c----w C:\WINDOWS\system32\dllcache\mqupgrd.dll
+ 2007-07-06 12:50:47 527,360 -c----w C:\WINDOWS\system32\dllcache\mqutil.dll
- 2007-08-20 14:29:32 3,584,512 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2007-10-30 23:23:48 3,590,656 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-08-20 09:59:30 477,696 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2007-10-10 23:49:44 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2007-08-20 09:59:30 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2007-10-10 23:49:44 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
- 2007-08-20 09:59:30 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2007-10-10 23:49:45 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
- 2007-08-20 09:59:31 102,400 -c----w C:\WINDOWS\system32\dllcache\occache.dll
+ 2007-10-10 23:49:45 102,400 -c----w C:\WINDOWS\system32\dllcache\occache.dll
+ 2007-10-29 22:43:32 1,293,824 -c----w C:\WINDOWS\system32\dllcache\quartz.dll
- 2007-08-20 09:59:31 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
+ 2007-10-10 23:49:45 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
- 2007-08-20 09:59:31 1,152,000 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2007-10-10 23:49:45 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2007-08-20 09:59:31 232,960 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2007-10-10 23:49:45 232,960 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2007-08-20 09:59:31 824,832 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2007-10-10 23:49:45 824,832 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
- 2006-10-18 19:47:18 222,208 -c--a-w C:\WINDOWS\system32\dllcache\WMASF.dll
+ 2007-10-25 08:28:30 222,720 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll
- 2004-08-03 20:58:22 72,960 ----a-w C:\WINDOWS\system32\drivers\mqac.sys
+ 2007-07-06 10:05:47 72,960 ----a-w C:\WINDOWS\system32\drivers\mqac.sys
- 2007-08-20 09:59:29 214,528 ------w C:\WINDOWS\system32\dxtrans.dll
+ 2007-10-10 23:49:42 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2007-08-20 09:59:29 132,608 ------w C:\WINDOWS\system32\extmgr.dll
+ 2007-10-10 23:49:42 132,608 ------w C:\WINDOWS\system32\extmgr.dll
- 2007-08-20 09:59:29 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2007-10-10 23:49:42 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2007-08-17 10:22:11 63,488 ------w C:\WINDOWS\system32\ie4uinit.exe
+ 2007-10-10 11:00:41 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
- 2007-08-20 09:59:29 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
+ 2007-10-10 23:49:42 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
- 2007-08-20 09:59:29 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
+ 2007-10-10 23:49:42 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
- 2007-08-17 07:34:25 161,792 ------w C:\WINDOWS\system32\ieakui.dll
+ 2007-10-10 05:46:55 161,792 ------w C:\WINDOWS\system32\ieakui.dll
- 2007-08-20 09:59:29 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2007-10-10 23:49:42 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2007-08-20 09:59:29 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
+ 2007-10-10 23:49:42 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
- 2007-08-20 09:59:29 6,058,496 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2007-10-10 23:49:43 6,065,664 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2007-08-20 09:59:29 44,544 ------w C:\WINDOWS\system32\iernonce.dll
+ 2007-10-10 23:49:43 44,544 ------w C:\WINDOWS\system32\iernonce.dll
- 2007-08-20 09:59:30 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2007-10-10 23:49:43 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2007-08-17 10:20:54 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2007-10-10 10:59:40 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2007-08-20 09:59:30 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
+ 2007-10-10 23:49:44 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
- 2004-08-19 14:09:32 138,240 ----a-w C:\WINDOWS\system32\mqad.dll
+ 2007-07-06 12:50:47 138,240 ----a-w C:\WINDOWS\system32\mqad.dll
- 2004-08-19 14:09:32 47,104 ----a-w C:\WINDOWS\system32\mqdscli.dll
+ 2007-07-06 12:50:47 47,104 ----a-w C:\WINDOWS\system32\mqdscli.dll
- 2004-08-19 14:09:32 16,896 ----a-w C:\WINDOWS\system32\mqise.dll
+ 2007-07-06 12:50:47 16,896 ----a-w C:\WINDOWS\system32\mqise.dll
- 2004-08-19 14:09:32 660,992 ----a-w C:\WINDOWS\system32\mqqm.dll
+ 2007-07-06 12:50:47 660,992 ----a-w C:\WINDOWS\system32\mqqm.dll
- 2004-08-19 14:09:32 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll
+ 2007-07-06 12:50:47 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll
- 2004-08-19 14:09:32 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll
+ 2007-07-06 12:50:47 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll
- 2004-08-19 14:09:34 48,640 ----a-w C:\WINDOWS\system32\mqupgrd.dll
+ 2007-07-06 12:50:47 48,640 ----a-w C:\WINDOWS\system32\mqupgrd.dll
- 2004-08-19 14:09:34 527,360 ----a-w C:\WINDOWS\system32\mqutil.dll
+ 2007-07-06 12:50:47 527,360 ----a-w C:\WINDOWS\system32\mqutil.dll
- 2007-11-02 07:12:57 18,238,072 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2007-12-02 23:00:05 18,684,536 ----a-w C:\WINDOWS\system32\MRT.exe
- 2007-08-20 09:59:30 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2007-10-10 23:49:44 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2007-08-20 09:59:30 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2007-10-10 23:49:44 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2007-08-20 14:29:32 3,584,512 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2007-10-30 23:23:48 3,590,656 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2007-08-20 09:59:30 477,696 ------w C:\WINDOWS\system32\mshtmled.dll
+ 2007-10-10 23:49:44 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2007-08-20 09:59:30 193,024 ------w C:\WINDOWS\system32\msrating.dll
+ 2007-10-10 23:49:44 193,024 ------w C:\WINDOWS\system32\msrating.dll
- 2007-08-20 09:59:30 671,232 ------w C:\WINDOWS\system32\mstime.dll
+ 2007-10-10 23:49:45 671,232 ------w C:\WINDOWS\system32\mstime.dll
- 2007-08-20 09:59:31 102,400 ------w C:\WINDOWS\system32\occache.dll
+ 2007-10-10 23:49:45 102,400 ------w C:\WINDOWS\system32\occache.dll
- 2007-07-18 12:42:22 60,416 ------w C:\WINDOWS\system32\tzchange.exe
+ 2007-11-13 11:31:11 60,416 ------w C:\WINDOWS\system32\tzchange.exe
- 2007-08-20 09:59:31 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2007-10-10 23:49:45 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2007-08-20 09:59:31 1,152,000 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2007-10-10 23:49:45 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2007-08-20 09:59:31 232,960 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2007-10-10 23:49:45 232,960 ----a-w C:\WINDOWS\system32\webcheck.dll
- 2007-08-20 09:59:31 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2007-10-10 23:49:45 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\flash]
@={AFCE5F03-76B3-92AE-630C-0ED5D3256EE8}
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Offline Files]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" []
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-04-03 23:29]
"DvdGrid"="C:\DOCUME~1\Emilien\APPLIC~1\KNOBCI~1\body way mail.exe" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15:09]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VSOCheckTask"="C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" [2005-07-08 18:18]
"VirusScan Online"="C:\Program Files\McAfee.com\VSO\mcvsshld.exe" [2005-08-10 12:49]
"OASClnt"="C:\Program Files\McAfee.com\VSO\oasclnt.exe" [2005-08-11 22:02]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [2005-09-22 18:29]
"MCUpdateExe"="C:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [2006-01-11 12:05]
"Zone Labs Client"="C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe" [2003-11-18 09:08]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-19 15:10 C:\WINDOWS\system32\rundll32.exe]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-07 15:55]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-08-06 21:35]
"SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2006-01-07 02:36]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-11-02 17:24]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 15:09]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio]
RunDll32 cmicnfg.cpl,CMICtrlWnd

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2004-08-19 15:09 15360 --a------ C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2005-05-11 23:12 49152 --a------ C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2007-09-07 15:55 267064 --a------ C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Online chin internet bolt]
C:\Documents and Settings\All Users\Application Data\Bags Plus Online Chin\Soap 16.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SsAAD.exe]
2006-01-07 02:36 81920 --a------ C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2007-07-12 03:00 132496 --a------ C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot


.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-11-27 20:43:46 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1331 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-14 21:04:13
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwClose

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-14 21:07:20
C:\ComboFix2.txt ... 2007-12-08 20:03
C:\ComboFix3.txt ... 2007-12-05 12:54
.
--- E O F ---

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:09:14, on 14/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Emilien\Bureau\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1614895754-776561741-725345543-1005\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'myriam')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 51 / 56
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
14 déc. 2007 à 21:50
salut,

comment ca va maintenant ?

fais ca encore

appuie simultanement sur la touche windows a droit de la barre d´espace (drapeau windows) et sur "e" ->une fois dans le post de travail click sur le disk c > program files >java ouvre le fichier java et click sur le fichier jre1.6.0_02 pour l´ouvrir puis ouvre le fichier bin et dedans tu recherche ceci : jucheck.exe tu double click dessus et effectue la mise a jour de java> tu veux la version 1.6.0_03
une fois la mise a jour effectuée tu va dans ajoute/suppression de program et tu supprime toutes les autres update de java, il ne doit te rester que celle que tu viens de faire : 1.6.0_03

ta version de acrobat reader n´est pas a jour non +, tu veux la version 8.1 derniere en date alors desinstale ta version par le panneau de configuration / ajoue et suppression de programme

et instale la derniere :

https://get2.adobe.com/reader/otherversions/

ou foxit plus léger :

https://www.clubic.com/telecharger-fiche13808-foxit-reader.html

fix ceci avec hijack this :

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

deux antispywares residents pour completer le tea timer de spybot :

spyware gard :

https://www.zebulon.fr/dossiers/securite/47-spywareguard.html

et

spywareblaster :

http://www.brightfort.com/spywareblaster.html

c´est un resident, il suffit de le mettre a jour de temps en temps car la version gratuite ne le fait pas toute seul , une fois installé et mis a jour tu mets toutes les protections sur "enable"

tuto : http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/question-spywareblaser-sujet_174747_1.htm

dis moi quoi @+
0
Réponse 52 / 56
emiliendiego Messages postés 45 Date d'inscription mardi 4 décembre 2007 Statut Membre Dernière intervention 19 janvier 2008 4
14 déc. 2007 à 22:58
ok j'ai tout telecharger et installer tout ce que tu m'as conseiller! J'espere que je n'aurai plus de probleme :p merci bcp bcp pour ton aide!
0
Réponse 53 / 56
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
14 déc. 2007 à 23:04
salut

comment va ton pc maintenant?

@+
0
Réponse 54 / 56
emiliendiego Messages postés 45 Date d'inscription mardi 4 décembre 2007 Statut Membre Dernière intervention 19 janvier 2008 4
16 déc. 2007 à 15:27
sava sauf que j'ai constamment des pages de internet explorer qui s'ouvre avec des pub d'anti-spyware ( ex : nettoyeur de pc ) je n'arrive pas le supprimer et sa revient assez souvent!

sais tu me dire ce que je dois faire ?
0
Réponse 55 / 56
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
19 déc. 2007 à 18:29
salut


je suis desole pour le delay je suis en vacances et il m est difficil de me connecter


fais ceci :

Fais un clic droit sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)

Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)

a+
0
Réponse 56 / 56
david1970 Messages postés 55 Date d'inscription dimanche 2 décembre 2007 Statut Membre Dernière intervention 5 janvier 2008
4 déc. 2007 à 21:19
desole j'aime pas ce trojan.virtumonde
-2