Spybot détecte Virtumonde.prx+ FirewallBypass

CelebrenIthil Messages postés 13 Date d'inscription   Statut Membre Dernière intervention   -  
CelebrenIthil Messages postés 13 Date d'inscription   Statut Membre Dernière intervention   -
Bonjour!
J'ai des fenêtres indésirables qui s'ouvrent sur Internet Explorer, notamment des publicités pour le fameux "Registry Cleaner" à tout bout de champ. De plus, explorer a aussi essayé d'ouvrir des fenêtres vides en boucle sans jamais s'arrêter.
Bref, j'ai attrappé une cochonnerie.
J'ai fait un scan AVG et Spybot: le second m'a trouvé Virtumonde.prx (Vundo arrggh) et microsoft.windowssecuritycenter.firewallbypass.

(Selon le log de Spybot S&D: )
Microsoft.WindowsSecurityCenter.FirewallBypass: [SBI $21695B76] Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\WINDOWS\explorer.exe

Virtumonde.prx: [SBI $3F9F40D4] Autorun settings (BM93a13760) (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BM93a13760


Je lui ai demandé de réparer ces problèmes mais il n'a pas réussi (pour Vundo ça me surprend pas trop...) je vous demande donc votre aide.

Voici mon log HiJackThis:

Logfile of HijackThis v1.99.1
Scan saved at 10:12:24, on 2008-11-20
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Wintab32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\Acecad\Wtxpload.exe
C:\WINDOWS\system32\ZPOINT32.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\WINDOWS\Acecad\xpoint32.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Belkin\F5D7000v8\Belkinwcui.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Xfire\xfire.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Belkin\F5D7000v8\jswpsapi.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Desktop\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Documents and Settings\Owner\Desktop\Utilitaires Internet\BitComet\tools\BitCometBHO_1.1.8.30.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Name of App] C:\Program Files\Utilitaires Window\SAMSUNG\FW LiveUpdate\FWManager.exe r
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Acecad.Wtxpload] C:\WINDOWS\Acecad\Wtxpload.exe Acecad
O4 - HKLM\..\Run: [ZPOINT32] C:\WINDOWS\system32\ZPOINT32.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BM93a13760] Rundll32.exe "C:\WINDOWS\system32\dyqpyjkn.dll",s
O4 - HKLM\..\Run: [CPM93a13760] Rundll32.exe "C:\WINDOWS\system32\wosarako.dll",a
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [PlayNC Launcher] C:\program files\games\nclauncher\NCLauncher.exe /Minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Belkin Wireless G PCI Adapter Utility.lnk = C:\Program Files\Belkin\F5D7000v8\Belkinwcui.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Documents and Settings\Owner\Desktop\Utilitaires Internet\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Documents and Settings\Owner\Desktop\Utilitaires Internet\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Documents and Settings\Owner\Desktop\Utilitaires Internet\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Documents and Settings\Owner\Desktop\Utilitaires Internet\BitComet\tools\BitCometBHO_1.1.8.30.dll (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Owner\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.ncix.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} (Disney Online Games ActiveX Control) - https://pirates.disney.com/
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: wbsys.dll avgrsstx.dll C:\WINDOWS\system32\dayevino.dll c:\windows\system32\wosarako.dll
O20 - Winlogon Notify: WB - C:\Program Files\AlienGUIse\fastload.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Belkin\F5D7000v8\jswpsapi.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NexTab (Wintab32) - Unknown owner - C:\WINDOWS\system32\Wintab32.exe
O23 - Service: WMP54Gv4SVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe (file missing)

Voilà merci beaucoup d'avance!

14 réponses

Réponse 1 / 14
verni29 Messages postés 6699 Date d'inscription   Statut Contributeur sécurité Dernière intervention   180
 
Bonjour,

La version de Hijackthis utilisée est obsolète.
Supprime le fichier présent sur ton bureau.

Puis, télécharge et installe HijackThis .
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

Choisir « Download Hijackthis Installer »

Vas dans le répertoire d'installation d'Hijackthis.

C:\Program Files\Trend Micro\HijackThis\

Renomme Hijackthis.exe en monHJK.exe ( click droit --> renommer )
Double clique après sur cet executable et choisis l'option Do a system scan and save a logfile.
Tu postes alors le rapport Hijackthis.

A+
0
Réponse 2 / 14
totobetourne Messages postés 5592 Date d'inscription   Statut Membre Dernière intervention   65
 
passe cet outil , tres pratique en ce moment sur plein d infection dont vundo.garde le.

passe cet antimalware, fait comme indique
Telecharges malwaresbytes antimalwares(MBAM) : egalement tres util sur pb de pub mais pas tous malheureusement

Malwarebytes Anti-Malware: http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Tutoriel Malwarebytes Anti-Malware: https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm
fais comme indique,mise a jour , scan complet en mode sans echec et les rapports.

garde le et lance un scan tout les mois comme indique.

si tu as ad aware tu peux desinstalle car il ne reconnait plus grand chose.
0
Réponse 3 / 14
nirvana95 Messages postés 285 Date d'inscription   Statut Membre Dernière intervention   9
 
Go télécharger la version d'éssai de kaspersky ^^ https://boutique.kaspersky.fr/cameleon.html?N=343&page=1&typnews=Google_KLF_KAV_Brand&snf=966&gclid=CMPhyLaKhJcCFRjIXgodpGLcYQ
0
Réponse 4 / 14
totobetourne Messages postés 5592 Date d'inscription   Statut Membre Dernière intervention   65
 
nirvana resoud tout avec kaspersky.

tgu vas faire tout les topics et nous parlez de kaspersky encore longtemps.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 14
CelebrenIthil Messages postés 13 Date d'inscription   Statut Membre Dernière intervention  
 
Ok j'ai réinstallé un nouveau HiJackThis voici le log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:01:02, on 2008-11-20
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Wintab32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\Acecad\Wtxpload.exe
C:\WINDOWS\system32\ZPOINT32.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\WINDOWS\Acecad\xpoint32.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Belkin\F5D7000v8\Belkinwcui.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Xfire\xfire.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Belkin\F5D7000v8\jswpsapi.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\monHJK.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Documents and Settings\Owner\Desktop\Utilitaires Internet\BitComet\tools\BitCometBHO_1.1.8.30.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Name of App] C:\Program Files\Utilitaires Window\SAMSUNG\FW LiveUpdate\FWManager.exe r
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Acecad.Wtxpload] C:\WINDOWS\Acecad\Wtxpload.exe Acecad
O4 - HKLM\..\Run: [ZPOINT32] C:\WINDOWS\system32\ZPOINT32.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BM93a13760] Rundll32.exe "C:\WINDOWS\system32\dyqpyjkn.dll",s
O4 - HKLM\..\Run: [CPM93a13760] Rundll32.exe "c:\windows\system32\muvapevi.dll",a
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [PlayNC Launcher] C:\program files\games\nclauncher\NCLauncher.exe /Minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Belkin Wireless G PCI Adapter Utility.lnk = C:\Program Files\Belkin\F5D7000v8\Belkinwcui.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Documents and Settings\Owner\Desktop\Utilitaires Internet\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Documents and Settings\Owner\Desktop\Utilitaires Internet\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Documents and Settings\Owner\Desktop\Utilitaires Internet\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Documents and Settings\Owner\Desktop\Utilitaires Internet\BitComet\tools\BitCometBHO_1.1.8.30.dll (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Owner\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.ncix.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} (Disney Online Games ActiveX Control) - https://pirates.disney.com/
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: wbsys.dll avgrsstx.dll C:\WINDOWS\system32\dayevino.dll c:\windows\system32\muvapevi.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\muvapevi.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\muvapevi.dll
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Belkin\F5D7000v8\jswpsapi.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NexTab (Wintab32) - Unknown owner - C:\WINDOWS\system32\Wintab32.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
0
Réponse 6 / 14
verni29 Messages postés 6699 Date d'inscription   Statut Contributeur sécurité Dernière intervention   180
 
Oui, passe Malwarebytes comme indiqué.
poste le rapport, ensuite.

A+
0
Réponse 7 / 14
CelebrenIthil Messages postés 13 Date d'inscription   Statut Membre Dernière intervention  
 
Ok, j'ai passé un scan MalwareBytes en mode sans échec suivant les instructions du site que tu m'a donné.
Voilà ce que ça a donné:

Malwarebytes' Anti-Malware 1.30
Database version: 1414
Windows 5.1.2600 Service Pack 3

2008-11-20 22:59:25
mbam-log-2008-11-20 (22-59-23).txt

Scan type: Full Scan (C:\|)
Objects scanned: 272844
Time elapsed: 3 hour(s), 38 minute(s), 43 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a26f07f-0d60-4835-91cf-1e1766a0ec56} (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b3addb7b-3df5-4672-82dd-775fff180134} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Adware.PlayMP3Z) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bm93a13760 (Trojan.Agent) -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\System Volume Information\_restore{09E887B9-C4DB-4AEC-8622-19899180E5DB}\RP311\A0120410.exe (Trojan.Horst) -> No action taken.
C:\WINDOWS\BM93a13760.txt (Trojan.Vundo) -> No action taken.
C:\Program Files\setup.exe (Rogue.Installer) -> No action taken.


________________

Donc voilà, je lui ai ensuite demandé d'essayer de les healer, puis ai repassé un autre scan (de 3 heures chacun XD). Finalement, il n'a plus rien détecté.

J'ai ensuite passé un scan par Spybot pour m'assurer que tout était parti mais malheureusement il détecte encore le WindowsFirewallBypass-truc.

Je repasse un scan HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:17:34, on 2008-11-21
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Wintab32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\Acecad\Wtxpload.exe
C:\WINDOWS\system32\ZPOINT32.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\WINDOWS\Acecad\xpoint32.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Belkin\F5D7000v8\Belkinwcui.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Belkin\F5D7000v8\jswpsapi.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Xfire\xfire.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\mspaint.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\monHJK.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Documents and Settings\Owner\Desktop\Utilitaires Internet\BitComet\tools\BitCometBHO_1.1.8.30.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: (no name) - {f4c5837a-81ab-467d-8344-5b58ed2238d9} - C:\WINDOWS\system32\migezomu.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Name of App] C:\Program Files\Utilitaires Window\SAMSUNG\FW LiveUpdate\FWManager.exe r
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Acecad.Wtxpload] C:\WINDOWS\Acecad\Wtxpload.exe Acecad
O4 - HKLM\..\Run: [ZPOINT32] C:\WINDOWS\system32\ZPOINT32.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKLM\..\Run: [BM93a13760] Rundll32.exe "C:\WINDOWS\system32\dyqpyjkn.dll",s
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [PlayNC Launcher] C:\program files\games\nclauncher\NCLauncher.exe /Minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Belkin Wireless G PCI Adapter Utility.lnk = C:\Program Files\Belkin\F5D7000v8\Belkinwcui.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Documents and Settings\Owner\Desktop\Utilitaires Internet\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Documents and Settings\Owner\Desktop\Utilitaires Internet\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Documents and Settings\Owner\Desktop\Utilitaires Internet\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Documents and Settings\Owner\Desktop\Utilitaires Internet\BitComet\tools\BitCometBHO_1.1.8.30.dll (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Owner\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.ncix.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} (Disney Online Games ActiveX Control) - https://pirates.disney.com/
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: wbsys.dll avgrsstx.dll C:\WINDOWS\system32\dayevino.dll c:\windows\system32\muvapevi.dll
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Belkin\F5D7000v8\jswpsapi.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NexTab (Wintab32) - Unknown owner - C:\WINDOWS\system32\Wintab32.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
0
Réponse 8 / 14
CelebrenIthil Messages postés 13 Date d'inscription   Statut Membre Dernière intervention  
 
Oups ça a pas marché je réessaie pas en balise: http://img.photobucket.com/albums/v103/TheSilverstar/Threat.jpg
0
Réponse 9 / 14
totobetourne Messages postés 5592 Date d'inscription   Statut Membre Dernière intervention   65
 
tu nous montres le rapport avant supression a tu bien supprimer ce qu il avait trouve, si tu avais bien suivi les indications tu m aurais donner le rapport apres supression, montre moi le rapport apres supression et vide ce qui est en quarantaine.

refais un rapport hijack apres.
0
Réponse 10 / 14
CelebrenIthil Messages postés 13 Date d'inscription   Statut Membre Dernière intervention  
 
Ok théoriquement le log après la suppression c'est celui-ci:

Malwarebytes' Anti-Malware 1.30
Database version: 1414
Windows 5.1.2600 Service Pack 3

2008-11-21 07:12:58
mbam-log-2008-11-21 (07-12-58).txt

Scan type: Full Scan (C:\|)
Objects scanned: 272901
Time elapsed: 3 hour(s), 38 minute(s), 8 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Sinon AVG a remarqué soudainement qu'il y a des virus dans les parages:

http://img.photobucket.com/albums/v103/TheSilverstar/Threat2.jpg

J'ai fait "heal" pour ce que ça vaut mais je doute que ça aille marché très fort.

Et puis voilà en lisant ton message je suis allée me débarasser des trucs que j'avais en quarantaine:

http://img.photobucket.com/albums/v103/TheSilverstar/Threat3.jpg

Et j'ai fait un scan HijackThis après coup:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:45:46, on 2008-11-21
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Wintab32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\Acecad\Wtxpload.exe
C:\WINDOWS\system32\ZPOINT32.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\WINDOWS\Acecad\xpoint32.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Belkin\F5D7000v8\Belkinwcui.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Belkin\F5D7000v8\jswpsapi.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Xfire\xfire.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\mspaint.exe
C:\Program Files\Trend Micro\HijackThis\monHJK.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Documents and Settings\Owner\Desktop\Utilitaires Internet\BitComet\tools\BitCometBHO_1.1.8.30.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: (no name) - {f4c5837a-81ab-467d-8344-5b58ed2238d9} - C:\WINDOWS\system32\migezomu.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Name of App] C:\Program Files\Utilitaires Window\SAMSUNG\FW LiveUpdate\FWManager.exe r
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Acecad.Wtxpload] C:\WINDOWS\Acecad\Wtxpload.exe Acecad
O4 - HKLM\..\Run: [ZPOINT32] C:\WINDOWS\system32\ZPOINT32.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKLM\..\Run: [BM93a13760] Rundll32.exe "C:\WINDOWS\system32\dyqpyjkn.dll",s
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [PlayNC Launcher] C:\program files\games\nclauncher\NCLauncher.exe /Minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Belkin Wireless G PCI Adapter Utility.lnk = C:\Program Files\Belkin\F5D7000v8\Belkinwcui.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Documents and Settings\Owner\Desktop\Utilitaires Internet\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Documents and Settings\Owner\Desktop\Utilitaires Internet\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Documents and Settings\Owner\Desktop\Utilitaires Internet\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Documents and Settings\Owner\Desktop\Utilitaires Internet\BitComet\tools\BitCometBHO_1.1.8.30.dll (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Owner\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.ncix.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} (Disney Online Games ActiveX Control) - https://pirates.disney.com/
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: wbsys.dll avgrsstx.dll C:\WINDOWS\system32\dayevino.dll c:\windows\system32\muvapevi.dll
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Belkin\F5D7000v8\jswpsapi.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NexTab (Wintab32) - Unknown owner - C:\WINDOWS\system32\Wintab32.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
0
Réponse 11 / 14
CelebrenIthil Messages postés 13 Date d'inscription   Statut Membre Dernière intervention  
 
Mon problème ne semble toujours pas résolu après tout ça: j'ai encore AVG qui m'ouvre des fenêtres en me pointant des .dll indésirables (un coup de virtumonde?)
Par contre la question des fenêtres indésirables est réglée, je vous en remercie. :3
0
Réponse 12 / 14
totobetourne Messages postés 5592 Date d'inscription   Statut Membre Dernière intervention   65
 
toujours present .garde malwarebyte et lance un scan de temps en temps pour le futur.

on va utiliser alors un autre outil.
pour voir télécharge combofix (par sUBs) ici :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

et enregistre le sur le bureau.


déconnecte toi d'internet et ferme toutes tes applications.

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)


double-clique sur combofix.exe et suis les instructions

à la fin, il va produire un rapport C:\ComboFix.txt

réactive ton parefeu, ton antivirus, la garde de ton antispyware

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

Tu as un tutoriel complet ici :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
0
Réponse 13 / 14
CelebrenIthil Messages postés 13 Date d'inscription   Statut Membre Dernière intervention  
 
ComboFix 08-11-24.03 - Owner 2008-11-25 12:00:37.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1445 [GMT -5:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Owner\Desktop\WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Downloaded Program Files\setup.inf
c:\windows\IE4 Error Log.txt
c:\windows\system32\amazogol.ini
c:\windows\system32\awapaneg.ini
A:\INSTALL.EXE . . . . failed to delete

.
((((((((((((((((((((((((( Files Created from 2008-10-25 to 2008-11-25 )))))))))))))))))))))))))))))))
.

2008-11-20 18:54 . 2008-11-20 18:54 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-20 18:54 . 2008-11-20 18:54 <DIR> d-------- c:\documents and settings\Owner\Application Data\Malwarebytes
2008-11-20 18:54 . 2008-11-20 18:54 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-20 18:54 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-20 18:54 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-20 15:44 . 2008-11-20 15:44 42,320 --a------ c:\windows\system32\xfcodec.dll
2008-11-13 22:27 . 2008-11-13 22:27 <DIR> dr-h----- c:\documents and settings\Owner\Application Data\SecuROM
2008-11-13 21:42 . 2008-11-13 21:42 <DIR> d-------- c:\program files\Common Files\BioWare
2008-11-12 20:27 . 2008-09-04 12:15 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-12 20:27 . 2008-10-24 06:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-09 20:03 . 2008-11-09 20:03 <DIR> d-------- c:\documents and settings\Owner\Application Data\Ubisoft
2008-11-09 20:02 . 2008-11-09 20:02 <DIR> d-------- c:\documents and settings\All Users\Application Data\Ubisoft
2008-10-28 18:46 . 2008-10-28 18:46 98,304 --a------ c:\windows\W2BNEUnin.exe
2008-10-28 18:46 . 2008-10-28 18:46 21,310 --a------ c:\windows\W2BNEUnin.dat
2008-10-28 18:46 . 2008-10-28 18:46 2,829 --a------ c:\windows\W2BNEUnin.pif

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-25 17:05 0 ----a-w c:\windows\system32\drivers\lvuvc.hs
2008-11-25 16:46 --------- d-----w c:\documents and settings\Owner\Application Data\Skype
2008-11-25 02:57 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2008-11-24 23:13 --------- d-----w c:\program files\Xfire
2008-11-24 23:13 --------- d-----w c:\documents and settings\Owner\Application Data\Xfire
2008-11-23 23:01 --------- d-----w c:\program files\Common Files\Symantec Shared
2008-11-23 23:00 --------- d-----w c:\program files\Norton Security Scan
2008-11-14 02:04 --------- d-----r c:\program files\GAMES
2008-11-10 00:33 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-18 04:20 --------- d-----w c:\program files\Belkin
2008-10-10 02:19 --------- d-----w c:\program files\Autodesk
2008-09-29 00:43 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-29 00:40 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-09-28 03:32 --------- d-----w c:\program files\QuickTime
2008-09-28 03:32 --------- d-----w c:\program files\Common Files\Apple
2008-09-25 01:10 --------- d-----w c:\program files\USB Dongle
2008-09-25 01:09 --------- d-----w c:\program files\Utilitaire WLAN (USB) IEEE 802.11b
2008-07-08 03:27 445,615,776 ----a-w c:\program files\FB3_win.exe
2008-07-08 03:13 14,260,672 ----a-w c:\program files\whirled_sdk_0.29.zip
2008-07-08 03:10 1,261 ----a-w c:\program files\1215486590804-integrated.jnlp
2007-10-15 02:05 0 ----a-w c:\program files\New Text Document.txt
2007-10-06 22:05 614,935 ----a-w c:\program files\CEP_Setup.exe
2007-09-25 19:52 48,467 ----a-w c:\program files\302922.htm
2007-09-24 20:55 61,647,736 ----a-w c:\program files\directx_directx_9.0c_-_mise_a_jour_aout_2007_francais_10906.exe
2007-09-22 18:48 317,987 ----a-w c:\program files\setuplog.txt
2007-09-14 04:20 2,097,152 ----a-w c:\documents and settings\Owner\Application Data\AUTORUN.BIN
2007-09-14 04:19 769,536 ----a-w c:\documents and settings\Owner\Application Data\sfdnwin.dll
2007-07-18 21:54 32 ----a-r c:\documents and settings\All Users\hash.dat
1999-07-07 00:00 6 --sh--r c:\windows\@@desktop.dat
.

((((((((((((((((((((((((((((( snapshot@2008-03-07_20.05.36.10 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-03-19 09:40:27 1,845,888 ----a-w c:\windows\$hf_mig$\KB941693\SP2QFE\win32k.sys
+ 2007-03-06 01:22:36 14,048 ----a-w c:\windows\$hf_mig$\KB941693\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w c:\windows\$hf_mig$\KB941693\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w c:\windows\$hf_mig$\KB941693\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w c:\windows\$hf_mig$\KB941693\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB941693\update\updspapi.dll
+ 2007-12-18 14:32:13 450,560 ----a-w c:\windows\$hf_mig$\KB944338\SP2QFE\jscript.dll
+ 2007-12-18 14:32:13 417,792 ----a-w c:\windows\$hf_mig$\KB944338\SP2QFE\vbscript.dll
+ 2007-03-06 01:22:36 14,048 ----a-w c:\windows\$hf_mig$\KB944338\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w c:\windows\$hf_mig$\KB944338\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w c:\windows\$hf_mig$\KB944338\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w c:\windows\$hf_mig$\KB944338\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB944338\update\updspapi.dll
+ 2008-02-20 05:19:35 147,968 ----a-w c:\windows\$hf_mig$\KB945553\SP2QFE\dnsapi.dll
+ 2008-02-20 18:49:36 45,568 ----a-w c:\windows\$hf_mig$\KB945553\SP2QFE\dnsrslvr.dll
+ 2007-03-06 01:22:36 14,048 ----a-w c:\windows\$hf_mig$\KB945553\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w c:\windows\$hf_mig$\KB945553\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w c:\windows\$hf_mig$\KB945553\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w c:\windows\$hf_mig$\KB945553\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB945553\update\updspapi.dll
+ 2008-05-02 13:30:08 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP2QFE\msgsc.dll
+ 2008-05-02 14:01:49 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3GDR\msgsc.dll
+ 2008-05-02 13:42:10 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3QFE\msgsc.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB946648\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB946648\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB946648\update\spcustom.dll
+ 2007-11-30 11:20:44 755,576 ----a-w c:\windows\$hf_mig$\KB946648\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB946648\update\updspapi.dll
+ 2008-02-16 09:32:03 1,024,000 ----a-w c:\windows\$hf_mig$\KB947864\SP2QFE\browseui.dll
+ 2008-02-16 09:32:03 151,040 ----a-w c:\windows\$hf_mig$\KB947864\SP2QFE\cdfview.dll
+ 2008-02-16 09:32:03 1,054,208 ----a-w c:\windows\$hf_mig$\KB947864\SP2QFE\danim.dll
+ 2008-02-16 09:32:04 357,888 ----a-w c:\windows\$hf_mig$\KB947864\SP2QFE\dxtmsft.dll
+ 2008-02-16 09:32:04 205,312 ----a-w c:\windows\$hf_mig$\KB947864\SP2QFE\dxtrans.dll
+ 2008-02-16 09:32:04 55,808 ----a-w c:\windows\$hf_mig$\KB947864\SP2QFE\extmgr.dll
+ 2008-02-15 09:07:53 18,432 ----a-w c:\windows\$hf_mig$\KB947864\SP2QFE\iedw.exe
+ 2008-02-16 09:32:04 251,904 ----a-w c:\windows\$hf_mig$\KB947864\SP2QFE\iepeers.dll
+ 2008-02-16 09:32:04 96,256 ----a-w c:\windows\$hf_mig$\KB947864\SP2QFE\inseng.dll
+ 2008-02-16 09:32:04 16,384 ----a-w c:\windows\$hf_mig$\KB947864\SP2QFE\jsproxy.dll
+ 2008-02-16 09:32:06 3,066,880 ----a-w c:\windows\$hf_mig$\KB947864\SP2QFE\mshtml.dll
+ 2008-02-16 09:32:06 449,024 ----a-w c:\windows\$hf_mig$\KB947864\SP2QFE\mshtmled.dll
+ 2008-02-16 09:32:06 146,432 ----a-w c:\windows\$hf_mig$\KB947864\SP2QFE\msrating.dll
+ 2008-02-16 09:32:07 532,480 ----a-w c:\windows\$hf_mig$\KB947864\SP2QFE\mstime.dll
+ 2008-02-16 09:32:07 39,424 ----a-w c:\windows\$hf_mig$\KB947864\SP2QFE\pngfilt.dll
+ 2008-02-16 09:32:08 1,499,136 ----a-w c:\windows\$hf_mig$\KB947864\SP2QFE\shdocvw.dll
+ 2008-02-16 09:32:08 474,112 ----a-w c:\windows\$hf_mig$\KB947864\SP2QFE\shlwapi.dll
+ 2008-02-16 09:32:08 618,496 ----a-w c:\windows\$hf_mig$\KB947864\SP2QFE\urlmon.dll
+ 2008-02-16 09:32:09 666,112 ----a-w c:\windows\$hf_mig$\KB947864\SP2QFE\wininet.dll
+ 2008-02-15 09:06:21 351,744 ----a-w c:\windows\$hf_mig$\KB947864\SP2QFE\xpsp3res.dll
+ 2007-03-06 01:22:36 14,048 ----a-w c:\windows\$hf_mig$\KB947864\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w c:\windows\$hf_mig$\KB947864\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w c:\windows\$hf_mig$\KB947864\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w c:\windows\$hf_mig$\KB947864\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB947864\update\updspapi.dll
+ 2008-02-20 06:52:43 282,624 ----a-w c:\windows\$hf_mig$\KB948590\SP2QFE\gdi32.dll
+ 2007-03-06 01:22:36 14,048 ----a-w c:\windows\$hf_mig$\KB948590\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w c:\windows\$hf_mig$\KB948590\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w c:\windows\$hf_mig$\KB948590\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w c:\windows\$hf_mig$\KB948590\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB948590\update\updspapi.dll
+ 2007-03-06 01:22:33 14,048 ----a-w c:\windows\$hf_mig$\KB948881\spmsg.dll
+ 2007-03-06 01:22:39 213,216 ----a-w c:\windows\$hf_mig$\KB948881\spuninst.exe
+ 2007-03-06 01:22:31 22,752 ----a-w c:\windows\$hf_mig$\KB948881\update\spcustom.dll
+ 2007-03-06 01:22:56 716,000 ----a-w c:\windows\$hf_mig$\KB948881\update\update.exe
+ 2007-03-06 01:23:47 371,424 ----a-w c:\windows\$hf_mig$\KB948881\update\updspapi.dll
+ 2008-01-23 04:56:21 554,008 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\dao360.dll
+ 2007-12-10 12:41:11 518,944 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msexch40.dll
+ 2007-12-10 12:41:11 326,432 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msexcl40.dll
+ 2007-12-10 12:41:11 1,516,568 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msjet40.dll
+ 2007-12-10 12:41:11 355,112 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msjetol1.dll
+ 2008-03-27 07:39:13 151,583 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msjint40.dll
+ 2007-12-10 12:41:12 60,192 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msjter40.dll
+ 2007-12-10 12:41:12 248,608 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msjtes40.dll
+ 2007-12-10 12:41:12 219,936 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msltus40.dll
+ 2007-12-10 12:41:12 355,104 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\mspbde40.dll
+ 2007-12-10 12:41:13 432,928 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msrd2x40.dll
+ 2007-12-10 12:41:13 322,336 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msrd3x40.dll
+ 2007-12-10 12:41:13 559,904 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msrepl40.dll
+ 2007-12-10 12:41:13 264,992 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\mstext40.dll
+ 2007-12-10 12:41:13 838,432 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\mswdat10.dll
+ 2007-12-10 12:41:14 621,344 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\mswstr10.dll
+ 2007-12-10 12:41:14 355,104 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msxbde40.dll
+ 2007-03-06 01:22:36 14,048 ----a-w c:\windows\$hf_mig$\KB950749\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w c:\windows\$hf_mig$\KB950749\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w c:\windows\$hf_mig$\KB950749\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w c:\windows\$hf_mig$\KB950749\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB950749\update\updspapi.dll
+ 2008-04-21 06:56:54 1,024,000 ----a-w c:\windows\$hf_mig$\KB950759\SP2QFE\browseui.dll
+ 2008-04-21 06:56:54 151,040 ----a-w c:\windows\$hf_mig$\KB950759\SP2QFE\cdfview.dll
+ 2008-04-21 06:56:55 1,054,208 ----a-w c:\windows\$hf_mig$\KB950759\SP2QFE\danim.dll
+ 2008-04-21 06:56:55 357,888 ----a-w c:\windows\$hf_mig$\KB950759\SP2QFE\dxtmsft.dll
+ 2008-04-21 06:56:55 205,312 ----a-w c:\windows\$hf_mig$\KB950759\SP2QFE\dxtrans.dll
+ 2008-04-21 06:56:55 55,808 ----a-w c:\windows\$hf_mig$\KB950759\SP2QFE\extmgr.dll
+ 2008-04-17 10:46:59 18,432 ----a-w c:\windows\$hf_mig$\KB950759\SP2QFE\iedw.exe
+ 2008-04-21 06:56:56 251,904 ----a-w c:\windows\$hf_mig$\KB950759\SP2QFE\iepeers.dll
+ 2008-04-21 06:56:56 96,256 ----a-w c:\windows\$hf_mig$\KB950759\SP2QFE\inseng.dll
+ 2008-04-21 06:56:56 16,384 ----a-w c:\windows\$hf_mig$\KB950759\SP2QFE\jsproxy.dll
+ 2008-04-21 06:56:57 3,066,880 ----a-w c:\windows\$hf_mig$\KB950759\SP2QFE\mshtml.dll
+ 2008-04-21 06:56:57 449,024 ----a-w c:\windows\$hf_mig$\KB950759\SP2QFE\mshtmled.dll
+ 2008-04-21 06:56:57 146,432 ----a-w c:\windows\$hf_mig$\KB950759\SP2QFE\msrating.dll
+ 2008-04-21 06:56:58 532,480 ----a-w c:\windows\$hf_mig$\KB950759\SP2QFE\mstime.dll
+ 2008-04-21 06:56:58 39,424 ----a-w c:\windows\$hf_mig$\KB950759\SP2QFE\pngfilt.dll
+ 2008-04-21 06:56:58 1,499,136 ----a-w c:\windows\$hf_mig$\KB950759\SP2QFE\shdocvw.dll
+ 2008-04-21 06:56:58 474,112 ----a-w c:\windows\$hf_mig$\KB950759\SP2QFE\shlwapi.dll
+ 2008-04-21 06:56:58 618,496 ----a-w c:\windows\$hf_mig$\KB950759\SP2QFE\urlmon.dll
+ 2008-04-21 06:56:59 666,624 ----a-w c:\windows\$hf_mig$\KB950759\SP2QFE\wininet.dll
+ 2008-04-17 10:37:04 351,744 ----a-w c:\windows\$hf_mig$\KB950759\SP2QFE\xpsp3res.dll
+ 2008-04-21 06:44:29 3,066,880 ----a-w c:\windows\$hf_mig$\KB950759\SP3GDR\mshtml.dll
+ 2008-04-21 06:44:29 666,112 ----a-w c:\windows\$hf_mig$\KB950759\SP3GDR\wininet.dll
+ 2008-04-21 06:24:01 3,067,392 ----a-w c:\windows\$hf_mig$\KB950759\SP3QFE\mshtml.dll
+ 2008-04-21 06:24:02 666,624 ----a-w c:\windows\$hf_mig$\KB950759\SP3QFE\wininet.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB950759\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB950759\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB950759\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB950759\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB950759\update\updspapi.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB950760\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB950760\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB950760\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB950760\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB950760\update\updspapi.dll
+ 2008-05-08 12:14:51 203,008 ----a-w c:\windows\$hf_mig$\KB950762\SP2QFE\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w c:\windows\$hf_mig$\KB950762\SP3GDR\rmcast.sys
+ 2008-05-08 13:58:17 203,136 ----a-w c:\windows\$hf_mig$\KB950762\SP3QFE\rmcast.sys
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB950762\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB950762\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB950762\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB950762\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB950762\update\updspapi.dll
+ 2008-07-07 20:06:43 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:26:58 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:23:18 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:18 755,576 ----a-w c:\windows\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:19 382,840 ----a-w c:\windows\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-04-11 18:39:39 683,520 ----a-w c:\windows\$hf_mig$\KB951066\SP2QFE\inetcomm.dll
+ 2008-04-11 19:04:26 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3GDR\inetcomm.dll
+ 2008-04-12 04:22:26 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3QFE\inetcomm.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB951066\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB951066\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB951066\update\spcustom.dll
+ 2007-12-03 15:25:31 755,576 ----a-w c:\windows\$hf_mig$\KB951066\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB951066\update\updspapi.dll
+ 2008-07-14 11:03:00 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2008-06-13 09:52:16 272,128 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
+ 2008-06-13 11:05:51 272,128 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
+ 2008-06-13 11:27:43 272,128 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB951376-v2\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB951376-v2\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\updspapi.dll
+ 2008-04-14 11:00:16 272,128 ----a-w c:\windows\$hf_mig$\KB951376\SP2QFE\bthport.sys
+ 2008-04-14 12:30:49 272,128 ----a-w c:\windows\$hf_mig$\KB951376\SP3GDR\bthport.sys
+ 2008-04-14 12:36:35 272,128 ----a-w c:\windows\$hf_mig$\KB951376\SP3QFE\bthport.sys
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB951376\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB951376\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB951376\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB951376\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB951376\update\updspapi.dll
+ 2008-05-07 04:55:40 1,288,192 ----a-w c:\windows\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:12:40 1,288,192 ----a-w c:\windows\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:15 1,288,192 ----a-w c:\windows\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB951698\update\updspapi.dll
+ 2006-08-16 12:08:32 100,352 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
+ 2008-06-20 10:44:08 138,368 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\afd.sys
+ 2008-06-20 17:36:11 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
+ 2008-06-20 17:36:11 245,248 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
+ 2008-06-20 10:44:42 360,960 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
+ 2008-06-20 09:32:39 225,920 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
+ 2008-06-20 11:40:08 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\afd.sys
+ 2008-06-20 17:46:57 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
+ 2008-06-20 17:46:57 245,248 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
+ 2008-06-20 11:51:12 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
+ 2008-06-20 11:08:27 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
+ 2008-06-20 11:48:03 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\afd.sys
+ 2008-06-20 17:43:05 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
+ 2008-06-20 17:43:05 245,248 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
+ 2008-06-20 11:59:02 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
+ 2008-06-20 11:16:44 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB951748\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB951748\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB951748\update\spcustom.dll
+ 2007-11-30 12:39:18 755,576 ----a-w c:\windows\$hf_mig$\KB951748\update\update.exe
+ 2007-11-30 12:39:19 382,840 ----a-w c:\windows\$hf_mig$\KB951748\update\updspapi.dll
+ 2008-05-07 09:07:23 135,168 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\cscript.exe
+ 2008-05-09 10:45:15 512,000 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\jscript.dll
+ 2008-05-09 10:45:16 180,224 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\scrobj.dll
+ 2008-05-09 10:45:16 172,032 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\scrrun.dll
+ 2008-05-09 10:45:16 430,080 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\vbscript.dll
+ 2008-05-08 11:24:44 155,648 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\wscript.exe
+ 2008-05-09 10:45:17 90,112 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\wshext.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB951978\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB951978\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB951978\update\spcustom.dll
+ 2007-11-30 12:39:18 755,576 ----a-w c:\windows\$hf_mig$\KB951978\update\update.exe
+ 2007-11-30 12:39:19 382,840 ----a-w c:\windows\$hf_mig$\KB951978\update\updspapi.dll
+ 2008-05-01 15:04:00 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP2QFE\msadce.dll
+ 2008-05-01 14:33:02 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3GDR\msadce.dll
+ 2008-05-01 14:38:05 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3QFE\msadce.dll
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB952287\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB952287\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB952287\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB952287\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB952287\update\updspapi.dll
+ 2008-06-24 16:28:00 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:43:16 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:53:10 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB952954\update\updspapi.dll
+ 2008-06-23 16:11:40 1,024,000 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\browseui.dll
+ 2008-06-23 16:11:40 151,040 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\cdfview.dll
+ 2008-06-23 16:11:42 1,054,208 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\danim.dll
+ 2008-06-23 16:11:43 357,888 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\dxtmsft.dll
+ 2008-06-23 16:11:43 205,312 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\dxtrans.dll
+ 2008-06-23 16:11:43 55,808 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\extmgr.dll
+ 2008-06-23 09:53:58 18,432 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\iedw.exe
+ 2008-06-23 16:11:52 251,904 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\iepeers.dll
+ 2008-06-23 16:11:52 96,256 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\inseng.dll
+ 2008-06-23 16:11:52 16,384 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\jsproxy.dll
+ 2008-06-23 16:11:58 3,067,392 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\mshtml.dll
+ 2008-06-23 16:12:00 449,024 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\mshtmled.dll
+ 2008-06-23 16:12:02 146,432 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\msrating.dll
+ 2008-06-23 16:12:02 532,480 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\mstime.dll
+ 2008-06-23 16:12:02 39,424 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\pngfilt.dll
+ 2008-06-23 16:12:05 1,499,136 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\shdocvw.dll
+ 2008-06-23 16:12:05 474,112 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\shlwapi.dll
+ 2008-06-23 16:12:06 618,496 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\urlmon.dll
+ 2008-06-23 16:12:08 667,136 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\wininet.dll
+ 2008-07-03 09:14:02 351,744 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\xpsp3res.dll
+ 2008-06-23 15:09:27 3,067,392 ----a-w c:\windows\$hf_mig$\KB953838\SP3GDR\mshtml.dll
+ 2008-06-26 08:15:29 1,499,136 ----a-w c:\windows\$hf_mig$\KB953838\SP3GDR\shdocvw.dll
+ 2008-06-26 08:15:30 619,520 ----a-w c:\windows\$hf_mig$\KB953838\SP3GDR\urlmon.dll
+ 2008-06-23 15:09:27 666,112 ----a-w c:\windows\$hf_mig$\KB953838\SP3GDR\wininet.dll
+ 2008-06-25 04:24:48 3,067,904 ----a-w c:\windows\$hf_mig$\KB953838\SP3QFE\mshtml.dll
+ 2008-06-26 08:00:52 1,499,136 ----a-w c:\windows\$hf_mig$\KB953838\SP3QFE\shdocvw.dll
+ 2008-06-26 08:00:52 619,520 ----a-w c:\windows\$hf_mig$\KB953838\SP3QFE\urlmon.dll
+ 2008-06-23 14:54:47 666,624 ----a-w c:\windows\$hf_mig$\KB953838\SP3QFE\wininet.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB953838\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB953838\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB953838\update\spcustom.dll
+ 2007-11-30 12:39:18 755,576 ----a-w c:\windows\$hf_mig$\KB953838\update\update.exe
+ 2007-11-30 12:39:19 382,840 ----a-w c:\windows\$hf_mig$\KB953838\update\updspapi.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB953839\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB953839\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB953839\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB953839\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB953839\update\updspapi.dll
+ 2008-09-15 12:25:27 1,846,912 ----a-w c:\windows\$hf_mig$\KB954211\SP3QFE\win32k.sys
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB954211\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB954211\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB954211\update\spcustom.dll
+ 2008-07-09 07:38:29 755,576 ----a-w c:\windows\$hf_mig$\KB954211\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB954211\update\updspapi.dll
+ 2008-09-10 01:10:56 1,379,840 ----a-w c:\windows\$hf_mig$\KB954459\SP3QFE\msxml6.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB954459\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB954459\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB954459\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB954459\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB954459\update\updspapi.dll
+ 2008-08-20 04:58:54 3,067,904 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\mshtml.dll
+ 2008-08-20 04:58:47 1,499,136 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\shdocvw.dll
+ 2008-08-20 04:58:50 620,032 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\urlmon.dll
+ 2008-08-20 04:58:48 666,624 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\wininet.dll
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB956390\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB956390\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB956390\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB956390\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB956390\update\updspapi.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB956391\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB956391\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB956391\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB956391\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB956391\update\updspapi.dll
+ 2008-08-14 10:34:26 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3QFE\afd.sys
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB956803\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB956803\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB956803\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB956803\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB956803\update\updspapi.dll
+ 2008-08-14 10:39:28 2,145,280 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlmp.exe
+ 2008-08-14 19:39:46 2,066,048 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
+ 2008-08-14 10:09:44 2,023,936 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrpamp.exe
+ 2008-08-14 20:11:10 2,189,184 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB956841\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB956841\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB956841\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB956841\update\update.exe
+ 2008-07-09 07:38:37 382,840 ----a-w c:\windows\$hf_mig$\KB956841\update\updspapi.dll
+ 2008-09-08 11:37:19 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3QFE\srv.sys
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB957095\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB957095\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB957095\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB957095\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB957095\update\updspapi.dll
+ 2008-10-15 16:25:53 339,456 ----a-w c:\windows\$hf_mig$\KB958644\SP3QFE\netapi32.dll
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB958644\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB958644\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB958644\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB958644\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB958644\update\updspapi.dll
+ 2006-08-16 11:58:05 100,352 -c----w c:\windows\$NtServicePackUninstall$\6to4svc.dll
+ 2006-10-04 14:05:26 39,424 -c----w c:\windows\$NtServicePackUninstall$\acadproc.dll
+ 2006-10-04 14:05:26 39,424 -c----w c:\windows\$NtServicePackUninstall$\acadproc.dll.000
+ 2006-02-28 12:00:00 183,808 -c----w c:\windows\$NtServicePackUninstall$\accwiz.exe
+ 2006-02-28 12:00:00 1,852,416 -c----w c:\windows\$NtServicePackUninstall$\acgenral.dll
+ 2006-02-28 12:00:00 1,852,416 -c----w c:\windows\$NtServicePackUninstall$\acgenral.dll.000
+ 2006-02-28 12:00:00 450,048 -c----w c:\windows\$NtServicePackUninstall$\aclayers.dll
+ 2006-02-28 12:00:00 450,048 -c----w c:\windows\$NtServicePackUninstall$\aclayers.dll.000
+ 2006-02-28 12:00:00 137,728 -c----w c:\windows\$NtServicePackUninstall$\aclua.dll
+ 2006-02-28 12:00:00 137,728 -c----w c:\windows\$NtServicePackUninstall$\aclua.dll.000
+ 2006-02-28 12:00:00 114,688 -c----w c:\windows\$NtServicePackUninstall$\aclui.dll
+ 2006-02-28 12:00:00 187,776 -c----w c:\windows\$NtServicePackUninstall$\acpi.sys
+ 2006-02-28 12:00:00 244,736 -c----w c:\windows\$NtServicePackUninstall$\acspecfc.dll
+ 2006-02-28 12:00:00 244,736 -c----w c:\windows\$NtServicePackUninstall$\acspecfc.dll.000
+ 2006-02-28 12:00:00 194,048 -c----w c:\windows\$NtServicePackUninstall$\activeds.dll
+ 2006-02-28 12:00:00 4,096 -c----w c:\windows\$NtServicePackUninstall$\actmovie.exe
+ 2006-02-28 12:00:00 101,888 -c----w c:\windows\$NtServicePackUninstall$\actxprxy.dll
+ 2006-02-28 12:00:00 116,224 -c----w c:\windows\$NtServicePackUninstall$\acxtrnal.dll
+ 2006-02-28 12:00:00 116,224 -c----w c:\windows\$NtServicePackUninstall$\acxtrnal.dll.000
+ 2003-03-24 23:52:04 20,540 -c----w c:\windows\$NtServicePackUninstall$\admin.dll
+ 2003-03-24 23:52:04 16,439 -c----w c:\windows\$NtServicePackUninstall$\admin.exe
+ 2006-02-28 12:00:00 61,440 -c----w c:\windows\$NtServicePackUninstall$\admparse.dll
+ 2006-02-28 12:00:00 175,616 -c----w c:\windows\$NtServicePackUninstall$\adsldp.dll
+ 2006-02-28 12:00:00 143,360 -c----w c:\windows\$NtServicePackUninstall$\adsldpc.dll
+ 2006-02-28 12:00:00 68,096 -c----w c:\windows\$NtServicePackUninstall$\adsmsext.dll
+ 2006-02-28 12:00:00 263,680 -c----w c:\windows\$NtServicePackUninstall$\adsnt.dll
+ 2006-02-28 12:00:00 616,960 -c----w c:\windows\$NtServicePackUninstall$\advapi32.dll
+ 2006-02-28 12:00:00 99,840 -c----w c:\windows\$NtServicePackUninstall$\advpack.dll
+ 2006-02-15 00:22:26 142,464 -c----w c:\windows\$NtServicePackUninstall$\aec.sys
+ 2006-02-15 00:22:26 142,464 -c----w c:\windows\$NtServicePackUninstall$\aec.sys.000
+ 2008-06-20 10:44:38 138,368 -c----w c:\windows\$NtServicePackUninstall$\afd.sys
+ 2006-02-28 12:00:00 24,064 -c----w c:\windows\$NtServicePackUninstall$\agentanm.dll
+ 2006-02-28 12:00:00 214,016 -c----w c:\windows\$NtServicePackUninstall$\agentctl.dll
+ 2006-10-12 14:02:52 42,496 -c----w c:\windows\$NtServicePackUninstall$\agentdp2.dll
+ 2007-03-09 13:46:24 57,344 -c----w c:\windows\$NtServicePackUninstall$\agentdpv.dll
+ 2006-02-28 12:00:00 49,152 -c----w c:\windows\$NtServicePackUninstall$\agentmpx.dll
+ 2006-02-28 12:00:00 24,064 -c----w c:\windows\$NtServicePackUninstall$\agentpsh.dll
+ 2006-02-28 12:00:00 44,032 -c----w c:\windows\$NtServicePackUninstall$\agentsr.dll
+ 2006-10-12 11:09:53 256,512 -c----w c:\windows\$NtServicePackUninstall$\agentsvr.exe
+ 2006-02-28 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0401.dll
+ 2006-02-28 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0404.dll
+ 2006-02-28 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0405.dll
+ 2006-02-28 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0406.dll
+ 2006-02-28 12:00:00 21,504 -c----w c:\windows\$NtServicePackUninstall$\agt0407.dll
+ 2006-02-28 12:00:00 22,016 -c----w c:\windows\$NtServicePackUninstall$\agt0408.dll
+ 2006-02-28 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0409.dll
+ 2006-02-28 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt040b.dll
+ 2006-02-28 12:00:00 21,504 -c----w c:\windows\$NtServicePackUninstall$\agt040c.dll
+ 2006-02-28 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt040d.dll
+ 2006-02-28 12:00:00 19,968 -c----w c:\windows\$NtServicePackUninstall$\agt040e.dll
+ 2006-02-28 12:00:00 20,992 -c----w c:\windows\$NtServicePackUninstall$\agt0410.dll
+ 2006-02-28 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0411.dll
+ 2006-02-28 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0412.dll
+ 2006-02-28 12:00:00 20,992 -c----w c:\windows\$NtServicePackUninstall$\agt0413.dll
+ 2006-02-28 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0414.dll
+ 2006-02-28 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0415.dll
+ 2006-02-28 12:00:00 20,480 -c----w c:\windows\$NtServicePackUninstall$\agt0416.dll
+ 2006-02-28 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0419.dll
+ 2006-02-28 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt041d.dll
+ 2006-02-28 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt041f.dll
+ 2006-02-28 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0804.dll
+ 2006-02-28 12:00:00 20,992 -c----w c:\windows\$NtServicePackUninstall$\agt0816.dll
+ 2006-02-28 12:00:00 20,480 -c----w c:\windows\$NtServicePackUninstall$\agt0c0a.dll
+ 2006-02-28 12:00:00 24,064 -c----w c:\windows\$NtServicePackUninstall$\agtintl.dll
+ 2006-02-28 12:00:00 98,304 -c----w c:\windows\$NtServicePackUninstall$\ahui.exe
+ 2006-02-28 12:00:00 44,544 -c----w c:\windows\$NtServicePackUninstall$\alg.exe
+ 2006-02-28 12:00:00 17,408 -c----w c:\windows\$NtServicePackUninstall$\alrsvc.dll
+ 2006-02-28 12:00:00 36,992 -c----w c:\windows\$NtServicePackUninstall$\amdk6.sys
+ 2006-02-28 12:00:00 37,376 -c----w c:\windows\$NtServicePackUninstall$\amdk7.sys
+ 2006-02-28 12:00:00 70,656 -c----w c:\windows\$NtServicePackUninstall$\amstream.dll
+ 2006-02-28 12:00:00 126,976 -c----w c:\windows\$NtServicePackUninstall$\apphelp.dll
+ 2006-02-28 12:00:00 331,264 -c----w c:\windows\$NtServicePackUninstall$\aqueue.dll
+ 2006-02-28 12:00:00 60,800 -c----w c:\windows\$NtServicePackUninstall$\arp1394.sys
+ 2006-02-28 12:00:00 65,024 -c----w c:\windows\$NtServicePackUninstall$\asycfilt.dll
+ 2006-02-28 12:00:00 14,336 -c----w c:\windows\$NtServicePackUninstall$\asyncmac.sys
+ 2006-02-28 12:00:00 25,088 -c----w c:\windows\$NtServicePackUninstall$\at.exe
+ 2004-08-04 05:59:44 95,360 -c----w c:\windows\$NtServicePackUninstall$\atapi.sys
+ 2006-02-28 12:00:00 58,880 -c----w c:\windows\$NtServicePackUninstall$\atl.dll
+ 2006-02-28 12:00:00 11,264 -c----w c:\windows\$NtServicePackUninstall$\atmadm.exe
+ 2006-02-28 12:00:00 59,904 -c----w c:\windows\$NtServicePackUninstall$\atmarpc.sys
+ 2006-02-28 12:00:00 285,696 -c----w c:\windows\$NtServicePackUninstall$\atmfd.dll
+ 2006-02-28 12:00:00 55,936 -c----w c:\windows\$NtServicePackUninstall$\atmlane.sys
+ 2006-02-28 12:00:00 30,208 -c----w c:\windows\$NtServicePackUninstall$\atmlib.dll
+ 2006-02-28 12:00:00 11,264 -c----w c:\windows\$NtServicePackUninstall$\attrib.exe
+ 2006-02-28 12:00:00 42,496 -c----w c:\windows\$NtServicePackUninstall$\audiosrv.dll
+ 2006-02-28 12:00:00 14,336 -c----w c:\windows\$NtServicePackUninstall$\auditusr.exe
+ 2003-03-24 23:52:04 20,540 -c----w c:\windows\$NtServicePackUninstall$\author.dll
+ 2003-03-24 23:52:04 16,439 -c----w c:\windows\$NtServicePackUninstall$\author.exe
+ 2005-03-02 18:09:29 56,832 -c----w c:\windows\$NtServicePackUninstall$\authz.dll
+ 2006-02-28 12:00:00 588,800 -c----w c:\windows\$NtServicePackUninstall$\autochk.exe
+ 2006-02-28 12:00:00 602,624 -c----w c:\windows\$NtServicePackUninstall$\autoconv.exe
+ 2006-02-28 12:00:00 580,608 -c----w c:\windows\$NtServicePackUninstall$\autofmt.exe
+ 2006-02-28 12:00:00 11,264 -c----w c:\windows\$NtServicePackUninstall$\autolfn.exe
+ 2006-02-28 12:00:00 84,992 -c----w c:\windows\$NtServicePackUninstall$\avifil32.dll
+ 2006-02-28 12:00:00 52,736 -c----w c:\windows\$NtServicePackUninstall$\basesrv.dll
+ 2006-02-28 12:00:00 28,672 -c----w c:\windows\$NtServicePackUninstall$\batmeter.dll
+ 2006-02-28 12:00:00 8,704 -c----w c:\windows\$NtServicePackUninstall$\batt.dll
+ 2006-02-28 12:00:00 17,408 -c----w c:\windows\$NtServicePackUninstall$\bidispl.dll
+ 2006-02-28 12:00:00 8,192 -c----w c:\windows\$NtServicePackUninstall$\bitsprx2.dll
+ 2006-02-28 12:00:00 7,168 -c----w c:\windows\$NtServicePackUninstall$\bitsprx3.dll
+ 2006-02-28 12:00:00 71,680 -c----w c:\windows\$NtServicePackUninstall$\blastcln.exe
+ 2006-02-28 12:00:00 71,552 -c----w c:\windows\$NtServicePackUninstall$\bridge.sys
+ 2006-02-28 12:00:00 63,488 -c----w c:\windows\$NtServicePackUninstall$\browselc.dll
+ 2006-02-28 12:00:00 77,312 -c----w c:\windows\$NtServicePackUninstall$\browser.dll
+ 2008-06-23 15:38:28 1,023,488 -c----w c:\windows\$NtServicePackUninstall$\browseui.dll
+ 2006-02-28 12:00:00 78,336 -c----w c:\windows\$NtServicePackUninstall$\browsewm.dll
+ 2006-02-28 12:00:00 20,992 -c----w c:\windows\$NtServicePackUninstall$\bthci.dll
+ 2008-06-13 13:10:50 272,128 -c----w c:\windows\$NtServicePackUninstall$\bthport.sys
+ 2008-06-13 13:10:50 272,128 -c----w c:\windows\$NtServicePackUninstall$\bthport.sys.000
+ 2006-02-28 12:00:00 30,208 -c----w c:\windows\$NtServicePackUninstall$\bthserv.dll
+ 2006-02-28 12:00:00 50,688 -c----w c:\windows\$NtServicePackUninstall$\btpanui.dll
+ 2006-02-28 12:00:00 218,112 -c----w c:\windows\$NtServicePackUninstall$\c_g18030.dll
+ 2006-02-28 12:00:00 59,904 -c----w c:\windows\$NtServicePackUninstall$\cabinet.dll
+ 2006-02-28 12:00:00 84,480 -c----w c:\windows\$NtServicePackUninstall$\cabview.dll
+ 2006-02-28 12:00:00 18,432 -c----w c:\windows\$NtServicePackUninstall$\cacls.exe
+ 2006-02-28 12:00:00 385,024 -c----w c:\windows\$NtServicePackUninstall$\callcont.dll
+ 2006-02-28 12:00:00 50,688 -c----w c:\windows\$NtServicePackUninstall$\camocx.dll
+ 2006-02-28 12:00:00 142,848 -c----w c:\windows\$NtServicePackUninstall$\capesnpn.dll
+ 2005-07-26 04:39:42 225,792 -c----w c:\windows\$NtServicePackUninstall$\catsrv.dll
+ 2006-02-28 12:00:00 85,504 -c----w c:\windows\$NtServicePackUninstall$\catsrvps.dll
+ 2005-07-26 04:39:43 625,152 -c----w c:\windows\$NtServicePackUninstall$\catsrvut.dll
+ 2004-08-04 03:10:18 17,024 -c----w c:\windows\$NtServicePackUninstall$\ccdecode.sys
+ 2006-02-28 12:00:00 63,744 -c----w c:\windows\$NtServicePackUninstall$\cdfs.sys
+ 2008-06-23 15:38:29 151,040 -c----w c:\windows\$NtServicePackUninstall$\cdfview.dll
+ 2005-09-10 01:53:41 2,067,968 -c----w c:\windows\$NtServicePackUninstall$\cdosys.dll
+ 2006-02-28 12:00:00 49,536 -c----w c:\windows\$NtServicePackUninstall$\cdrom.sys
+ 2006-02-28 12:00:00 194,560 -c----w c:\windows\$NtServicePackUninstall$\certcli.dll
+ 2006-02-28 12:00:00 457,728 -c----w c:\windows\$NtServicePackUninstall$\certmgr.dll
+ 2006-02-28 12:00:00 38,912 -c----w c:\windows\$NtServicePackUninstall$\cfgbkend.dll
+ 2006-02-28 12:00:00 16,896 -c----w c:\windows\$NtServicePackUninstall$\cfgmgr32.dll
+ 2003-03-24 23:52:04 188,480 -c----w c:\windows\$NtServicePackUninstall$\cfgwiz.exe
+ 2006-02-28 12:00:00 97,792 -c----w c:\windows\$NtServicePackUninstall$\chtmbx.dll
+ 2006-02-28 12:00:00 56,320 -c----w c:\windows\$NtServicePackUninstall$\chtskdic.dll
+ 2006-02-28 12:00:00 173,568 -c----w c:\windows\$NtServicePackUninstall$\chtskf.dll
+ 2006-02-28 12:00:00 109,568 -c----w c:\windows\$NtServicePackUninstall$\cic.dll
+ 2006-02-28 12:00:00 1,352,192 -c----w c:\windows\$NtServicePackUninstall$\cimwin32.dll
+ 2006-02-28 12:00:00 198,656 -c----w c:\windows\$NtServicePackUninstall$\cintime.dll
+ 2006-06-22 05:06:29 69,120 -c----w c:\windows\$NtServicePackUninstall$\ciodm.dll
+ 2006-02-28 12:00:00 5,632 -c----w c:\windows\$NtServicePackUninstall$\cisvc.exe
+ 2006-02-28 12:00:00 49,664 -c----w c:\windows\$NtServicePackUninstall$\classpnp.sys
+ 2005-07-26 04:39:43 110,080 -c----w c:\windows\$NtServicePackUninstall$\clbcatex.dll
+ 2005-07-26 04:39:43 498,688 -c----w c:\windows\$NtServicePackUninstall$\clbcatq.dll
+ 2006-02-28 12:00:00 64,000 -c----w c:\windows\$NtServicePackUninstall$\cleanmgr.exe
+ 2006-02-28 12:00:00 77,824 -c----w c:\windows\$NtServicePackUninstall$\cliconfg.dll
+ 2006-02-28 12:00:00 20,480 -c----w c:\windows\$NtServicePackUninstall$\cliconfg.exe
+ 2006-02-28 12:00:00 102,912 -c----w c:\windows\$NtServicePackUninstall$\clipbrd.exe
+ 2006-02-28 12:00:00 33,280 -c----w c:\windows\$NtServicePackUninstall$\clipsrv.exe
+ 2006-02-28 12:00:00 57,856 -c----w c:\windows\$NtServicePackUninstall$\clusapi.dll
+ 2006-02-28 12:00:00 15,872 -c----w c:\windows\$NtServicePackUninstall$\cmcfg32.dll
+ 2006-02-28 12:00:00 388,608 -c----w c:\windows\$NtServicePackUninstall$\cmd.exe
+ 2006-02-28 12:00:00 343,040 -c----w c:\windows\$NtServicePackUninstall$\cmdial32.dll
+ 2006-02-28 12:00:00 47,104 -c----w c:\windows\$NtServicePackUninstall$\cmdl32.exe
+ 2006-02-28 12:00:00 39,936 -c----w c:\windows\$NtServicePackUninstall$\cmmon32.exe
+ 2006-02-28 12:00:00 185,344 -c----w c:\windows\$NtServicePackUninstall$\cmprops.dll
+ 2006-02-28 12:00:00 13,824 -c----w c:\windows\$NtServicePackUninstall$\cmsetacl.dll
+ 2006-02-28 12:00:00 63,488 -c----w c:\windows\$NtServicePackUninstall$\cmstp.exe
+ 2006-02-28 12:00:00 39,936 -c----w c:\windows\$NtServicePackUninstall$\cmutil.dll
+ 2006-02-28 12:00:00 47,104 -c----w c:\windows\$NtServicePackUninstall$\cnbjmon.dll
+ 2005-07-26 04:39:43 60,416 -c----w c:\windows\$NtServicePackUninstall$\colbact.dll
+ 2006-02-28 12:00:00 25,600 -c----w c:\windows\$NtServicePackUninstall$\comaddin.dll
+ 2005-07-26 04:39:44 195,072 -c----w c:\windows\$NtServicePackUninstall$\comadmin.dll
+ 2006-08-25 15:45:58 617,472 -c----w c:\windows\$NtServicePackUninstall$\comctl32.dll
+ 2006-02-28 12:00:00 276,992 -c----w c:\windows\$NtServicePackUninstall$\comdlg32.dll
+ 2006-02-28 12:00:00 252,928 -c----w c:\windows\$NtServicePackUninstall$\compatui.dll
+ 2006-02-28 12:00:00 229,376 -c----w c:\windows\$NtServicePackUninstall$\compstui.dll
+ 2005-07-26 04:39:44 97,792 -c----w c:\windows\$NtServicePackUninstall$\comrepl.dll
+ 2006-02-28 12:00:00 9,728 -c----w c:\windows\$NtServicePackUninstall$\comrepl.exe
+ 2006-02-28 12:00:00 5,120 -c----w c:\windows\$NtServicePackUninstall$\comrereg.exe
+ 2006-02-28 12:00:00 792,064 -c----w c:\windows\$NtServicePackUninstall$\comres.dll
+ 2006-02-28 12:00:00 259,584 -c----w c:\windows\$NtServicePackUninstall$\comsetup.dll
+ 2006-02-28 12:00:00 147,456 -c----w c:\windows\$NtServicePackUninstall$\comsnap.dll
+ 2005-07-26 04:39:44 1,267,200 -c----w c:\windows\$NtServicePackUninstall$\comsvcs.dll
+ 2005-07-26 04:39:45 540,160 -c----w c:\windows\$NtServicePackUninstall$\comuid.dll
+ 2006-02-28 12:00:00 1,032,192 -c----w c:\windows\$NtServicePackUninstall$\conf.exe
+ 2006-02-28 12:00:00 45,056 -c----w c:\windows\$NtServicePackUninstall$\confmrsl.dll
+ 2006-02-28 12:00:00 345,600 -c----w c:\windows\$NtServicePackUninstall$\confmsp.dll
+ 2006-02-28 12:00:00 27,648 -c----w c:\windows\$NtServicePackUninstall$\conime.exe
+ 2006-02-28 12:00:00 35,328 -c----w c:\windows\$NtServicePackUninstall$\corpol.dll
+ 2006-02-28 12:00:00 163,840 -c----w c:\windows\$NtServicePackUninstall$\credui.dll
+ 2006-02-28 12:00:00 36,480 -c----w c:\windows\$NtServicePackUninstall$\crusoe.sys
+ 2006-02-28 12:00:00 597,504 -c----w c:\windows\$NtServicePackUninstall$\crypt32.dll
+ 2006-02-28 12:00:00 74,752 -c----w c:\windows\$NtServicePackUninstall$\cryptdlg.dll
+ 2006-02-28 12:00:00 33,280 -c----w c:\windows\$NtServicePackUninstall$\cryptdll.dll
+ 2006-02-28 12:00:00 53,760 -c----w c:\windows\$NtServicePackUninstall$\cryptext.dll
+ 2006-02-28 12:00:00 63,488 -c----w c:\windows\$NtServicePackUninstall$\cryptnet.dll
+ 2006-02-28 12:00:00 60,416 -c----w c:\windows\$NtServicePackUninstall$\cryptsvc.dll
+ 2006-02-28 12:00:00 512,512 -c----w c:\windows\$NtServicePackUninstall$\cryptui.dll
+ 2006-02-28 12:00:00 101,888 -c----w c:\windows\$NtServicePackUninstall$\cscdll.dll
+ 2006-02-28 12:00:00 98,304 -c----w c:\windows\$NtServicePackUninstall$\cscript.exe
+ 2006-02-28 12:00:00 326,656 -c----w c:\windows\$NtServicePackUninstall$\cscui.dll
+ 2006-02-28 12:00:00 32,768 -c----w c:\windows\$NtServicePackUninstall$\csrsrv.dll
+ 2006-02-28 12:00:00 6,144 -c----w c:\windows\$NtServicePackUninstall$\csrss.exe
+ 2006-02-28 12:00:00 15,360 -c----w c:\windows\$NtServicePackUninstall$\ctfmon.exe
+ 2006-02-28 12:00:00 28,672 -c----w c:\windows\$NtServicePackUninstall$\custsat.dll
+ 2006-02-28 12:00:00 1,179,648 -c----w c:\windows\$NtServicePackUninstall$\d3d8.dll
+ 2006-02-28 12:00:00 8,192 -c----w c:\windows\$NtServicePackUninstall$\d3d8thk.dll
+ 2006-02-28 12:00:00 1,689,088 -c----w c:\windows\$NtServicePackUninstall$\d3d9.dll
+ 2006-02-28 12:00:00 825,344 -c----w c:\windows\$NtServicePackUninstall$\d3dim700.dll
+ 2008-06-23 15:38:30 1,054,208 -c----w c:\windows\$NtServicePackUninstall$\danim.dll
+ 2006-02-28 12:00:00 54,272 -c----w c:\windows\$NtServicePackUninstall$\dataclen.dll
+ 2006-02-28 12:00:00 152,064 -c----w c:\windows\$NtServicePackUninstall$\datime.dll
+ 2006-02-28 12:00:00 24,576 -c----w c:\windows\$NtServicePackUninstall$\davclnt.dll
+ 2006-02-28 12:00:00 640,000 -c----w c:\windows\$NtServicePackUninstall$\dbghelp.dll
+ 2006-02-28 12:00:00 24,576 -c----w c:\windows\$NtServicePackUninstall$\dbmsrpcn.dll
+ 2006-02-28 12:00:00 110,592 -c----w c:\windows\$NtServicePackUninstall$\dbnetlib.dll
+ 2006-02-28 12:00:00 28,672 -c----w c:\windows\$NtServicePackUninstall$\dbnmpntw.dll
+ 2006-02-28 12:00:00 1,788 -c----w c:\windows\$NtServicePackUninstall$\dcache.bin
+ 2006-02-28 12:00:00 40,960 -c----w c:\windows\$NtServicePackUninstall$\dcap32.dll
+ 2006-02-28 12:00:00 8,704 -c----w c:\windows\$NtServicePackUninstall$\dciman32.dll
+ 2006-02-28 12:00:00 5,120 -c----w c:\windows\$NtServicePackUninstall$\dcomcnfg.exe
+ 2006-02-28 12:00:00 30,208 -c----w c:\windows\$NtServicePackUninstall$\ddeshare.exe
+ 2006-02-28 12:00:00 266,240 -c----w c:\windows\$NtServicePackUninstall$\ddraw.dll
+ 2006-02-28 12:00:00 27,136 -c----w c:\windows\$NtServicePackUninstall$\ddrawex.dll
+ 2006-02-28 12:00:00 25,088 -c----w c:\windows\$NtServicePackUninstall$\defrag.exe
+ 2006-02-28 12:00:00 59,904 -c----w c:\windows\$NtServicePackUninstall$\devenum.dll
+ 2006-02-28 12:00:00 282,624 -c----w c:\windows\$NtServicePackUninstall$\devmgr.dll
+ 2006-02-28 12:00:00 82,432 -c----w c:\windows\$NtServicePackUninstall$\dfrgfat.exe
+ 2006-02-28 12:00:00 104,960 -c----w c:\windows\$NtServicePackUninstall$\dfrgntfs.exe
+ 2006-02-28 12:00:00 38,912 -c----w c:\windows\$NtServicePackUninstall$\dfrgsnap.dll
+ 2006-02-28 12:00:00 123,904 -c----w c:\windows\$NtServicePackUninstall$\dfrgui.dll
+ 2006-02-28 12:00:00 28,672 -c----w c:\windows\$NtServicePackUninstall$\dfsshlex.dll
+ 2006-02-28 12:00:00 111,104 -c----w c:\windows\$NtServicePackUninstall$\dgnet.dll
+ 2006-05-19 12:59:41 111,616 -c----w c:\windows\$NtServicePackUninstall$\dhcpcsvc.dll
+ 2006-02-28 12:00:00 370,176 -c----w c:\windows\$NtServicePackUninstall$\dhcpmon.dll
+ 2006-02-28 12:00:00 539,136 -c----w c:\windows\$NtServicePackUninstall$\dialer.exe
+ 2006-02-28 12:00:00 85,504 -c----w c:\windows\$NtServicePackUninstall$\diantz.exe
+ 2006-02-28 12:00:00 68,608 -c----w c:\windows\$NtServicePackUninstall$\digest.dll
+ 2006-02-28 12:00:00 159,232 -c----w c:\windows\$NtServicePackUninstall$\dinput.dll
+ 2006-02-28 12:00:00 181,760 -c----w c:\windows\$NtServicePackUninstall$\dinput8.dll
+ 2007-05-16 15:12:00 86,528 -c----w c:\windows\$NtServicePackUninstall$\directdb.dll
+ 2006-02-28 12:00:00 36,352 -c----w c:\windows\$NtServicePackUninstall$\disk.sys
+ 2006-02-28 12:00:00 1,501,696 -c----w c:\windows\$NtServicePackUninstall$\diskcopy.dll
+ 2006-02-28 12:00:00 14,208 -c----w c:\windows\$NtServicePackUninstall$\diskdump.sys
+ 2006-02-28 12:00:00 163,840 -c----w c:\windows\$NtServicePackUninstall$\diskpart.exe
+ 2006-02-28 12:00:00 45,083 -c----w c:\windows\$NtServicePackUninstall$\dispex.dll
+ 2006-02-28 12:00:00 5,120 -c----w c:\windows\$NtServicePackUninstall$\dllhost.exe
+ 2006-02-28 12:00:00 224,768 -c----w c:\windows\$NtServicePackUninstall$\dmadmin.exe
+ 2006-02-28 12:00:00 28,672 -c----w c:\windows\$NtServicePackUninstall$\dmband.dll
+ 2006-02-28 12:00:00 799,744 -c----w c:\windows\$NtServicePackUninstall$\dmboot.sys
+ 2006-02-28 12:00:00 61,440 -c----w c:\windows\$NtServicePackUninstall$\dmcompos.dll
+ 2006-02-28 12:00:00 273,920 -c----w c:\windows\$NtServicePackUninstall$\dmdlgs.dll
+ 2006-02-28 12:00:00 200,704 -c----w c:\windows\$NtServicePackUninstall$\dmdskmgr.dll
+ 2006-02-28 12:00:00 181,248 -c----w c:\windows\$NtServicePackUninstall$\dmime.dll
+ 2006-02-28 12:00:00 153,344 -c----w c:\windows\$NtServicePackUninstall$\dmio.sys
+ 2006-02-28 12:00:00 35,840 -c----w c:\windows\$NtServicePackUninstall$\dmloader.dll
+ 2006-02-28 12:00:00 15,872 -c----w c:\windows\$NtServicePackUninstall$\dmremote.exe
+ 2006-02-28 12:00:00 82,432 -c----w c:\windows\$NtServicePackUninstall$\dmscript.dll
+ 2006-02-28 12:00:00 23,552 -c----w c:\windows\$NtServicePackUninstall$\dmserver.dll
+ 2006-02-28 12:00:00 105,984 -c----w c:\windows\$NtServicePackUninstall$\dmstyle.dll
+ 2006-02-28 12:00:00 103,424 -c----w c:\windows\$NtServicePackUninstall$\dmsynth.dll
+ 2006-02-28 12:00:00 104,448 -c----w c:\windows\$NtServicePackUninstall$\dmusic.dll
+ 2004-08-04 06:07:40 52,864 -c----w c:\windows\$NtServicePackUninstall$\dmusic.sys
+ 2006-02-28 12:00:00 52,224 -c----w c:\windows\$NtServicePackUninstall$\dmutil.dll
+ 2008-06-20 17:41:10 148,992 -c----w c:\windows\$NtServicePackUninstall$\dnsapi.dll
+ 2008-02-20 05:32:43 45,568 -c----w c:\windows\$NtServicePackUninstall$\dnsrslvr.dll
+ 2006-02-28 12:00:00 48,128 -c----w c:\windows\$NtServicePackUninstall$\docprop2.dll
+ 2006-02-28 12:00:00 97,280 -c----w c:\windows\$NtServicePackUninstall$\dpcdll.dll
+ 2006-02-28 12:00:00 30,208 -c----w c:\windows\$NtServicePackUninstall$\dplaysvr.exe
+ 2006-02-28 12:00:00 229,888 -c----w c:\windows\$NtServicePackUninstall$\dplayx.dll
+ 2006-02-28 12:00:00 23,552 -c----w c:\windows\$NtServicePackUninstall$\dpmodemx.dll
+ 2006-02-28 12:00:00 3,584 -c----w c:\windows\$NtServicePackUninstall$\dpnaddr.dll
+ 2006-02-28 12:00:00 375,296 -c----w c:\windows\$NtServicePackUninstall$\dpnet.dll
+ 2006-02-28 12:00:00 35,328 -c----w c:\windows\$NtServicePackUninstall$\dpnhpast.dll
+ 2006-02-28 12:00:00 60,928 -c----w c:\windows\$NtServicePackUninstall$\dpnhupnp.dll
+ 2006-02-28 12:00:00 3,584 -c----w c:\windows\$NtServicePackUninstall$\dpnlobby.dll
+ 2006-02-28 12:00:00 18,432 -c----w c:\windows\$NtServicePackUninstall$\dpnsvr.exe
+ 2006-02-28 12:00:00 21,504 -c----w c:\windows\$NtServicePackUninstall$\dpvacm.dll
+ 2006-02-28 12:00:00 212,480 -c----w c:\windows\$NtServicePackUninstall$\dpvoice.dll
+ 2006-02-28 12:00:00 83,456 -c----w c:\windows\$NtServicePackUninstall$\dpvsetup.exe
+ 2006-02-28 12:00:00 116,736 -c----w c:\windows\$NtServicePackUninstall$\dpvvox.dll
+ 2006-02-28 12:00:00 57,344 -c----w c:\windows\$NtServicePackUninstall$\dpwsockx.dll
+ 2004-08-04 06:08:00 60,288 -c----w c:\windows\$NtServicePackUninstall$\drmk.sys
+ 2004-08-04 06:07:58 2,944 -c----w c:\windows\$NtServicePackUninstall$\drmkaud.sys
+ 2006-02-28 12:00:00 14,336 -c----w c:\windows\$NtServicePackUninstall$\drprov.dll
+ 2006-02-28 12:00:00 16,384 -c----w c:\windows\$NtServicePackUninstall$\ds32gt.dll
+ 2006-02-28 12:00:00 181,760 -c----w c:\windows\$NtServicePackUninstall$\dsdmo.dll
+ 2006-02-28 12:00:00 71,680 -c----w c:\windows\$NtServicePackUninstall$\dsdmoprp.dll
+ 2006-02-28 12:00:00 92,672 -c----w c:\windows\$NtServicePackUninstall$\dskquota.dll
+ 2006-02-28 12:00:00 144,384 -c----w c:\windows\$NtServicePackUninstall$\dskquoui.dll
+ 2006-02-28 12:00:00 367,616 -c----w c:\windows\$NtServicePackUninstall$\dsound.dll
+ 2006-02-28 12:00:00 1,294,336 -c----w c:\windows\$NtServicePackUninstall$\dsound3d.dll
+ 2006-02-28 12:00:00 142,336 -c----w c:\windows\$NtServicePackUninstall$\dsprop.dll
+ 2006-02-28 12:00:00 4,096 -c----w c:\windows\$NtServicePackUninstall$\dsprpres.dll
+ 2006-02-28 12:00:00 239,104 -c----w c:\windows\$NtServicePackUninstall$\dsquery.dll
+ 2006-02-28 12:00:00 51,200 -c----w c:\windows\$NtServicePackUninstall$\dssec.dll
+ 2006-02-28 12:00:00 137,216 -c----w c:\windows\$NtServicePackUninstall$\dssenh.dll
+ 2006-02-28 12:00:00 113,152 -c----w c:\windows\$NtServicePackUninstall$\dsuiext.dll
+ 2006-02-28 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\dswave.dll
+ 2006-02-28 12:00:00 10,752 -c----w c:\windows\$NtServicePackUninstall$\dumprep.exe
+ 2006-02-28 12:00:00 304,128 -c----w c:\windows\$NtServicePackUninstall$\duser.dll
+ 2006-02-28 12:00:00 17,920 -c----w c:\windows\$NtServicePackUninstall$\dvdupgrd.exe
+ 2006-02-28 12:00:00 180,224 -c----w c:\windows\$NtServicePackUninstall$\dwwin.exe
+ 2006-02-28 12:00:00 619,008 -c----w c:\windows\$NtServicePackUninstall$\dx7vb.dll
+ 2006-02-28 12:00:00 1,227,264 -c----w c:\windows\$NtServicePackUninstall$\dx8vb.dll
+ 2006-02-28 12:00:00 1,298,432 -c----w c:\windows\$NtServicePackUninstall$\dxdiag.exe
+ 2006-02-28 12:00:00 2,113,536 -c----w c:\windows\$NtServicePackUninstall$\dxdiagn.dll
+ 2006-02-28 12:00:00 71,040 -c----w c:\windows\$NtServicePackUninstall$\dxg.sys
+ 2006-08-22 11:05:26 498,742 -c----w c:\windows\$NtServicePackUninstall$\dxmasf.dll
+ 2008-06-23 15:38:30 357,888 -c----w c:\windows\$NtServicePackUninstall$\dxtmsft.dll
+ 2008-06-23 15:38:30 205,312 -c----w c:\windows\$NtServicePackUninstall$\dxtrans.dll
+ 2006-02-28 12:00:00 183,296 -c----w c:\windows\$NtServicePackUninstall$\els.dll
+ 2006-02-28 12:00:00 20,480 -c----w c:\windows\$NtServicePackUninstall$\encapi.dll
+ 2006-02-28 12:00:00 186,368 -c----w c:\windows\$NtServicePackUninstall$\encdec.dll
+ 2006-02-28 12:00:00 23,040 -c----w c:\windows\$NtServicePackUninstall$\ersvc.dll
+ 2008-07-07 20:32:22 253,952 -c----w c:\windows\$NtServicePackUninstall$\es.dll
+ 2005-10-20 22:20:03 1,082,368 -c----w c:\windows\$NtServicePackUninstall$\esent.dll
+ 2006-02-28 12:00:00 247,808 -c----w c:\windows\$NtServicePackUninstall$\esscli.dll
+ 2006-02-28 12:00:00 193,024 -c----w c:\windows\$NtServicePackUninstall$\eudcedit.exe
+ 2006-02-28 12:00:00 55,808 -c----w c:\windows\$NtServicePackUninstall$\eventlog.dll
+ 2006-02-28 12:00:00 101,888 -c----w c:\windows\$NtServicePackUninstall$\evntagnt.dll
+ 2006-02-28 12:00:00 24,064 -c----w c:\windows\$NtServicePackUninstall$\evntcmd.exe
+ 2006-02-28 12:00:00 22,016 -c----w c:\windows\$NtServicePackUninstall$\evntrprv.dll
+ 2006-02-28 12:00:00 92,160 -c----w c:\windows\$NtServicePackUninstall$\evntwin.exe
+ 2007-06-13 10:23:07 1,033,216 -c----w c:\windows\$NtServicePackUninstall$\explorer.exe
+ 2006-02-28 12:00:00 380,957 -c----w c:\windows\$NtServicePackUninstall$\expsrv.dll
+ 2008-06-23 15:38:30 55,808 -c----w c:\windows\$NtServicePackUninstall$\extmgr.dll
+ 2006-02-28 12:00:00 45,568 -c----w c:\windows\$NtServicePackUninstall$\extrac32.exe
+ 2006-02-28 12:00:00 121,856 -c----w c:\windows\$NtServicePackUninstall$\exts.dll
+ 2006-02-28 12:00:00 7,168 -c----w c:\windows\$NtServicePackUninstall$\f3ahvoas.dll
+ 2006-02-28 12:00:00 143,360 -c----w c:\windows\$NtServicePackUninstall$\fastfat.sys
+ 2006-02-28 12:00:00 472,064 -c----w c:\windows\$NtServicePackUninstall$\fastprox.dll
+ 2006-02-28 12:00:00 80,384 -c----w c:\windows\$NtServicePackUninstall$\faultrep.dll
+ 2006-02-28 12:00:00 27,392 -c----w c:\windows\$NtServicePackUninstall$\fdc.sys
+ 2006-02-28 12:00:00 21,504 -c----w c:\windows\$NtServicePackUninstall$\feclient.dll
+ 2006-02-28 12:00:00 337,920 -c----w c:\windows\$NtServicePackUninstall$\filemgmt.dll
+ 2006-02-28 12:00:00 27,136 -c----w c:\windows\$NtServicePackUninstall$\findstr.exe
+ 2006-02-28 12:00:00 34,944 -c----w c:\windows\$NtServicePackUninstall$\fips.sys
+ 2006-02-28 12:00:00 87,552 -c----w c:\windows\$NtServicePackUninstall$\fldrclnr.dll
+ 2006-02-28 12:00:00 20,480 -c----w c:\windows\$NtServicePackUninstall$\flpydisk.sys
+ 2006-08-21 12:21:06 16,896 -c----w c:\windows\$NtServicePackUninstall$\fltlib.dll
+ 2006-08-21 09:14:58 23,040 -c----w c:\windows\$NtServicePackUninstall$\fltmc.exe
+ 2006-08-21 09:14:58 128,896 -c----w c:\windows\$NtServicePackUninstall$\fltmgr.sys
+ 2006-02-28 12:00:00 382,976 -c----w c:\windows\$NtServicePackUninstall$\fontext.dll
+ 2005-10-17 21:14:45 80,896 -c----w c:\windows\$NtServicePackUninstall$\fontsub.dll
+ 2006-02-28 12:00:00 20,992 -c----w c:\windows\$NtServicePackUninstall$\fontview.exe
+ 2006-02-28 12:00:00 7,168 -c----w c:\windows\$NtServicePackUninstall$\forcedos.exe
+ 2006-02-28 12:00:00 25,600 -c----w c:\windows\$NtServicePackUninstall$\format.com
+ 2006-02-28 12:00:00 32,828 -c----w c:\windows\$NtServicePackUninstall$\fp40ext.dll
+ 2004-05-13 07:39:48 184,435 -c----w c:\windows\$NtServicePackUninstall$\fp4amsft.dll
+ 2003-03-24 23:52:04 82,035 -c----w c:\windows\$NtServicePackUninstall$\fp4anscp.dll
+ 200
0
Réponse 14 / 14
CelebrenIthil Messages postés 13 Date d'inscription   Statut Membre Dernière intervention  
 
Virtumonde est toujours là, spybot le détecte encore et je fais des écrans bleus assez souvent en démarrant.

Peut-être devrais-je essayer Vundofix ou Virtumundobegone ?
0

Discussions similaires

Livebox 4 Réseau Orange non détecté
Azfun -
brupala -

10 réponses
Livebox s'allume mais marque pas de réseau orange
Bebelle -
kaumune -

9 réponses
"AMD a détecté un dépassement de délai du pilote"
XDA -
XDA -

16 réponses
mon telephone ne s'affiche pas sur mon pc
243emma62 -
Mer -

9 réponses
Crash AMD dépassement délai du pilote
Tyad310 -
alpagaffeur -

14 réponses