Sujet Précédent Sujet Suivant

Hepl ,win 32 spyware-gen [spy]

Résolu/Fermé
lefred069 Messages postés 22 Date d'inscription lundi 20 septembre 2010 Statut Membre Dernière intervention 25 septembre 2010 - 20 sept. 2010 à 22:08
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 - 25 sept. 2010 à 22:15
Bonjour a tous et toutes

comme indiquer j'ais eu la visite de win 32 spyware-gen [spy] detecter par avast fichier infecté C:\windows\system32\dlobb.dll

avast ne peut rien en faire quarentaine supression reparation rien.
malwarebytes anti malwars ne peut pas reparer non plus la clé de registre infecter.

quelqu'un aurait il la gentillesse de m'aider




A voir également:

39 réponses

  • 1
  • 2
Réponse 1 / 39
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
20 sept. 2010 à 22:10
bonjour

à lire en premier lieu stp

http://sd-2.archive-host.com/membres/up/135518691112296573/regles_24.doc

.......................

Télécharge ZHPDiag ( de Nicolas coolman ).
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html


(outil de diagnostic)

Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )

Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau (Clique droit -> Executer en tant qu'admin ( vista )

Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.

Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.

Rend toi sur Cjoint : http://www.cijoint.fr/

Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "

Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau

Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message

0
Réponse 2 / 39
lefred069 Messages postés 22 Date d'inscription lundi 20 septembre 2010 Statut Membre Dernière intervention 25 septembre 2010
20 sept. 2010 à 22:16
merci de m'aider,je te fait tous sa dans la soiré
0
Réponse 3 / 39
lefred069 Messages postés 22 Date d'inscription lundi 20 septembre 2010 Statut Membre Dernière intervention 25 septembre 2010
20 sept. 2010 à 22:33
http://www.cijoint.fr/cjlink.php?file=cj201009/cijxwSeBp3.txt
0
Réponse 4 / 39
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
20 sept. 2010 à 22:39
ok

1)

Télécharge de AD-Remover sur ton Bureau. (Merci à C_XX)
http://pagesperso-orange.fr/NosTools/C_XX/AD-R.exe

Miroir:

https://www.androidworld.fr/

/!\ Déconnecte-toi d'internet et ferme toutes applications en cours /!\

Désactive provisoirement et seulement le temps de l'utilisation de ADremover, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.

- Double-clique sur l'icône Ad-remover située sur ton Bureau.
- Sur la page, clique sur le bouton « NETTOYER »
- Confirme lancement du scan
- Laisse travailler l'outil.
- Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(Scan/clean).Txt)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

.............................

2)

* Télécharge load_tdsskiller (de Loup Blanc) sur ton Bureau

http://fradesch.perso.cegetel.net/transf/Load_tdsskiller.exe

* Lance load_tdsskiller en faisant un double-clic dessus / Lance par un clic-droit dessus ? Exécuter en temps qu'administrateur
* L'outil va se connecter pour télécharger une copie à jour de TDSSKiller, puis va lancer une analyse
* A la fin, il te sera demandé d'appuyer sur une touche, puis le rapport s'affichera automatiquement : copie-colle son contenu dans ta prochaine réponse (C:\tdsskiller\report.txt)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 39
lefred069 Messages postés 22 Date d'inscription lundi 20 septembre 2010 Statut Membre Dernière intervention 25 septembre 2010
20 sept. 2010 à 23:30
j'ais du faire une boulette car je n'ais pas de raport de AD,meme pas de dossier a ce nom,en fait j'ais bien fait la premiere partie,mais avec load-tdsskiller a un moment une fenetre c'est ouverte avec une demande de scan j'ais dit oui ensuite un raport c'est afficher avec je supose les erreure trouver et ensuite j'ais cliquer en bas a droite sur report et il ma demander si je voulais redemarrer j'ais dit oui mais j'ais pas de rapport de tdsskiller,a mon avis j'ais loupé un truc
0
Réponse 6 / 39
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
20 sept. 2010 à 23:36
regarde là (C:\tdsskiller\report.txt)
0
Réponse 7 / 39
lefred069 Messages postés 22 Date d'inscription lundi 20 septembre 2010 Statut Membre Dernière intervention 25 septembre 2010
20 sept. 2010 à 23:37
houps chui vraiment fatiguer,voila ce que tu demade.

======= RAPPORT D'AD-REMOVER 2.0.0.1,F | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par C_XX le 16/09/10 à 13:30
Contact: AdRemover.contact[AT]gmail.com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 22:50:31 le 20/09/2010, Mode normal

Microsoft Windows XP Professionnel Service Pack 3 (X86)
vh@FRED ( )

============== ACTION(S) ==============

Service: "Application Updater" Stoppé et supprimé

0,Dossier supprimé: C:\Program Files\Application Updater
0,Dossier supprimé: C:\Program Files\pdfforge Toolbar
3,Fichier supprimé: C:\WINDOWS\Installer\2c82bc2.msi

(!) -- Fichiers temporaires supprimés.


1,Clé supprimée: HKLM\Software\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}
1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
0,Clé supprimée: HKLM\Software\Application Updater
0,Clé supprimée: HKLM\Software\pdfforge
0,Clé supprimée: HKLM\Software\Search Settings
0,Clé supprimée: HKCU\Software\Search Settings
3,Clé supprimée: HKLM\Software\Classes\Installer\Products\3D7B197543B881247905A6E8540DDA23
3,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\3D7B197543B881247905A6E8540DDA23
0,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5791B7D3-8B34-4218-9750-6A8E45D0AD32}
0,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings

0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{E312764E-7706-43F1-8DAB-FCDD2B1E416D}


============== SCAN ADDITIONNEL ==============

** Internet Explorer Version [8.0.6001.18702] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 20 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 20/09/2010 (413 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 20/09/2010 (1617 Octet(s))

Fin à: 22:54:45, 20/09/2010

============== E.O.F ==============



2010/09/20 23:04:26.0890 TDSS rootkit removing tool 2.4.2.1 Sep 7 2010 14:43:44
2010/09/20 23:04:26.0890 ================================================================================
2010/09/20 23:04:26.0890 SystemInfo:
2010/09/20 23:04:26.0890
2010/09/20 23:04:26.0890 OS Version: 5.1.2600 ServicePack: 3.0
2010/09/20 23:04:26.0890 Product type: Workstation
2010/09/20 23:04:26.0890 ComputerName: FRED
2010/09/20 23:04:26.0890 UserName: vh
2010/09/20 23:04:26.0890 Windows directory: C:\WINDOWS
2010/09/20 23:04:26.0890 System windows directory: C:\WINDOWS
2010/09/20 23:04:26.0890 Processor architecture: Intel x86
2010/09/20 23:04:26.0890 Number of processors: 4
2010/09/20 23:04:26.0890 Page size: 0x1000
2010/09/20 23:04:26.0890 Boot type: Normal boot
2010/09/20 23:04:26.0890 ================================================================================
2010/09/20 23:04:27.0171 Initialize success
2010/09/20 23:05:02.0484 ================================================================================
2010/09/20 23:05:02.0484 Scan started
2010/09/20 23:05:02.0484 Mode: Manual;
2010/09/20 23:05:02.0484 ================================================================================
2010/09/20 23:05:02.0671 Aavmker4 (8d488938e2f7048906f1fbd3af394887) C:\WINDOWS\system32\drivers\Aavmker4.sys
2010/09/20 23:05:02.0734 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/09/20 23:05:02.0781 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/09/20 23:05:02.0812 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\WINDOWS\system32\drivers\adfs.sys
2010/09/20 23:05:02.0843 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/09/20 23:05:02.0890 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2010/09/20 23:05:03.0031 aswFsBlk (a0d86b8ac93ef95620420c7a24ac5344) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010/09/20 23:05:03.0062 aswFW (25ace55b10046e9e6e9b148fa7abd3b7) C:\WINDOWS\system32\drivers\aswFW.sys
2010/09/20 23:05:03.0062 aswMon2 (7d880c76a285a41284d862e2d798ec0d) C:\WINDOWS\system32\drivers\aswMon2.sys
2010/09/20 23:05:03.0078 aswNdis (7b948e3657bea62e437bc46ca6ef6012) C:\WINDOWS\system32\DRIVERS\aswNdis.sys
2010/09/20 23:05:03.0093 aswNdis2 (125febcb61d33b358afc20866b8a9842) C:\WINDOWS\system32\drivers\aswNdis2.sys
2010/09/20 23:05:03.0125 aswRdr (69823954bbd461a73d69774928c9737e) C:\WINDOWS\system32\drivers\aswRdr.sys
2010/09/20 23:05:03.0156 aswSnx (81f10376af5f0f466f03cb2c5321b7ed) C:\WINDOWS\system32\drivers\aswSnx.sys
2010/09/20 23:05:03.0156 aswSP (7ecc2776638b04553f9a85bd684c3abf) C:\WINDOWS\system32\drivers\aswSP.sys
2010/09/20 23:05:03.0203 aswTdi (095ed820a926aa8189180b305e1bcfc9) C:\WINDOWS\system32\drivers\aswTdi.sys
2010/09/20 23:05:03.0234 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/09/20 23:05:03.0250 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/09/20 23:05:03.0296 atksgt (e46d344412d1abc60c58e95c73bcdc70) C:\WINDOWS\system32\DRIVERS\atksgt.sys
2010/09/20 23:05:03.0328 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/09/20 23:05:03.0375 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/09/20 23:05:03.0421 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/09/20 23:05:03.0468 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/09/20 23:05:03.0500 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2010/09/20 23:05:03.0546 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/09/20 23:05:03.0562 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/09/20 23:05:03.0593 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/09/20 23:05:03.0625 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
2010/09/20 23:05:03.0796 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/09/20 23:05:03.0843 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
2010/09/20 23:05:03.0859 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
2010/09/20 23:05:03.0890 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/09/20 23:05:03.0921 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/09/20 23:05:04.0015 driverhardwarev2 (a694d8db6d360a3bbb0bd1517f1c1aee) C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys
2010/09/20 23:05:04.0015 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/09/20 23:05:04.0062 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/09/20 23:05:04.0078 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2010/09/20 23:05:04.0093 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
2010/09/20 23:05:04.0109 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2010/09/20 23:05:04.0125 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2010/09/20 23:05:04.0140 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/09/20 23:05:04.0140 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/09/20 23:05:04.0171 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/09/20 23:05:04.0187 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2010/09/20 23:05:04.0203 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/09/20 23:05:04.0265 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/09/20 23:05:04.0312 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/09/20 23:05:04.0328 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/09/20 23:05:04.0375 IntelIde (4b6da2f0a4095857a9e3f3697399d575) C:\WINDOWS\system32\drivers\IntelIde.sys
2010/09/20 23:05:04.0406 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2010/09/20 23:05:04.0421 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2010/09/20 23:05:04.0453 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/09/20 23:05:04.0468 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/09/20 23:05:04.0500 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/09/20 23:05:04.0515 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/09/20 23:05:04.0531 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/09/20 23:05:04.0562 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/09/20 23:05:04.0578 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/09/20 23:05:04.0593 kbdhid (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2010/09/20 23:05:04.0625 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/09/20 23:05:04.0656 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/09/20 23:05:04.0718 lirsgt (8ccf9ed46d52af1375875f74a91ffacf) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
2010/09/20 23:05:04.0750 MBAMProtector (67b48a903430c6d4fb58cbaca1866601) C:\WINDOWS\system32\drivers\mbam.sys
2010/09/20 23:05:04.0765 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/09/20 23:05:04.0781 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
2010/09/20 23:05:04.0828 monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\monfilt.sys
2010/09/20 23:05:04.0875 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/09/20 23:05:04.0906 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/09/20 23:05:04.0921 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/09/20 23:05:04.0953 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/09/20 23:05:04.0984 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/09/20 23:05:05.0015 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/09/20 23:05:05.0031 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/09/20 23:05:05.0062 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/09/20 23:05:05.0062 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/09/20 23:05:05.0078 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/09/20 23:05:05.0125 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2010/09/20 23:05:05.0156 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
2010/09/20 23:05:05.0171 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/09/20 23:05:05.0203 mwpehicd (2fe0f0c8c4a26c873dd39df8e758dcdc) C:\WINDOWS\system32\drivers\mwpehicd.sys
2010/09/20 23:05:05.0203 Suspicious file (Forged): C:\WINDOWS\system32\drivers\mwpehicd.sys. Real md5: 2fe0f0c8c4a26c873dd39df8e758dcdc, Fake md5: 37378eee9e084ae7ef7fea2599c42991
2010/09/20 23:05:05.0218 mwpehicd - detected Forged file (1)
2010/09/20 23:05:05.0234 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2010/09/20 23:05:05.0265 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/09/20 23:05:05.0296 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2010/09/20 23:05:05.0312 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/09/20 23:05:05.0328 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/09/20 23:05:05.0343 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/09/20 23:05:05.0375 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/09/20 23:05:05.0390 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/09/20 23:05:05.0406 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/09/20 23:05:05.0453 netrcacm (b128ccc0e4586628d5d6f6a8f1d0778d) C:\WINDOWS\system32\DRIVERS\netrcacm.sys
2010/09/20 23:05:05.0468 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/09/20 23:05:05.0515 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/09/20 23:05:05.0546 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/09/20 23:05:05.0781 nv (ed9816dbaf6689542ea7d022631906a1) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2010/09/20 23:05:05.0875 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/09/20 23:05:05.0890 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/09/20 23:05:05.0921 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/09/20 23:05:05.0937 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/09/20 23:05:05.0953 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/09/20 23:05:06.0000 pavboot (3adb8bd6154a3ef87496e8fce9c22493) C:\WINDOWS\system32\drivers\pavboot.sys
2010/09/20 23:05:06.0015 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/09/20 23:05:06.0046 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/09/20 23:05:06.0062 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/09/20 23:05:06.0156 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/09/20 23:05:06.0171 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/09/20 23:05:06.0187 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/09/20 23:05:06.0265 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/09/20 23:05:06.0281 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/09/20 23:05:06.0296 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/09/20 23:05:06.0312 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/09/20 23:05:06.0343 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/09/20 23:05:06.0343 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/09/20 23:05:06.0359 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2010/09/20 23:05:06.0390 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/09/20 23:05:06.0406 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/09/20 23:05:06.0437 RTL8023xp (cf84b1f0e8b14d4120aaf9cf35cbb265) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
2010/09/20 23:05:06.0468 SAAVideo (47c85f63e6debad71c6783e77d64ccb5) C:\WINDOWS\system32\drivers\SAAVideo.sys
2010/09/20 23:05:06.0500 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/09/20 23:05:06.0515 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/09/20 23:05:06.0531 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/09/20 23:05:06.0546 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/09/20 23:05:06.0593 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2010/09/20 23:05:06.0640 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/09/20 23:05:06.0687 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
2010/09/20 23:05:06.0687 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2010/09/20 23:05:06.0703 sptd - detected Locked file (1)
2010/09/20 23:05:06.0703 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/09/20 23:05:06.0750 Srv (89220b427890aa1dffd1a02648ae51c3) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/09/20 23:05:06.0765 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2010/09/20 23:05:06.0781 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/09/20 23:05:06.0796 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/09/20 23:05:06.0859 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/09/20 23:05:06.0906 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/09/20 23:05:06.0937 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/09/20 23:05:06.0953 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/09/20 23:05:06.0968 TermDD (5fa4d61bf983ad739176288871b969a9) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/09/20 23:05:06.0968 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\termdd.sys. Real md5: 5fa4d61bf983ad739176288871b969a9, Fake md5: 88155247177638048422893737429d9e
2010/09/20 23:05:06.0968 TermDD - detected Rootkit.Win32.TDSS.tdl3 (0)
2010/09/20 23:05:07.0015 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/09/20 23:05:07.0062 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/09/20 23:05:07.0109 usbbus (8ef48ff1c23b1ce6f96d09a45959eb20) C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
2010/09/20 23:05:07.0125 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/09/20 23:05:07.0171 usbcorobus (cbadaba163c0c6a4886c3025ddb5474e) C:\WINDOWS\system32\DRIVERS\lgcorobus.sys
2010/09/20 23:05:07.0171 UsbcoroDiag (547469a58e790e69da13de265bbf227a) C:\WINDOWS\system32\DRIVERS\lgcorodiag.sys
2010/09/20 23:05:07.0187 USBcoroModem (266d4644ceb2195ec72ac643bff5a0c3) C:\WINDOWS\system32\DRIVERS\lgcoromdm.sys
2010/09/20 23:05:07.0234 UsbDiag (a0e24c5c2d0cff04bbd3753a72fae80b) C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
2010/09/20 23:05:07.0250 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/09/20 23:05:07.0281 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/09/20 23:05:07.0312 USBModem (cc09a1132b1f6a8362107cc134e90d0b) C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
2010/09/20 23:05:07.0343 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2010/09/20 23:05:07.0375 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/09/20 23:05:07.0406 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2010/09/20 23:05:07.0437 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
2010/09/20 23:05:07.0453 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/09/20 23:05:07.0515 VIAHdAudAddService (8586d10602ff4994e0f56a13a47d2b28) C:\WINDOWS\system32\drivers\viahduaa.sys
2010/09/20 23:05:07.0562 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/09/20 23:05:07.0593 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/09/20 23:05:07.0625 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/09/20 23:05:07.0703 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2010/09/20 23:05:07.0718 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2010/09/20 23:05:07.0750 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/09/20 23:05:07.0781 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2010/09/20 23:05:07.0812 ================================================================================
2010/09/20 23:05:07.0812 Scan finished
2010/09/20 23:05:07.0812 ================================================================================
2010/09/20 23:05:07.0859 Detected object count: 3
2010/09/20 23:08:42.0890 Forged file(mwpehicd) - User select action: Skip
2010/09/20 23:08:42.0890 Locked file(sptd) - User select action: Skip
2010/09/20 23:08:42.0953 TermDD (5fa4d61bf983ad739176288871b969a9) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/09/20 23:08:42.0953 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\termdd.sys. Real md5: 5fa4d61bf983ad739176288871b969a9, Fake md5: 88155247177638048422893737429d9e
2010/09/20 23:08:43.0687 Backup copy found, using it..
2010/09/20 23:08:43.0703 C:\WINDOWS\system32\DRIVERS\termdd.sys - will be cured after reboot
2010/09/20 23:08:43.0703 Rootkit.Win32.TDSS.tdl3(TermDD) - User select action: Cure
2010/09/20 23:10:22.0890 Deinitialize success
0
Réponse 8 / 39
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
20 sept. 2010 à 23:42
Attention, avant de commencer, lit attentivement la procédure, et imprime la

Aide à l'utilisation
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix



Télécharge ComboFix de sUBs sur ton Bureau :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

/!\ Déconnecte-toi du net et <gras>DESACTIVES TOUTES LES DEFENSES, antivirus et antispyware y compris /!\ </gras>

---> Double-clique sur ComboFix.exe
Un "pop-up" va apparaître qui dit que ComboFix est utilisé à vos risques et avec aucune garantie... Clique sur oui pour accepter

SURTOUT INSTALLES LA CONSOLE DE RECUPERATION
(si il te propose de l'installer remets internet)

---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.

Ne touche à rien(souris, clavier) tant que le scan n'est pas terminé, car tu risques de planter ton PC

En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

Note : Le rapport se trouve également là : C:\ComboFix.txt



0
Réponse 9 / 39
lefred069 Messages postés 22 Date d'inscription lundi 20 septembre 2010 Statut Membre Dernière intervention 25 septembre 2010
20 sept. 2010 à 23:50
ok,ferais ca demain,vais au dodo,encore merci pour ton aide
0
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
20 sept. 2010 à 23:54
ok

@+
0
Réponse 10 / 39
lefred069 Messages postés 22 Date d'inscription lundi 20 septembre 2010 Statut Membre Dernière intervention 25 septembre 2010
21 sept. 2010 à 22:16
bonjours voila le raport de combofix.



ComboFix 10-09-21.01 - vh 21/09/2010 21:45:48.1.4 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3583.3080 [GMT 2:00]
Lancé depuis: c:\documents and settings\vh\Bureau\ComboFix.exe
AV: avast! Internet Security *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\vh\Application Data\EA419CE51ED898A02EFD9529A9386455
c:\documents and settings\vh\Application Data\EA419CE51ED898A02EFD9529A9386455\enemies-names.txt
C:\Thumbs.db
c:\windows\system32\dlobb.dll
c:\windows\system32\drivers\mwpehicd.sys
c:\windows\system32\drivers\tvtaogex.sys
c:\windows\system32\dueuq.dll
c:\windows\system32\Temp
c:\windows\system32\Temp\21-42-1264365773_GTC_TMP_.bat
c:\windows\system32\Temp\updatestamp
c:\windows\system32\Thumbs.db
c:\windows\temp.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_DGAUXFBZ
-------\Legacy_MWPEHICD
-------\Legacy_MYWEBSEARCHSERVICE
-------\Service_dgauxfbz
-------\Service_mwpehicd


((((((((((((((((((((((((((((( Fichiers créés du 2010-08-21 au 2010-09-21 ))))))))))))))))))))))))))))))))))))
.

2010-09-20 21:08 . 2010-09-20 21:08 72280 ----a-w- c:\windows\system32\drivers\klmdb.sys
2010-09-20 21:04 . 2010-09-20 21:04 -------- d-----w- C:\tdsskiller
2010-09-20 20:49 . 2010-09-20 20:53 -------- d-----w- c:\program files\Ad-Remover
2010-09-20 20:24 . 2010-09-20 20:26 -------- d-----w- c:\program files\ZHPDiag
2010-09-20 19:53 . 2010-09-20 19:53 -------- d-----w- c:\program files\Trend Micro
2010-09-19 21:54 . 2010-09-19 21:54 -------- d-----w- c:\program files\Ace Utilities
2010-09-19 21:21 . 2010-07-05 12:30 3687344 ----a-w- c:\documents and settings\vh\Application Data\Simply Super Software\Trojan Remover\tvj1.exe
2010-09-19 20:55 . 2009-06-30 07:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2010-09-19 20:55 . 2010-09-19 20:55 -------- d-----w- c:\program files\Panda Security
2010-09-18 14:57 . 2010-09-07 14:53 340048 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2010-09-18 14:57 . 2010-09-07 14:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-18 14:57 . 2010-09-07 14:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-18 14:57 . 2010-09-07 14:54 99792 ----a-w- c:\windows\system32\drivers\aswFW.sys
2010-09-18 14:57 . 2010-09-07 14:53 190416 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2010-09-18 14:57 . 2010-09-07 14:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-18 14:57 . 2010-09-07 14:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-18 14:57 . 2010-09-07 14:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-09-18 14:57 . 2010-09-07 14:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-09-18 14:57 . 2010-09-07 14:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-09-18 14:56 . 2010-09-07 15:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-18 14:56 . 2010-09-07 14:24 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2010-09-17 16:46 . 2008-07-07 14:03 2419001 ----a-w- c:\documents and settings\All Users\Application Data\{289D3FDF-2766-48C6-9EFF-63AFE4190B98}\EBP.exe
2010-09-17 16:45 . 2010-09-17 16:46 -------- d--h--w- c:\documents and settings\All Users\Application Data\{289D3FDF-2766-48C6-9EFF-63AFE4190B98}
2010-09-17 16:45 . 2008-06-24 09:04 12499456 ----a-w- c:\documents and settings\All Users\Application Data\{289D3FDF-2766-48C6-9EFF-63AFE4190B98}\offline\E13F69E6\A8A46971\Devis.exe
2010-09-17 16:45 . 2005-08-17 08:55 1916928 ----a-w- c:\documents and settings\All Users\Application Data\{289D3FDF-2766-48C6-9EFF-63AFE4190B98}\offline\E13F69E6\A8A46971\EDTBrows.dll
2010-09-17 16:39 . 2010-09-17 16:39 -------- d-----w- c:\documents and settings\All Users\Application Data\EBP
2010-09-17 16:38 . 2010-09-17 16:46 -------- d-----w- c:\program files\EBP
2010-09-16 21:40 . 2010-09-16 21:49 -------- d-----w- c:\documents and settings\vh\Application Data\vlc
2010-09-16 21:21 . 2010-09-07 15:12 38848 ----a-w- c:\windows\avastSS.scr
2010-09-16 19:05 . 2010-09-16 19:05 -------- d-s---w- c:\documents and settings\NetworkService\Favoris
2010-09-04 20:52 . 2010-09-04 20:52 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
2010-09-04 20:37 . 2010-09-04 20:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Driver Whiz
2010-09-02 19:50 . 2010-09-14 19:12 1 ----a-w- c:\documents and settings\vh\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-09-02 19:50 . 2010-09-02 19:50 -------- d-----w- c:\documents and settings\vh\Application Data\OpenOffice.org
2010-09-02 19:47 . 2010-09-02 19:47 -------- d-----w- c:\program files\JRE
2010-09-02 19:47 . 2010-09-02 19:47 -------- d-----w- c:\program files\OpenOffice.org 3
2010-08-28 20:11 . 2010-08-28 20:11 -------- d-----w- c:\program files\MovieToolbox

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-20 21:08 . 2010-09-20 21:08 40840 ----a-w- c:\windows\system32\drivers\tsk80.tmp
2010-09-19 22:57 . 2010-02-21 21:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-09-19 21:22 . 2010-07-27 19:28 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-09-19 19:26 . 2009-03-21 22:49 -------- d-----w- c:\documents and settings\vh\Application Data\Media Player Classic
2010-09-19 17:08 . 2002-01-25 16:19 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2010-09-19 17:08 . 2002-01-25 16:20 -------- d-----w- c:\program files\InstallShield Installation Information
2010-09-18 14:56 . 2010-08-04 20:03 -------- d-----w- c:\program files\Alwil Software
2010-09-17 16:44 . 2009-02-07 10:57 -------- d-----w- c:\program files\eMule
2010-09-03 15:59 . 2009-02-07 08:09 25672 ----a-w- c:\documents and settings\vh\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-09-02 19:47 . 2010-07-14 17:39 -------- d-----w- c:\program files\Java
2010-08-29 20:40 . 2009-04-03 20:25 -------- d-----w- c:\program files\ma-config.com
2010-08-29 20:40 . 2009-02-07 15:11 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com
2010-08-27 19:20 . 2010-07-31 16:18 -------- d-----w- c:\documents and settings\vh\Application Data\ArcSoft
2010-08-18 20:00 . 2010-08-18 19:39 -------- d-----w- c:\documents and settings\vh\Application Data\Orbit
2010-08-18 19:42 . 2010-08-18 19:42 -------- d-----w- c:\documents and settings\vh\Application Data\ProgSense
2010-08-18 19:39 . 2010-08-18 19:39 331304 ----a-w- c:\documents and settings\vh\Application Data\OpenCandy\OpenCandy_46EFF9E69F324ABBB5CCC1866E041589\DLMgr_3_1.6.44.exe
2010-08-18 19:39 . 2010-08-18 19:39 -------- d-----w- c:\documents and settings\vh\Application Data\OpenCandy
2010-08-17 20:33 . 2010-08-17 20:33 -------- d-----w- c:\documents and settings\vh\Application Data\VitySoft
2010-08-09 20:58 . 2010-08-09 20:58 65555 ----a-w- c:\windows\BricoPackUninst.cmd
2010-08-09 20:58 . 2010-08-09 20:52 6108 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2010-08-09 20:58 . 2004-08-05 10:00 219648 ----a-w- c:\windows\system32\uxtheme.dll
2010-08-08 20:56 . 2010-08-04 18:13 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-08-07 20:32 . 2010-08-07 20:32 -------- d-----w- c:\program files\IObit
2010-08-07 11:39 . 2002-01-25 16:19 -------- d-----w- c:\program files\VIA
2010-08-07 11:37 . 2010-08-07 11:36 -------- d-----w- c:\program files\NVIDIA Corporation
2010-08-07 11:36 . 2010-08-07 11:36 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2010-08-07 11:36 . 2010-08-07 11:36 232968 ----a-w- c:\windows\system32\nvdrsdb0.bin
2010-08-07 11:36 . 2010-08-07 11:36 1 ----a-w- c:\windows\system32\nvdrssel.bin
2010-08-07 11:36 . 2010-08-07 11:36 232968 ----a-w- c:\windows\system32\nvdrsdb1.bin
2010-08-07 11:23 . 2010-08-07 11:23 -------- d-----w- c:\program files\Driver-Soft
2010-08-06 19:55 . 2010-08-06 19:54 -------- d-----w- c:\program files\Trojan Remover
2010-08-06 19:54 . 2010-08-06 19:54 -------- d-----w- c:\documents and settings\vh\Application Data\Simply Super Software
2010-08-06 19:54 . 2010-08-06 19:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Simply Super Software
2010-08-06 18:03 . 2010-08-06 18:03 -------- d-----w- c:\documents and settings\LocalService\Application Data\Malwarebytes
2010-08-05 18:45 . 2010-08-05 18:45 -------- d-----w- c:\documents and settings\vh\Application Data\Malwarebytes
2010-08-05 18:45 . 2010-08-05 18:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-05 18:45 . 2010-08-05 18:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-08-04 20:34 . 2010-07-29 19:46 -------- d-----w- c:\program files\Ciel
2010-08-04 20:03 . 2010-08-04 20:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-08-03 20:16 . 2010-08-03 20:15 -------- d-----w- c:\documents and settings\vh\Application Data\QuickScan
2010-08-02 20:16 . 2010-02-21 21:39 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-08-01 21:29 . 2010-08-01 21:07 53319 ----a-w- c:\documents and settings\All Users\Application Data\TEMP\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
2010-08-01 21:12 . 2010-07-31 19:25 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2010-08-01 20:23 . 2010-07-31 19:24 53319 ----a-w- c:\documents and settings\All Users\Application Data\TEMP\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\PostBuild.exe
2010-08-01 17:30 . 2010-08-01 17:30 -------- d-----w- c:\documents and settings\All Users\Application Data\AVS4YOU
2010-08-01 17:29 . 2010-08-01 17:29 -------- d-----w- c:\documents and settings\vh\Application Data\AVS4YOU
2010-08-01 17:29 . 2010-08-01 17:28 -------- d-----w- c:\program files\AVS4YOU
2010-08-01 17:29 . 2010-08-01 17:28 -------- d-----w- c:\program files\Fichiers communs\AVSMedia
2010-07-31 19:31 . 2010-07-31 19:27 -------- d-----w- c:\documents and settings\vh\Application Data\CyberLink
2010-07-31 15:53 . 2010-07-31 15:49 -------- d-----w- c:\documents and settings\vh\Application Data\DAEMON Tools Lite
2010-07-31 15:50 . 2010-07-31 15:31 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-07-31 15:50 . 2010-07-31 15:49 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2010-07-31 15:43 . 2010-07-31 15:43 -------- d-----w- c:\documents and settings\vh\Application Data\DAEMON Tools Pro
2010-07-31 11:21 . 2010-07-31 11:21 112 ----a-w- c:\documents and settings\All Users\Application Data\Yjg1vT2n.dat
2010-07-30 21:00 . 2010-01-31 21:34 723 ----a-w- c:\documents and settings\All Users\Application Data\Ciel\Données Communes\pdf.dll
2010-07-29 19:53 . 2010-07-29 19:53 -------- d-----w- c:\documents and settings\vh\Application Data\Ciel
2010-07-29 19:49 . 2010-01-31 21:34 -------- d-----w- c:\program files\Fichiers communs\Sage
2010-07-29 19:48 . 2010-07-29 19:46 -------- d-----w- c:\program files\Fichiers communs\Ciel
2010-07-28 17:55 . 2002-01-25 16:30 -------- d-----w- c:\program files\AGEIA Technologies
2010-07-28 17:51 . 2009-10-08 20:33 -------- d-----w- c:\program files\LG Electronics
2010-07-28 17:51 . 2010-04-10 22:37 -------- d-----w- c:\documents and settings\vh\Application Data\LG Electronics
2010-07-27 20:04 . 2010-07-27 20:04 -------- d-----w- c:\program files\Fichiers communs\Java
2010-07-25 22:02 . 2010-07-25 22:02 -------- d-----w- c:\documents and settings\All Users\Application Data\ArcSoft
2010-07-17 03:00 . 2010-07-27 20:04 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-15 06:19 . 2010-07-15 06:19 61440 ----a-w- c:\documents and settings\vh\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-27099fb8-n\decora-sse.dll
2010-07-15 06:19 . 2010-07-15 06:19 503808 ----a-w- c:\documents and settings\vh\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-10207abf-n\msvcp71.dll
2010-07-15 06:19 . 2010-07-15 06:19 499712 ----a-w- c:\documents and settings\vh\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-10207abf-n\jmc.dll
2010-07-15 06:19 . 2010-07-15 06:19 348160 ----a-w- c:\documents and settings\vh\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-10207abf-n\msvcr71.dll
2010-07-15 06:19 . 2010-07-15 06:19 12800 ----a-w- c:\documents and settings\vh\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-27099fb8-n\decora-d3d.dll
2010-07-09 14:24 . 2010-07-09 14:24 81920 ----a-w- c:\windows\system32\nvwddi.dll
2010-07-07 11:46 . 2002-01-25 16:29 604776 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-02-10 20:28 . 2009-02-10 20:25 2516 --sha-w- c:\windows\system32\KGyGaAvL.sys
.
[code]<pre>
c:\program files\Adobe\Reader 9.0\Reader\Reader_sl .exe
c:\program files\BillP Studios\WinPatrol\winpatrol .exe
c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM .exe
c:\program files\Fichiers communs\Java\Java Update\jusched .exe
c:\program files\Spybot - Search & Destroy\TeaTimer .exe
</pre>/code

------- Sigcheck -------

[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
[7] 2009-08-06 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe
[7] 2008-04-14 . 7E3DEFE771CB451B0FF630BFA435417E . 112640 . . [5.4.3790.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\wuauclt.exe

[-] 2010-05-06 . 803F9373996A2A8311DACA0E9AA6CA4C . 6224896 . . [8.00.6001.18928] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2010-05-06 . 803F9373996A2A8311DACA0E9AA6CA4C . 6224896 . . [8.00.6001.18928] . . c:\windows\system32\mshtml.dll
[7] 2010-05-06 . 58AF16DE738F10213E86FEF10836D0E5 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2010-05-06 . 705DA0AFB48A9333747475AD5600A902 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
[7] 2010-02-25 . 61216C223AF660E87DF5482C861A9DE2 . 5944832 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll
[7] 2010-02-25 . B8B420A6EB2BB50AA014CD99C96CF983 . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
[7] 2009-12-21 . FE1B72EA7D56047544F71E6561E92D6B . 5942784 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\mshtml.dll
[7] 2009-12-21 . 4C3B72EA3B0835689AB747AF08586F2D . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[7] 2009-10-29 . 09CF09FD79B523D72E63C7C87DA42B7B . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll
[7] 2009-10-29 . CAAC5BF7EB6B3D0E58C9E94C70ACA4FC . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[7] 2009-10-22 . 15AF288B61A2E017B18D7E185080AC49 . 5939712 . . [8.00.6001.18852] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll
[7] 2009-10-22 . B6FCAFC596E6B91BBAACEAA65CBB3597 . 5943296 . . [8.00.6001.22942] . . c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll
[7] 2009-08-29 . 590162EA07145D620FA95D2454364FC4 . 5940224 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976749-IE8\mshtml.dll
[7] 2009-08-29 . 182C1908B26DD3BCEB58B735C3F97F7C . 5942272 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
[7] 2009-07-19 . 29AA8EA1DAA83DBEC54916669BF09077 . 5937152 . . [8.00.6001.18812] . . c:\windows\ie8updates\KB974455-IE8\mshtml.dll
[7] 2009-07-19 . 19C9FC84B91467171674D76EB0224D48 . 5938176 . . [8.00.6001.22902] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll
[7] 2009-05-13 . C153CCC6BA78182DFA3CD23086EA5BDB . 5936128 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\mshtml.dll
[7] 2009-05-13 . F73E32A6674F1D59D6D88C88D2536BAC . 5936128 . . [8.00.6001.18783] . . c:\windows\ie8updates\KB972260-IE8\mshtml.dll
[7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\mshtml.dll
[7] 2009-02-21 . D79AEC545A98057155099FB69BB3C4D3 . 3596800 . . [7.00.6000.21015] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\mshtml.dll
[7] 2009-02-20 . 78068F040272D5EEF5198B3C75DD4D99 . 3595264 . . [7.00.6000.16825] . . c:\windows\ie8\mshtml.dll
[7] 2009-01-16 . 0975BFBBCF2639C8BB5C0790F020DE6C . 3594752 . . [7.00.6000.16809] . . c:\windows\ie7updates\KB963027-IE7\mshtml.dll
[7] 2009-01-16 . F386435C5E0A5D86E9F90B659D4F6075 . 3596288 . . [7.00.6000.20996] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll
[7] 2008-12-13 . 0AFB982529328ABAF64EFC6C85E0F09C . 3593216 . . [7.00.6000.16788] . . c:\windows\ie7updates\KB961260-IE7\mshtml.dll
[7] 2008-12-13 . 0AFB982529328ABAF64EFC6C85E0F09C . 3593216 . . [7.00.6000.16788] . . c:\windows\SoftwareDistribution\Download\5356ed78511a59dcaa4152b89a58b2a1\SP2GDR\mshtml.dll
[7] 2008-12-13 . CB7922B3AD4BC5BBEDA130F6C9E0656A . 3594752 . . [7.00.6000.20973] . . c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll
[7] 2008-12-13 . CB7922B3AD4BC5BBEDA130F6C9E0656A . 3594752 . . [7.00.6000.20973] . . c:\windows\SoftwareDistribution\Download\5356ed78511a59dcaa4152b89a58b2a1\SP2QFE\mshtml.dll
[7] 2008-12-12 . C4CAE99E2AB643B25D0484D5E985960D . 3081216 . . [6.00.2900.3492] . . c:\windows\SoftwareDistribution\Download\53c8740cf7684886c65223ce8bd54482\SP2GDR\mshtml.dll
[7] 2008-12-12 . 19442577E63238262B8CA132E64FA5BE . 3088384 . . [6.00.2900.3492] . . c:\windows\SoftwareDistribution\Download\53c8740cf7684886c65223ce8bd54482\SP2QFE\mshtml.dll
[7] 2008-12-12 . 6F69E698F11B1214F05195873B73BED4 . 3088896 . . [6.00.2900.5726] . . c:\windows\$hf_mig$\KB960714\SP3QFE\mshtml.dll
[7] 2008-12-12 . 6F69E698F11B1214F05195873B73BED4 . 3088896 . . [6.00.2900.5726] . . c:\windows\SoftwareDistribution\Download\53c8740cf7684886c65223ce8bd54482\SP3QFE\mshtml.dll
[7] 2008-12-12 . A3C8A9D3F61F721FCA1A841164FB0CF2 . 3088896 . . [6.00.2900.5726] . . c:\windows\ie7\mshtml.dll
[7] 2008-12-12 . A3C8A9D3F61F721FCA1A841164FB0CF2 . 3088896 . . [6.00.2900.5726] . . c:\windows\SoftwareDistribution\Download\53c8740cf7684886c65223ce8bd54482\SP3GDR\mshtml.dll
[7] 2008-10-17 . 74BF6087086364FA96BF047DA7C9EB38 . 3593216 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB960714-IE7\mshtml.dll
[7] 2008-10-17 . 74BF6087086364FA96BF047DA7C9EB38 . 3593216 . . [7.00.6000.16762] . . c:\windows\SoftwareDistribution\Download\9be74ccf2e967ebc45085789ed7bfc38\SP2GDR\mshtml.dll
[7] 2008-10-16 . EB75C0C66C633D0EFD0176450F8857F8 . 3595264 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll
[7] 2008-10-16 . EB75C0C66C633D0EFD0176450F8857F8 . 3595264 . . [7.00.6000.20935] . . c:\windows\SoftwareDistribution\Download\9be74ccf2e967ebc45085789ed7bfc38\SP2QFE\mshtml.dll
[7] 2008-10-16 . BB926972223761C93BB8D41881CE4DD7 . 3080704 . . [6.00.2900.3462] . . c:\windows\SoftwareDistribution\Download\0b3ac415e34ab665ed966c5d247670be\SP2GDR\mshtml.dll
[7] 2008-10-16 . 14BBFF7E52B9FF4645AB4EF9D4CE6182 . 3088384 . . [6.00.2900.3462] . . c:\windows\SoftwareDistribution\Download\0b3ac415e34ab665ed966c5d247670be\SP2QFE\mshtml.dll
[7] 2008-10-16 . 72299C6CD21801EAB5CBBC3F7B1DB195 . 3088896 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\mshtml.dll
[7] 2008-10-16 . 72299C6CD21801EAB5CBBC3F7B1DB195 . 3088896 . . [6.00.2900.5694] . . c:\windows\SoftwareDistribution\Download\0b3ac415e34ab665ed966c5d247670be\SP3QFE\mshtml.dll
[7] 2008-10-16 . CC8B4DA84F4621329ACA3F7A81584F83 . 3088896 . . [6.00.2900.5694] . . c:\windows\SoftwareDistribution\Download\0b3ac415e34ab665ed966c5d247670be\SP3GDR\mshtml.dll
[7] 2008-08-27 . 3CCDB836BBAB800FDED3181AF7EED38F . 3593216 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\mshtml.dll
[7] 2008-08-27 . 3CCDB836BBAB800FDED3181AF7EED38F . 3593216 . . [7.00.6000.16735] . . c:\windows\SoftwareDistribution\Download\a37a907ce729d9b027006f974e62dcad\SP2GDR\mshtml.dll
[7] 2008-08-26 . 0F345A2FE55C3DC9693AAAF2E983F4AD . 3594752 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
[7] 2008-08-26 . 0F345A2FE55C3DC9693AAAF2E983F4AD . 3594752 . . [7.00.6000.20900] . . c:\windows\SoftwareDistribution\Download\a37a907ce729d9b027006f974e62dcad\SP2QFE\mshtml.dll
[7] 2008-04-14 . C4153F037157C7BE7C54FD88887F027D . 3066880 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB960714$\mshtml.dll
[7] 2008-04-14 . C4153F037157C7BE7C54FD88887F027D . 3066880 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\mshtml.dll
[7] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB956390-IE7\mshtml.dll
[-] 2006-03-23 . AC77AAD0D3F9D6490F7B5F697DDAD483 . 3076608 . . [6.00.2900.2873] . . c:\windows\$hf_mig$\KB912812\SP2QFE\mshtml.dll
[-] 2006-03-23 . E0F2B20C0DB70BC649FA10EB7405CADB . 3074560 . . [6.00.2900.2873] . . c:\windows\$NtServicePackUninstall$\mshtml.dll

[-] 2010-05-06 . 58498A88EB90226435788F6BECA3F53C . 907264 . . [8.00.6001.18923] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2010-05-06 . 58498A88EB90226435788F6BECA3F53C . 907264 . . [8.00.6001.18923] . . c:\windows\system32\wininet.dll
[7] 2010-05-06 . B98E84E2CD3EE25D6D41936352E93112 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\dllcache\wininet.dll
[7] 2010-05-06 . C906F4EA76E7BEC9255776E626086B95 . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[7] 2010-02-25 . 3897DB69B7ABF09C00406A249F8088D8 . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll
[7] 2010-02-25 . B667625B38B5EA389044F90BDE80C4FD . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
[7] 2009-12-21 . A8D4AB4ECD850013612E2B6F96EF2394 . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll
[7] 2009-12-21 . 413508B6F20DAA22074E3E1558850447 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[7] 2009-10-29 . AB28712FEB7BE2A52A9ABFA0FF94C1B6 . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll
[7] 2009-10-29 . F461ACD33F06BF1FB28FFF1EF345FE63 . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[7] 2009-08-29 . 4CFF479B02819293167F42940B5EF12B . 916480 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
[7] 2009-08-29 . 39E483C39E0EED381977EC1121ADD2BF . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
[7] 2009-07-03 . B0249F1B9F68E55CB7D2656339D13323 . 915456 . . [8.00.6001.22896] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
[7] 2009-07-03 . 995E2754D7FB0203A45351A1376836ED . 915456 . . [8.00.6001.18806] . . c:\windows\ie8updates\KB974455-IE8\wininet.dll
[7] 2009-05-13 . 722E8ABB39238BAD1B1E13D97C49DB4D . 915456 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\wininet.dll
[7] 2009-05-13 . FEADC209186574B0471D694FF5634F70 . 915456 . . [8.00.6001.18783] . . c:\windows\ie8updates\KB972260-IE8\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\wininet.dll
[7] 2009-03-03 . 39F71B559A97ED722F939A0EA7235323 . 828416 . . [7.00.6000.21020] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
[7] 2009-03-03 . 68A2567FDD62AE7E31D8A885C5173EF9 . 826368 . . [7.00.6000.16827] . . c:\windows\ie8\wininet.dll
[7] 2008-12-20 . 4E192082A5FCE9EF19198A24CDEA3442 . 827904 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[7] 2008-12-20 . 0551C946E305CEE0A79BA744DC141BFC . 826368 . . [7.00.6000.16791] . . c:\windows\ie7updates\KB963027-IE7\wininet.dll
[7] 2008-10-16 . CFBFA47415E85018E2CDC509E5E3D011 . 826368 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll
[7] 2008-10-16 . CFBFA47415E85018E2CDC509E5E3D011 . 826368 . . [7.00.6000.16762] . . c:\windows\SoftwareDistribution\Download\9be74ccf2e967ebc45085789ed7bfc38\SP2GDR\wininet.dll
[7] 2008-10-16 . 37D1A1BFE3D9904F2C3D11592456F9C0 . 827904 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
[7] 2008-10-16 . 37D1A1BFE3D9904F2C3D11592456F9C0 . 827904 . . [7.00.6000.20935] . . c:\windows\SoftwareDistribution\Download\9be74ccf2e967ebc45085789ed7bfc38\SP2QFE\wininet.dll
[7] 2008-10-16 . 4BAD064ED3FB5008AF94D427DD77FDDD . 663552 . . [6.00.2900.3462] . . c:\windows\SoftwareDistribution\Download\0b3ac415e34ab665ed966c5d247670be\SP2GDR\wininet.dll
[7] 2008-10-16 . F9AE6DBB4EC5B4D1A82BF2F0CB7EE200 . 671744 . . [6.00.2900.3462] . . c:\windows\SoftwareDistribution\Download\0b3ac415e34ab665ed966c5d247670be\SP2QFE\wininet.dll
[7] 2008-10-16 . 1C6E9FDAB1F4CB983A39EFBA6F131ACC . 671232 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\wininet.dll
[7] 2008-10-16 . 1C6E9FDAB1F4CB983A39EFBA6F131ACC . 671232 . . [6.00.2900.5694] . . c:\windows\SoftwareDistribution\Download\0b3ac415e34ab665ed966c5d247670be\SP3QFE\wininet.dll
[7] 2008-10-16 . 05033943FF61ABD13B93C00337D04E92 . 670208 . . [6.00.2900.5694] . . c:\windows\ie7\wininet.dll
[7] 2008-10-16 . 05033943FF61ABD13B93C00337D04E92 . 670208 . . [6.00.2900.5694] . . c:\windows\SoftwareDistribution\Download\0b3ac415e34ab665ed966c5d247670be\SP3GDR\wininet.dll
[7] 2008-08-26 . 4B0E70D44297877A313045BD059770E1 . 827904 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
[7] 2008-08-26 . 4B0E70D44297877A313045BD059770E1 . 827904 . . [7.00.6000.20900] . . c:\windows\SoftwareDistribution\Download\a37a907ce729d9b027006f974e62dcad\SP2QFE\wininet.dll
[7] 2008-08-26 . E30CACD98479B36A3DBFA3267BF62DD0 . 826368 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\wininet.dll
[7] 2008-08-26 . E30CACD98479B36A3DBFA3267BF62DD0 . 826368 . . [7.00.6000.16735] . . c:\windows\SoftwareDistribution\Download\a37a907ce729d9b027006f974e62dcad\SP2GDR\wininet.dll
[7] 2008-04-14 . 4A6E04EA20F48D750D9BFED8600D516B . 670208 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB958215$\wininet.dll
[7] 2008-04-14 . 4A6E04EA20F48D750D9BFED8600D516B . 670208 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\wininet.dll
[7] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB956390-IE7\wininet.dll
[-] 2006-03-04 . 241DBC4C2714B2F39AFDED49459ED420 . 667648 . . [6.00.2900.2861] . . c:\windows\$hf_mig$\KB912812\SP2QFE\wininet.dll
[-] 2006-03-04 . 19E1A21F21BC938A92EE8BE630994493 . 662528 . . [6.00.2900.2861] . . c:\windows\$NtServicePackUninstall$\wininet.dll

[-] 2008-04-14 . 3EFE912DD25D2586E6A0341DB0A66F69 . 979968 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 3EFE912DD25D2586E6A0341DB0A66F69 . 979968 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[7] 2008-04-14 . F2317622D29F9FF0F88AEECD5F60F0DD . 1037824 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\explorer.exe
[7] 2004-08-05 . 4C33E5B9A6197B6ED215F6CFBA0A2DAA . 1036288 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\snxPluginsShell]
@="{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}"
[HKEY_CLASSES_ROOT\CLSID\{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}]
2010-09-07 15:14 152160 ----a-w- c:\program files\Alwil Software\Avast5\snxPlugins.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2010-07-02 2347216]
"UberIcon"="c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe" [2006-05-21 180224]
"ccleaner"="d:\ccleaner\CCleaner.exe" [2010-08-26 1779512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2010-07-05 1167296]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-08-28 33673216]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\vh\Menu D'marrer\Programmes\D'marrage\
PyGrenouille.lnk - c:\pygrenouille\pygrenouille.exe [2009-12-27 91648]
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-19 630784]
TransBar.lnk - c:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-6-1 65536]
UberIcon.lnk - c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-5-21 180224]
Y'z Shadow.lnk - c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-5-21 155648]

c:\documents and settings\vh\Menu D'marrer\Programmes\D'marrage\
PyGrenouille.lnk - c:\pygrenouille\pygrenouille.exe [2009-12-27 91648]
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-19 630784]
TransBar.lnk - c:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-6-1 65536]
UberIcon.lnk - c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-5-21 180224]
Y'z Shadow.lnk - c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-5-21 155648]

c:\documents and settings\vh\Menu D'marrer\Programmes\D'marrage\
PyGrenouille.lnk - c:\pygrenouille\pygrenouille.exe [2009-12-27 91648]
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-19 630784]
TransBar.lnk - c:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-6-1 65536]
UberIcon.lnk - c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-5-21 180224]
Y'z Shadow.lnk - c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-5-21 155648]

c:\documents and settings\vh\Menu D'marrer\Programmes\D'marrage\
PyGrenouille.lnk - c:\pygrenouille\pygrenouille.exe [2009-12-27 91648]
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-19 630784]
TransBar.lnk - c:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-6-1 65536]
UberIcon.lnk - c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-5-21 180224]
Y'z Shadow.lnk - c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-5-21 155648]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:22221636c877

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Fichiers communs\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Ciel\\directDeclaration\\directDeclaration.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [18/09/2010 16:56 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [18/09/2010 16:57 190416]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [19/09/2010 22:55 28552]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [18/09/2010 16:57 99792]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [18/09/2010 16:57 340048]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [18/09/2010 16:57 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [18/09/2010 16:57 17744]
R2 avast! Firewall;avast! Firewall;c:\program files\Alwil Software\Avast5\afwServ.exe [18/09/2010 16:56 119200]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [05/08/2010 20:45 304464]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [05/08/2010 20:45 20952]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [25/01/2002 18:19 1390976]
S1 archlp;archlp;c:\windows\system32\drivers\archlp.sys --> c:\windows\system32\drivers\archlp.sys [?]
S2 ArgusV;ArgusV;c:\windows\system32\drivers\ArgusV.sys --> c:\windows\system32\drivers\ArgusV.sys [?]
S3 klmd25;klmd25; [x]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [13/08/2010 14:43 259440]
S3 SAAVideo;%ETHER SAADriver%;c:\windows\system32\drivers\SAAVideo.sys [14/02/2009 17:46 24576]
S3 usbcorobus;LGE Corona Composite USB Device;c:\windows\system32\drivers\lgcorobus.sys [08/10/2009 22:33 21440]
S3 UsbcoroDiag;LGE Corona USB Serial Port;c:\windows\system32\drivers\lgcorodiag.sys [08/10/2009 22:33 37788]
S3 USBcoroModem;LGE Corona USB Modem;c:\windows\system32\drivers\lgcoromdm.sys [08/10/2009 22:33 39380]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [31/07/2010 17:31 691696]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - MWPEHICD
*Deregistered* - mwpehicd
.
Contenu du dossier 'Tâches planifiées'

2010-09-18 c:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2010-08-07 14:18]

2010-09-24 c:\windows\Tasks\User_Feed_Synchronization-{C6A415C2-2ECF-4D53-BED5-3FBEFA038A60}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Examen supplémentaire -------
.
DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} - hxxps://plugins.valueactive.eu/flashax/iefax.cab
.
- - - - ORPHELINS SUPPRIMES - - - -

Toolbar-Locked - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
SafeBoot-klmdb.sys



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-21 22:07
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TermDD]
"ImagePath"="system32\drivers\tsk80.tmp"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'lsass.exe'(1100)
c:\windows\system32\scecli.dll

- - - - - - - > 'explorer.exe'(2716)
c:\windows\system32\SHDOCVW.dll
c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll
c:\program files\NVIDIA Corporation\nView\nview.dll
c:\program files\NVIDIA Corporation\nView\NVWRSFR.DLL
c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll
c:\windows\system32\msi.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\netshell.dll
c:\windows\system32\credui.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\DHCPCSVC.DLL
c:\windows\system32\ImgUtil.dll
c:\windows\system32\pngfilt.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Microsoft ActiveSync\wcescomm.exe
c:\windows\system32\rundll32.exe
c:\progra~1\MICROS~3\rapimgr.exe
.
**************************************************************************
.
Heure de fin: 2010-09-21 22:10:55 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-09-21 20:10

Avant-CF: 37 724 704 768 octets libres
Après-CF: 37 587 312 640 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect /NoExecute=OptIn

- - End Of File - - CD97118500C6D5B5A5227E737F93636B
0
Réponse 11 / 39
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
21 sept. 2010 à 22:31
Rends toi sur ce site :

https://www.virustotal.com/gui/

Clique sur parcourir et cherche ce fichier :

c:\documents and settings\All Users\Application Data\TEMP\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
c:\documents and settings\All Users\Application Data\Yjg1vT2n.dat
c:\windows\system32\drivers\tsk80.tmp
c:\program files\Adobe\Reader 9.0\Reader\Reader_sl .exe
c:\program files\BillP Studios\WinPatrol\winpatrol .exe
c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM .exe


Clique sur Send File.

Un rapport va s'élaborer ligne à ligne.

Attends la fin. Il doit comprendre la taille du fichier envoyé.


Copie le lien de Virus Total dans ta réponse.

Si tu ne trouves pas le fichier alors

Affiche tous les fichiers et dossiers :

Pour cela :
Clique sur démarrer/panneau de configuration/option des dossiers/affichage

Cocher afficher les dossiers cachés

Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"

Décocher masquer les extensions dont le type est connu

Puis fais «appliquer» pour valider les changements.

Et OK


tuto pour t'aider

http://www.bibou0007.com/scans-en-ligne-f75/tutorial-sur-virustotal-t190.htm
0
Réponse 12 / 39
lefred069 Messages postés 22 Date d'inscription lundi 20 septembre 2010 Statut Membre Dernière intervention 25 septembre 2010
21 sept. 2010 à 22:42
c'est ca que tu veux ?

http://www.virustotal.com/file-scan/report.html?id=d6a07e10c742dd509b8e38aa23fa6b5d4db774e96ee34f1549939eeddd4e6ed7-1285080271
0
Réponse 13 / 39
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
21 sept. 2010 à 22:44
oui parfait

pareil pour les autres fichiers stp
0
Réponse 14 / 39
lefred069 Messages postés 22 Date d'inscription lundi 20 septembre 2010 Statut Membre Dernière intervention 25 septembre 2010
21 sept. 2010 à 22:58
http://www.virustotal.com/file-scan/report.html?id=1e297308a49dfdd8c56d1b3ef64b7733be84d0217cca936bd66ef00928b65e68-1285101924


http://www.virustotal.com/file-scan/report.html?id=b6d4e8691917946332c2208d01f8c8281978c1ad1e9951c5d99df0d49ac34b3b-1283135982


http://www.virustotal.com/file-scan/report.html?id=4a5f15d2bbac6347c2ffa12528a371a2dbae334a5f26c0531fd42d01424f4607-1285058342


http://www.virustotal.com/file-scan/report.html?id=4a5f15d2bbac6347c2ffa12528a371a2dbae334a5f26c0531fd42d01424f4607-1285058342


http://www.virustotal.com/file-scan/report.html?id=569e75f53fab10689276e7ad555ace345a0ac492e25d222143a89b03d9a6f3de-1258428817


http://www.virustotal.com/file-scan/report.html?id=4ef0c28804c0c77784b8b63d314906b335f1da0e13ba043e34bb7339f48a33ed-1255740285

http://www.virustotal.com/file-scan/report.html?id=437114c3f5a86b8ba0b4aa49dcb67386e0432f7cc1af0bb6c87db40907eaac3a-1285058145


http://www.virustotal.com/file-scan/report.html?id=437114c3f5a86b8ba0b4aa49dcb67386e0432f7cc1af0bb6c87db40907eaac3a-1285058145
0
Réponse 15 / 39
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
21 sept. 2010 à 23:11
/!\ ATTENTION /!\ Le script qui suit a été écrit spécialement pour cet utilisateur, il n'est pas transposable sur un autre ordinateur !

crées un sur ton bureau un nouveau fichier bloc note que tu nommeras CFScript
Copies y ce texte dedans et enregistres le

KillAll::


Renv::

c:\program files\Adobe\Reader 9.0\Reader\Reader_sl .exe
c:\program files\BillP Studios\WinPatrol\winpatrol .exe
c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM .exe


* Désactive tes logiciels de protection
* Fais un glisser/déposer de ce fichier CFScript.txt sur le fichier Combofix.exe (comme le lien suivant)
http://sd-2.archive-host.com/membres/images/135518691112296573/cfscriptop0.gif
* Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
* Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
* Si le fichier ne s'ouvre pas, il se trouve ici ? C:\ComboFix.txt
0
Réponse 16 / 39
lefred069 Messages postés 22 Date d'inscription lundi 20 septembre 2010 Statut Membre Dernière intervention 25 septembre 2010
21 sept. 2010 à 23:15
ok je te fait ca pour demain,la vais dodo.
0
Réponse 17 / 39
lefred069 Messages postés 22 Date d'inscription lundi 20 septembre 2010 Statut Membre Dernière intervention 25 septembre 2010
22 sept. 2010 à 21:37
ComboFix 10-09-22.02 - vh 22/09/2010 21:15:15.2.4 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3583.3033 [GMT 2:00]
Lancé depuis: c:\documents and settings\vh\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\vh\Bureau\CFScript.txt
AV: avast! Internet Security *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Thumbs.db

.
((((((((((((((((((((((((((((( Fichiers créés du 2010-08-22 au 2010-09-22 ))))))))))))))))))))))))))))))))))))
.

2010-09-20 21:08 . 2010-09-20 21:08 72280 ----a-w- c:\windows\system32\drivers\klmdb.sys
2010-09-20 21:04 . 2010-09-20 21:04 -------- d-----w- C:\tdsskiller
2010-09-20 20:49 . 2010-09-20 20:53 -------- d-----w- c:\program files\Ad-Remover
2010-09-20 20:24 . 2010-09-20 20:26 -------- d-----w- c:\program files\ZHPDiag
2010-09-20 19:53 . 2010-09-20 19:53 -------- d-----w- c:\program files\Trend Micro
2010-09-19 21:54 . 2010-09-19 21:54 -------- d-----w- c:\program files\Ace Utilities
2010-09-19 21:21 . 2010-07-05 12:30 3687344 ----a-w- c:\documents and settings\vh\Application Data\Simply Super Software\Trojan Remover\tvj1.exe
2010-09-19 20:55 . 2009-06-30 07:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2010-09-19 20:55 . 2010-09-19 20:55 -------- d-----w- c:\program files\Panda Security
2010-09-18 14:57 . 2010-09-07 14:53 340048 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2010-09-18 14:57 . 2010-09-07 14:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-18 14:57 . 2010-09-07 14:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-18 14:57 . 2010-09-07 14:54 99792 ----a-w- c:\windows\system32\drivers\aswFW.sys
2010-09-18 14:57 . 2010-09-07 14:53 190416 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2010-09-18 14:57 . 2010-09-07 14:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-18 14:57 . 2010-09-07 14:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-18 14:57 . 2010-09-07 14:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-09-18 14:57 . 2010-09-07 14:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-09-18 14:57 . 2010-09-07 14:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-09-18 14:56 . 2010-09-07 15:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-18 14:56 . 2010-09-07 14:24 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2010-09-17 16:46 . 2008-07-07 14:03 2419001 ----a-w- c:\documents and settings\All Users\Application Data\{289D3FDF-2766-48C6-9EFF-63AFE4190B98}\EBP.exe
2010-09-17 16:45 . 2010-09-17 16:46 -------- d--h--w- c:\documents and settings\All Users\Application Data\{289D3FDF-2766-48C6-9EFF-63AFE4190B98}
2010-09-17 16:45 . 2008-06-24 09:04 12499456 ----a-w- c:\documents and settings\All Users\Application Data\{289D3FDF-2766-48C6-9EFF-63AFE4190B98}\offline\E13F69E6\A8A46971\Devis.exe
2010-09-17 16:45 . 2005-08-17 08:55 1916928 ----a-w- c:\documents and settings\All Users\Application Data\{289D3FDF-2766-48C6-9EFF-63AFE4190B98}\offline\E13F69E6\A8A46971\EDTBrows.dll
2010-09-17 16:39 . 2010-09-17 16:39 -------- d-----w- c:\documents and settings\All Users\Application Data\EBP
2010-09-17 16:38 . 2010-09-17 16:46 -------- d-----w- c:\program files\EBP
2010-09-16 21:40 . 2010-09-16 21:49 -------- d-----w- c:\documents and settings\vh\Application Data\vlc
2010-09-16 21:21 . 2010-09-07 15:12 38848 ----a-w- c:\windows\avastSS.scr
2010-09-16 19:05 . 2010-09-16 19:05 -------- d-s---w- c:\documents and settings\NetworkService\Favoris
2010-09-04 20:52 . 2010-09-04 20:52 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
2010-09-04 20:37 . 2010-09-04 20:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Driver Whiz
2010-09-02 19:50 . 2010-09-14 19:12 1 ----a-w- c:\documents and settings\vh\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-09-02 19:50 . 2010-09-02 19:50 -------- d-----w- c:\documents and settings\vh\Application Data\OpenOffice.org
2010-09-02 19:47 . 2010-09-02 19:47 -------- d-----w- c:\program files\JRE
2010-09-02 19:47 . 2010-09-02 19:47 -------- d-----w- c:\program files\OpenOffice.org 3
2010-08-28 20:11 . 2010-08-28 20:11 -------- d-----w- c:\program files\MovieToolbox

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-22 18:04 . 2004-08-05 10:00 81626 ----a-w- c:\windows\system32\perfc00C.dat
2010-09-22 18:04 . 2004-08-05 10:00 503656 ----a-w- c:\windows\system32\perfh00C.dat
2010-09-20 21:08 . 2010-09-20 21:08 40840 ----a-w- c:\windows\system32\drivers\tsk80.tmp
2010-09-19 22:57 . 2010-02-21 21:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-09-19 21:22 . 2010-07-27 19:28 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-09-19 19:26 . 2009-03-21 22:49 -------- d-----w- c:\documents and settings\vh\Application Data\Media Player Classic
2010-09-19 17:08 . 2002-01-25 16:19 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2010-09-19 17:08 . 2002-01-25 16:20 -------- d-----w- c:\program files\InstallShield Installation Information
2010-09-18 14:56 . 2010-08-04 20:03 -------- d-----w- c:\program files\Alwil Software
2010-09-17 16:44 . 2009-02-07 10:57 -------- d-----w- c:\program files\eMule
2010-09-03 15:59 . 2009-02-07 08:09 25672 ----a-w- c:\documents and settings\vh\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-09-02 19:47 . 2010-07-14 17:39 -------- d-----w- c:\program files\Java
2010-08-29 20:40 . 2009-04-03 20:25 -------- d-----w- c:\program files\ma-config.com
2010-08-29 20:40 . 2009-02-07 15:11 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com
2010-08-27 19:20 . 2010-07-31 16:18 -------- d-----w- c:\documents and settings\vh\Application Data\ArcSoft
2010-08-18 20:00 . 2010-08-18 19:39 -------- d-----w- c:\documents and settings\vh\Application Data\Orbit
2010-08-18 19:42 . 2010-08-18 19:42 -------- d-----w- c:\documents and settings\vh\Application Data\ProgSense
2010-08-18 19:39 . 2010-08-18 19:39 331304 ----a-w- c:\documents and settings\vh\Application Data\OpenCandy\OpenCandy_46EFF9E69F324ABBB5CCC1866E041589\DLMgr_3_1.6.44.exe
2010-08-18 19:39 . 2010-08-18 19:39 -------- d-----w- c:\documents and settings\vh\Application Data\OpenCandy
2010-08-17 20:33 . 2010-08-17 20:33 -------- d-----w- c:\documents and settings\vh\Application Data\VitySoft
2010-08-17 13:17 . 2004-08-05 10:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-09 20:58 . 2010-08-09 20:58 65555 ----a-w- c:\windows\BricoPackUninst.cmd
2010-08-09 20:58 . 2010-08-09 20:52 6108 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2010-08-09 20:58 . 2004-08-05 10:00 219648 ----a-w- c:\windows\system32\uxtheme.dll
2010-08-08 20:56 . 2010-08-04 18:13 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-08-07 20:32 . 2010-08-07 20:32 -------- d-----w- c:\program files\IObit
2010-08-07 11:39 . 2002-01-25 16:19 -------- d-----w- c:\program files\VIA
2010-08-07 11:37 . 2010-08-07 11:36 -------- d-----w- c:\program files\NVIDIA Corporation
2010-08-07 11:36 . 2010-08-07 11:36 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2010-08-07 11:36 . 2010-08-07 11:36 232968 ----a-w- c:\windows\system32\nvdrsdb0.bin
2010-08-07 11:36 . 2010-08-07 11:36 1 ----a-w- c:\windows\system32\nvdrssel.bin
2010-08-07 11:36 . 2010-08-07 11:36 232968 ----a-w- c:\windows\system32\nvdrsdb1.bin
2010-08-07 11:23 . 2010-08-07 11:23 -------- d-----w- c:\program files\Driver-Soft
2010-08-06 19:55 . 2010-08-06 19:54 -------- d-----w- c:\program files\Trojan Remover
2010-08-06 19:54 . 2010-08-06 19:54 -------- d-----w- c:\documents and settings\vh\Application Data\Simply Super Software
2010-08-06 19:54 . 2010-08-06 19:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Simply Super Software
2010-08-06 18:03 . 2010-08-06 18:03 -------- d-----w- c:\documents and settings\LocalService\Application Data\Malwarebytes
2010-08-05 18:45 . 2010-08-05 18:45 -------- d-----w- c:\documents and settings\vh\Application Data\Malwarebytes
2010-08-05 18:45 . 2010-08-05 18:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-05 18:45 . 2010-08-05 18:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-08-04 20:34 . 2010-07-29 19:46 -------- d-----w- c:\program files\Ciel
2010-08-04 20:03 . 2010-08-04 20:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-08-03 20:16 . 2010-08-03 20:15 -------- d-----w- c:\documents and settings\vh\Application Data\QuickScan
2010-08-02 20:16 . 2010-02-21 21:39 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-08-01 21:29 . 2010-08-01 21:07 53319 ----a-w- c:\documents and settings\All Users\Application Data\TEMP\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
2010-08-01 21:12 . 2010-07-31 19:25 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2010-08-01 20:23 . 2010-07-31 19:24 53319 ----a-w- c:\documents and settings\All Users\Application Data\TEMP\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\PostBuild.exe
2010-08-01 17:30 . 2010-08-01 17:30 -------- d-----w- c:\documents and settings\All Users\Application Data\AVS4YOU
2010-08-01 17:29 . 2010-08-01 17:29 -------- d-----w- c:\documents and settings\vh\Application Data\AVS4YOU
2010-08-01 17:29 . 2010-08-01 17:28 -------- d-----w- c:\program files\AVS4YOU
2010-08-01 17:29 . 2010-08-01 17:28 -------- d-----w- c:\program files\Fichiers communs\AVSMedia
2010-07-31 19:31 . 2010-07-31 19:27 -------- d-----w- c:\documents and settings\vh\Application Data\CyberLink
2010-07-31 15:53 . 2010-07-31 15:49 -------- d-----w- c:\documents and settings\vh\Application Data\DAEMON Tools Lite
2010-07-31 15:50 . 2010-07-31 15:31 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-07-31 15:50 . 2010-07-31 15:49 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2010-07-31 15:43 . 2010-07-31 15:43 -------- d-----w- c:\documents and settings\vh\Application Data\DAEMON Tools Pro
2010-07-31 11:21 . 2010-07-31 11:21 112 ----a-w- c:\documents and settings\All Users\Application Data\Yjg1vT2n.dat
2010-07-30 21:00 . 2010-01-31 21:34 723 ----a-w- c:\documents and settings\All Users\Application Data\Ciel\Données Communes\pdf.dll
2010-07-30 19:51 . 2010-07-30 19:51 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\WinPatrol
2010-07-29 19:53 . 2010-07-29 19:53 -------- d-----w- c:\documents and settings\vh\Application Data\Ciel
2010-07-29 19:49 . 2010-01-31 21:34 -------- d-----w- c:\program files\Fichiers communs\Sage
2010-07-29 19:48 . 2010-07-29 19:46 -------- d-----w- c:\program files\Fichiers communs\Ciel
2010-07-28 17:55 . 2002-01-25 16:30 -------- d-----w- c:\program files\AGEIA Technologies
2010-07-28 17:51 . 2009-10-08 20:33 -------- d-----w- c:\program files\LG Electronics
2010-07-28 17:51 . 2010-04-10 22:37 -------- d-----w- c:\documents and settings\vh\Application Data\LG Electronics
2010-07-27 20:04 . 2010-07-27 20:04 -------- d-----w- c:\program files\Fichiers communs\Java
2010-07-25 22:02 . 2010-07-25 22:02 -------- d-----w- c:\documents and settings\All Users\Application Data\ArcSoft
2010-07-22 15:48 . 2004-08-05 10:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-22 06:19 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-07-17 03:00 . 2010-07-27 20:04 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-15 06:19 . 2010-07-15 06:19 61440 ----a-w- c:\documents and settings\vh\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-27099fb8-n\decora-sse.dll
2010-07-15 06:19 . 2010-07-15 06:19 503808 ----a-w- c:\documents and settings\vh\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-10207abf-n\msvcp71.dll
2010-07-15 06:19 . 2010-07-15 06:19 499712 ----a-w- c:\documents and settings\vh\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-10207abf-n\jmc.dll
2010-07-15 06:19 . 2010-07-15 06:19 348160 ----a-w- c:\documents and settings\vh\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-10207abf-n\msvcr71.dll
2010-07-15 06:19 . 2010-07-15 06:19 12800 ----a-w- c:\documents and settings\vh\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-27099fb8-n\decora-d3d.dll
2010-07-09 14:24 . 2010-07-09 14:24 81920 ----a-w- c:\windows\system32\nvwddi.dll
2010-07-07 11:46 . 2002-01-25 16:29 604776 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-06-30 12:32 . 2004-08-05 10:00 149504 ----a-w- c:\windows\system32\schannel.dll
2009-02-10 20:28 . 2009-02-10 20:25 2516 --sha-w- c:\windows\system32\KGyGaAvL.sys
.
[code]<pre>
c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM .exe
c:\program files\Fichiers communs\Java\Java Update\jusched .exe
c:\program files\Spybot - Search & Destroy\TeaTimer .exe
</pre>/code

------- Sigcheck -------

[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
[7] 2009-08-06 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe
[7] 2008-04-14 . 7E3DEFE771CB451B0FF630BFA435417E . 112640 . . [5.4.3790.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\wuauclt.exe

[-] 2008-04-14 . 3EFE912DD25D2586E6A0341DB0A66F69 . 979968 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 3EFE912DD25D2586E6A0341DB0A66F69 . 979968 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[7] 2008-04-14 . F2317622D29F9FF0F88AEECD5F60F0DD . 1037824 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\explorer.exe
[7] 2004-08-05 . 4C33E5B9A6197B6ED215F6CFBA0A2DAA . 1036288 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-09-21_20.07.14 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-09-22 19:19 . 2010-09-22 19:19 16384 c:\windows\Temp\Perflib_Perfdata_120.dat
- 2004-08-05 10:00 . 2010-06-23 18:01 68292 c:\windows\system32\perfc009.dat
+ 2004-08-05 10:00 . 2010-09-22 18:04 68292 c:\windows\system32\perfc009.dat
- 2007-08-13 17:54 . 2010-05-06 10:33 55296 c:\windows\system32\msfeedsbs.dll
+ 2007-08-13 17:54 . 2010-06-24 12:25 55296 c:\windows\system32\msfeedsbs.dll
- 2004-08-05 10:00 . 2010-05-06 10:33 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-05 10:00 . 2010-06-24 12:25 25600 c:\windows\system32\jsproxy.dll
- 2004-08-05 10:00 . 2008-04-14 02:33 80384 c:\windows\system32\iccvid.dll
+ 2004-08-05 10:00 . 2010-06-17 14:03 80384 c:\windows\system32\iccvid.dll
- 2009-06-10 18:27 . 2010-05-06 10:33 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2009-06-10 18:27 . 2010-06-24 12:25 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2010-08-17 13:17 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
- 2009-02-04 17:49 . 2010-05-06 10:33 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-02-04 17:49 . 2010-06-24 12:25 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2007-08-13 17:54 . 2010-05-06 10:33 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2007-08-13 17:54 . 2010-06-24 12:25 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2010-09-22 18:02 . 2010-05-06 10:33 12800 c:\windows\ie8updates\KB2183461-IE8\xpshims.dll
+ 2010-09-22 18:02 . 2010-05-06 10:33 55296 c:\windows\ie8updates\KB2183461-IE8\msfeedsbs.dll
+ 2010-09-22 18:02 . 2010-05-06 10:33 25600 c:\windows\ie8updates\KB2183461-IE8\jsproxy.dll
+ 2010-09-22 18:06 . 2010-09-22 18:06 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\5ec9dec678303ebff0ef018edb5ec595\UIAutomationProvider.ni.dll
+ 2010-09-22 18:16 . 2010-09-22 18:16 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\46ef15b88ef577de4882c519329fc5d2\System.Windows.Presentation.ni.dll
+ 2010-09-22 18:16 . 2010-09-22 18:16 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\aada360296a42e0413579a19c771ec2d\System.Web.DynamicData.Design.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\2b5ff2c6358c483eb1439b99badb54fd\System.ComponentModel.DataAnnotations.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\6125ff5a4fcd93d70a246cbff3005d42\System.AddIn.Contract.ni.dll
+ 2010-09-22 18:05 . 2010-09-22 18:05 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\de26af01222270c121788161496fcfe7\PresentationFontCache.ni.exe
+ 2010-09-22 18:05 . 2010-09-22 18:05 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\3c5adeedb70e6e052a6556c6ab9b6918\PresentationCFFRasterizer.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\5e5176efbfeb803b7f217525beec6844\Microsoft.Vsa.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e1d4e0b1f112000ab33bbaf88bd9ed99\Microsoft.Build.Framework.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4200cf5b7f247ec1b997808c6d1ba7d1\Microsoft.Build.Framework.ni.dll
+ 2010-09-22 18:14 . 2010-09-22 18:14 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\50b7fc7f36c76313cbb434b10923e4e9\dfsvc.ni.exe
+ 2010-09-22 18:14 . 2010-09-22 18:14 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\5ffa548547613dbc5a92f2c5b7cad196\Accessibility.ni.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2010-06-23 18:01 . 2010-06-23 18:01 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2004-08-05 10:00 . 2010-06-18 17:45 293888 c:\windows\system32\winsrv.dll
+ 2006-03-04 03:35 . 2010-06-24 12:25 916480 c:\windows\system32\wininet.dll
+ 2004-08-05 10:00 . 2010-04-16 15:38 406016 c:\windows\system32\usp10.dll
- 2004-08-05 10:00 . 2008-04-14 02:33 406016 c:\windows\system32\usp10.dll
+ 2004-08-05 10:00 . 2010-09-22 18:04 435396 c:\windows\system32\perfh009.dat
- 2004-08-05 10:00 . 2010-06-23 18:01 435396 c:\windows\system32\perfh009.dat
+ 2004-08-05 10:00 . 2010-06-24 12:25 206848 c:\windows\system32\occache.dll
+ 2006-03-04 03:35 . 2010-06-24 12:25 611840 c:\windows\system32\mstime.dll
- 2006-03-04 03:35 . 2010-05-06 10:33 611840 c:\windows\system32\mstime.dll
+ 2007-08-13 17:54 . 2010-06-24 12:25 599040 c:\windows\system32\msfeeds.dll
- 2007-08-13 17:54 . 2010-05-06 10:33 599040 c:\windows\system32\msfeeds.dll
- 2006-10-18 20:47 . 2006-10-18 20:47 317440 c:\windows\system32\MP4SDECD.dll
+ 2006-10-18 20:47 . 2010-03-30 10:24 317440 c:\windows\system32\mp4sdecd.dll
+ 2002-01-25 16:02 . 2010-06-09 07:44 692736 c:\windows\system32\inetcomm.dll
- 2006-03-04 03:34 . 2010-05-06 10:33 184320 c:\windows\system32\iepeers.dll
+ 2006-03-04 03:34 . 2010-06-24 12:25 184320 c:\windows\system32\iepeers.dll
- 2004-08-05 10:00 . 2010-05-06 10:33 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-05 10:00 . 2010-06-24 12:25 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-05 10:00 . 2010-06-23 12:08 173056 c:\windows\system32\ie4uinit.exe
- 2004-08-05 10:00 . 2010-05-05 13:30 173056 c:\windows\system32\ie4uinit.exe
+ 2004-08-05 10:00 . 2010-06-21 15:27 354304 c:\windows\system32\drivers\srv.sys
+ 2010-06-18 17:45 . 2010-06-18 17:45 293888 c:\windows\system32\dllcache\winsrv.dll
- 2009-02-04 17:42 . 2010-05-06 10:33 916480 c:\windows\system32\dllcache\wininet.dll
+ 2009-02-04 17:42 . 2010-06-24 12:25 916480 c:\windows\system32\dllcache\wininet.dll
+ 2010-04-16 15:38 . 2010-04-16 15:38 406016 c:\windows\system32\dllcache\usp10.dll
+ 2009-02-04 17:34 . 2010-06-21 15:27 354304 c:\windows\system32\dllcache\srv.sys
+ 2008-12-05 06:57 . 2010-06-30 12:32 149504 c:\windows\system32\dllcache\schannel.dll
+ 2009-04-15 14:53 . 2010-07-22 15:48 590848 c:\windows\system32\dllcache\rpcrt4.dll
- 2007-08-13 17:44 . 2010-05-06 10:33 206848 c:\windows\system32\dllcache\occache.dll
+ 2007-08-13 17:44 . 2010-06-24 12:25 206848 c:\windows\system32\dllcache\occache.dll
- 2007-08-13 17:54 . 2010-05-06 10:33 611840 c:\windows\system32\dllcache\mstime.dll
+ 2007-08-13 17:54 . 2010-06-24 12:25 611840 c:\windows\system32\dllcache\mstime.dll
- 2009-02-04 17:49 . 2010-05-06 10:33 599040 c:\windows\system32\dllcache\msfeeds.dll
+ 2009-02-04 17:49 . 2010-06-24 12:25 599040 c:\windows\system32\dllcache\msfeeds.dll
+ 2010-03-30 10:24 . 2010-03-30 10:24 317440 c:\windows\system32\dllcache\mp4sdecd.dll
+ 2009-02-04 17:34 . 2010-06-09 07:44 692736 c:\windows\system32\dllcache\inetcomm.dll
- 2009-06-10 18:27 . 2010-05-06 10:33 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2009-06-10 18:27 . 2010-06-24 12:25 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2007-08-13 17:54 . 2010-06-24 12:25 184320 c:\windows\system32\dllcache\iepeers.dll
- 2007-08-13 17:54 . 2010-05-06 10:33 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2010-06-10 18:02 . 2010-06-24 12:25 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2010-06-10 18:02 . 2010-05-06 10:33 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2007-08-13 17:39 . 2010-06-24 12:25 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2007-08-13 17:39 . 2010-05-06 10:33 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2007-08-13 17:39 . 2010-06-23 12:08 173056 c:\windows\system32\dllcache\ie4uinit.exe
- 2007-08-13 17:39 . 2010-05-05 13:30 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2010-05-11 04:40 . 2010-05-11 04:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2010-05-11 04:40 . 2010-05-11 04:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2009-08-07 22:51 . 2009-08-07 22:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2010-09-22 18:02 . 2010-05-06 10:33 907264 c:\windows\ie8updates\KB2183461-IE8\wininet.dll
+ 2010-09-22 18:02 . 2010-02-22 14:25 406392 c:\windows\ie8updates\KB2183461-IE8\spuninst\updspapi.dll
+ 2010-09-22 18:02 . 2009-05-26 09:01 234872 c:\windows\ie8updates\KB2183461-IE8\spuninst\spuninst.exe
+ 2010-09-22 18:02 . 2010-05-06 10:33 224768 c:\windows\ie8updates\KB2183461-IE8\occache.dll
+ 2010-09-22 18:02 . 2010-05-06 10:33 611840 c:\windows\ie8updates\KB2183461-IE8\mstime.dll
+ 2010-09-22 18:02 . 2010-05-06 10:33 599040 c:\windows\ie8updates\KB2183461-IE8\msfeeds.dll
+ 2010-09-22 18:02 . 2010-05-06 10:33 247808 c:\windows\ie8updates\KB2183461-IE8\ieproxy.dll
+ 2010-09-22 18:02 . 2010-05-06 10:33 184320 c:\windows\ie8updates\KB2183461-IE8\iepeers.dll
+ 2010-09-22 18:02 . 2010-05-06 10:33 743424 c:\windows\ie8updates\KB2183461-IE8\iedvtool.dll
+ 2010-09-22 18:02 . 2010-05-06 10:33 387584 c:\windows\ie8updates\KB2183461-IE8\iedkcs32.dll
+ 2010-09-22 18:02 . 2010-05-05 13:30 173056 c:\windows\ie8updates\KB2183461-IE8\ie4uinit.exe
+ 2010-09-22 18:15 . 2010-09-22 18:15 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\a16b8bcca59515281688ec856c034698\WsatConfig.ni.exe
+ 2010-09-22 18:06 . 2010-09-22 18:06 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\672c4d8e3c33e309c1ed90fa4cb85aba\WindowsFormsIntegration.ni.dll
+ 2010-09-22 18:06 . 2010-09-22 18:06 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\cd91a32f4e36ccb2981c72c0d333e928\UIAutomationTypes.ni.dll
+ 2010-09-22 18:06 . 2010-09-22 18:06 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\9df760fdf8071c7b0de78f39de365e6a\UIAutomationClient.ni.dll
+ 2010-09-22 18:16 . 2010-09-22 18:16 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\ff53d5b5249a2841ee196294429f51cf\System.Xml.Linq.ni.dll
+ 2010-09-22 18:16 . 2010-09-22 18:16 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\5e16c279496a553c988c6199f0cee8aa\System.Web.Routing.ni.dll
+ 2010-09-22 18:16 . 2010-09-22 18:16 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\d0ae809162b55e2fa958739177476af8\System.Web.RegularExpressions.ni.dll
+ 2010-09-22 18:16 . 2010-09-22 18:16 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\720b28d81e987b889180b291ea19b821\System.Web.Extensions.Design.ni.dll
+ 2010-09-22 18:16 . 2010-09-22 18:16 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\da36fd678161cd3444ef547c894e3f35\System.Web.Entity.ni.dll
+ 2010-09-22 18:16 . 2010-09-22 18:16 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\49ae7c73fac8827123d5db1714c22599\System.Web.Entity.Design.ni.dll
+ 2010-09-22 18:16 . 2010-09-22 18:16 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\ce3aa27d3c4c052845ac5abb1374defa\System.Web.DynamicData.ni.dll
+ 2010-09-22 18:16 . 2010-09-22 18:16 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\95fab896ef2af14876e3e1524379773b\System.Web.Abstractions.ni.dll
+ 2010-09-22 18:16 . 2010-09-22 18:16 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\26d5bf1f7e700c2c19aa9b1da5519b24\System.Transactions.ni.dll
+ 2010-09-22 18:16 . 2010-09-22 18:16 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b000cc703c9d95593b516bf2c2ec316\System.ServiceProcess.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\75e331a5d731d8e207be07adc06dec23\System.Security.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dd7497aa089340600c8c5af8ab421ff7\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\2a080994f308f347b0497bb8804861cf\System.Net.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\bc1cf48ba7dc00f45d0e949c49ab677a\System.Management.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\904fda53006680a67f917ab638be0305\System.Management.Instrumentation.ni.dll
+ 2010-09-22 18:14 . 2010-09-22 18:14 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\4490976887e2e5a3b594041edbdf5064\System.IO.Log.ni.dll
+ 2010-09-22 18:14 . 2010-09-22 18:14 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\77b9f6f6671aaaeb84c6907d467e792c\System.IdentityModel.Selectors.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.Wrapper.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.ni.dll
+ 2010-09-22 18:06 . 2010-09-22 18:06 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\90199b4aa63b1b9c8ed0c3de16eec824\System.Drawing.Design.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\849e98c9f428a12cb581320a23f69dbd\System.DirectoryServices.AccountManagement.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7a823a4f61cf8c86aad02559f8fed07b\System.DirectoryServices.Protocols.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\ad95820d2e29e8d55c0d8a838214c6e5\System.Data.Services.Design.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\617acb0d900bdde947ec79f7b5ccc183\System.Data.Services.Client.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\488c4017d45e861644a34fae557aa80f\System.Data.Entity.Design.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\41345e34f26854fc1878eae3e4d5d4a5\System.Data.DataSetExtensions.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab688d0f9f333ba117832726bfb589c1\System.Configuration.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\b48677ab9aa7a6830785f67b8478b4da\System.Configuration.Install.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\93a0958d5557e2b380647af0171ad354\System.AddIn.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\d0758f84e927e3f0a15a6cde1b96d835\SMSvcHost.ni.exe
+ 2010-09-22 18:14 . 2010-09-22 18:14 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8043a108e3bb2d3dcc84b547b8085e99\SMDiagnostics.ni.dll
+ 2010-09-22 18:14 . 2010-09-22 18:14 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\5aeb40ff7128df2881fb03c01d070b20\ServiceModelReg.ni.exe
+ 2010-09-22 18:06 . 2010-09-22 18:06 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e7e7321956e6822b1bf3691c35c842f6\PresentationFramework.Aero.ni.dll
+ 2010-09-22 18:06 . 2010-09-22 18:06 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a14488afff027f0f2985e659449097f5\PresentationFramework.Royale.ni.dll
+ 2010-09-22 18:06 . 2010-09-22 18:06 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\787e60c5dd562cb45887080095d2a3b7\PresentationFramework.Classic.ni.dll
+ 2010-09-22 18:06 . 2010-09-22 18:06 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2313ccc125dcb6a9800048ec1c51ec12\PresentationFramework.Luna.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5db9c32d9f352162e6da220ca463db0d\MSBuild.ni.exe
+ 2010-09-22 18:14 . 2010-09-22 18:14 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fcf975f74bd134d8e0fa8f37c5bc6a8c\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\d6b9038136600fbfbbbd7460dc19da19\Microsoft.Build.Utilities.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\585cc7218599e7806521d0e737ba5ffb\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\3057ec53731286e69e389d103c32fa41\Microsoft.Build.Engine.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\914e338ac6e92714f3e32ae5d89bf03b\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\12ae6f3635448471fc9f7d8bfe39c67d\CustomMarshalers.ni.dll
+ 2010-09-22 18:14 . 2010-09-22 18:14 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\daca3c9ad6d867d3fec70d14b4f20cf3\ComSvcConfig.ni.exe
+ 2010-09-22 18:14 . 2010-09-22 18:14 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\56aec0938ef1bbdeca65b07a5fe8cd39\AspNetMMCExt.ni.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-09-22 18:03 . 2010-09-22 18:03 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2004-08-05 10:00 . 2010-06-24 09:02 1852032 c:\windows\system32\win32k.sys
+ 2006-03-18 11:09 . 2010-06-24 12:25 1210368 c:\windows\system32\urlmon.dll
+ 2004-08-05 10:00 . 2010-07-27 06:30 8518656 c:\windows\system32\shell32.dll
+ 2005-03-30 17:36 . 2010-04-28 05:43 2148352 c:\windows\system32\ntoskrnl.exe
- 2005-03-30 17:36 . 2010-02-16 19:06 2148352 c:\windows\system32\ntoskrnl.exe
+ 2005-03-30 17:36 . 2010-04-28 05:43 2026496 c:\windows\system32\ntkrnlpa.exe
- 2005-03-30 17:36 . 2010-02-16 19:06 2026496 c:\windows\system32\ntkrnlpa.exe
+ 2004-08-05 10:00 . 2010-06-14 07:42 1172480 c:\windows\system32\msxml3.dll
- 2004-08-05 10:00 . 2009-07-31 04:33 1172480 c:\windows\system32\msxml3.dll
+ 2006-03-23 17:35 . 2010-06-24 12:25 5951488 c:\windows\system32\mshtml.dll
+ 2007-08-13 17:34 . 2010-06-24 12:25 1986560 c:\windows\system32\iertutil.dll
- 2002-01-25 16:54 . 2010-09-03 15:59 2021568 c:\windows\system32\FNTCACHE.DAT
+ 2002-01-25 16:54 . 2010-09-22 18:08 2021568 c:\windows\system32\FNTCACHE.DAT
+ 2009-02-04 17:38 . 2010-06-24 09:02 1852032 c:\windows\system32\dllcache\win32k.sys
+ 2009-02-04 17:42 . 2010-06-24 12:25 1210368 c:\windows\system32\dllcache\urlmon.dll
+ 2008-06-17 19:02 . 2010-07-27 06:30 8518656 c:\windows\system32\dllcache\shell32.dll
+ 2009-02-04 17:38 . 2010-04-28 18:13 2192000 c:\windows\system32\dllcache\ntoskrnl.exe
- 2009-02-04 17:38 . 2010-02-17 12:07 2192000 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-02-04 17:38 . 2010-04-28 05:43 2026496 c:\windows\system32\dllcache\ntkrpamp.exe
- 2009-02-04 17:38 . 2010-02-16 19:06 2026496 c:\windows\system32\dllcache\ntkrpamp.exe
- 2009-02-04 17:38 . 2010-02-16 19:07 2068864 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-02-04 17:38 . 2010-04-28 05:43 2068864 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-02-04 17:38 . 2010-04-28 05:43 2148352 c:\windows\system32\dllcache\ntkrnlmp.exe
- 2009-02-04 17:38 . 2010-02-16 19:06 2148352 c:\windows\system32\dllcache\ntkrnlmp.exe
- 2009-02-04 17:33 . 2009-07-31 04:33 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2009-02-04 17:33 . 2010-06-14 07:42 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2009-02-04 17:37 . 2010-06-24 12:25 5951488 c:\windows\system32\dllcache\mshtml.dll
- 2010-03-11 17:02 . 2009-10-23 15:28 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2010-03-11 17:02 . 2010-06-18 13:36 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2009-02-04 17:49 . 2010-06-24 12:25 1986560 c:\windows\system32\dllcache\iertutil.dll
+ 2010-05-11 04:40 . 2010-05-11 04:40 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2009-08-07 22:51 . 2009-08-07 22:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2010-05-11 04:40 . 2010-05-11 04:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2010-09-22 18:02 . 2010-05-06 10:33 1283072 c:\windows\ie8updates\KB2183461-IE8\urlmon.dll
+ 2010-09-22 18:02 . 2010-05-06 10:33 6224896 c:\windows\ie8updates\KB2183461-IE8\mshtml.dll
+ 2010-09-22 18:02 . 2010-05-06 10:33 1985536 c:\windows\ie8updates\KB2183461-IE8\iertutil.dll
+ 2009-02-04 17:38 . 2010-04-28 18:13 2192000 c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2009-02-04 17:38 . 2010-02-17 12:07 2192000 c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2009-02-04 17:38 . 2010-02-16 19:06 2026496 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-02-04 17:38 . 2010-04-28 05:43 2026496 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-02-04 17:38 . 2010-04-28 05:43 2068864 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2009-02-04 17:38 . 2010-02-16 19:07 2068864 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-02-04 17:38 . 2010-04-28 05:43 2148352 c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2009-02-04 17:38 . 2010-02-16 19:06 2148352 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-09-22 18:05 . 2010-09-22 18:05 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cec7ecb8eac09dd630d180ce87d23b80\WindowsBase.ni.dll
+ 2010-09-22 18:06 . 2010-09-22 18:06 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\b7f6e7b265f9aae807ddc4284563e550\UIAutomationClientsideProviders.ni.dll
+ 2010-09-22 18:05 . 2010-09-22 18:05 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\08ffa4d388d5f007869aa7651c458e7c\System.ni.dll
+ 2010-09-22 18:06 . 2010-09-22 18:06 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\a6dbe24cbfe3ab6b318ed3095cc572d8\System.Xml.ni.dll
+ 2010-09-22 18:16 . 2010-09-22 18:16 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\60b3c9a63b2065a6952d16256545c25d\System.WorkflowServices.ni.dll
+ 2010-09-22 18:16 . 2010-09-22 18:16 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\5cc2a23ce8ac371c7a97b5e542ee27ed\System.Workflow.Runtime.ni.dll
+ 2010-09-22 18:16 . 2010-09-22 18:16 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\c0aabf67e7ef98dc10c3e174c136731b\System.Workflow.ComponentModel.ni.dll
+ 2010-09-22 18:16 . 2010-09-22 18:16 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\66682c8a064608ba4ffd0463cf09aef9\System.Workflow.Activities.ni.dll
+ 2010-09-22 18:16 . 2010-09-22 18:16 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\2d662564b8d9c57a34c588cc2970902b\System.Web.Services.ni.dll
+ 2010-09-22 18:16 . 2010-09-22 18:16 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\9b455702c9b7b02c5708406f87986751\System.Web.Mobile.ni.dll
+ 2010-09-22 18:16 . 2010-09-22 18:16 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\49c7a1c78ed9502ba97c11e6bd993f63\System.Web.Extensions.ni.dll
+ 2010-09-22 18:06 . 2010-09-22 18:06 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\5eb08849d17b272ed2a393420cb0305b\System.Speech.ni.dll
+ 2010-09-22 18:16 . 2010-09-22 18:16 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\f5790a1b7b41e7b8d05f01b549c80f39\System.ServiceModel.Web.ni.dll
+ 2010-09-22 18:14 . 2010-09-22 18:14 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8061a0f5c1c2ee0549e19224352f67fa\System.Runtime.Serialization.ni.dll
+ 2010-09-22 18:06 . 2010-09-22 18:06 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\99767d4df92b83fdfb06012512722ec1\System.Printing.ni.dll
+ 2010-09-22 18:14 . 2010-09-22 18:14 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\0885f31c21b796465fde6297dba20981\System.IdentityModel.ni.dll
+ 2010-09-22 18:06 . 2010-09-22 18:06 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dcc0244092fe52e6885b50be25ef3b31\System.Drawing.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\d20b7e58607ddb1ded9b687627ae8c21\System.DirectoryServices.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\daa33674d4250e38a24b70180d209ac8\System.Deployment.ni.dll
+ 2010-09-22 18:06 . 2010-09-22 18:06 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f04ef00e652a8655a717639e8aeb7b63\System.Data.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f0470c2be4e6bb1dadbeed43e4e8af5c\System.Data.SqlXml.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\23cf0498f2ebe4c8ffa5cc79efca2dc5\System.Data.Services.ni.dll
+ 2010-09-22 18:06 . 2010-09-22 18:06 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c18c236a09e715138daec2e25be205bb\System.Data.Linq.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6ce886492d9b6a34555be3f328682ec2\System.Data.Entity.ni.dll
+ 2010-09-22 18:06 . 2010-09-22 18:06 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\faeda674832135a080bc73eda51813ff\System.Core.ni.dll
+ 2010-09-22 18:06 . 2010-09-22 18:06 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\3e85c3d63ce3c3f37061aa626feb2a52\ReachFramework.ni.dll
+ 2010-09-22 18:06 . 2010-09-22 18:06 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\bf67db30179ff6e8cb1bdbaa290d122e\PresentationUI.ni.dll
+ 2010-09-22 18:05 . 2010-09-22 18:05 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\835786d8a0caabae09ad440f6e3abfc6\PresentationBuildTasks.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\9732a7c993055f82040642966db07ccf\Microsoft.VisualBasic.ni.dll
+ 2010-09-22 18:14 . 2010-09-22 18:14 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\773d7bf69a9a0c0556aa41f53e75ab05\Microsoft.Transactions.Bridge.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\16ff33f07efdb9da2a18e27585c604be\Microsoft.JScript.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\d0fb91b296616a1a844bf265947018ee\Microsoft.Build.Tasks.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\892e993c8df1c75081113131dc429c15\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2010-09-22 18:15 . 2010-09-22 18:15 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d0beebd2c9045158cdcd4bd5987b717b\Microsoft.Build.Engine.ni.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-09-22 18:03 . 2010-09-22 18:03 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-09-22 18:03 . 2010-09-22 18:03 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2010-06-23 18:01 . 2010-06-23 18:01 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-09-22 18:04 . 2010-09-22 18:04 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2009-02-04 17:34 . 2010-09-10 12:34 35552200 c:\windows\system32\MRT.exe
+ 2007-08-13 17:54 . 2010-06-24 15:55 11077120 c:\windows\system32\ieframe.dll
+ 2009-02-04 17:49 . 2010-06-24 15:55 11077120 c:\windows\system32\dllcache\ieframe.dll
+ 2010-05-19 11:08 . 2010-05-19 11:08 11408896 c:\windows\Installer\22b672.msp
+ 2010-09-22 18:02 . 2010-05-06 10:33 11076096 c:\windows\ie8updates\KB2183461-IE8\ieframe.dll
+ 2010-09-22 18:06 . 2010-09-22 18:06 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\439c466b60614915587c5273eaf0ca7f\System.Windows.Forms.ni.dll
+ 2010-09-22 18:16 . 2010-09-22 18:16 11798016 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\411a627d6f5cb83509332253406988e5\System.Web.ni.dll
+ 2010-09-22 18:14 . 2010-09-22 18:14 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\ef67ec8c2cbadb84db79db3513cd25fa\System.ServiceModel.ni.dll
+ 2010-09-22 18:06 . 2010-09-22 18:06 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\b307acf63075b997d02a97a7492d0d9c\System.Design.ni.dll
+ 2010-09-22 18:06 . 2010-09-22 18:06 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationF
0
Réponse 18 / 39
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
23 sept. 2010 à 06:21
/!\ ATTENTION /!\ Le script qui suit a été écrit spécialement pour cet utilisateur, il n'est pas transposable sur un autre ordinateur !

crées un sur ton bureau un nouveau fichier bloc note que tu nommeras CFScript
Copies y ce texte dedans et enregistres le

KillAll::


Renv::

c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM .exe
c:\program files\Fichiers communs\Java\Java Update\jusched .exe
c:\program files\Spybot - Search & Destroy\TeaTimer .exe



* Désactive tes logiciels de protection
* Fais un glisser/déposer de ce fichier CFScript.txt sur le fichier Combofix.exe (comme le lien suivant)
http://sd-2.archive-host.com/membres/images/135518691112296573/cfscriptop0.gif
* Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
* Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
* Si le fichier ne s'ouvre pas, il se trouve ici ? C:\ComboFix.txt
0
Réponse 19 / 39
lefred069 Messages postés 22 Date d'inscription lundi 20 septembre 2010 Statut Membre Dernière intervention 25 septembre 2010
23 sept. 2010 à 21:25
ComboFix 10-09-23.01 - vh 23/09/2010 21:13:45.3.4 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3583.3053 [GMT 2:00]
Lancé depuis: c:\documents and settings\vh\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\vh\Bureau\CFScript.txt
AV: avast! Internet Security *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Thumbs.db

.
((((((((((((((((((((((((((((( Fichiers créés du 2010-08-23 au 2010-09-23 ))))))))))))))))))))))))))))))))))))
.

2010-09-20 21:08 . 2010-09-20 21:08 72280 ----a-w- c:\windows\system32\drivers\klmdb.sys
2010-09-20 21:04 . 2010-09-20 21:04 -------- d-----w- C:\tdsskiller
2010-09-20 20:49 . 2010-09-20 20:53 -------- d-----w- c:\program files\Ad-Remover
2010-09-20 20:24 . 2010-09-20 20:26 -------- d-----w- c:\program files\ZHPDiag
2010-09-20 19:53 . 2010-09-20 19:53 -------- d-----w- c:\program files\Trend Micro
2010-09-19 21:54 . 2010-09-19 21:54 -------- d-----w- c:\program files\Ace Utilities
2010-09-19 21:21 . 2010-07-05 12:30 3687344 ----a-w- c:\documents and settings\vh\Application Data\Simply Super Software\Trojan Remover\tvj1.exe
2010-09-19 20:55 . 2009-06-30 07:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2010-09-19 20:55 . 2010-09-19 20:55 -------- d-----w- c:\program files\Panda Security
2010-09-18 14:57 . 2010-09-07 14:53 340048 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2010-09-18 14:57 . 2010-09-07 14:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-18 14:57 . 2010-09-07 14:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-18 14:57 . 2010-09-07 14:54 99792 ----a-w- c:\windows\system32\drivers\aswFW.sys
2010-09-18 14:57 . 2010-09-07 14:53 190416 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2010-09-18 14:57 . 2010-09-07 14:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-18 14:57 . 2010-09-07 14:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-18 14:57 . 2010-09-07 14:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-09-18 14:57 . 2010-09-07 14:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-09-18 14:57 . 2010-09-07 14:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-09-18 14:56 . 2010-09-07 15:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-18 14:56 . 2010-09-07 14:24 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2010-09-17 16:46 . 2008-07-07 14:03 2419001 ----a-w- c:\documents and settings\All Users\Application Data\{289D3FDF-2766-48C6-9EFF-63AFE4190B98}\EBP.exe
2010-09-17 16:45 . 2010-09-17 16:46 -------- d--h--w- c:\documents and settings\All Users\Application Data\{289D3FDF-2766-48C6-9EFF-63AFE4190B98}
2010-09-17 16:45 . 2008-06-24 09:04 12499456 ----a-w- c:\documents and settings\All Users\Application Data\{289D3FDF-2766-48C6-9EFF-63AFE4190B98}\offline\E13F69E6\A8A46971\Devis.exe
2010-09-17 16:45 . 2005-08-17 08:55 1916928 ----a-w- c:\documents and settings\All Users\Application Data\{289D3FDF-2766-48C6-9EFF-63AFE4190B98}\offline\E13F69E6\A8A46971\EDTBrows.dll
2010-09-17 16:39 . 2010-09-17 16:39 -------- d-----w- c:\documents and settings\All Users\Application Data\EBP
2010-09-17 16:38 . 2010-09-17 16:46 -------- d-----w- c:\program files\EBP
2010-09-16 21:40 . 2010-09-16 21:49 -------- d-----w- c:\documents and settings\vh\Application Data\vlc
2010-09-16 21:21 . 2010-09-07 15:12 38848 ----a-w- c:\windows\avastSS.scr
2010-09-16 19:05 . 2010-09-16 19:05 -------- d-s---w- c:\documents and settings\NetworkService\Favoris
2010-09-04 20:52 . 2010-09-04 20:52 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
2010-09-04 20:37 . 2010-09-04 20:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Driver Whiz
2010-09-02 19:50 . 2010-09-14 19:12 1 ----a-w- c:\documents and settings\vh\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-09-02 19:50 . 2010-09-02 19:50 -------- d-----w- c:\documents and settings\vh\Application Data\OpenOffice.org
2010-09-02 19:47 . 2010-09-02 19:47 -------- d-----w- c:\program files\JRE
2010-09-02 19:47 . 2010-09-02 19:47 -------- d-----w- c:\program files\OpenOffice.org 3
2010-08-28 20:11 . 2010-08-28 20:11 -------- d-----w- c:\program files\MovieToolbox

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-23 19:17 . 2010-02-21 21:39 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-09-22 18:04 . 2004-08-05 10:00 81626 ----a-w- c:\windows\system32\perfc00C.dat
2010-09-22 18:04 . 2004-08-05 10:00 503656 ----a-w- c:\windows\system32\perfh00C.dat
2010-09-20 21:08 . 2010-09-20 21:08 40840 ----a-w- c:\windows\system32\drivers\tsk80.tmp
2010-09-19 22:57 . 2010-02-21 21:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-09-19 21:22 . 2010-07-27 19:28 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-09-19 19:26 . 2009-03-21 22:49 -------- d-----w- c:\documents and settings\vh\Application Data\Media Player Classic
2010-09-19 17:08 . 2002-01-25 16:19 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2010-09-19 17:08 . 2002-01-25 16:20 -------- d-----w- c:\program files\InstallShield Installation Information
2010-09-18 14:56 . 2010-08-04 20:03 -------- d-----w- c:\program files\Alwil Software
2010-09-17 16:44 . 2009-02-07 10:57 -------- d-----w- c:\program files\eMule
2010-09-03 15:59 . 2009-02-07 08:09 25672 ----a-w- c:\documents and settings\vh\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-09-02 19:47 . 2010-07-14 17:39 -------- d-----w- c:\program files\Java
2010-08-29 20:40 . 2009-04-03 20:25 -------- d-----w- c:\program files\ma-config.com
2010-08-29 20:40 . 2009-02-07 15:11 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com
2010-08-27 19:20 . 2010-07-31 16:18 -------- d-----w- c:\documents and settings\vh\Application Data\ArcSoft
2010-08-18 20:00 . 2010-08-18 19:39 -------- d-----w- c:\documents and settings\vh\Application Data\Orbit
2010-08-18 19:42 . 2010-08-18 19:42 -------- d-----w- c:\documents and settings\vh\Application Data\ProgSense
2010-08-18 19:39 . 2010-08-18 19:39 331304 ----a-w- c:\documents and settings\vh\Application Data\OpenCandy\OpenCandy_46EFF9E69F324ABBB5CCC1866E041589\DLMgr_3_1.6.44.exe
2010-08-18 19:39 . 2010-08-18 19:39 -------- d-----w- c:\documents and settings\vh\Application Data\OpenCandy
2010-08-17 20:33 . 2010-08-17 20:33 -------- d-----w- c:\documents and settings\vh\Application Data\VitySoft
2010-08-17 13:17 . 2004-08-05 10:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-09 20:58 . 2010-08-09 20:58 65555 ----a-w- c:\windows\BricoPackUninst.cmd
2010-08-09 20:58 . 2010-08-09 20:52 6108 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2010-08-09 20:58 . 2004-08-05 10:00 219648 ----a-w- c:\windows\system32\uxtheme.dll
2010-08-08 20:56 . 2010-08-04 18:13 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-08-07 20:32 . 2010-08-07 20:32 -------- d-----w- c:\program files\IObit
2010-08-07 11:39 . 2002-01-25 16:19 -------- d-----w- c:\program files\VIA
2010-08-07 11:37 . 2010-08-07 11:36 -------- d-----w- c:\program files\NVIDIA Corporation
2010-08-07 11:36 . 2010-08-07 11:36 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2010-08-07 11:36 . 2010-08-07 11:36 232968 ----a-w- c:\windows\system32\nvdrsdb0.bin
2010-08-07 11:36 . 2010-08-07 11:36 1 ----a-w- c:\windows\system32\nvdrssel.bin
2010-08-07 11:36 . 2010-08-07 11:36 232968 ----a-w- c:\windows\system32\nvdrsdb1.bin
2010-08-07 11:23 . 2010-08-07 11:23 -------- d-----w- c:\program files\Driver-Soft
2010-08-06 19:55 . 2010-08-06 19:54 -------- d-----w- c:\program files\Trojan Remover
2010-08-06 19:54 . 2010-08-06 19:54 -------- d-----w- c:\documents and settings\vh\Application Data\Simply Super Software
2010-08-06 19:54 . 2010-08-06 19:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Simply Super Software
2010-08-06 18:03 . 2010-08-06 18:03 -------- d-----w- c:\documents and settings\LocalService\Application Data\Malwarebytes
2010-08-05 18:45 . 2010-08-05 18:45 -------- d-----w- c:\documents and settings\vh\Application Data\Malwarebytes
2010-08-05 18:45 . 2010-08-05 18:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-05 18:45 . 2010-08-05 18:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-08-04 20:34 . 2010-07-29 19:46 -------- d-----w- c:\program files\Ciel
2010-08-04 20:03 . 2010-08-04 20:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-08-03 20:16 . 2010-08-03 20:15 -------- d-----w- c:\documents and settings\vh\Application Data\QuickScan
2010-08-01 21:29 . 2010-08-01 21:07 53319 ----a-w- c:\documents and settings\All Users\Application Data\TEMP\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
2010-08-01 21:12 . 2010-07-31 19:25 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2010-08-01 20:23 . 2010-07-31 19:24 53319 ----a-w- c:\documents and settings\All Users\Application Data\TEMP\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\PostBuild.exe
2010-08-01 17:30 . 2010-08-01 17:30 -------- d-----w- c:\documents and settings\All Users\Application Data\AVS4YOU
2010-08-01 17:29 . 2010-08-01 17:29 -------- d-----w- c:\documents and settings\vh\Application Data\AVS4YOU
2010-08-01 17:29 . 2010-08-01 17:28 -------- d-----w- c:\program files\AVS4YOU
2010-08-01 17:29 . 2010-08-01 17:28 -------- d-----w- c:\program files\Fichiers communs\AVSMedia
2010-07-31 19:31 . 2010-07-31 19:27 -------- d-----w- c:\documents and settings\vh\Application Data\CyberLink
2010-07-31 15:53 . 2010-07-31 15:49 -------- d-----w- c:\documents and settings\vh\Application Data\DAEMON Tools Lite
2010-07-31 15:50 . 2010-07-31 15:31 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-07-31 15:50 . 2010-07-31 15:49 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2010-07-31 15:43 . 2010-07-31 15:43 -------- d-----w- c:\documents and settings\vh\Application Data\DAEMON Tools Pro
2010-07-31 11:21 . 2010-07-31 11:21 112 ----a-w- c:\documents and settings\All Users\Application Data\Yjg1vT2n.dat
2010-07-30 21:00 . 2010-01-31 21:34 723 ----a-w- c:\documents and settings\All Users\Application Data\Ciel\Données Communes\pdf.dll
2010-07-30 19:51 . 2010-07-30 19:51 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\WinPatrol
2010-07-29 19:53 . 2010-07-29 19:53 -------- d-----w- c:\documents and settings\vh\Application Data\Ciel
2010-07-29 19:49 . 2010-01-31 21:34 -------- d-----w- c:\program files\Fichiers communs\Sage
2010-07-29 19:48 . 2010-07-29 19:46 -------- d-----w- c:\program files\Fichiers communs\Ciel
2010-07-28 17:55 . 2002-01-25 16:30 -------- d-----w- c:\program files\AGEIA Technologies
2010-07-28 17:51 . 2009-10-08 20:33 -------- d-----w- c:\program files\LG Electronics
2010-07-28 17:51 . 2010-04-10 22:37 -------- d-----w- c:\documents and settings\vh\Application Data\LG Electronics
2010-07-27 20:04 . 2010-07-27 20:04 -------- d-----w- c:\program files\Fichiers communs\Java
2010-07-25 22:02 . 2010-07-25 22:02 -------- d-----w- c:\documents and settings\All Users\Application Data\ArcSoft
2010-07-22 15:48 . 2004-08-05 10:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-22 06:19 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-07-17 03:00 . 2010-07-27 20:04 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-15 06:19 . 2010-07-15 06:19 61440 ----a-w- c:\documents and settings\vh\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-27099fb8-n\decora-sse.dll
2010-07-15 06:19 . 2010-07-15 06:19 503808 ----a-w- c:\documents and settings\vh\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-10207abf-n\msvcp71.dll
2010-07-15 06:19 . 2010-07-15 06:19 499712 ----a-w- c:\documents and settings\vh\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-10207abf-n\jmc.dll
2010-07-15 06:19 . 2010-07-15 06:19 348160 ----a-w- c:\documents and settings\vh\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-10207abf-n\msvcr71.dll
2010-07-15 06:19 . 2010-07-15 06:19 12800 ----a-w- c:\documents and settings\vh\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-27099fb8-n\decora-d3d.dll
2010-07-09 14:24 . 2010-07-09 14:24 81920 ----a-w- c:\windows\system32\nvwddi.dll
2010-07-07 11:46 . 2002-01-25 16:29 604776 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-06-30 12:32 . 2004-08-05 10:00 149504 ----a-w- c:\windows\system32\schannel.dll
2009-02-10 20:28 . 2009-02-10 20:25 2516 --sha-w- c:\windows\system32\KGyGaAvL.sys
.
[code]<pre>
c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM .exe
</pre>/code

------- Sigcheck -------

[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
[7] 2009-08-06 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe
[7] 2008-04-14 . 7E3DEFE771CB451B0FF630BFA435417E . 112640 . . [5.4.3790.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\wuauclt.exe

[-] 2008-04-14 . 3EFE912DD25D2586E6A0341DB0A66F69 . 979968 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 3EFE912DD25D2586E6A0341DB0A66F69 . 979968 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[7] 2008-04-14 . F2317622D29F9FF0F88AEECD5F60F0DD . 1037824 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\explorer.exe
[7] 2004-08-05 . 4C33E5B9A6197B6ED215F6CFBA0A2DAA . 1036288 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
.
((((((((((((((((((((((((((((( SnapShot_2010-09-22_19.29.11 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-09-23 19:17 . 2010-09-23 19:17 16384 c:\windows\Temp\Perflib_Perfdata_124.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\snxPluginsShell]
@="{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}"
[HKEY_CLASSES_ROOT\CLSID\{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}]
2010-09-07 15:14 152160 ----a-w- c:\program files\Alwil Software\Avast5\snxPlugins.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2010-07-02 2347216]
"UberIcon"="c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe" [2006-05-21 180224]
"ccleaner"="d:\ccleaner\CCleaner.exe" [2010-08-26 1779512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2010-07-05 1167296]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-08-28 33673216]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143872]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\vh\Menu D'marrer\Programmes\D'marrage\
PyGrenouille.lnk - c:\pygrenouille\pygrenouille.exe [2009-12-27 91648]
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-19 630784]
TransBar.lnk - c:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-6-1 65536]
UberIcon.lnk - c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-5-21 180224]
Y'z Shadow.lnk - c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-5-21 155648]

c:\documents and settings\vh\Menu D'marrer\Programmes\D'marrage\
PyGrenouille.lnk - c:\pygrenouille\pygrenouille.exe [2009-12-27 91648]
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-19 630784]
TransBar.lnk - c:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-6-1 65536]
UberIcon.lnk - c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-5-21 180224]
Y'z Shadow.lnk - c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-5-21 155648]

c:\documents and settings\vh\Menu D'marrer\Programmes\D'marrage\
PyGrenouille.lnk - c:\pygrenouille\pygrenouille.exe [2009-12-27 91648]
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-19 630784]
TransBar.lnk - c:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-6-1 65536]
UberIcon.lnk - c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-5-21 180224]
Y'z Shadow.lnk - c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-5-21 155648]

c:\documents and settings\vh\Menu D'marrer\Programmes\D'marrage\
PyGrenouille.lnk - c:\pygrenouille\pygrenouille.exe [2009-12-27 91648]
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-19 630784]
TransBar.lnk - c:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-6-1 65536]
UberIcon.lnk - c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-5-21 180224]
Y'z Shadow.lnk - c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-5-21 155648]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:22221636c877

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Fichiers communs\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Ciel\\directDeclaration\\directDeclaration.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [18/09/2010 16:56 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [18/09/2010 16:57 190416]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [19/09/2010 22:55 28552]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [18/09/2010 16:57 99792]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [18/09/2010 16:57 340048]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [18/09/2010 16:57 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [18/09/2010 16:57 17744]
R2 avast! Firewall;avast! Firewall;c:\program files\Alwil Software\Avast5\afwServ.exe [18/09/2010 16:56 119200]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [05/08/2010 20:45 304464]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [05/08/2010 20:45 20952]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [25/01/2002 18:19 1390976]
S1 archlp;archlp;c:\windows\system32\drivers\archlp.sys --> c:\windows\system32\drivers\archlp.sys [?]
S2 ArgusV;ArgusV;c:\windows\system32\drivers\ArgusV.sys --> c:\windows\system32\drivers\ArgusV.sys [?]
S3 klmd25;klmd25; [x]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [13/08/2010 14:43 259440]
S3 SAAVideo;%ETHER SAADriver%;c:\windows\system32\drivers\SAAVideo.sys [14/02/2009 17:46 24576]
S3 usbcorobus;LGE Corona Composite USB Device;c:\windows\system32\drivers\lgcorobus.sys [08/10/2009 22:33 21440]
S3 UsbcoroDiag;LGE Corona USB Serial Port;c:\windows\system32\drivers\lgcorodiag.sys [08/10/2009 22:33 37788]
S3 USBcoroModem;LGE Corona USB Modem;c:\windows\system32\drivers\lgcoromdm.sys [08/10/2009 22:33 39380]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [31/07/2010 17:31 691696]
.
Contenu du dossier 'Tâches planifiées'

2010-09-24 c:\windows\Tasks\User_Feed_Synchronization-{C6A415C2-2ECF-4D53-BED5-3FBEFA038A60}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Examen supplémentaire -------
.
DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} - hxxps://plugins.valueactive.eu/flashax/iefax.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-23 21:19
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TermDD]
"ImagePath"="system32\drivers\tsk80.tmp"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(3152)
c:\windows\system32\SHDOCVW.dll
c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll
c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Microsoft ActiveSync\wcescomm.exe
c:\progra~1\MICROS~3\rapimgr.exe
.
**************************************************************************
.
Heure de fin: 2010-09-23 21:23:28 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-09-23 19:23
ComboFix2.txt 2010-09-22 19:32
ComboFix3.txt 2010-09-21 20:10

Avant-CF: 36 702 183 424 octets libres
Après-CF: 36 687 810 560 octets libres

- - End Of File - - A8BB34349CE74212A256BCBF5A8230DA
0
Réponse 20 / 39
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
24 sept. 2010 à 06:30
quelle saleté !

/!\ ATTENTION /!\ Le script qui suit a été écrit spécialement pour cet utilisateur, il n'est pas transposable sur un autre ordinateur !

crées un sur ton bureau un nouveau fichier bloc note que tu nommeras CFScript
Copies y ce texte dedans et enregistres le

KillAll::

Driver::

klmd25

File::

c:\documents and settings\vh\Application Data\Simply Super Software\Trojan Remover\tvj1.exe
c:\windows\system32\drivers\tsk80.tmp
c:\documents and settings\All Users\Application Data\TEMP\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
c:\documents and settings\All Users\Application Data\TEMP\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\PostBuild.exe
c:\windows\Temp\Perflib_Perfdata_124.dat

Renv::

c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM .exe


* Désactive tes logiciels de protection
* Fais un glisser/déposer de ce fichier CFScript.txt sur le fichier Combofix.exe (comme le lien suivant)
http://sd-2.archive-host.com/membres/images/135518691112296573/cfscriptop0.gif

* Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
* Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
* Si le fichier ne s'ouvre pas, il se trouve ici ? C:\ComboFix.txt
0

Discussions similaires

Que fait le virus LPI Win32 Pup-Gen
Tristan Chrome -
Tristan Chrome -

2 réponses
win32:malware-gen bloqué par avast
ikkual -
Utilisateur anonyme -

69 réponses
Vous connaissez le logiciel Mobile Spy ? C'est quoi votre avis ?
rijko -
NiemevictimedeMspy -

14 réponses