Sujet Précédent Sujet Suivant

Problème avec Bagle

Résolu
Puic Messages postés 85 Statut Membre -  
 Utilisateur anonyme -
Bonjour,

J'ai infecté comme un bleu mon pc et celui de ma copine avec Bagle...

Je m'occupe d'abord du premier pc : Bagle à évidemment commencé à désactiver avast et zone alarm et la connexion web.

J'ai utiliser Elibagla (Satinfo à fait une mise à jour avec le fichier que je leur ai envoyé) et combofix ainsi que Malware. Le souci est surtout que je n'ai plus de connexion internet même internet, il n'y a que msn et thunderbird qui arrive à se connecter.

Que puis je faire maintenant ?

PS : j'écris sous mac, je découvre donc veuillez pardonner les erreurs de manip ;-)

Voici les derniers rapports en date (Impossible d'éxécuter HijachThis)

Merci d'avance

ComboFix 08-10-22.05 - Puic 2008-10-23 19:50:32.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.700 [GMT 2:00]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\InfoSat.txt
C:\WINDOWS\system32\drivers\downld
C:\WINDOWS\system32\drivers\srosa.sys

.
((((((((((((((((((((((((((((( Fichiers crÈÈs du 2008-09-23 au 2008-10-23 ))))))))))))))))))))))))))))))))))))
.

2008-10-23 11:54 . 2004-08-19 16:09 116,736 --a--c--- C:\WINDOWS\system32\dllcache\xrxwiadr.dll
2008-10-23 11:54 . 2001-08-23 17:47 27,648 --a--c--- C:\WINDOWS\system32\dllcache\xrxftplt.exe
2008-10-23 11:54 . 2001-08-23 17:47 23,040 --a--c--- C:\WINDOWS\system32\dllcache\xrxwbtmp.dll
2008-10-23 11:54 . 2001-08-23 17:47 17,408 --a--c--- C:\WINDOWS\system32\dllcache\xrxscnui.dll
2008-10-23 11:54 . 2001-08-23 17:47 4,608 --a--c--- C:\WINDOWS\system32\dllcache\xrxflnch.exe
2008-10-23 11:53 . 2001-08-17 21:28 771,581 --a--c--- C:\WINDOWS\system32\dllcache\winacisa.sys
2008-10-23 11:53 . 2004-08-03 22:31 154,624 --a--c--- C:\WINDOWS\system32\dllcache\wlluc48.sys
2008-10-23 11:53 . 2001-08-23 17:47 99,865 --a--c--- C:\WINDOWS\system32\dllcache\xlog.exe
2008-10-23 11:53 . 2001-08-23 17:47 54,272 --a--c--- C:\WINDOWS\system32\dllcache\wiamsmud.dll
2008-10-23 11:53 . 2001-08-23 17:05 35,402 --a--c--- C:\WINDOWS\system32\dllcache\wlandrv2.sys
2008-10-23 11:53 . 2004-08-03 22:29 19,455 --a--c--- C:\WINDOWS\system32\dllcache\wvchntxx.sys
2008-10-23 11:53 . 2001-08-17 20:11 16,970 --a--c--- C:\WINDOWS\system32\dllcache\xem336n5.sys
2008-10-23 11:53 . 2004-08-03 22:29 12,063 --a--c--- C:\WINDOWS\system32\dllcache\wsiintxx.sys
2008-10-23 11:53 . 2004-08-19 16:09 8,192 --a--c--- C:\WINDOWS\system32\dllcache\wshirda.dll
2008-10-23 11:51 . 2001-08-17 21:28 794,654 --a--c--- C:\WINDOWS\system32\dllcache\usr1801.sys
2008-10-23 11:50 . 2001-08-23 17:47 525,568 --a--c--- C:\WINDOWS\system32\dllcache\tridxp.dll
2008-10-23 11:49 . 2001-08-17 22:01 241,664 --a--c--- C:\WINDOWS\system32\dllcache\tosdvd02.sys
2008-10-23 11:48 . 2001-08-23 16:57 286,848 --a--c--- C:\WINDOWS\system32\dllcache\stlnata.sys
2008-10-23 11:47 . 2001-08-23 17:47 114,688 --a--c--- C:\WINDOWS\system32\dllcache\sonypi.dll
2008-10-23 11:47 . 2001-08-23 17:47 106,584 --a--c--- C:\WINDOWS\system32\dllcache\spdports.dll
2008-10-23 11:47 . 2001-08-23 17:47 99,840 --a--c--- C:\WINDOWS\system32\dllcache\srusd.dll
2008-10-23 11:47 . 2001-08-17 21:51 61,824 --a--c--- C:\WINDOWS\system32\dllcache\speed.sys
2008-10-23 11:47 . 2001-08-17 20:11 48,736 --a--c--- C:\WINDOWS\system32\dllcache\srwlnd5.sys
2008-10-23 11:47 . 2001-08-17 20:51 37,040 --a--c--- C:\WINDOWS\system32\dllcache\sonypi.sys
2008-10-23 11:47 . 2001-08-23 17:47 24,660 --a--c--- C:\WINDOWS\system32\dllcache\spxupchk.dll
2008-10-23 11:47 . 2001-08-17 20:51 20,752 --a--c--- C:\WINDOWS\system32\dllcache\sonync.sys
2008-10-23 11:47 . 2001-08-17 22:07 19,072 --a--c--- C:\WINDOWS\system32\dllcache\sparrow.sys
2008-10-23 11:47 . 2001-08-23 16:57 17,024 --a--c--- C:\WINDOWS\system32\dllcache\stcusb.sys
2008-10-23 11:47 . 2001-08-17 21:53 9,600 --a--c--- C:\WINDOWS\system32\dllcache\sonymc.sys
2008-10-23 11:47 . 2004-08-03 23:00 7,552 --a--c--- C:\WINDOWS\system32\dllcache\sonyait.sys
2008-10-23 11:47 . 2001-08-17 21:53 7,040 --a--c--- C:\WINDOWS\system32\dllcache\snyaitmc.sys
2008-10-23 11:45 . 2004-08-19 16:09 286,792 --a--c--- C:\WINDOWS\system32\dllcache\slextspk.dll
2008-10-23 11:44 . 2001-08-23 17:46 386,560 --a--c--- C:\WINDOWS\system32\dllcache\sgiul50.dll
2008-10-23 11:44 . 2001-08-23 17:21 161,664 --a--c--- C:\WINDOWS\system32\dllcache\sgsmusb.sys
2008-10-23 11:44 . 2001-08-17 20:51 98,080 --a--c--- C:\WINDOWS\system32\dllcache\sgiulnt5.sys
2008-10-23 11:44 . 2001-08-17 20:19 36,480 --a--c--- C:\WINDOWS\system32\dllcache\sfmanm.sys
2008-10-23 11:44 . 2001-08-23 17:20 18,432 --a--c--- C:\WINDOWS\system32\dllcache\sermouse.sys
2008-10-23 11:44 . 2001-07-21 22:29 18,400 --a--c--- C:\WINDOWS\system32\dllcache\sgsmld.sys
2008-10-23 11:44 . 2001-08-23 17:20 17,536 --a--c--- C:\WINDOWS\system32\dllcache\scr111.sys
2008-10-23 11:44 . 2001-08-17 21:52 11,648 --a--c--- C:\WINDOWS\system32\dllcache\scsiprnt.sys
2008-10-23 11:44 . 2001-08-17 21:53 10,880 --a--c--- C:\WINDOWS\system32\dllcache\scsiscan.sys
2008-10-23 11:44 . 2001-08-23 17:20 6,912 --a--c--- C:\WINDOWS\system32\dllcache\serscan.sys
2008-10-23 11:44 . 2001-08-17 21:53 6,912 --a--c--- C:\WINDOWS\system32\dllcache\seaddsmc.sys
2008-10-23 11:42 . 2004-08-19 16:09 397,056 --a--c--- C:\WINDOWS\system32\dllcache\s3gnb.dll
2008-10-23 11:41 . 2001-08-23 17:18 899,914 --a--c--- C:\WINDOWS\system32\dllcache\r2mdkxga.sys
2008-10-23 11:40 . 2004-08-19 16:08 259,328 --a--c--- C:\WINDOWS\system32\dllcache\perm3dd.dll
2008-10-23 11:39 . 2001-08-17 22:05 351,616 --a--c--- C:\WINDOWS\system32\dllcache\ovcodek2.sys
2008-10-23 11:38 . 2004-08-19 16:09 4,274,816 --a--c--- C:\WINDOWS\system32\dllcache\nv4_disp.dll
2008-10-23 11:37 . 2004-08-19 16:03 132,695 --a--c--- C:\WINDOWS\system32\dllcache\netwlan5.sys
2008-10-23 11:37 . 2001-08-17 20:20 126,080 --a--c--- C:\WINDOWS\system32\dllcache\nm5a2wdm.sys
2008-10-23 11:37 . 2001-08-23 17:46 91,488 --a--c--- C:\WINDOWS\system32\dllcache\n9i3disp.dll
2008-10-23 11:37 . 2001-08-17 20:20 87,040 --a--c--- C:\WINDOWS\system32\dllcache\nm6wdm.sys
2008-10-23 11:37 . 2001-08-23 17:10 66,302 --a--c--- C:\WINDOWS\system32\dllcache\netflx3.sys
2008-10-23 11:37 . 2001-08-23 17:46 60,480 --a--c--- C:\WINDOWS\system32\dllcache\neo20xx.dll
2008-10-23 11:37 . 2001-08-17 20:50 39,264 --a--c--- C:\WINDOWS\system32\dllcache\neo20xx.sys
2008-10-23 11:37 . 2001-08-17 20:12 32,840 --a--c--- C:\WINDOWS\system32\dllcache\ngrpci.sys
2008-10-23 11:37 . 2004-08-03 23:00 28,672 --a--c--- C:\WINDOWS\system32\dllcache\nscirda.sys
2008-10-23 11:37 . 2001-08-17 21:49 15,872 --a--c--- C:\WINDOWS\system32\dllcache\ne2000.sys
2008-10-23 11:37 . 2001-08-23 17:11 9,472 --a--c--- C:\WINDOWS\system32\dllcache\ntapm.sys
2008-10-23 11:37 . 2001-08-17 21:53 7,552 --a--c--- C:\WINDOWS\system32\dllcache\nsmmc.sys
2008-10-23 11:35 . 2004-08-03 23:10 51,328 --a--c--- C:\WINDOWS\system32\dllcache\msdv.sys
2008-10-23 11:35 . 2004-08-03 23:10 49,024 --a--c--- C:\WINDOWS\system32\dllcache\mstape.sys
2008-10-23 11:35 . 2001-08-17 22:02 35,200 --a--c--- C:\WINDOWS\system32\dllcache\msgame.sys
2008-10-23 11:35 . 2004-08-03 23:00 22,016 --a--c--- C:\WINDOWS\system32\dllcache\msircomm.sys
2008-10-23 11:35 . 2001-08-17 21:52 17,280 --a--c--- C:\WINDOWS\system32\dllcache\mraid35x.sys
2008-10-23 11:35 . 2001-08-17 21:48 12,416 --a--c--- C:\WINDOWS\system32\dllcache\msriffwv.sys
2008-10-23 11:35 . 2001-08-17 21:48 6,016 --a--c--- C:\WINDOWS\system32\dllcache\msfsio.sys
2008-10-23 11:35 . 2001-08-17 22:00 2,944 --a--c--- C:\WINDOWS\system32\dllcache\msmpu401.sys
2008-10-23 11:34 . 2001-08-23 17:03 320,384 --a--c--- C:\WINDOWS\system32\dllcache\mgaum.sys
2008-10-23 11:34 . 2001-08-23 17:46 235,648 --a--c--- C:\WINDOWS\system32\dllcache\mgaud.dll
2008-10-23 11:34 . 2001-08-23 17:02 165,066 --a--c--- C:\WINDOWS\system32\dllcache\mdgndis5.sys
2008-10-23 11:34 . 2001-08-23 17:47 47,616 --a--c--- C:\WINDOWS\system32\dllcache\memgrp.dll
2008-10-23 11:34 . 2004-08-03 23:00 26,112 --a--c--- C:\WINDOWS\system32\dllcache\memstpci.sys
2008-10-23 11:34 . 2001-08-17 21:57 16,128 --a--c--- C:\WINDOWS\system32\dllcache\modemcsa.sys
2008-10-23 11:34 . 2001-08-17 21:58 8,320 --a--c--- C:\WINDOWS\system32\dllcache\memcard.sys
2008-10-23 11:34 . 2001-08-17 21:52 7,424 --a--c--- C:\WINDOWS\system32\dllcache\mammoth.sys
2008-10-23 11:34 . 2001-08-17 21:52 6,528 --a--c--- C:\WINDOWS\system32\dllcache\miniqic.sys
2008-10-23 11:32 . 2001-08-23 17:47 242,688 --a--c--- C:\WINDOWS\system32\dllcache\kdsusd.dll
2008-10-23 11:32 . 2001-08-23 17:47 46,080 --a--c--- C:\WINDOWS\system32\dllcache\kdsui.dll
2008-10-23 11:32 . 2001-08-23 17:47 37,888 --a--c--- C:\WINDOWS\system32\dllcache\kousd.dll
2008-10-23 11:32 . 2001-08-17 20:12 19,016 --a--c--- C:\WINDOWS\system32\dllcache\ktc111.sys
2008-10-23 11:32 . 2001-08-23 17:47 8,704 --a--c--- C:\WINDOWS\system32\dllcache\kbdjpn.dll
2008-10-23 11:32 . 2001-08-23 17:47 8,192 --a--c--- C:\WINDOWS\system32\dllcache\kbdkor.dll
2008-10-23 11:32 . 2001-08-17 22:55 6,144 --a--c--- C:\WINDOWS\system32\dllcache\kbd106.dll
2008-10-23 11:32 . 2001-08-17 22:55 6,144 --a--c--- C:\WINDOWS\system32\dllcache\kbd101c.dll
2008-10-23 11:32 . 2001-08-17 22:55 6,144 --a--c--- C:\WINDOWS\system32\dllcache\kbd101b.dll
2008-10-23 11:32 . 2001-08-17 22:55 5,632 --a--c--- C:\WINDOWS\system32\dllcache\kbd103.dll
2008-10-23 11:30 . 2004-08-19 16:09 702,845 --a--c--- C:\WINDOWS\system32\dllcache\i81xdnt5.dll
2008-10-23 11:29 . 2004-08-03 22:41 1,041,536 --a--c--- C:\WINDOWS\system32\dllcache\hsfdpsp2.sys
2008-10-23 11:28 . 2001-08-23 17:47 324,608 --a--c--- C:\WINDOWS\system32\dllcache\hpojwia.dll
2008-10-23 11:27 . 2001-08-23 17:46 1,733,120 --a--c--- C:\WINDOWS\system32\dllcache\g400d.dll
2008-10-23 11:26 . 2001-08-17 20:15 455,680 --a--c--- C:\WINDOWS\system32\dllcache\fus2base.sys
2008-10-23 11:26 . 2001-08-17 20:15 455,296 --a--c--- C:\WINDOWS\system32\dllcache\fusbbase.sys
2008-10-23 11:26 . 2001-08-17 20:14 444,416 --a--c--- C:\WINDOWS\system32\dllcache\fpcibase.sys
2008-10-23 11:26 . 2001-08-17 20:15 442,240 --a--c--- C:\WINDOWS\system32\dllcache\fpnpbase.sys
2008-10-23 11:26 . 2001-08-17 20:14 441,728 --a--c--- C:\WINDOWS\system32\dllcache\fpcmbase.sys
2008-10-23 11:26 . 2001-08-23 17:47 92,672 --a--c--- C:\WINDOWS\system32\dllcache\fuusd.dll
2008-10-23 11:26 . 2001-08-23 17:47 72,192 --a--c--- C:\WINDOWS\system32\dllcache\fnfilter.dll
2008-10-23 11:26 . 2004-08-03 22:31 34,173 --a--c--- C:\WINDOWS\system32\dllcache\forehe.sys
2008-10-23 11:26 . 2001-08-17 20:13 27,165 --a--c--- C:\WINDOWS\system32\dllcache\fetnd5.sys
2008-10-23 11:26 . 2001-08-17 20:12 24,618 --a--c--- C:\WINDOWS\system32\dllcache\fa410nd5.sys
2008-10-23 11:26 . 2001-08-17 20:10 22,090 --a--c--- C:\WINDOWS\system32\dllcache\fem556n5.sys
2008-10-23 11:24 . 2001-08-23 17:16 630,016 --a--c--- C:\WINDOWS\system32\dllcache\eqn.sys
2008-10-23 11:23 . 2001-08-23 17:13 634,166 --a--c--- C:\WINDOWS\system32\dllcache\el656ct5.sys
2008-10-23 11:22 . 2001-08-17 20:14 952,007 --a--c--- C:\WINDOWS\system32\dllcache\diwan.sys
2008-10-23 11:21 . 2001-08-23 17:47 622,621 --a--c--- C:\WINDOWS\system32\dllcache\digiview.exe
2008-10-23 11:20 . 2001-08-23 17:47 256,512 --a--c--- C:\WINDOWS\system32\dllcache\devcon32.dll
2008-10-23 11:19 . 2004-08-19 16:09 252,416 --a--c--- C:\WINDOWS\system32\dllcache\ctmasetp.dll
2008-10-23 11:18 . 2001-08-17 21:57 248,064 --a--c--- C:\WINDOWS\system32\dllcache\cl546xm.sys
2008-10-23 11:17 . 2001-08-23 17:04 980,034 --a--c--- C:\WINDOWS\system32\dllcache\cicap.sys
2008-10-23 11:16 . 2001-08-17 22:05 314,752 --a--c--- C:\WINDOWS\system32\dllcache\camdro21.sys
2008-10-23 11:15 . 2001-08-23 17:46 81,920 --a--c--- C:\WINDOWS\system32\dllcache\brmfcwia.dll
2008-10-23 11:14 . 2001-08-17 21:28 871,388 --a--c--- C:\WINDOWS\system32\dllcache\bcmdm.sys
2008-10-23 11:13 . 2001-08-23 16:59 289,920 --a--c--- C:\WINDOWS\system32\dllcache\atimpab.sys
2008-10-23 11:12 . 2004-08-19 16:09 870,784 --a--c--- C:\WINDOWS\system32\dllcache\ati3d1ag.dll
2008-10-23 11:11 . 2001-08-17 20:19 747,392 --a--c--- C:\WINDOWS\system32\dllcache\adm8830.sys
2008-10-23 11:10 . 2001-08-17 21:28 762,780 --a--c--- C:\WINDOWS\system32\dllcache\3cwmcru.sys
2008-10-23 11:09 . 2001-08-23 17:46 66,048 --a--c--- C:\WINDOWS\system32\dllcache\s3legacy.dll
2008-10-23 09:26 . 2008-10-23 09:26 <REP> d-------- C:\Muestras
2008-10-22 22:48 . 2008-10-22 21:40 57,867 --a------ C:\mdelk.exe
2008-10-22 22:29 . 2008-10-22 22:29 <REP> d-------- C:\Documents and Settings\Puic\Application Data\Malwarebytes
2008-10-22 22:28 . 2008-10-22 22:29 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-22 22:28 . 2008-10-22 22:28 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-22 22:28 . 2008-10-16 20:25 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-22 22:28 . 2008-10-16 20:25 15,504 --a------ C:\WINDOWS\system32\drivers\mbam.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-23 17:42 --------- d-----w C:\Documents and Settings\Puic\Application Data\Free Download Manager
2008-10-23 12:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-10-23 12:13 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-10-22 18:33 --------- d-----w C:\Program Files\a-squared Free
2008-10-22 14:45 --------- d-----w C:\Documents and Settings\Puic\Application Data\SiteAdvisor
2008-10-22 12:40 --------- d-----w C:\Documents and Settings\Puic\Application Data\uTorrent
2008-10-22 12:35 --------- d-----w C:\Documents and Settings\Puic\Application Data\FileZilla
2008-10-10 18:39 577,024 ----a-w C:\WINDOWS\Internet Logs\xDB7.tmp
2008-10-10 00:08 63,488 ----a-w C:\WINDOWS\Internet Logs\xDB6.tmp
2008-10-07 22:15 165,888 ----a-w C:\WINDOWS\Internet Logs\xDB5.tmp
2008-10-02 07:39 64,000 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp
2008-10-02 07:39 1,332,224 ----a-w C:\WINDOWS\Internet Logs\xDB4.tmp
2008-09-30 18:20 96,256 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp
2008-09-29 22:26 152,064 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
2008-09-20 09:15 --------- d-----w C:\Documents and Settings\Puic\Application Data\Samsung
2008-09-20 08:54 --------- d-----w C:\Program Files\Free Download Manager
2008-09-20 08:52 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-20 08:52 --------- d-----w C:\Program Files\Samsung
2008-09-18 18:06 --------- d-----w C:\Program Files\Lavasoft
2008-09-18 18:04 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-09-17 23:10 --------- d-----w C:\Program Files\PictureMover
2008-09-17 23:10 --------- d-----w C:\Documents and Settings\Puic\Application Data\PictureMover
2008-09-17 23:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\PictureMover
2008-09-17 14:42 --------- d-----w C:\Program Files\Eurobarre
2008-09-13 19:43 --------- d-----w C:\Program Files\uTorrent
2008-09-13 10:25 --------- d-----w C:\Program Files\Siber Systems
2008-09-13 10:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\RoboForm
2008-09-12 17:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-09-07 09:18 --------- d-----w C:\Program Files\Visicom Media
2008-09-05 13:42 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-09-05 11:13 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-09-05 11:09 --------- d-----w C:\Program Files\Namo
2008-09-05 08:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-04 22:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-09-04 21:38 --------- d-----w C:\Documents and Settings\Puic\Application Data\KompoZer
2008-09-04 19:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-09-04 19:47 --------- d-----w C:\Program Files\Bonjour
2008-09-03 18:49 --------- d-----w C:\Documents and Settings\Puic\Application Data\Image Zone Express
2008-08-31 22:08 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-08-25 13:33 --------- d-----w C:\Program Files\EasyPHP 2.0b1
2008-08-25 13:32 --------- d-----w C:\Program Files\Panda Security
2008-06-09 13:08 15,397 ----a-w C:\Program Files\settings.dat
2008-05-08 20:16 16,384 --sha-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
2008-05-08 20:16 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
2008-05-08 20:16 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008050820080509\index.dat
2008-05-08 20:16 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.

------- Sigcheck -------

2007-11-26 19:14 2222080 7b069231b2a5c6bbb0452bc7a96aaf23 C:\WINDOWS\explorer.exe
2008-04-14 04:34 1037824 f2317622d29f9ff0f88aeecd5f60f0dd C:\WINDOWS\SoftwareDistribution\Download\23ec66f2314a80d718b5483ab6e865af\explorer.exe
.
((((((((((((((((((((((((((((( snapshot@2008-10-23_11.24.32.07 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-10-22 22:38:24 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB896256\update\update.exe
+ 2008-10-23 13:17:33 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB896256\update\update.exe
- 2008-10-22 22:38:27 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB922120\update\update.exe
+ 2008-10-23 13:17:36 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB922120\update\update.exe
- 2008-10-22 22:38:30 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB931836\update\update.exe
+ 2008-10-23 13:17:39 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB931836\update\update.exe
- 2008-10-22 22:38:32 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB933360\update\update.exe
+ 2008-10-23 13:17:42 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB933360\update\update.exe
- 2008-10-22 22:38:37 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\update.exe
+ 2008-10-23 13:17:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\update.exe
- 2008-10-22 22:38:40 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB938464\update\update.exe
+ 2008-10-23 13:17:48 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB938464\update\update.exe
- 2008-10-22 22:38:58 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\update\update.exe
+ 2008-10-23 13:17:55 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\update\update.exe
- 2008-10-22 22:39:02 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\update.exe
+ 2008-10-23 13:17:58 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\update.exe
- 2008-10-22 22:39:04 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\update.exe
+ 2008-10-23 13:18:00 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\update.exe
- 2008-10-22 22:39:08 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944338-v2\update\update.exe
+ 2008-10-23 13:18:03 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944338-v2\update\update.exe
- 2008-10-22 22:38:20 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\update.exe
+ 2008-10-23 13:18:05 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\update.exe
- 2008-10-22 22:39:11 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\update.exe
+ 2008-10-23 13:18:08 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\update.exe
- 2008-10-22 22:39:14 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\update.exe
+ 2008-10-23 13:18:10 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\update.exe
- 2008-10-22 22:39:21 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\update.exe
+ 2008-10-23 13:18:15 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\update.exe
- 2008-10-22 22:39:24 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\update.exe
+ 2008-10-23 13:18:17 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\update.exe
- 2008-10-22 22:39:28 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\update.exe
+ 2008-10-23 13:18:20 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\update.exe
- 2008-10-22 22:39:31 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\update.exe
+ 2008-10-23 13:18:22 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\update.exe
- 2008-10-22 22:39:34 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951066\update\update.exe
+ 2008-10-23 13:18:25 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951066\update\update.exe
- 2008-10-22 22:39:37 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\update.exe
+ 2008-10-23 13:18:28 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\update.exe
- 2008-10-22 22:39:41 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\update.exe
+ 2008-10-23 13:18:31 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\update.exe
- 2008-10-22 22:39:46 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\update.exe
+ 2008-10-23 13:18:34 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\update.exe
- 2008-10-22 22:39:50 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB952287\update\update.exe
+ 2008-10-23 13:18:38 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB952287\update\update.exe
- 2008-10-22 22:39:53 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\update.exe
+ 2008-10-23 13:18:40 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\update.exe
- 2008-10-22 22:39:56 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB953839\update\update.exe
+ 2008-10-23 13:18:43 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB953839\update\update.exe
+ 2003-03-24 13:52:04 20,540 ----a-w C:\WINDOWS\LastGood\system32\dllcache\admin.dll
+ 2003-03-24 13:52:04 16,439 ----a-w C:\WINDOWS\LastGood\system32\dllcache\admin.exe
+ 2004-08-19 16:09:19 43,520 ----a-w C:\WINDOWS\LastGood\system32\dllcache\admwprox.dll
+ 2004-08-19 16:09:19 290,816 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adsiis51.dll
+ 2003-03-24 13:52:04 20,540 ----a-w C:\WINDOWS\LastGood\system32\dllcache\author.dll
+ 2003-03-24 13:52:04 16,439 ----a-w C:\WINDOWS\LastGood\system32\dllcache\author.exe
+ 2003-03-24 13:52:04 188,480 ----a-w C:\WINDOWS\LastGood\system32\dllcache\cfgwiz.exe
+ 2004-08-19 16:09:21 47,104 ----a-w C:\WINDOWS\LastGood\system32\dllcache\coadmin.dll
+ 2004-05-12 22:39:48 184,435 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4amsft.dll
+ 2003-03-24 13:52:04 82,035 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4anscp.dll
+ 2003-03-24 13:52:04 147,513 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4apws.dll
+ 2003-03-24 13:52:04 49,210 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4areg.dll
+ 2003-03-24 13:52:04 102,509 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4atxt.dll
+ 2003-03-24 13:52:04 41,020 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4avnb.dll
+ 2003-03-24 13:52:04 32,826 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4avss.dll
+ 2003-03-24 13:52:04 49,212 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4awebs.dll
+ 2004-05-12 22:39:48 876,653 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4awel.dll
+ 2002-05-14 11:08:54 14,608 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp98sadm.exe
+ 2002-05-14 11:08:54 109,328 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp98swin.exe
+ 2003-03-24 13:52:04 188,494 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fpcount.exe
+ 2003-03-24 13:52:04 20,541 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fpexedll.dll
+ 2004-05-12 22:39:48 598,071 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fpmmc.dll
+ 2003-04-14 18:29:34 217,088 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fpmmcsat.dll
+ 2003-03-24 13:52:04 20,538 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fpremadm.exe
+ 2002-09-06 19:59:59 6,144 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ftpsapi2.dll
+ 2004-08-19 16:09:27 68,608 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisext51.dll
+ 2004-08-19 16:09:27 64,512 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iismap.dll
+ 2002-09-06 19:59:59 14,848 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisreset.exe
+ 2002-09-06 19:59:59 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisrstap.dll
+ 2004-08-19 16:09:55 31,232 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisrstas.exe
+ 2004-08-19 16:09:27 133,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisrtl.dll
+ 2002-09-06 19:59:59 173,056 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisui.dll
+ 2004-08-19 16:09:29 842,240 ----a-w C:\WINDOWS\LastGood\system32\dllcache\inetmgr.dll
+ 2002-09-06 19:59:59 7,680 ----a-w C:\WINDOWS\LastGood\system32\dllcache\inetmgr.exe
+ 2002-09-06 19:59:59 19,968 ----a-w C:\WINDOWS\LastGood\system32\dllcache\inetsloc.dll
+ 2004-08-19 16:09:29 13,312 ----a-w C:\WINDOWS\LastGood\system32\dllcache\infoadmn.dll
+ 2004-08-19 16:09:31 68,608 ----a-w C:\WINDOWS\LastGood\system32\dllcache\isatq.dll
+ 2006-10-30 13:39:53 2,138,112 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ntkrnlmp.exe
+ 2001-08-23 15:46:46 66,048 ----a-w C:\WINDOWS\LastGood\system32\dllcache\s3legacy.dll
+ 2003-03-24 13:52:04 20,536 ----a-w C:\WINDOWS\LastGood\system32\dllcache\shtml.dll
+ 2003-03-24 13:52:04 16,437 ----a-w C:\WINDOWS\LastGood\system32\dllcache\shtml.exe
+ 2004-08-19 16:09:41 189,440 ----a-w C:\WINDOWS\LastGood\system32\dllcache\smtpadm.dll
+ 2004-08-19 16:09:43 2,134,528 ----a-w C:\WINDOWS\LastGood\system32\dllcache\smtpsnap.dll
+ 2004-08-19 16:09:45 8,192 ----a-w C:\WINDOWS\LastGood\system32\dllcache\staxmem.dll
+ 2007-11-25 16:35:06 1,548,288 ----a-w C:\WINDOWS\LastGood\system32\sfcfiles.dll
- 2008-10-22 22:41:40 767,352 ----a-w C:\WINDOWS\SoftwareDistribution\Download\1abbf7c00bc08e0ffcd2d1ef66130fa0\update\update.exe
- 2008-10-22 22:48:07 74,240 ----a-w C:\WINDOWS\SoftwareDistribution\Download\23ec66f2314a80d718b5483ab6e865af\sysinfo.exe
- 2008-10-22 22:51:12 767,352 ----a-w C:\WINDOWS\SoftwareDistribution\Download\23ec66f2314a80d718b5483ab6e865af\update\update.exe
- 2008-10-22 22:41:35 727,776 ----a-w C:\WINDOWS\SoftwareDistribution\Download\65ef6a0ce10a9f2141fa97052b3d85fe\update\update.exe
- 2008-10-22 22:41:34 727,776 ----a-w C:\WINDOWS\SoftwareDistribution\Download\e6d0ad037049e80c652668865605c542\update\update.exe
+ 2004-08-03 23:10:07 53,248 -c--a-w C:\WINDOWS\system32\dllcache\1394bus.sys
+ 2001-08-17 20:06:48 11,264 -c--a-w C:\WINDOWS\system32\dllcache\1394vdbg.sys
+ 2001-08-23 15:46:44 689,216 -c--a-w C:\WINDOWS\system32\dllcache\3dfxvs.dll
+ 2001-08-17 18:48:32 148,352 -c--a-w C:\WINDOWS\system32\dllcache\3dfxvsm.sys
+ 2004-08-03 21:00:04 12,288 -c--a-w C:\WINDOWS\system32\dllcache\4mmdat.sys
+ 2004-08-03 21:10:12 48,128 -c--a-w C:\WINDOWS\system32\dllcache\61883.sys
+ 2001-08-23 15:46:44 38,400 -c--a-w C:\WINDOWS\system32\dllcache\8514a.dll
+ 2001-08-23 15:46:58 98,304 -c--a-w C:\WINDOWS\system32\dllcache\a3d.dll
+ 2001-08-23 15:46:58 462,848 -c--a-w C:\WINDOWS\system32\dllcache\a3dapi.dll
+ 2001-08-17 19:52:00 23,552 -c--a-w C:\WINDOWS\system32\dllcache\abp480n5.sys
+ 2004-08-03 20:32:22 231,552 -c--a-w C:\WINDOWS\system32\dllcache\ac97ali.sys
+ 2001-08-17 18:20:04 96,256 -c--a-w C:\WINDOWS\system32\dllcache\ac97intc.sys
+ 2001-08-17 18:20:16 297,728 -c--a-w C:\WINDOWS\system32\dllcache\ac97sis.sys
+ 2004-08-03 20:32:32 84,480 -c--a-w C:\WINDOWS\system32\dllcache\ac97via.sys
+ 2001-08-23 15:46:58 61,952 -c--a-w C:\WINDOWS\system32\dllcache\acerscad.dll
+ 2004-08-19 15:51:55 188,672 -c--a-w C:\WINDOWS\system32\dllcache\acpi.sys
+ 2002-09-06 19:59:59 12,032 -c--a-w C:\WINDOWS\system32\dllcache\acpiec.sys
+ 2001-08-17 19:53:02 7,424 -c--a-w C:\WINDOWS\system32\dllcache\adicvls.sys
+ 2001-08-17 18:11:18 20,160 -c--a-w C:\WINDOWS\system32\dllcache\adm8511.sys
+ 2001-08-17 18:19:10 584,448 -c--a-w C:\WINDOWS\system32\dllcache\adm8810.sys
+ 2001-08-17 18:19:14 553,984 -c--a-w C:\WINDOWS\system32\dllcache\adm8820.sys
+ 2004-08-03 20:32:24 10,880 -c--a-w C:\WINDOWS\system32\dllcache\admjoy.sys
+ 2001-08-17 18:11:16 46,112 -c--a-w C:\WINDOWS\system32\dllcache\adptsf50.sys
+ 2001-08-17 20:07:32 101,888 -c--a-w C:\WINDOWS\system32\dllcache\adpu160m.sys
+ 2004-08-19 14:09:20 4,255 -c--a-w C:\WINDOWS\system32\dllcache\adv01nt5.dll
+ 2004-08-19 14:09:20 3,967 -c--a-w C:\WINDOWS\system32\dllcache\adv02nt5.dll
+ 2004-08-19 14:09:20 3,615 -c--a-w C:\WINDOWS\system32\dllcache\adv05nt5.dll
+ 2004-08-19 14:09:20 3,647 -c--a-w C:\WINDOWS\system32\dllcache\adv07nt5.dll
+ 2004-08-19 14:09:20 3,135 -c--a-w C:\WINDOWS\system32\dllcache\adv08nt5.dll
+ 2004-08-19 14:09:20 3,711 -c--a-w C:\WINDOWS\system32\dllcache\adv09nt5.dll
+ 2004-08-19 14:09:20 3,775 -c--a-w C:\WINDOWS\system32\dllcache\adv11nt5.dll
+ 2006-02-14 23:22:26 142,464 -c--a-w C:\WINDOWS\system32\dllcache\aec.sys
+ 2004-08-03 21:07:42 42,368 -c--a-w C:\WINDOWS\system32\dllcache\agp440.sys
+ 2004-08-03 21:07:44 44,928 -c--a-w C:\WINDOWS\system32\dllcache\agpcpq.sys
+ 2001-08-17 19:52:02 12,800 -c--a-w C:\WINDOWS\system32\dllcache\aha154x.sys
+ 2001-08-17 20:07:36 55,168 -c--a-w C:\WINDOWS\system32\dllcache\aic78u2.sys
+ 2001-08-17 20:07:38 56,960 -c--a-w C:\WINDOWS\system32\dllcache\aic78xx.sys
+ 2001-08-17 18:11:18 27,678 -c--a-w C:\WINDOWS\system32\dllcache\ali5261.sys
+ 2001-08-17 19:49:02 26,624 -c--a-w C:\WINDOWS\system32\dllcache\alifir.sys
+ 2001-08-17 19:51:56 5,248 -c--a-w C:\WINDOWS\system32\dllcache\aliide.sys
+ 2004-08-03 21:07:42 42,752 -c--a-w C:\WINDOWS\system32\dllcache\alim1541.sys
+ 2001-08-17 18:11:20 16,969 -c--a-w C:\WINDOWS\system32\dllcache\amb8002.sys
+ 2004-08-03 21:07:44 43,008 -c--a-w C:\WINDOWS\system32\dllcache\amdagp.sys
+ 2007-11-25 16:34:45 41,216 -c--a-w C:\WINDOWS\system32\dllcache\amdk6.sys
+ 2007-11-25 16:34:45 41,600 -c--a-w C:\WINDOWS\system32\dllcache\amdk7.sys
+ 2001-08-17 19:52:04 12,032 -c--a-w C:\WINDOWS\system32\dllcache\amsint.sys
+ 2004-08-03 20:31:20 36,224 -c--a-w C:\WINDOWS\system32\dllcache\an983.sys
+ 2001-08-17 19:47:22 6,272 -c--a-w C:\WINDOWS\system32\dllcache\apmbatt.sys
+ 2007-11-25 16:34:45 60,800 -c--a-w C:\WINDOWS\system32\dllcache\arp1394.sys
+ 2001-08-17 19:52:00 26,496 -c--a-w C:\WINDOWS\system32\dllcache\asc.sys
+ 2001-08-17 19:52:04 22,400 -c--a-w C:\WINDOWS\system32\dllcache\asc3350p.sys
+ 2001-08-17 19:51:58 14,848 -c--a-w C:\WINDOWS\system32\dllcache\asc3550.sys
+ 2001-08-17 18:12:34 97,354 -c--a-w C:\WINDOWS\system32\dllcache\aspndis3.sys
+ 2007-11-25 16:09:59 95,616 -c--a-w C:\WINDOWS\system32\dllcache\atapi.sys
+ 2001-08-23 15:46:44 96,128 -c--a-w C:\WINDOWS\system32\dllcache\ati.dll
+ 2001-08-23 14:59:32 77,824 -c--a-w C:\WINDOWS\system32\dllcache\ati.sys
+ 2004-08-03 20:29:30 56,623 -c--a-w C:\WINDOWS\system32\dllcache\ati1btxx.sys
+ 2004-08-03 20:29:30 11,615 -c--a-w C:\WINDOWS\system32\dllcache\ati1mdxx.sys
+ 2004-08-03 20:29:30 12,047 -c--a-w C:\WINDOWS\system32\dllcache\ati1pdxx.sys
+ 2004-08-03 20:29:32 30,671 -c--a-w C:\WINDOWS\system32\dllcache\ati1raxx.sys
+ 2004-08-03 20:29:32 63,663 -c--a-w C:\WINDOWS\system32\dllcache\ati1rvxx.sys
+ 2004-08-03 20:29:32 26,367 -c--a-w C:\WINDOWS\system32\dllcache\ati1snxx.sys
+ 2004-08-03 20:29:32 21,343 -c--a-w C:\WINDOWS\system32\dllcache\ati1ttxx.sys
+ 2004-08-03 20:29:32 36,463 -c--a-w C:\WINDOWS\system32\dllcache\ati1tuxx.sys
+ 2004-08-03 20:29:32 29,455 -c--a-w C:\WINDOWS\system32\dllcache\ati1xbxx.sys
+ 2004-08-03 20:29:32 34,735 -c--a-w C:\WINDOWS\system32\dllcache\ati1xsxx.sys
+ 2005-12-01 19:41:00 237,568 -c--a-w C:\WINDOWS\system32\dllcache\ati2cqag.dll
+ 2004-08-19 14:09:20 377,984 -c--a-w C:\WINDOWS\system32\dllcache\ati2dvaa.dll
+ 2005-12-01 20:49:00 252,928 -c--a-w C:\WINDOWS\system32\dllcache\ati2dvag.dll
+ 2004-08-19 13:53:40 327,168 -c--a-w C:\WINDOWS\system32\dllcache\ati2mtaa.sys
+ 2005-12-01 20:49:00 1,412,608 -c--a-w C:\WINDOWS\system32\dllcache\ati2mtag.sys
+ 2005-12-01 20:33:00 2,517,632 -c--a-w C:\WINDOWS\system32\dllcache\ati3duag.dll
+ 2001-08-17 18:49:04 46,464 -c--a-w C:\WINDOWS\system32\dllcache\atibt829.sys
+ 2001-08-23 15:46:44 382,592 -c--a-w C:\WINDOWS\system32\dllcache\atidrab.dll
+ 2001-08-23 15:46:44 137,216 -c--a-w C:\WINDOWS\system32\dllcache\atidrae.dll
+ 2001-08-23 15:46:44 268,160 -c--a-w C:\WINDOWS\system32\dllcache\atidvai.dll
+ 2001-08-23 15:47:26 37,376 -c--a-w C:\WINDOWS\system32\dllcache\atievxx.exe
+ 2001-08-23 14:59:36 75,392 -c--a-w C:\WINDOWS\system32\dllcache\atimpae.sys
+ 2001-08-23 14:59:38 281,728 -c--a-w C:\WINDOWS\system32\dllcache\atimtai.sys
+ 2004-08-03 20:29:28 57,856 -c--a-w C:\WINDOWS\system32\dllcache\atinbtxx.sys
+ 2004-08-03 20:29:30 13,824 -c--a-w C:\WINDOWS\system32\dllcache\atinmdxx.sys
+ 2004-08-03 20:29:30 14,336 -c--a-w C:\WINDOWS\system32\dllcache\atinpdxx.sys
+ 2004-08-03 20:29:30 52,224 -c--a-w C:\WINDOWS\system32\dllcache\atinraxx.sys
+ 2004-08-03 20:29:32 104,960 -c--a-w C:\WINDOWS\system32\dllcache\atinrvxx.sys
+ 2004-08-03 20:29:32 28,672 -c--a-w C:\WINDOWS\system32\dllcache\atinsnxx.sys
+ 2004-08-03 20:29:32 13,824 -c--a-w C:\WINDOWS\system32\dllcache\atinttxx.sys
+ 2004-08-03 20:29:32 73,216 -c--a-w C:\WINDOWS\system32\dllcache\atintuxx.sys
+ 2004-08-03 20:29:32 31,744 -c--a-w C:\WINDOWS\system32\dllcache\atinxbxx.sys
+ 2004-08-03 20:29:32 63,488 -c--a-w C:\WINDOWS\system32\dllcache\atinxsxx.sys
+ 2001-08-17 18:49:36 10,240 -c--a-w C:\WINDOWS\system32\dllcache\atipcxxx.sys
+ 2001-08-23 15:46:44 104,832 -c--a-w C:\WINDOWS\system32\dllcache\atiraged.dll
+ 2001-08-23 14:59:40 70,784 -c--a-w C:\WINDOWS\system32\dllcache\atiragem.sys
+ 2001-08-17 18:49:12 49,920 -c--a-w C:\WINDOWS\system32\dllcache\atirtcap.sys
+ 2001-08-17 18:49:18 26,880 -c--a-w C:\WINDOWS\system32\dllcache\atirtsnd.sys
+ 2001-08-17 18:49:22 17,152 -c--a-w C:\WINDOWS\system32\dllcache\atitunep.sys
+ 2001-08-17 18:49:28 17,152 -c--a-w C:\WINDOWS\system32\dllcache\atitvsnd.sys
+ 2001-08-17 18:49:38 9,472 -c--a-w C:\WINDOWS\system32\dllcache\ativmdcd.sys
+ 2004-08-19 14:09:20 32,768 -c--a-w C:\WINDOWS\system32\dllcache\ativtmxx.dll
+ 2001-08-17 18:49:44 19,456 -c--a-w C:\WINDOWS\system32\dllcache\ativttxx.sys
+ 2005-12-01 20:26:00 1,104,896 -c--a-w C:\WINDOWS\system32\dllcache\ativvaxx.dll
+ 2001-08-17 18:49:48 26,624 -c--a-w C:\WINDOWS\system32\dllcache\ativxbar.sys
+ 2001-08-17 18:49:34 23,552 -c--a-w C:\WINDOWS\system32\dllcache\atixbar.sys
+ 2004-08-19 14:09:22 21,183 -c--a-w C:\WINDOWS\system32\dllcache\atv01nt5.dll
+ 2004-08-19 14:09:22 11,359 -c--a-w C:\WINDOWS\system32\dllcache\atv02nt5.dll
+ 2004-08-19 14:09:22 25,471 -c--a-w C:\WINDOWS\system32\dllcache\atv04nt5.dll
+ 2004-08-19 14:09:22 14,143 -c--a-w C:\WINDOWS\system32\dllcache\atv06nt5.dll
+ 2004-08-19 14:09:22 17,279 -c--a-w C:\WINDOWS\system32\dllcache\atv10nt5.dll
+ 2001-08-17 21:59:44 3,072 -c--a-w C:\WINDOWS\system32\dllcache\audstub.sys
+ 2004-08-03 21:10:12 38,912 -c--a-w C:\WINDOWS\system32\dllcache\avc.sys
+ 2001-08-17 20:01:12 36,096 -c--a-w C:\WINDOWS\system32\dllcache\avcaudio.sys
+ 2004-08-03 21:10:00 13,696 -c--a-w C:\WINDOWS\system32\dllcache\avcstrm.sys
+ 2001-08-23 15:46:58 87,552 -c--a-w C:\WINDOWS\system32\dllcache\avmcoxp.dll
+ 2001-08-23 15:46:58 144,384 -c--a-w C:\WINDOWS\system32\dllcache\avmenum.dll
+ 2001-08-17 18:13:48 37,568 -c--a-w C:\WINDOWS\system32\dllcache\avmwan.sys
+ 2001-08-17 18:19:16 36,992 -c--a-w C:\WINDOWS\system32\dllcache\aztw2320.sys
+ 2001-08-17 18:13:56 89,952 -c--a-w C:\WINDOWS\system32\dllcache\b1cbase.sys
+ 2001-08-23 15:00:08 97,248 -c--a-w C:\WINDOWS\system32\dllcache\b57xp32.sys
+ 2001-08-23 15:46:44 342,336 -c--a-w C:\WINDOWS\system32\dllcache\banshee.dll
+ 2001-08-17 18:48:28 36,128 -c--a-w C:\WINDOWS\system32\dllcache\banshee.sys
+ 2001-08-17 21:57:54 14,080 -c--a-w C:\WINDOWS\system32\dllcache\battc.sys
+ 2001-08-17 18:11:28 66,557 -c--a-w C:\WINDOWS\system32\dllcache\bcm42u.sys
+ 2001-08-17 18:11:26 54,271 -c--a-w C:\WINDOWS\system32\dllcache\bcm42xx5.sys
+ 2001-08-17 18:11:30 26,568 -c--a-w C:\WINDOWS\system32\dllcache\bcm4e5.sys
+ 2004-08-03 21:10:14 11,776 -c--a-w C:\WINDOWS\system32\dllcache\bdasup.sys
+ 2001-08-23 15:46:58 105,472 -c--a-w C:\WINDOWS\system32\dllcache\binlsvc.dll
+ 2001-08-23 15:46:58 19,456 -c--a-w C:\WINDOWS\system32\dllcache\brbidiif.dll
+ 2001-08-23 15:46:58 9,728 -c--a-w C:\WINDOWS\system32\dllcache\brcoinst.dll
+ 2001-08-23 15:46:58 12,800 -c--a-w C:\WINDOWS\system32\dllcache\brevif.dll
+ 2001-08-17 19:12:12 2,944 -c--a-w C:\WINDOWS\system32\dllcache\brfilt.sys
+ 2001-08-17 19:12:22 12,160 -c--a-w C:\WINDOWS\system32\dllcache\brfiltlo.sys
+ 2001-08-17 19:12:24 3,968 -c--a-w C:\WINDOWS\system32\dllcache\brfiltup.sys
+ 2001-08-23 15:46:58 15,360 -c--a-w C:\WINDOWS\system32\dllcache\brmfbidi.dll
+ 2001-08-23 15:46:58 29,696 -c--a-w C:\WINDOWS\system32\dllcache\brmflpt.dll
+ 2001-08-23 15:47:30 32,256 -c--a-w C:\WINDOWS\system32\dllcache\brmfrsmg.exe
+ 2001-08-23 15:46:58 41,472 -c--a-w C:\WINDOWS\system32\dllcache\brmfusb.dll
+ 2001-08-17 19:12:24 3,168 -c--a-w C:\WINDOWS\system32\dllcache\brparimg.sys
+ 2001-08-23 15:01:54 39,808 -c--a-w C:\WINDOWS\system32\dllcache\brparwdm.sys
+ 2001-08-23 15:46:58 5,120 -c--a-w C:\WINDOWS\system32\dllcache\brscnrsm.dll
+ 2001-08-23 15:46:58 9,728 -c--a-w C:\WINDOWS\system32\dllcache\brserif.dll
+ 2001-08-17 19:12:20 60,416 -c--a-w C:\WINDOWS\system32\dllcache\brserwdm.sys
+ 2001-08-17 19:12:20 11,008 -c--a-w C:\WINDOWS\system32\dllcache\brusbmdm.sys
+ 2001-08-17 19:12:22 10,368 -c--a-w C:\WINDOWS\system32\dllcache\brusbscn.sys
+ 2001-08-17 18:11:24 31,529 -c--a-w C:\WINDOWS\system32\dllcache\brzwlan.sys
+ 2004-08-19 16:09:22 20,992 -c--a-w C:\WINDOWS\system32\dllcache\bthci.dll
+ 2004-08-03 21:10:40 17,024 -c--a-w C:\WINDOWS\system32\dllcache\bthenum.sys
+ 2004-08-03 21:10:40 38,016 -c--a-w C:\WINDOWS\system32\dllcache\bthmodem.sys
+ 2004-08-03 20:58:40 100,992 -c--a-w C:\WINDOWS\system32\dllcache\bthpan.sys
+ 2004-08-03 21:10:38 35,456 -c--a-w C:\WINDOWS\system32\dllcache\bthprint.sys
+ 2004-08-19 16:09:22 30,208 -c--a-w C:\WINDOWS\system32\dllcache\bthserv.dll
+ 2004-08-03 21:10:36 18,944 -c--a-w C:\WINDOWS\system32\dllcache\bthusb.sys
+ 2001-08-23 15:02:02 14,080 -c--a-w C:\WINDOWS\system32\dllcache\bulltlp3.sys
+ 2001-08-17 20:04:46 223,232 -c--a-w C:\WINDOWS\system32\dllcache\camdrv21.sys
+ 2001-08-17 20:04:48 171,264 -c--a-w C:\WINDOWS\system32\dllcache\camdrv30.sys
+ 2001-08-23 15:47:00 74,240 -c--a-w C:\WINDOWS\system32\dllcache\camexo20.dll
+ 2001-08-23 15:47:00 236,032 -c--a-w C:\WINDOWS\system32\dllcache\camext20.dll
+ 2001-08-23 15:47:00 119,296 -c--a-w C:\WINDOWS\system32\dllcache\camext30.dll
+ 2001-08-17 18:12:16 37,916 -c--a-w C:\WINDOWS\system32\dllcache\cb102.sys
+ 2001-08-17 18:12:42 39,680 -c--a-w C:\WINDOWS\system32\dllcache\cb325.sys
+ 2001-08-17 18:13:14 46,108 -c--a-w C:\WINDOWS\system32\dllcache\cben5.sys
+ 2002-09-06 19:59:59 13,952 -c--a-w C:\WINDOWS\system32\dllcache\cbidf2k.sys
+ 2001-08-23 15:03:10 715,466 -c--a-w C:\WINDOWS\system32\dllcache\cbmdmkxx.sys
+ 2004-08-03 21:10:18 17,024 -c--a-w C:\WINDOWS\system32\dllcache\ccdecode.sys
+ 2001-08-17 19:52:06 7,680 -c--a-w C:\WINDOWS\system32\dllcache\cd20xrnt.sys
+ 2007-11-25 16:32:51 18,688 -c--a-w C:\WINDOWS\system32\dllcache\cdaudio.sys
- 2007-07-30 17:19:20 92,504 -c--a-w C:\WINDOWS\system32\dllcache\cdm.dll
+ 2008-07-18 20:10:48 94,920 -c--a-w C:\WINDOWS\system32\dllcache\cdm.dll
+ 2004-08-03 22:59:53 49,536 -c--a-w C:\WINDOWS\system32\dllcache\cdrom.sys
+ 2001-08-23 15:03:18 21,530 -c--a-w C:\WINDOWS\system32\dllcache\ce2n5.sys
+ 2001-08-23 15:03:18 27,164 -c--a-w C:\WINDOWS\system32\dllcache\ce3n5.sys
+ 2001-08-23 15:03:18 22,556 -c--a-w C:\WINDOWS\system32\dllcache\cem28n5.sys
+ 2001-08-23 15:03:20 22,556 -c--a-w C:\WINDOWS\system32\dllcache\cem33n5.sys
+ 2001-08-23 15:03:20 49,182 -c--a-w C:\WINDOWS\system32\dllcache\cem56n5.sys
+ 2004-08-19 14:09:22 15,423 -c--a-w C:\WINDOWS\system32\dllcache\ch7xxnt5.dll
+ 2004-08-03 21:00:14 8,192 -c--a-w C:\WINDOWS\system32\dllcache\changer.sys
+ 2001-08-23 15:04:06 272,640 -c--a-w C:\WINDOWS\system32\dllcache\cinemclc.sys
+ 2007-11-25 16:32:51 262,528 -c--a-w C:\WINDOWS\system32\dllcache\cinemst2.sys
+ 2001-08-23 15:46:44 91,264 -c--a-w C:\WINDOWS\system32\dllcache\cirrus.dll
+ 2001-08-17 19:57:16 45,696 -c--a-w C:\WINDOWS\system32\dllcache\cirrus.sys
+ 2001-08-23 15:46:44 111,232 -c--a-w C:\WINDOWS\system32\dllcache\cl5465.dll
+ 2001-08-23 15:46:44 170,880 -c--a-w C:\WINDOWS\system32\dllcache\cl546x.dll
+ 2004-08-03 23:07:40 14,080 -c--a-w C:\WINDOWS\system32\dllcache\cmbatt.sys
+ 2001-08-23 15:04:40 20,864 -c--a-w C:\WINDOWS\system32\dllcache\cmbp0wdm.sys
+ 2001-08-23 15:04:44 6,656 -c--a-w C:\WINDOWS\system32\dllcache\cmdide.sys
+ 2007-11-25 16:34:45 50,688 -c--a-w C:\WINDOWS\system32\dllcache\cnbjmon.dll
+ 2001-08-23 15:47:00 44,544 -c--a-w C:\WINDOWS\system32\dllcache\cnusd.dll
+ 2001-08-17 18:11:42 39,936 -c--a-w C:\WINDOWS\system32\dllcache\cnxt1803.sys
+ 2001-08-17 21:58:00 9,344 -c--a-w C:\WINDOWS\system32\dllcache\compbatt.sys
+ 2001-08-17 19:52:06 14,976 -c--a-w C:\WINDOWS\system32\dllcache\cpqarray.sys
+ 2007-11-25 16:32:51 11,776 -c--a-w C:\WINDOWS\system32\dllcache\cpqdap01.sys
+ 2001-08-23 15:07:28 21,533 -c--a-w C:\WINDOWS\system32\dllcache\cpqndis5.sys
+ 2001-08-23 15:07:28 61,194 -c--a-w C:\WINDOWS\system32\dllcache\cpqtrnd5.sys
+ 2001-08-23 15:47:00 216,576 -c--a-w C:\WINDOWS\system32\dllcache\cpscan.dll
+ 2001-08-17 18:19:18 42,112 -c--a-w C:\WINDOWS\system32\dllcache\crtaud.sys
+ 2007-11-25 16:34:45 40,704 -c--a-w C:\WINDOWS\system32\dllcache\crusoe.sys
+ 2001-08-23 15:47:00 175,104 -c--a-w C:\WINDOWS\system32\dllcache\csamsp.dll
+ 2001-08-17 18:19:28 6,912 -c--a-w C:\WINDOWS\system32\dllcache\ctlfacem.sys
+ 2001-08-17 18:19:20 3,712 -c--a-w C:\WINDOWS\system32\dllcache\ctljystk.sys
+ 2001-08-17 18:19:20 96,256 -c--a-w C:\WINDOWS\system32\dllcache\ctlsb16.sys
+ 2001-08-23 15:47:00 4,096 -c--a-w C:\WINDOWS\system32\dllcache\ctwdm32.dll
+ 2001-08-17 18:19:24 3,072 -c--a-w C:\WINDOWS\system32\dllcache\cwbase.sys
+ 2001-08-17 18:19:26 3,072 -c--a-w C:\WINDOWS\system32\dllcache\cwbmidi.sys
+ 2001-08-17 18:19:28 72,832 -c--a-w C:\WINDOWS\system32\dllcache\cwbwdm.sys
+ 2001-08-17 18:19:30 3,584 -c--a-w C:\WINDOWS\system32\dllcache\cwcosnt5.sys
+ 2001-08-17 18:19:36 111,872 -c--a-w C:\WINDOWS\system32\dllcache\cwcspud.sys
+ 2001-08-17 18:19:48 93,952 -c--a-w C:\WINDOWS\system32\dllcache\cwcwdm.sys
+ 2004-08-03 20:32:26 48,640 -c--a-w C:\WINDOWS\system32\dllcache\cwrwdm.sys
+ 2001-08-23 15:08:38 17,536 -c--a-w C:\WINDOWS\system32\dllcache\cyclad-z.sys
+ 2001-08-23 15:08:38 15,104 -c--a-w C:\WINDOWS\system32\dllcache\cyclom-y.sys
+ 2001-08-23 15:47:00 29,184 -c--a-w C:\WINDOWS\system32\dllcache\cyycoins.dll
+ 2001-08-23 15:08:40 50,944 -c--a-w C:\WINDOWS\system32\dllcache\cyyport.sys
+ 2001-08-23 15:47:00 28,160 -c--a-w C:\WINDOWS\system32\dllcache\cyyports.dll
+ 2001-08-23 15:47:00 28,160 -c--a-w C:\WINDOWS\system32\dllcache\cyzcoins.dll
+ 2001-08-23 15:08:42 50,688 -c--a-w C:\WINDOWS\system32\dllcache\cyzport.sys
+ 2001-08-23 15:47:00 28,160 -c--a-w C:\WINDOWS\system32\dllcache\cyzports.dll
+ 2001-08-23 15:08:44 117,760 -c--a-w C:\WINDOWS\system32\dllcache\d100ib5.sys
+ 2001-08-17 19:52:16 179,584 -c--a-w C:\WINDOWS\system32\dllcache\dac2w2k.sys
+ 2001-08-17 19:52:16 14,720 -c--a-w C:\WINDOWS\system32\dllcache\dac960nt.sys
+ 2001-08-23 15:47:00 25,600 -c--a-w C:\WINDOWS\system32\dllcache\dc210_32.dll
+ 2001-08-23 15:47:00 82,432 -c--a-w C:\WINDOWS\system32\dllcache\dc210usd.dll
+ 2001-08-17 18:12:02 63,208 -c--a-w C:\WINDOWS\system32\dllcache\dc21x4.sys
+ 2001-08-23 15:47:00 87,552 -c--a-w C:\WINDOWS\system32\dllcache\dc240usd.dll
+ 2001-08-23 15:47:00 112,128 -c--a-w C:\WINDOWS\system32\dllcache\dc260usd.dll
+ 2001-08-17 19:52:58 7,424 -c--a-w C:\WINDOWS\system32\dllcache\ddsmc.sys
+ 2001-08-17 18:11:44 20,928 -c--a-w C:\WINDOWS\system32\dllcache\defpa.sys
+ 2001-08-23 15:47:34 24,064 -c--a-w C:\WINDOWS\system32\dllcache\devldr32.exe
+ 2001-08-17 18:11:48 24,648 -c--a-w C:\WINDOWS\system32\dllcache\dfe650.sys
+ 2001-08-17 18:11:48 24,649 -c--a-w C:\WINDOWS\system32\dllcache\dfe650d.sys
+ 2001-08-23 15:09:48 29,691 -c--a-w C:\WINDOWS\system32\dllcache\dgapci.sys
+ 2001-08-23 15:47:00 422,429 -c--a-w C:\WINDOWS\system32\dllcache\dgconfig.dll
+ 2001-08-17 18:13:48 164,923 -c--a-w C:\WINDOWS\system32\dllcache\diapi2.sys
+ 2001-08-23 15:47:02 32,256 -c--a-w C:\WINDOWS\system32\dllcache\diapi2NT.dll
+ 2001-08-23 15:47:02 65,622 -c--a-w C:\WINDOWS\system32\dllcache\digiasyn.dll
+ 2001-08-23 15:10:10 37,927 -c--a-w C:\WINDOWS\system32\dllcache\digiasyn.sys
+ 2001-08-23 15:47:02 135,252 -c--a-w C:\WINDOWS\system32\dllcache\digidbp.dll
+ 2001-08-23 15:10:10 103,492 -c--a-w C:\WINDOWS\system32\dllcache\digidxb.sys
+ 2001-08-23 15:10:12 90,685 -c--a-w C:\WINDOWS\system32\dllcache\digifep5.sys
+ 2001-08-23 15:47:02 229,462 -c--a-w C:\WINDOWS\system32\dllcache\digifwrk.dll
+ 2001-08-23 15:47:02 159,828 -c--a-w C:\WINDOWS\system32\dllcache\digihlc.dll
+ 2001-08-23 15:47:02 102,484 -c--a-w C:\WINDOWS\system32\dllcache\digiinf.dll
+ 2001-08-23 15:47:02 41,046 -c--a-w C:\WINDOWS\system32\dllcache\digiisdn.dll
+ 2001-08-17 18:14:44 21,606 -c--a-w C:\WINDOWS\system32\dllcache\digiisdn.sys
+ 2001-08-23 15:47:02 110,621 -c--a-w C:\WINDOWS\system32\dllcache\digirlpt.dll
+ 2001-08-23 15:10:16 42,656 -c--a-w C:\WINDOWS\system32\dllcache\digirlpt.sys
+ 2001-08-17 18:13:52 91,305 -c--a-w C:\WINDOWS\system32\dllcache\dimaint.sys
+ 2004-08-03 22:59:55 36,352 -c--a-w C:\WINDOWS\system32\dllcache\disk.sys
+ 2001-08-23 15:47:02 6,729 -c--a-w C:\WINDOWS\system32\dllcache\disrvci.dll
+ 2001-08-23 15:47:02 31,817 -c--a-w C:\WINDOWS\system32\dllcache\disrvpp.dll
+ 2001-08-23 15:47:02 38,985 -c--a-w C:\WINDOWS\system32\dllcache\disrvsu.dll
+ 2001-08-23 15:47:34 236,060 -c--a-w C:\WINDOWS\system32\dllcache\ditrace.exe
+ 2001-08-23 15:47:02 6,216 -c--a-w C:\WINDOWS\system32\dllcache\divaci.dll
+ 2001-08-23 15:47:02 37,962 -c--a-w C:\WINDOWS\system32\dllcache\divaprop.dll
+ 2001-08-23 15:47:02 29,768 -c--a-w C:\WINDOWS\system32\dllcache\divasu.dll
+ 2001-08-17 18:11:44 26,698 -c--a-w C:\WINDOWS\system32\dllcache\dlh5xnd5.sys
+ 2004-08-03 21:00:06 8,320 -c--a-w C:\WINDOWS\system32\dllcache\dlttape.sys
+ 2001-08-17 18:11:42 29,696 -c--a-w C:\WINDOWS\system32\dllcache\dm9pci5.sys
+ 2004-08-03 21:07:40 52,864 -c--a-w C:\WINDOWS\system32\dllcache\dmusic.sys
+ 2007-11-25 16:34:45 58,880 -c--a-w C:\WINDOWS\system32\dllcache\dmutil.dll
+ 2004-08-03 20:58:30 207,360 -c--a-w C:\WINDOWS\system32\dllcache\dot4.sys
+ 2001-08-17 19:47:32 12,928 -c--a-w C:\WINDOWS\system32\dllcache\dot4prt.sys
+ 2001-08-17 19:47:32 8,704 -c--a-w C:\WINDOWS\system32\dllcache\dot4scan.sys
+ 2001-08-23 15:11:02 24,064 -c--a-w C:\WINDOWS\system32\dllcache\dot4usb.sys
+ 2001-08-17 18:12:32 28,062 -c--a-w C:\WINDOWS\system32\dllcache\dp83820.sys
+ 2001-08-17 20:07:44 20,192 -c--a-w C:\WINDOWS\system32\dllcache\dpti2o.sys
+ 2004-08-03 21:08:00 60,288 -c--a-w C:\WINDOWS\system32\dllcache\drmk.sys
+ 2004-08-03 21:07:58 2,944 -c--a-w C:\WINDOWS\system32\dllcache\drmkaud.sys
+ 2001-08-17 18:20:18 334,208 -c--a-w C:\WINDOWS\system32\dllcache\ds1wdm.sys
+ 2007-11-25 16:32:51 59,392 -c--a-w C:\WINDOWS\system32\dllcache\dvdplay.exe
+ 2004-08-03 23:00:55 71,040 -c--a-w C:\WINDOWS\system32\dllcache\dxg.sys
+ 2001-08-23 15:12:50 51,743 -c--a-w C:\WINDOWS\system32\dllcache\e1000nt5.sys
+ 2001-08-23 15:12:50 117,760 -c--a-w C:\WINDOWS\system32\dllcache\e100b325.sys
+ 2001-08-17 18:12:12 19,594 -c--a-w C:\WINDOWS\system32\dllcache\e100isa4.sys
+ 2001-08-23 15:13:26 44,615 -c--a-w C:\WINDOWS\system32\dllcache\el515.sys
+ 2001-08-17 18:10:56 55,999 -c--a-w C:\WINDOWS\system32\dllcache\el556nd5.sys
+ 2001-08-17 18:10:56 24,653 -c--a-w C:\WINDOWS\system32\dllcache\el574nd4.sys
+ 2001-08-17 18:10:58 69,692 -c--a-w C:\WINDOWS\system32\dllcache\el575nd5.sys
+ 2001-08-17 18:10:52 26,141 -c--a-w C:\WINDOWS\system32\dllcache\el589nd5.sys
+ 2001-08-17 18:11:00 69,194 -c--a-w C:\WINDOWS\system32\dllcache\el656cd5.sys
+ 2001-08-17 18:11:00 77,386 -c--a-w C:\WINDOWS\system32\dllcache\el656nd5.sys
+ 2001-08-23 15:13:30 241,238 -c--a-w C:\WINDOWS\system32\dllcache\el656se5.sys
+ 2001-08-17 18:11:06 66,591 -c--a-w C:\WINDOWS\system32\dllcache\el90xbc5.sys
+ 2001-08-23 15:13:30 153,631 -c--a-w C:\WINDOWS\system32\dllcache\el90xnd5.sys
+ 2001-08-23 15:13:30 455,711 -c--a-w C:\WINDOWS\system32\dllcache\el985n51.sys
+ 2001-08-17 18:11:04 70,174 -c--a-w C:\WINDOWS\system32\dllcache\el98xn5.sys
+ 2001-08-23 15:13:32 175,104 -c--a-w C:\WINDOWS\system32\dllcache\el99xn51.sys
+ 2001-08-17 19:53:02 7,296 -c--a-w C:\WINDOWS\system32\dllcache\elmsmc.sys
+ 2001-08-17 18:10:52 25,159 -c--a-w C:\WINDOWS\system32\dllcache\elnk3.sys
+ 2001-08-17 18:10:54 19,996 -c--a-w C:\WINDOWS\system32\dllcache\em556n4.sys
+ 2001-08-17 18:19:26 283,904 -c--a-w C:\WINDOWS\system32\dllcache\emu10k1m.sys
+ 2001-08-17 21:46:40 6,400 -c--a-w C:\WINDOWS\system32\dllcache\enum1394.sys
+ 2001-08-17 19:50:20 144,896 -c--a-w C:\WINDOWS\system32\dllcache\epcfw2k.sys
+ 2001-08-17 18:12:08 18,503 -c--a-w C:\WINDOWS\system32\dllcache\epro4.sys
+ 2001-08-17 19:50:20 114,944 -c--a-w C:\WINDOWS\system32\dllcache\epstw2k.sys
+ 2001-08-23 15:47:34 53,760 -c--a-w C:\WINDOWS\system32\dllcache\eqndiag.exe
+ 2001-08-23 15:47:34 51,712 -c--a-w C:\WINDOWS\system32\dllcache\eqnlogr.exe
+ 2001-08-23 15:47:34 62,464 -c--a-w C:\WINDOWS\system32\dllcache\eqnloop.exe
+ 2001-08-17 18:19:38 37,120 -c--a-w C:\WINDOWS\system32\dllcache\es1370mp.sys
+ 2001-08-17 18:19:34 40,704 -c--a-w C:\WINDOWS\system32\dllcache\es1371mp.sys
+ 2001-08-17 18:19:58 72,192 -c--a-w C:\WINDOWS\system32\dllcache\es1969.sys
+ 2001-08-17 18:19:48 174,464 -c--a-w C:\WINDOWS\system32\dllcache\es198x.sys
+ 2001-08-23 15:16:04 596,319 -c--a-w C:\WINDOWS\system32\dllcache\es56cvmp.sys
+ 2001-08-23 15:16:06 594,910 -c--a-w C:\WINDOWS\system32\dllcache\es56hpi.sys
+ 2001-08-23 15:16:06 348,222 -c--a-w C:\WINDOWS\system32\dllcache\es56tpi.sys
+ 2001-08-17 18:19:56 63,360 -c--a-w C:\WINDOWS\system32\dllcache\ess.sys
+ 2004-08-03 20:32:28 137,088 -c--a-w C:\WINDOWS\system32\dllcache\essm2e.sys
+ 2001-08-23 15:47:04 43,008 -c--a-w C:\WINDOWS\system32\dllcache\esucm.dll
+ 2001-08-23 15:47:04 34,816 -c--a-w C:\WINDOWS\system32\dllcache\esuimg.dll
+ 2001-08-23 15:47:04 46,080 -c--a-w C:\WINDOWS\system32\dllcache\esuni.dll
+ 2001-08-23 15:47:04 46,080 -c--a-w C:\WINDOWS\system32\dllcache\esunib.dll
+ 2001-08-17 18:12:08 16,998 -c--a-w C:\WINDOWS\system32\dllcache\ex10.sys
+ 2001-08-17 19:52:48 7,040 -c--a-w C:\WINDOWS\system32\dllcache\exabyte2.sys
+ 2001-08-17 18:11:54 12,362 -c--a-w C:\WINDOWS\system32\dllcache\f3ab18xi.sys
+ 2001-08-17 18:11:56 11,850 -c--a-w C:\WINDOWS\system32\dllcache\f3ab18xj.sys
+ 2001-08-17 18:12:32 16,074 -c--a-w C:\WINDOWS\system32\dllcache\fa312nd5.sys
+ 2004-08-03 22:59:27 27,392 -c--a-w C:\WINDOWS\system32\dllcache\fdc.sys
+ 2004-08-03 22:59:27 20,480 -c--a-w C:\WINDOWS\system32\dllcache\flpydisk.sys
+ 2004-08-19 16:09:55 193,024 -c--a-w C:\WINDOWS\system32\dllcache\fsquirt.exe
+ 2007-11-25 16:32:51 12,416 -c--a-w C:\WINDOWS\system32\dllcache\fsvga.sys
+ 2002-09-06 19:59:59 126,080 -c--a-w C:\WINDOWS\system32\dllcache\ftdisk.sys
+ 2001-08-17 18:15:56 454,912 -c--a-w C:\WINDOWS\system32\dllcache\fxusbase.sys
+ 2001-08-23 15:46:44 470,144 -c--a-w C:\WINDOWS\system32\dllcache\g200d.dll
+ 2001-08-23 15:18:04 320,512 -c--a-w C:\WINDOWS\system32\dllcache\g200m.sys
+ 2001-08-23 15:18:06 322,560 -c--a-w C:\WINDOWS\system32\dllcache\g400m.sys
+ 2004-08-03 21:07:44 46,464 -c--a-w C:\WINDOWS\system32\dllcache\gagp30kx.sys
+ 2004-08-03 21:08:22 10,624 -c--a-w C:\WINDOWS\system32\dllcache\gameenum.sys
+ 2004-08-03 21:08:30 59,136 -c--a-w C:\WINDOWS\system32\dllcache\gckernel.sys
+ 2001-08-23 15:18:36 17,664 -c--a-w C:\WINDOWS\system32\dllcache\gpr400.sys
+ 2001-08-23 15:18:40 82,560 -c--a-w C:\WINDOWS\system32\dllcache\grclass.sys
+ 2004-08-19 13:55:22 28,672 -c--a-w C:\WINDOWS\system32\dllcache\grserial.sys
+ 2004-08-19 16:09:27 7,168 -c--a-w C:\WINDOWS\system32\dllcache\hccoin.dll
+ 2001-08-23 15:19:04 908,000 -c--a-w C:\WINDOWS\system32\dllcache\hcf_msft.sys
+ 2007-11-25 16:34:45 20,992 -c--a-w C:\WINDOWS\system32\dllcache\hid.dll
+ 2001-08-17 19:58:00 19,200 -c--a-w C:\WINDOWS\system32\dllcache\hidbatt.sys
+ 2004-08-19 13:55:52 25,856 -c--a-w C:\WINDOWS\system32\dllcache\hidbth.sys
+ 2007-11-25 16:18:54 36,864 -c--a-w C:\WINDOWS\system32\dllcache\hidclass.sys
+ 2001-08-17 20:02:32 8,576 -c--a-w C:\WINDOWS\system32\dllcache\hidgame.sys
+ 2004-08-03 21:08:20 15,104 -c--a-w C:\WINDOWS\system32\dllcache\hidir.sys
+ 2004-08-03 23:08:17 24,960 -c--a-w C:\WINDOWS\system32\dllcache\hidparse.sys
+ 2004-08-19 14:09:28 21,504 -c--a-w C:\WINDOWS\system32\dllcache\hidserv.dll
+ 2001-08-17 20:02:50 2,688 -c--a-w C:\WINDOWS\system32\dllcache\hidswvd.sys
+ 2001-08-17 12:02:20 9,600 -c--a-w C:\WINDOWS\system32\dllcache\hidusb.sys
+ 2001-08-23 15:47:04 119,296 -c--a-w C:\WINDOWS\system32\dllcache\hpdigwia.dll
+ 2001-08-23 15:47:04 83,968 -c--a-w C:\WINDOWS\system32\dllcache\hpgt21.dll
+ 2001-08-23 15:47:04 123,392 -c--a-w C:\WINDOWS\system32\dllcache\hpgt21tk.dll
+ 2001-08-23 15:47:04 89,088 -c--a-w C:\WINDOWS\system32\dllcache\hpgt33.dll
+ 2001-08-23 15:47:04 48,128 -c--a-w C:\WINDOWS\system32\dllcache\hpgt33tk.dll
+ 2001-08-23 15:47:04 101,376 -c--a-w C:\WINDOWS\system32\dllcache\hpgt34.dll
+ 2001-08-23 15:47:04 126,976 -c--a-w C:\WINDOWS\system32\dllcache\hpgt34tk.dll
+ 2001-08-23 15:47:04 93,696 -c--a-w C:\WINDOWS\system32\dllcache\hpgt42.dll
+ 2001-08-23 15:47:04 31,232 -c--a-w C:\WINDOWS\system32\dllcache\hpgt42tk.dll
+ 2001-08-23 15:47:04 165,888 -c--a-w C:\WINDOWS\system32\dllcache\hpgt53.dll
+ 2001-08-23 15:47:04 68,608 -c--a-w C:\WINDOWS\system32\dllcache\hpgt53tk.dll
+ 2001-08-23 15:47:04 32,768 -c--a-w C:\WINDOWS\system32\dllcache\hpgtmcro.dll
+ 2001-08-17 20:07:44 25,952 -c--a-w C:\WINDOWS\system32\dllcache\hpn.sys
+ 2001-08-23 15:47:04 13,312 -c--a-w C:\WINDOWS\system32\dllcache\hpsjmcro.dll
+ 2001-08-17 19:52:50 5,760 -c--a-w C:\WINDOWS\system32\dllcache\hpt4qic.sys
+ 2001-08-23 15:47:04 19,456 -c--a-w C:\WINDOWS\system32\dllcache\hr1w.dll
+ 2001-08-17 19:28:04 150,239 -c--a-w C:\WINDOWS\system32\dllcache\hsf_amos.sys
+ 2001-08-17 19:28:04 67,167 -c--a-w C:\WINDOWS\system32\dllcache\hsf_bsc2.sys
+ 2001-08-17 19:28:06 289,887 -c--a-w C:\WINDOWS\system32\dllcache\hsf_fall.sys
+ 2001-08-17 19:28:06 199,711 -c--a-w C:\WINDOWS\system32\dllcache\hsf_faxx.sys
+ 2001-08-17 19:28:06 115,807 -c--a-w C:\WINDOWS\system32\dllcache\hsf_fsks.sys
+ 2001-08-23 15:47:04 9,759 -c--a-w C:\WINDOWS\system32\dllcache\hsf_inst.dll
+ 2001-08-17 19:28:08 391,199 -c--a-w C:\WINDOWS\system32\dllcache\hsf_k56k.sys
+ 2001-08-17 19:28:10 542,879 -c--a-w C:\WINDOWS\system32\dllcache\hsf_msft.sys
+ 2001-08-17 19:28:10 57,471 -c--a-w C:\WINDOWS\system32\dllcache\hsf_samp.sys
+ 2001-08-17 19:28:10 44,863 -c--a-w C:\WINDOWS\system32\dllcache\hsf_soar.sys
+ 2001-08-17 19:28:10 73,279 -c--a-w C:\WINDOWS\system32\dllcache\hsf_spkp.sys
+ 2001-08-17 19:28:12 50,751 -c--a-w C:\WINDOWS\system32\dllcache\hsf_tone.sys
+ 2001-08-17 19:28:12 488,383 -c--a-w C:\WINDOWS\system32\dllcache\hsf_v124.sys
+ 2004-08-03 20:41:48 220,032 -c--a-w C:\WINDOWS\system32\dllcache\hsfbs2s2.sys
+ 2004-08-19 14:09:28 32,285 -c--a-w C:\WINDOWS\system32\dllcache\hsfcisp2.dll
+ 2004-08-03 20:41:50 685,056 -c--a-w C:\WINDOWS\system32\dllcache\hsfcxts2.sys
+ 2007-11-25 16:16:21 262,656 -c--a-w C:\WINDOWS\system32\dllcache\http.sys
+ 2004-08-03 21:00:52 8,192 -c--a-w C:\WINDOWS\system32\dllcache\i2omgmt.sys
+ 2004-08-03 21:00:52 18,560 -c--a-w C:\WINDOWS\system32\dllcache\i2omp.sys
+ 2001-08-23 15:46:46 353,184 -c--a-w C:\WINDOWS\system32\dllcache\i740dnt5.dll
+ 2001-08-17 18:49:06 58,592 -c--a-w C:\WINDOWS\system32\dllcache\i740nt5.sys
+ 2004-08-19 13:56:40 54,400 -c--a-w C:\WINDOWS\system32\dllcache\i8042prt.sys
+ 2004-08-03 20:29:38 161,020 -c--a-w C:\WINDOWS\system32\dllcache\i81xnt5.sys
+ 2001-08-17 18:11:58 28,700 -c--a-w C:\WINDOWS\system32\dllcache\ibmexmp.sys
+ 2001-08-23 15:45:26 10,240 -c--a-w C:\WINDOWS\system32\dllcache\ibmsgnet.dll
+ 2001-08-17 18:12:00 100,936 -c--a-w C:\WINDOWS\system32\dllcache\ibmtok.sys
+ 2001-08-17 18:12:02 109,085 -c--a-w C:\WINDOWS\system32\dllcache\ibmtrp.sys
+ 2001-08-17 20:06:46 38,528 -c--a-w C:\WINDOWS\system32\dllcache\ibmvcap.sys
+ 2001-08-17 20:05:44 141,056 -c--a-w C:\WINDOWS\system32\dllcache\icam3.sys
+ 2001-08-23 15:47:04 27,136 -c--a-w C:\WINDOWS\system32\dllcache\icam3ext.dll
+ 2001-08-23 15:47:04 92,160 -c--a-w C:\WINDOWS\system32\dllcache\icam4com.dll
+ 2001-08-23 15:47:04 63,488 -c--a-w C:\WINDOWS\system32\dllcache\icam4ext.dll
+ 2001-08-17 20:06:02 154,496 -c--a-w C:\WINDOWS\system32\dllcache\icam4usb.sys
+ 2001-08-23 15:47:04 45,056 -c--a-w C:\WINDOWS\system32\dllcache\icam5com.dll
+ 2001-08-23 15:47:04 20,992 -c--a-w C:\WINDOWS\system32\dllcache\icam5ext.dll
+ 2001-08-17 20:06:20 100,992 -c--a-w C:\WINDOWS\system32\dllcache\icam5usb.sys
+ 2001-08-23 15:47:04 372,824 -c--a-w C:\WINDOWS\system32\dllcache\iconf32.dll
+ 2004-08-03 23:00:15 41,856 -c--a-w C:\WINDOWS\system32\dllcache\imapi.sys
+ 2001-08-17 19:52:08 16,000 -c--a-w C:\WINDOWS\system32\dllcache\ini910u.sys
+ 2001-08-23 14:57:12 13,824 -c--a-w C:\WINDOWS\system32\dllcache\inport.sys
+ 2004-08-19 13:59:08 5,504 -c--a-w C:\WINDOWS\system32\dllcache\intelide.sys
+ 2007-11-25 16:10:55 40,320 -c--a-w C:\WINDOWS\system32\dllcache\intelppm.sys
+ 2001-08-17 19:50:56 38,784 -c--a-w C:\WINDOWS\system32\dllcache\io8.sys
+ 2001-08-23 15:47:04 90,200 -c--a-w C:\WINDOWS\system32\dllcache\io8ports.dll
+ 2001-08-17 18:12:12 45,632 -c--a-w C:\WINDOWS\system32\dllcache\ip5515.sys
+ 2004-08-03 21:08:34 40,832 -c--a-w C:\WINDOWS\system32\dllcache\irbus.sys
+ 2004-08-03 21:00:54 87,424 -c--a-w C:\WINDOWS\system32\dllcache\irda.sys
+ 2004-08-19 14:09:56 154,112 -c--a-w C:\WINDOWS\system32\dllcache\irftp.exe
+ 2001-08-17 19:49:04 23,552 -c--a-w C:\WINDOWS\system32\dllcache\irmk7.sys
+ 2004-09-30 16:50:54 28,160 -c--a-w C:\WINDOWS\system32\dllcache\irmon.dll
+ 2001-08-17 19:51:32 18,688 -c--a-w C:\WINDOWS\system32\dllcache\irsir.sys
+ 2001-08-17 19:49:10 26,624 -c--a-w C:\WINDOWS\system32\dllcache\irstusb.sys
+ 2002-09-06 19:59:59 36,224 -c--a-w C:\WINDOWS\system32\dllcache\isapnp.sys
+ 2004-08-19 14:09:32 47,616 -c--a-w C:\WINDOWS\system32\dllcache\iyuv_32.dll
+ 2004-08-19 14:00:34 25,216 -c--a-w C:\WINDOWS\system32\dllcache\kbdclass.sys
+ 2004-08-19 14:00:36 14,848 -c--a-w C:\WINDOWS\system32\dllcache\kbdhid.sys
+ 2006-06-14 07:50:20 172,416 -c--a-w C:\WINDOWS\system32\dllcache\kmixer.sys
+ 2004-08-03 21:15:22 140,928 -c--a-w C:\WINDOWS\system32\dllcache\ks.sys
+ 2004-08-19 14:09:32 4,096 -c--a-w C:\WINDOWS\system32\dllcache\ksuser.dll
+ 2001-08-23 14:59:46 26,922 -c--a-w C:\WINDOWS\system32\dllcache\lanepic5.sys
+ 2004-08-03 20:59:34 34,688 -c--a-w C:\WINDOWS\system32\dllcache\lbrtfdc.sys
+ 2001-08-23 15:00:10 16,384 -c--a-w C:\WINDOWS\system32\dllcache\lit220p.sys
+ 2001-08-17 18:11:52 25,065 -c--a-w C:\WINDOWS\system32\dllcache\lmndis3.sys
+ 2001-08-17 18:12:20 20,573 -c--a-w C:\WINDOWS\system32\dllcache\lne100.sys
+ 2001-08-17 18:12:24 70,730 -c--a-w C:\WINDOWS\system32\dllcache\lne100tx.sys
+ 2001-08-17 19:53:42 4,992 -c--a-w C:\WINDOWS\system32\dllcache\loop.sys
+ 2001-08-23 15:00:48 728,554 -c--a-w C:\WINDOWS\system32\dllcache\ltck000c.sys
+ 2004-08-19 14:02:02 607,452 -c--a-w C:\WINDOWS\system32\dllcache\ltmdmnt.sys
+ 2001-08-23 15:00:50 577,514 -c--a-w C:\WINDOWS\system32\dllcache\ltmdmntl.sys
+ 2004-08-19 14:02:06 422,528 -c--a-w C:\WINDOWS\system32\dllcache\ltmdmntt.sys
+ 2004-08-03 21:00:08 7,040 -c--a-w C:\WINDOWS\system32\dllcache\ltotape.sys
+ 2001-08-17 19:28:10 802,683 -c--a-w C:\WINDOWS\system32\dllcache\ltsm.sys
+ 2001-08-17 19:28:12 797,500 -c--a-w C:\WINDOWS\system32\dllcache\ltsmt.sys
+ 2004-08-03 20:39:32 20,864 -c--a-w C:\WINDOWS\system32\dllcache\lwadihid.sys
+ 2001-08-17 18:49:20 22,848 -c--a-w C:\WINDOWS\system32\dllcache\lwusbhid.sys
+ 2001-08-23 15:47:06 58,880 -c--a-w C:\WINDOWS\system32\dllcache\m3091dc.dll
+ 2001-08-23 15:47:06 59,392 -c--a-w C:\WINDOWS\system32\dllcache\m3092dc.dll
+ 2001-08-17 18:19:58 48,768 -c--a-w C:\WINDOWS\system32\dllcache\maestro.sys
+ 2007-11-25 16:32:51 147,968 -c--a-w C:\WINDOWS\system32\dllcache\mdwmdmsp.dll
+ 2007-11-25 16:34:45 63,744 -c--a-w C:\WINDOWS\system32\dllcache\mf.sys
- 2006-09-15 12:36:32 29,696 -c--a-w C:\WINDOWS\system32\dllcache\mimefilt.dll
+ 2002-09-06 19:59:59 18,944 -c--a-w C:\WINDOWS\system32\dllcache\mimefilt.dll
+ 2007-11-25 16:34:45 30,336 -c--a-w C:\WINDOWS\system32\dllcache\modem.sys
+ 2007-11-25 16:34:45 23,680 -c--a-w C:\WINDOWS\system32\dllcache\mouclass.sys
+ 2001-08-23 15:

90 réponses

Précédent
Réponse 81 / 90
Puic Messages postés 85 Statut Membre
 
yep

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:51:39, on 24/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20861)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://gamespace.daemon-tools.cc/fra/home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: (no name) - {BE47A8D3-0A3F-454C-80AA-7202008C8EA4} - (no file)
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing)
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE R�SEAU')
O4 - Startup: PictureMover.lnk = C:\Program Files\PictureMover\Bin\PictureMover.exe
O4 - Global Startup: Clavier.lnk = C:\Program Files\WSTARTUP\Clavier\Clavier.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: IcoSauve.lnk = C:\Program Files\WSTARTUP\IcoSauve\IcoSauve.exe
O4 - Global Startup: Outil de mise � jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: TaskKiller.lnk = C:\Program Files\WSTARTUP\TaskKiller\TaskKiller.exe
O4 - Global Startup: WiziWYG XP Startup.lnk = C:\Program Files\Praxisoft\WiziWYG XP\WiziWYGXP.exe
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Consulter les dictionnaires (SYSTRAN) - res://C:\Program Files\SYSTRAN\6\\GUIres.dll/lookup.js
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Tout t�l�charger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Traduire (SYSTRAN) - res://C:\Program Files\SYSTRAN\6\\GUIres.dll/translate.js
O8 - Extra context menu item: T�l�charger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: T�l�charger la s�lection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: T�l�charger la vid�o avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
-1
Réponse 82 / 90
crapoulou Messages postés 42848 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 017
 
Télécharge Malwarebytes' Anti-Malware:
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm

- Sur la page cliques sur Télécharger Malwarebyte's Anti-Malware
- Enregistres le sur le bureau
- Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
- Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
- Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
- Une fois la mise à jour terminée, fermes Malwarebytes
- Redémarres en mode sans échec pour savoir comment au cas ou tu ne saurais pas regarde plus bas
- Une fois en mode sans échec tu double-cliques sur l'icône de malwarebytes
- Une fois ouvert rend-toi dans l'onglet, Recherche
- Sélectionnes Exécuter un examen complet
- Cliques sur Rechercher
- Le scan démarre.
- A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
- Cliques sur Ok pour poursuivre.
- Si des malwares ont été détectés, cliques sur Afficher les résultats
- Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
- Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
- Redémarre le PC
- Une fois redémarré en mode normal double-cliques sur malwarebytes
- Rends toi dans l'onglet rapport/log
- Tu cliques dessus pour l'afficher une fois affiché
- Tu cliques sur édition en haut du boc notes, et puis sur sélectionner tous
- Tu recliques sur édition et puis sur copier et tu reviens sur le forum et dans ta réponse
- Tu cliques droit dans le cadre de la réponse et coller

Si tu as besoin d'aide regarde ce tutorial :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

(attention : pas de connexion possible en mode sans échec, donc copies ou imprimes bien la manipe pour éviter les erreurs ...)
Pour redémarrer en mode sans échec :

Cliques sur Démarrer
. Cliques sur Arrêter
. Sélectionnes Redémarrer et au redémarrage
. Appuis sur la touche F8 sans discontinuer "1 appuis seconde" dès qu'un écran de texte apparaît puis disparaît
. Utilise les touches de direction pour sélectionner mode sans échec
. Puis appuis sur ENTRÉE
. Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre
une fois démarré ne t'inquiète pas si les couleurs et les icônes ne sont pas comme d'habitude.

-1
Réponse 83 / 90
Puic Messages postés 85 Statut Membre
 
Alors comme je ne peux pas faire les mises a jour (pas de connexion) je récupère la dernière version du prog et je fais le scan, en espérant que ce soit aussi efficace.
-1
Réponse 84 / 90
Puic Messages postés 85 Statut Membre
 
Bonne nouvelle, j'ai récupéré une connexion !!

Par contre le scan s'est effectué pendant la nuit mais n'étais toujours pas finis ce matin. Ceci est du à lightroom qui contient des tonnes de petits fichiers. Je l'ai donc stoppé car ça risquait de durer beaucoup trop longtemps. Seul souci, je n'arrive désormais plus à redémarrer en mode sans échec... (même avec safeboot.reg et safebootkey); J'en conclus donc qu'en voulant aller plus vite, j'ai fait une belle bourde.

Je recommence en mode normal en attendant

Encore merci !

Voici tout de même le log :

Malwarebytes' Anti-Malware 1.29
Version de la base de données: 1276
Windows 5.1.2600 Service Pack 2

22/10/2008 23:00:19
mbam-log-2008-10-22 (23-00-19).txt

Type de recherche: Examen rapide
Eléments examinés: 50341
Temps écoulé: 28 minute(s), 16 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 47

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Trojan.Agent) -> Delete on reboot.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Puic\Application Data\m (Trojan.Agent) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\drivers\downld\236375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\241203.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\254500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\257390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\268078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\274046.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\278343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\282609.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\285828.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\291750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\294156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\295500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\299453.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\301531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\301953.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\308906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\313750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\320375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\327359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\332484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\337531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\349859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\355484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\382093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\389406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\389421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\395578.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\399718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\404156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\409468.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\413562.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\415828.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\431562.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\444171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\449609.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\458328.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\459671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\468156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\474343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\520109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\534375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\547531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\578796.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\593609.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mdelk.exe (Trojan.Spammer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Puic\Application Data\m\flec006.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\srosa.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
-1

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 85 / 90
crapoulou Messages postés 42848 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 017
 
Pourquoi tu as laissé travailler lightroom ?
Si oui, cette fois ci ferme le et refais le scan complet !
Sinon, s'il est toujours aussi lent, refais un scan rapide avec mises à jour si ce n'était pas fait.
Je pars et je reviens que Dimanche soir, je vais voir si quelqu'un peut prendre la suite.
(quelqu'un de compétent, t'inquiète pas, encore plus que moi) ;-)
-1
Réponse 86 / 90
Puic Messages postés 85 Statut Membre
 
Merci de ton aide.

Je n'ai pas laisser tourner lightroom. C'est simplement que la base de donné de celui-ci est composé de milliers de petits fichiers. J'avasi coupé tout mes prog en cours.

Et j'ai à nouveau perdu ma connexion... Vu que je passe les fichiers du mac à mon pc, je me demande si je ne me réinfecte pas à chaque fois... Ya t il un risque pour le Mac ?
-1
Réponse 87 / 90
Puic Messages postés 85 Statut Membre
 
Voici les deux dernier rapports, je tourne en rond....

Malwarebytes' Anti-Malware 1.29
Version de la base de donnÈes: 1276
Windows 5.1.2600 Service Pack 2

22/10/2008 23:00:19
mbam-log-2008-10-22 (23-00-19).txt

Type de recherche: Examen rapide
ElÈments examinÈs: 50341
Temps ÈcoulÈ: 28 minute(s), 16 second(s)

Processus mÈmoire infectÈ(s): 0
Module(s) mÈmoire infectÈ(s): 0
ClÈ(s) du Registre infectÈe(s): 0
Valeur(s) du Registre infectÈe(s): 1
ElÈment(s) de donnÈes du Registre infectÈ(s): 0
Dossier(s) infectÈ(s): 2
Fichier(s) infectÈ(s): 47

Processus mÈmoire infectÈ(s):
(Aucun ÈlÈment nuisible dÈtectÈ)

Module(s) mÈmoire infectÈ(s):
(Aucun ÈlÈment nuisible dÈtectÈ)

ClÈ(s) du Registre infectÈe(s):
(Aucun ÈlÈment nuisible dÈtectÈ)

Valeur(s) du Registre infectÈe(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Trojan.Agent) -> Delete on reboot.

ElÈment(s) de donnÈes du Registre infectÈ(s):
(Aucun ÈlÈment nuisible dÈtectÈ)

Dossier(s) infectÈ(s):
C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Puic\Application Data\m (Trojan.Agent) -> Quarantined and deleted successfully.

Fichier(s) infectÈ(s):
C:\WINDOWS\system32\drivers\downld\236375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\241203.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\254500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\257390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\268078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\274046.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\278343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\282609.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\285828.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\291750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\294156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\295500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\299453.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\301531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\301953.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\308906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\313750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\320375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\327359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\332484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\337531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\349859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\355484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\382093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\389406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\389421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\395578.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\399718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\404156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\409468.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\413562.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\415828.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\431562.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\444171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\449609.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\458328.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\459671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\468156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\474343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\520109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\534375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\547531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\578796.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\593609.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mdelk.exe (Trojan.Spammer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Puic\Application Data\m\flec006.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\srosa.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.

----------------- FindyKill V4.095 ------------------

* User : Puic - PUICPC
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 22/10/08 par Chiquitine29
* Suppression effectuÈe ‡ 14:30:37 le 25/10/2008
* Windows XP - Internet Explorer 7.0.5730.13

((((((((((((((( *** Suppression *** ))))))))))))))))))

--------------- [ Processus actifs ] ----------------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe

--------------- [ Fichiers/Dossiers infectieux ] ----------------

ªªªª Suppression des fichiers dans C:

SupprimÈ ! - C:\InfoSat.txt

ªªªª Suppression des fichiers dans C:\WINDOWS

ªªªª Suppression des fichiers dans C:\WINDOWS\Prefetch

SupprimÈ ! - C:\WINDOWS\Prefetch\237671.EXE-34F9AEBE.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\HPQTOA~1.EXE-39311BAA.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\HPZIPM12.EXE-145E7369.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-28406D97.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-30E10AAE.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3AE50A58.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-47684F51.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\107703.EXE-344598D3.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\188093.EXE-03D7E2E2.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\203453.EXE-022B5D66.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\265453.EXE-07E3CD85.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\111234.EXE-0BE46218.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\135734.EXE-1F75F622.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\220734.EXE-1E7A1784.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\166265.EXE-1A3DBA06.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\202515.EXE-0364287C.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\243296.EXE-07876804.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\245906.EXE-00A601B6.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\255156.EXE-0CFA4A56.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\276906.EXE-23159730.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\FLEC006.EXE-03A34A81.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\219468.EXE-0FD64478.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\249468.EXE-0E7301AD.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\259968.EXE-013BAE4E.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\261218.EXE-364DC46A.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\190359.EXE-0A63D50E.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\210390.EXE-23BBDF33.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\219390.EXE-1FA1447D.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\UNINS000.EXE-15535578.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\WINTEMS.EXE-26D98C75.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\WINTEMS.EXE-2A563F9B.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\MDELK.EXE-1D176F91.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\MDELK.EXE-238AA5EF.pf
SupprimÈ ! - C:\WINDOWS\Prefetch\HLDRRR.EXE-061E05F4.pf

ªªªª Suppression des fichiers dans C:\WINDOWS\system32

ªªªª Suppression des fichiers dans C:\WINDOWS\system32\drivers

SupprimÈ ! - C:\WINDOWS\system32\drivers\winfilse.exe

ªªªª Suppression des fichiers dans C:\Documents and Settings\Puic\Application Data

ªªªª Suppression des fichiers dans C:\DOCUME~1\Puic\LOCALS~1\Temp

--------------- [ Registre / ClÈs infectieuses ] ----------------

SupprimÈ ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
SupprimÈ ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
SupprimÈ ! - HKEY_USERS\S-1-5-21-1078081533-1972579041-839522115-1003\Software\Local AppWizard-Generated Applications\winfilse

-> Certaines clÈs ont ÈtÈ supprimÈes au premier reboot ...

--------------- [ Etat / RedÈmarage des services ] ----------------

+- Mode sans echec restaurÈ !

+- Affichage des fichiers cachÈs rÈparÈ !

+- Services : [ Auto=2 Demande=3 DÈsactivÈ=4 ]

Ndisuio - Type de dÈmarrage = 2

Ip6Fw - Type de dÈmarrage = 2

SharedAccess - Type de dÈmarrage = 2

wuauserv - Type de dÈmarrage = 2

wscsvc - Type de dÈmarrage = 2

--------------- [ Nettoyage des supports amovibles ] ----------------

+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe

E: - Lecteur de CD-ROM

+- Suppression des fichiers :

Echec de la supression !! - E:\autorun.inf

--------------- [ Registre / Moutpoint2 ] ----------------

SupprimÈ ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d5c2d974-a215-11dd-977f-0014a5a57255}\Shell\AutoRun\command
SupprimÈ ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d5c2d974-a215-11dd-977f-0014a5a57255}\Shell\explore\Command
SupprimÈ ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d5c2d974-a215-11dd-977f-0014a5a57255}\Shell\open\Command

--------------- [ Recherche Cracks / Keygen ] ----------------

---------------- ! Fin du rapport ! ------------------

Sat Oct 25 14:32:24 2008
EliBagle v11.88 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 22 de Octubre del 2008)
----------------------------------------------
Lista de Acciones (por AcciÛn Directa):

Sat Oct 25 14:32:27 2008
EliBagle v11.88 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 22 de Octubre del 2008)
----------------------------------------------
Lista de Acciones (por ExploraciÛn):
Explorando Unidad C:\

N∫ Total de Directorios: 1725
N∫ Total de Ficheros: 6503
N∫ de Ficheros Analizados: 290
N∫ de Ficheros Infectados: 0
N∫ de Ficheros Limpiados: 0
ExploraciÛn Detenida por el Usuario.

Sat Oct 25 14:33:31 2008
EliBagle v11.89 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 23 de Octubre del 2008)
----------------------------------------------
Lista de Acciones (por AcciÛn Directa):

Sat Oct 25 14:33:32 2008
EliBagle v11.89 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 23 de Octubre del 2008)
----------------------------------------------
Lista de Acciones (por ExploraciÛn):
Explorando Unidad C:\

N∫ Total de Directorios: 8313
N∫ Total de Ficheros: 89393
N∫ de Ficheros Analizados: 13681
N∫ de Ficheros Infectados: 0
N∫ de Ficheros Limpiados: 0
-1
Réponse 88 / 90
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
Salut,

Refais un scan ComboFix.
-1
Réponse 89 / 90
Puic Messages postés 85 Statut Membre
 
Le voici

ComboFix 08-10-22.05 - Puic 2008-10-25 17:08:31.3 - NTFSx86 MINIMAL
LancÈ depuis: C:\Documents and Settings\Puic\Bureau\Combo-Fix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\InfoSat.txt

.
((((((((((((((((((((((((((((( Fichiers crÈÈs du 2008-09-25 au 2008-10-25 ))))))))))))))))))))))))))))))))))))
.

2008-10-25 01:32 . 2008-10-25 01:32 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-25 01:32 . 2008-10-22 16:10 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-25 01:32 . 2008-10-22 16:10 15,504 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-24 23:51 . 2008-10-24 23:51 <REP> d-------- C:\Program Files\Trend Micro
2008-10-24 00:19 . 2008-10-24 00:19 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-10-23 23:03 . 2008-10-25 14:30 <REP> d-------- C:\Program Files\FindyKill
2008-10-23 21:39 . 2008-10-23 21:52 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Thunderbird
2008-10-23 21:31 . 2008-10-23 21:31 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Talkback
2008-10-23 21:30 . 2008-10-23 21:30 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Thunderbird
2008-10-23 21:17 . 2008-10-23 21:17 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2008-10-23 21:12 . 2004-08-19 18:09 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-10-23 21:09 . 2008-05-08 23:55 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage rÈseau
2008-10-23 21:09 . 2008-05-08 23:55 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-10-23 21:09 . 2008-05-08 22:05 <REP> d--h----- C:\Documents and Settings\Administrateur\ModËles
2008-10-23 21:09 . 2008-10-23 21:31 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
2008-10-23 21:09 . 2008-05-08 23:55 <REP> dr------- C:\Documents and Settings\Administrateur\Menu DÈmarrer
2008-10-23 21:09 . 2008-10-23 21:12 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-10-23 21:09 . 2008-05-08 23:55 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-10-23 21:09 . 2008-10-23 22:03 <REP> d-------- C:\Documents and Settings\Administrateur
2008-10-23 19:57 . 2008-10-23 19:57 250 --a------ C:\WINDOWS\gmer.ini
2008-10-23 11:54 . 2004-08-19 16:09 116,736 --a--c--- C:\WINDOWS\system32\dllcache\xrxwiadr.dll
2008-10-23 11:54 . 2001-08-23 17:47 27,648 --a--c--- C:\WINDOWS\system32\dllcache\xrxftplt.exe
2008-10-23 11:54 . 2001-08-23 17:47 23,040 --a--c--- C:\WINDOWS\system32\dllcache\xrxwbtmp.dll
2008-10-23 11:54 . 2001-08-23 17:47 17,408 --a--c--- C:\WINDOWS\system32\dllcache\xrxscnui.dll
2008-10-23 11:54 . 2001-08-23 17:47 4,608 --a--c--- C:\WINDOWS\system32\dllcache\xrxflnch.exe
2008-10-23 11:53 . 2001-08-17 21:28 771,581 --a--c--- C:\WINDOWS\system32\dllcache\winacisa.sys
2008-10-23 11:53 . 2004-08-03 22:31 154,624 --a--c--- C:\WINDOWS\system32\dllcache\wlluc48.sys
2008-10-23 11:53 . 2001-08-23 17:47 99,865 --a--c--- C:\WINDOWS\system32\dllcache\xlog.exe
2008-10-23 11:53 . 2001-08-23 17:47 54,272 --a--c--- C:\WINDOWS\system32\dllcache\wiamsmud.dll
2008-10-23 11:53 . 2001-08-23 17:05 35,402 --a--c--- C:\WINDOWS\system32\dllcache\wlandrv2.sys
2008-10-23 11:53 . 2004-08-03 22:29 19,455 --a--c--- C:\WINDOWS\system32\dllcache\wvchntxx.sys
2008-10-23 11:53 . 2001-08-17 20:11 16,970 --a--c--- C:\WINDOWS\system32\dllcache\xem336n5.sys
2008-10-23 11:53 . 2004-08-03 22:29 12,063 --a--c--- C:\WINDOWS\system32\dllcache\wsiintxx.sys
2008-10-23 11:53 . 2004-08-19 16:09 8,192 --a--c--- C:\WINDOWS\system32\dllcache\wshirda.dll
2008-10-23 11:51 . 2001-08-17 21:28 794,654 --a--c--- C:\WINDOWS\system32\dllcache\usr1801.sys
2008-10-23 11:50 . 2001-08-23 17:47 525,568 --a--c--- C:\WINDOWS\system32\dllcache\tridxp.dll
2008-10-23 11:49 . 2001-08-17 22:01 241,664 --a--c--- C:\WINDOWS\system32\dllcache\tosdvd02.sys
2008-10-23 11:48 . 2001-08-23 16:57 286,848 --a--c--- C:\WINDOWS\system32\dllcache\stlnata.sys
2008-10-23 11:47 . 2001-08-23 17:47 114,688 --a--c--- C:\WINDOWS\system32\dllcache\sonypi.dll
2008-10-23 11:47 . 2001-08-23 17:47 106,584 --a--c--- C:\WINDOWS\system32\dllcache\spdports.dll
2008-10-23 11:47 . 2001-08-23 17:47 99,840 --a--c--- C:\WINDOWS\system32\dllcache\srusd.dll
2008-10-23 11:47 . 2001-08-17 21:51 61,824 --a--c--- C:\WINDOWS\system32\dllcache\speed.sys
2008-10-23 11:47 . 2001-08-17 20:11 48,736 --a--c--- C:\WINDOWS\system32\dllcache\srwlnd5.sys
2008-10-23 11:47 . 2001-08-17 20:51 37,040 --a--c--- C:\WINDOWS\system32\dllcache\sonypi.sys
2008-10-23 11:47 . 2001-08-23 17:47 24,660 --a--c--- C:\WINDOWS\system32\dllcache\spxupchk.dll
2008-10-23 11:47 . 2001-08-17 20:51 20,752 --a--c--- C:\WINDOWS\system32\dllcache\sonync.sys
2008-10-23 11:47 . 2001-08-17 22:07 19,072 --a--c--- C:\WINDOWS\system32\dllcache\sparrow.sys
2008-10-23 11:47 . 2001-08-23 16:57 17,024 --a--c--- C:\WINDOWS\system32\dllcache\stcusb.sys
2008-10-23 11:47 . 2001-08-17 21:53 9,600 --a--c--- C:\WINDOWS\system32\dllcache\sonymc.sys
2008-10-23 11:47 . 2004-08-03 23:00 7,552 --a--c--- C:\WINDOWS\system32\dllcache\sonyait.sys
2008-10-23 11:47 . 2001-08-17 21:53 7,040 --a--c--- C:\WINDOWS\system32\dllcache\snyaitmc.sys
2008-10-23 11:45 . 2004-08-19 16:09 286,792 --a--c--- C:\WINDOWS\system32\dllcache\slextspk.dll
2008-10-23 11:44 . 2001-08-23 17:46 386,560 --a--c--- C:\WINDOWS\system32\dllcache\sgiul50.dll
2008-10-23 11:44 . 2001-08-23 17:21 161,664 --a--c--- C:\WINDOWS\system32\dllcache\sgsmusb.sys
2008-10-23 11:44 . 2001-08-17 20:51 98,080 --a--c--- C:\WINDOWS\system32\dllcache\sgiulnt5.sys
2008-10-23 11:44 . 2001-08-17 20:19 36,480 --a--c--- C:\WINDOWS\system32\dllcache\sfmanm.sys
2008-10-23 11:44 . 2001-08-23 17:20 18,432 --a--c--- C:\WINDOWS\system32\dllcache\sermouse.sys
2008-10-23 11:44 . 2001-07-21 22:29 18,400 --a--c--- C:\WINDOWS\system32\dllcache\sgsmld.sys
2008-10-23 11:44 . 2001-08-23 17:20 17,536 --a--c--- C:\WINDOWS\system32\dllcache\scr111.sys
2008-10-23 11:44 . 2001-08-17 21:52 11,648 --a--c--- C:\WINDOWS\system32\dllcache\scsiprnt.sys
2008-10-23 11:44 . 2001-08-17 21:53 10,880 --a--c--- C:\WINDOWS\system32\dllcache\scsiscan.sys
2008-10-23 11:44 . 2001-08-23 17:20 6,912 --a--c--- C:\WINDOWS\system32\dllcache\serscan.sys
2008-10-23 11:44 . 2001-08-17 21:53 6,912 --a--c--- C:\WINDOWS\system32\dllcache\seaddsmc.sys
2008-10-23 11:42 . 2004-08-19 16:09 397,056 --a--c--- C:\WINDOWS\system32\dllcache\s3gnb.dll
2008-10-23 11:41 . 2001-08-23 17:18 899,914 --a--c--- C:\WINDOWS\system32\dllcache\r2mdkxga.sys
2008-10-23 11:40 . 2004-08-19 16:08 259,328 --a--c--- C:\WINDOWS\system32\dllcache\perm3dd.dll
2008-10-23 11:39 . 2001-08-17 22:05 351,616 --a--c--- C:\WINDOWS\system32\dllcache\ovcodek2.sys
2008-10-23 11:38 . 2004-08-19 16:09 4,274,816 --a--c--- C:\WINDOWS\system32\dllcache\nv4_disp.dll
2008-10-23 11:37 . 2004-08-19 16:03 132,695 --a--c--- C:\WINDOWS\system32\dllcache\netwlan5.sys
2008-10-23 11:37 . 2001-08-17 20:20 126,080 --a--c--- C:\WINDOWS\system32\dllcache\nm5a2wdm.sys
2008-10-23 11:37 . 2001-08-23 17:46 91,488 --a--c--- C:\WINDOWS\system32\dllcache\n9i3disp.dll
2008-10-23 11:37 . 2001-08-17 20:20 87,040 --a--c--- C:\WINDOWS\system32\dllcache\nm6wdm.sys
2008-10-23 11:37 . 2001-08-23 17:10 66,302 --a--c--- C:\WINDOWS\system32\dllcache\netflx3.sys
2008-10-23 11:37 . 2001-08-23 17:46 60,480 --a--c--- C:\WINDOWS\system32\dllcache\neo20xx.dll
2008-10-23 11:37 . 2001-08-17 20:50 39,264 --a--c--- C:\WINDOWS\system32\dllcache\neo20xx.sys
2008-10-23 11:37 . 2001-08-17 20:12 32,840 --a--c--- C:\WINDOWS\system32\dllcache\ngrpci.sys
2008-10-23 11:37 . 2004-08-03 23:00 28,672 --a--c--- C:\WINDOWS\system32\dllcache\nscirda.sys
2008-10-23 11:37 . 2001-08-17 21:49 15,872 --a--c--- C:\WINDOWS\system32\dllcache\ne2000.sys
2008-10-23 11:37 . 2001-08-23 17:11 9,472 --a--c--- C:\WINDOWS\system32\dllcache\ntapm.sys
2008-10-23 11:37 . 2001-08-17 21:53 7,552 --a--c--- C:\WINDOWS\system32\dllcache\nsmmc.sys
2008-10-23 11:35 . 2004-08-03 23:10 51,328 --a--c--- C:\WINDOWS\system32\dllcache\msdv.sys
2008-10-23 11:35 . 2004-08-03 23:10 49,024 --a--c--- C:\WINDOWS\system32\dllcache\mstape.sys
2008-10-23 11:35 . 2001-08-17 22:02 35,200 --a--c--- C:\WINDOWS\system32\dllcache\msgame.sys
2008-10-23 11:35 . 2004-08-03 23:00 22,016 --a--c--- C:\WINDOWS\system32\dllcache\msircomm.sys
2008-10-23 11:35 . 2001-08-17 21:52 17,280 --a--c--- C:\WINDOWS\system32\dllcache\mraid35x.sys
2008-10-23 11:35 . 2001-08-17 21:48 12,416 --a--c--- C:\WINDOWS\system32\dllcache\msriffwv.sys
2008-10-23 11:35 . 2001-08-17 21:48 6,016 --a--c--- C:\WINDOWS\system32\dllcache\msfsio.sys
2008-10-23 11:35 . 2001-08-17 22:00 2,944 --a--c--- C:\WINDOWS\system32\dllcache\msmpu401.sys
2008-10-23 11:34 . 2001-08-23 17:03 320,384 --a--c--- C:\WINDOWS\system32\dllcache\mgaum.sys
2008-10-23 11:34 . 2001-08-23 17:46 235,648 --a--c--- C:\WINDOWS\system32\dllcache\mgaud.dll
2008-10-23 11:34 . 2001-08-23 17:02 165,066 --a--c--- C:\WINDOWS\system32\dllcache\mdgndis5.sys
2008-10-23 11:34 . 2001-08-23 17:47 47,616 --a--c--- C:\WINDOWS\system32\dllcache\memgrp.dll
2008-10-23 11:34 . 2004-08-03 23:00 26,112 --a--c--- C:\WINDOWS\system32\dllcache\memstpci.sys
2008-10-23 11:34 . 2001-08-17 21:57 16,128 --a--c--- C:\WINDOWS\system32\dllcache\modemcsa.sys
2008-10-23 11:34 . 2001-08-17 21:58 8,320 --a--c--- C:\WINDOWS\system32\dllcache\memcard.sys
2008-10-23 11:34 . 2001-08-17 21:52 7,424 --a--c--- C:\WINDOWS\system32\dllcache\mammoth.sys
2008-10-23 11:34 . 2001-08-17 21:52 6,528 --a--c--- C:\WINDOWS\system32\dllcache\miniqic.sys
2008-10-23 11:32 . 2001-08-23 17:47 242,688 --a--c--- C:\WINDOWS\system32\dllcache\kdsusd.dll
2008-10-23 11:32 . 2001-08-23 17:47 46,080 --a--c--- C:\WINDOWS\system32\dllcache\kdsui.dll
2008-10-23 11:32 . 2001-08-23 17:47 37,888 --a--c--- C:\WINDOWS\system32\dllcache\kousd.dll
2008-10-23 11:32 . 2001-08-17 20:12 19,016 --a--c--- C:\WINDOWS\system32\dllcache\ktc111.sys
2008-10-23 11:32 . 2001-08-23 17:47 8,704 --a--c--- C:\WINDOWS\system32\dllcache\kbdjpn.dll
2008-10-23 11:32 . 2001-08-23 17:47 8,192 --a--c--- C:\WINDOWS\system32\dllcache\kbdkor.dll
2008-10-23 11:32 . 2001-08-17 22:55 6,144 --a--c--- C:\WINDOWS\system32\dllcache\kbd106.dll
2008-10-23 11:32 . 2001-08-17 22:55 6,144 --a--c--- C:\WINDOWS\system32\dllcache\kbd101c.dll
2008-10-23 11:32 . 2001-08-17 22:55 6,144 --a--c--- C:\WINDOWS\system32\dllcache\kbd101b.dll
2008-10-23 11:32 . 2001-08-17 22:55 5,632 --a--c--- C:\WINDOWS\system32\dllcache\kbd103.dll
2008-10-23 11:30 . 2004-08-19 16:09 702,845 --a--c--- C:\WINDOWS\system32\dllcache\i81xdnt5.dll
2008-10-23 11:29 . 2004-08-03 22:41 1,041,536 --a--c--- C:\WINDOWS\system32\dllcache\hsfdpsp2.sys
2008-10-23 11:28 . 2001-08-23 17:47 324,608 --a--c--- C:\WINDOWS\system32\dllcache\hpojwia.dll
2008-10-23 11:27 . 2001-08-23 17:46 1,733,120 --a--c--- C:\WINDOWS\system32\dllcache\g400d.dll
2008-10-23 11:26 . 2001-08-17 20:15 455,680 --a--c--- C:\WINDOWS\system32\dllcache\fus2base.sys
2008-10-23 11:26 . 2001-08-17 20:15 455,296 --a--c--- C:\WINDOWS\system32\dllcache\fusbbase.sys
2008-10-23 11:26 . 2001-08-17 20:14 444,416 --a--c--- C:\WINDOWS\system32\dllcache\fpcibase.sys
2008-10-23 11:26 . 2001-08-17 20:15 442,240 --a--c--- C:\WINDOWS\system32\dllcache\fpnpbase.sys
2008-10-23 11:26 . 2001-08-17 20:14 441,728 --a--c--- C:\WINDOWS\system32\dllcache\fpcmbase.sys
2008-10-23 11:26 . 2001-08-23 17:47 92,672 --a--c--- C:\WINDOWS\system32\dllcache\fuusd.dll
2008-10-23 11:26 . 2001-08-23 17:47 72,192 --a--c--- C:\WINDOWS\system32\dllcache\fnfilter.dll
2008-10-23 11:26 . 2004-08-03 22:31 34,173 --a--c--- C:\WINDOWS\system32\dllcache\forehe.sys
2008-10-23 11:26 . 2001-08-17 20:13 27,165 --a--c--- C:\WINDOWS\system32\dllcache\fetnd5.sys
2008-10-23 11:26 . 2001-08-17 20:12 24,618 --a--c--- C:\WINDOWS\system32\dllcache\fa410nd5.sys
2008-10-23 11:26 . 2001-08-17 20:10 22,090 --a--c--- C:\WINDOWS\system32\dllcache\fem556n5.sys
2008-10-23 11:24 . 2001-08-23 17:16 630,016 --a--c--- C:\WINDOWS\system32\dllcache\eqn.sys
2008-10-23 11:23 . 2001-08-23 17:13 634,166 --a--c--- C:\WINDOWS\system32\dllcache\el656ct5.sys
2008-10-23 11:22 . 2001-08-17 20:14 952,007 --a--c--- C:\WINDOWS\system32\dllcache\diwan.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-25 12:58 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-10-25 12:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-10-25 12:11 --------- d-----w C:\Documents and Settings\Puic\Application Data\Free Download Manager
2008-10-25 10:00 --------- d-----w C:\Documents and Settings\Puic\Application Data\SiteAdvisor
2008-10-24 19:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-10-22 18:33 --------- d-----w C:\Program Files\a-squared Free
2008-10-22 12:40 --------- d-----w C:\Documents and Settings\Puic\Application Data\uTorrent
2008-10-22 12:35 --------- d-----w C:\Documents and Settings\Puic\Application Data\FileZilla
2008-10-10 18:39 577,024 ----a-w C:\WINDOWS\Internet Logs\xDB7.tmp
2008-10-10 00:08 63,488 ----a-w C:\WINDOWS\Internet Logs\xDB6.tmp
2008-10-07 22:15 165,888 ----a-w C:\WINDOWS\Internet Logs\xDB5.tmp
2008-10-02 07:39 64,000 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp
2008-10-02 07:39 1,332,224 ----a-w C:\WINDOWS\Internet Logs\xDB4.tmp
2008-09-30 18:20 96,256 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp
2008-09-29 22:26 152,064 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
2008-09-24 21:18 --------- d-----w C:\Program Files\Audacity
2008-09-20 09:15 --------- d-----w C:\Documents and Settings\Puic\Application Data\Samsung
2008-09-20 08:54 --------- d-----w C:\Program Files\Free Download Manager
2008-09-20 08:52 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-20 08:52 --------- d-----w C:\Program Files\Samsung
2008-09-18 18:06 --------- d-----w C:\Program Files\Lavasoft
2008-09-18 18:04 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-09-17 23:10 --------- d-----w C:\Program Files\PictureMover
2008-09-17 23:10 --------- d-----w C:\Documents and Settings\Puic\Application Data\PictureMover
2008-09-17 23:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\PictureMover
2008-09-17 14:42 --------- d-----w C:\Program Files\Eurobarre
2008-09-13 19:43 --------- d-----w C:\Program Files\uTorrent
2008-09-13 10:25 --------- d-----w C:\Program Files\Siber Systems
2008-09-13 10:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\RoboForm
2008-09-07 09:18 --------- d-----w C:\Program Files\Visicom Media
2008-09-05 13:42 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-09-05 11:13 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-09-05 11:09 --------- d-----w C:\Program Files\Namo
2008-09-05 08:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-04 22:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-09-04 21:38 --------- d-----w C:\Documents and Settings\Puic\Application Data\KompoZer
2008-09-04 19:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-09-04 19:47 --------- d-----w C:\Program Files\Bonjour
2008-09-03 18:49 --------- d-----w C:\Documents and Settings\Puic\Application Data\Image Zone Express
2008-08-31 22:08 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-08-25 13:33 --------- d-----w C:\Program Files\EasyPHP 2.0b1
2008-08-25 13:32 --------- d-----w C:\Program Files\Panda Security
2008-06-09 13:08 15,397 ----a-w C:\Program Files\settings.dat
2008-05-08 20:16 16,384 --sha-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
2008-05-08 20:16 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
2008-05-08 20:16 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008050820080509\index.dat
2008-05-08 20:16 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.

------- Sigcheck -------

2007-11-26 19:14 2222080 7b069231b2a5c6bbb0452bc7a96aaf23 C:\WINDOWS\explorer.exe
2008-04-14 04:34 1037824 f2317622d29f9ff0f88aeecd5f60f0dd C:\WINDOWS\SoftwareDistribution\Download\23ec66f2314a80d718b5483ab6e865af\explorer.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ÈlÈments vides & les ÈlÈments initiaux lÈgitimes ne sont pas listÈs
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 153136]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-10-25 851976]
"Free Download Manager"="C:\Program Files\Free Download Manager\fdm.exe" [2008-05-20 2474031]
"RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2008-09-13 160592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-10-25 851976]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 827392]
"QlbCtrl.exe"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-10-19 202032]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2004-03-27 851976]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-12-13 507904]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-12-01 344064]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-10-25 919016]
"Mouse Suite 98 Daemon"="ICO.EXE" [2004-07-14 C:\WINDOWS\system32\ICO.EXE]

C:\Documents and Settings\Puic\Menu DÇmarrer\Programmes\DÇmarrage\
PictureMover.lnk - C:\Program Files\PictureMover\Bin\PictureMover.exe [2008-08-13 413696]

C:\Documents and Settings\All Users\Menu DÇmarrer\Programmes\DÇmarrage\
Clavier.lnk - C:\Program Files\WSTARTUP\Clavier\Clavier.exe [2008-05-08 211456]
HP Digital Imaging Monitor.lnk - C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe [2005-05-11 282624]
IcoSauve.lnk - C:\Program Files\WSTARTUP\IcoSauve\IcoSauve.exe [2008-05-08 119296]
Outil de mise Ö jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-05-12 124400]
TaskKiller.lnk - C:\Program Files\WSTARTUP\TaskKiller\TaskKiller.exe [2008-05-08 225792]
WiziWYG XP Startup.lnk - C:\Program Files\Praxisoft\WiziWYG XP\WiziWYGXP.exe [2008-05-12 6029369]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"ForceClassicControlPanel"= 1 (0x1)
"NoSimpleStartMenu"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 0 (0x0)
"LockTaskbar"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoResolveSearch"= 0 (0x0)
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMFUprogramsList"= 0 (0x0)
"NoUserNameInStartMenu"= 0 (0x0)
"MaxRecentDocs"= 15 (0xf)
"NoInstrumentation"= 0 (0x0)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"DisallowCpl"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=

S2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [ ]
S3 HSFHWATI;HSFHWATI;C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys [2005-08-22 231424]
S3 USB28xxBGA;Cinergy Hybrid T USB XS;C:\WINDOWS\system32\DRIVERS\emBDA.sys [2006-02-06 217088]
S3 USB28xxOEM;Cinergy T USB XS Custom Filter;C:\WINDOWS\system32\DRIVERS\emOEM.sys [2006-02-06 17792]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4ff2ddc7-a13e-11dd-977c-0014a5a57255}]
\Shell\AutoRun\command - G:\nideiect.com
\Shell\explore\Command - G:\nideiect.com
\Shell\open\Command - G:\nideiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d5c2d974-a215-11dd-977f-0014a5a57255}]
\Shell\AutoRun\command - G:\nideiect.com
\Shell\explore\Command - G:\nideiect.com
\Shell\open\Command - G:\nideiect.com
.
- - - - ORPHELINS SUPPRIMES - - - -

SafeBoot-sglfb.sys
SafeBoot-tga.sys
SafeBoot-wd.sys
SafeBoot-sacsvr

.
------- Examen supplÈmentaire -------
.
FireFox -: Profile - C:\Documents and Settings\Puic\Application Data\Mozilla\Firefox\Profiles\qhgcsaik.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.ecofree.net/
FF -: plugin - C:\Documents and Settings\Puic\Application Data\Mozilla\Firefox\Profiles\qhgcsaik.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF -: plugin - C:\Program Files\Google\Google Updater\2.2.1202.1501\npCIDetect11.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-25 17:11:19
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachÈs ...

Recherche d'ÈlÈments en dÈmarrage automatique cachÈs ...

Recherche de fichiers cachÈs ...

**************************************************************************
.
Heure de fin: 2008-10-25 17:14:51
ComboFix-quarantined-files.txt 2008-10-25 15:13:46
ComboFix2.txt 2008-10-23 17:55:07

Avant-CF: 5†752†209†408 octets libres
AprËs-CF: 5,740,404,736 octets libres

305 --- E O F --- 2008-10-25 12:35:16
-1
Réponse 90 / 90
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
/!\ Seul Puic peut suivre cette procédure /!\

1/

---> Clique sur Démarrer, Exécuter, tape notepad clique sur OK.

---> Copie le texte ci-dessous par sélection puis Ctrl+C :

KillAll::

File::
C:\WINDOWS\system32\mdelk.exe
C:\WINDOWS\system32\wintems.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\drivers\winfilse.exe

Folder::
C:\WINDOWS\system32\drivers\downld
C:\Documents and Settings\Puic\Application Data\m

---> Colle la sélection dans le bloc-notes

---> Enregistre ce fichier sur le bureau (Impératif)

---> Nom du fichier : CFScript
---> Type du fichier : tous les fichiers
---> Clique sur Enregistrer
---> Quitte le bloc-notes

2/

---> Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :
http://www.searchengines.pl/phpbb203/pliki/picasso/virus/programs/combofix/combofix_cfscript.gif

[*] Une fenêtre bleue va apparaître : au message qui apparaît, tu acceptes.

[*] Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal !
Ne touche à rien tant que le scan n'est pas terminé.

[*] Une fois le scan achevé, un rapport va s'afficher : poste-le

[*] Si le fichier ne s'ouvre pas, il se trouve ici C:\ComboFix.txt
-1