Sauvegarde...
il n y a que 1 suspicious (suspect )
Sinon rends sur Bitdefender et ESET comme marqué plus haut
lis bien
Sinon rends sur Bitdefender et ESET comme marqué plus haut
lis bien
Sauvegarde...
cricri
je finis donc les taches demandés comme vundofix et secunia (pour sécunia es-ce que je peux le faire en mode sans echec ? il bloque aussi)
et je fais le scan de bit defender comme sité en page 2
ça sera très long car le pc ram completement
Edité le 21/09/2008 à 23:00
je finis donc les taches demandés comme vundofix et secunia (pour sécunia es-ce que je peux le faire en mode sans echec ? il bloque aussi)
et je fais le scan de bit defender comme sité en page 2
ça sera très long car le pc ram completement
Edité le 21/09/2008 à 23:00
Sauvegarde...
Fais ce que te dis guigui14100
C est un Utlitaire a installer comme tout autre en "mode Classique " il te dira les logiciels qui ne sont pas a jour et ou les mettre a jour
pour sécunia es-ce que je peux le faire en mode sans echec
C est un Utlitaire a installer comme tout autre en "mode Classique " il te dira les logiciels qui ne sont pas a jour et ou les mettre a jour
Sauvegarde...
je viens de lire les deux dernier messages, demain je scan avec combofix
j'ai laissée toute la journée de lundi le pc scanner avec dr web qui m'a detecté 8 infections dont celles du début de mon post, mais le pc s'est éteint avant la fin, j'ai relancé dr web et plus que 3 infections :
RegUBP2b-Compaq_Propriétaire.reg;C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Snapshots2;Trojan.StartPage.1505;Supprimé.;
!Apprendre l'astronomie avec Redshift - Montparnasse [ installer ];C:\Documents and Settings\Compaq_Propriétaire\Mes documents\Mes vidéos\VIDEOS, MUSIQUES.......RECUS\Apprendre l'astronomie avec;Adware.Casino;Quarantaine.;
KillWind.exe;C:\hp\bin;Tool.ProcessKill;Quarantaine.;
j'ai cliqué sur quarantaine car je ne savais pas pour C:/hp si je devais supprimer
je scan avec combofix dès demain en rentrant du travail
excusez-moi de ne pas avoir lu plus tot vos derniers posts, c'est du temps perdu inutilement
j'ai laissée toute la journée de lundi le pc scanner avec dr web qui m'a detecté 8 infections dont celles du début de mon post, mais le pc s'est éteint avant la fin, j'ai relancé dr web et plus que 3 infections :
RegUBP2b-Compaq_Propriétaire.reg;C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Snapshots2;Trojan.StartPage.1505;Supprimé.;
!Apprendre l'astronomie avec Redshift - Montparnasse [ installer ];C:\Documents and Settings\Compaq_Propriétaire\Mes documents\Mes vidéos\VIDEOS, MUSIQUES.......RECUS\Apprendre l'astronomie avec;Adware.Casino;Quarantaine.;
KillWind.exe;C:\hp\bin;Tool.ProcessKill;Quarantaine.;
j'ai cliqué sur quarantaine car je ne savais pas pour C:/hp si je devais supprimer
je scan avec combofix dès demain en rentrant du travail
excusez-moi de ne pas avoir lu plus tot vos derniers posts, c'est du temps perdu inutilement
Sauvegarde...
guigui
j'ai téléchar ger combofix un instant et le premier téléchagement ne fonctionnant pas très bien petit message avec ce mot '"corrompt'" et quelque chose d'écrit d'autre puis (logo combofix figé) impossible à ouvrir j'ai téléchargé une deuxième fois et voilà un fenetre qui s'ouvre
"you cannot rename ComboFix (1) please use another name, preferbaly made up of alphanuméric charaters"
pour le premier chargement j'avais tout desactivé mes protections et pour le deuxième j'ai remis le pare feu par prudence,
je pense qu'il faut que je renomme combofix, mais comment
depuis l'autre jour bien souvent les logiciels de désinfection sont corrompu ça vient de quoi ?
merci à toi et excuse moi de ce contre temps
j'ai téléchar ger combofix un instant et le premier téléchagement ne fonctionnant pas très bien petit message avec ce mot '"corrompt'" et quelque chose d'écrit d'autre puis (logo combofix figé) impossible à ouvrir j'ai téléchargé une deuxième fois et voilà un fenetre qui s'ouvre
"you cannot rename ComboFix (1) please use another name, preferbaly made up of alphanuméric charaters"
pour le premier chargement j'avais tout desactivé mes protections et pour le deuxième j'ai remis le pare feu par prudence,
je pense qu'il faut que je renomme combofix, mais comment
depuis l'autre jour bien souvent les logiciels de désinfection sont corrompu ça vient de quoi ?
merci à toi et excuse moi de ce contre temps
Sauvegarde...
sécunia enfin scanner jusqu'au bout, mise à jour effectuer par le biais de sécunia et sur le site windows uptate, bonne chose de faite
comboFix télécharger sur bureau, je le lance demain en fin d'après midi
es-ce que je peux supprimer manuellement les fichiers infectés à l'origine avant de lancer comboFix, je sais où ils sont, ils ne sont plus considés comme infectés par dr web, mais je n'en veut plus
merci pour ton aide
comboFix télécharger sur bureau, je le lance demain en fin d'après midi
es-ce que je peux supprimer manuellement les fichiers infectés à l'origine avant de lancer comboFix, je sais où ils sont, ils ne sont plus considés comme infectés par dr web, mais je n'en veut plus
merci pour ton aide
Sauvegarde...
Il ont été désinfecter je pense, si t'en veut plus tu peut lessupprimer :super:
Avant de lancer combofix pense a désactiver protection ;)
Avant de lancer combofix pense a désactiver protection ;)
Sauvegarde...
oui fichier de malheur supprimé, je m'en tiens à mes petits documentaires sur la nature dorénavent
voici le rapport de comboFix
ComboFix 08-09-24.01 - Compaq_Propri?taire 2008-09-24 22:35:17.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.169 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\Compaq_Propri?taire\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\InternetSoftware\pcre3.dll
C:\Program Files\InternetSoftware\uninstall.exe
C:\WINDOWS\Downloaded Program Files\setup.inf
D:\Autorun.inf
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-24 au 2008-09-24 ))))))))))))))))))))))))))))))))))))
.
2008-09-24 11:08 . 2008-09-24 11:08 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-09-24 10:50 . 2008-07-18 22:07 270,880 --a------ C:\WINDOWS\system32\mucltui.dll
2008-09-24 10:50 . 2008-07-18 22:07 29,728 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-09-23 23:20 . <REP> C:\Documents and Settings\Compaq_Propriétaire\Application Data\vlc
2008-09-23 21:53 . 2008-09-23 21:53 <REP> d-------- C:\Program Files\filehippo.com
2008-09-23 20:04 . 2008-09-23 20:04 <REP> d-------- C:\Program Files\Secunia
2008-09-19 00:00 . 2008-09-19 00:00 <REP> d-------- C:\VundoFix Backups
2008-09-17 17:11 . 2008-09-20 19:12 <REP> d-------- C:\Program Files\a-squared Anti-Dialer
2008-09-17 13:49 . <REP> C:\Documents and Settings\Compaq_Propriétaire\DoctorWeb
2008-09-16 21:49 . 2008-09-16 21:48 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-09-15 20:37 . 2008-09-15 20:37 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-09-13 14:51 . 2008-09-17 20:01 <REP> d-------- C:\Program Files\DivX
2008-09-07 23:52 . 2008-09-07 23:52 <REP> d-------- C:\WINDOWS\system32\hdined32.nls.{00021401-0000-0000-C000-000000000046}
2008-09-07 23:51 . 2008-09-08 00:10 <REP> d-------- C:\Program Files\burnatonce
2008-08-29 20:38 . 2008-09-05 22:15 <REP> d-------- C:\WINDOWS\system32\CatRoot_bak
2008-08-28 10:31 . 2008-08-28 10:31 13,580 --a------ C:\Documents and Settings\@4ad749ef87874a367f01c31e87803d0a2d9c4c98
2008-08-27 19:01 . 2006-08-09 11:08 241,664 --a------ C:\WINDOWS\system32\SuDoku.ocx
2008-08-27 19:01 . 2004-03-09 00:00 212,240 --a------ C:\WINDOWS\system32\RICHTX32.OCX
2008-08-27 19:01 . 2006-08-09 10:54 86,016 --a------ C:\WINDOWS\system32\NumberSequence.ocx
2008-08-27 19:01 . 2006-08-08 17:36 61,440 --a------ C:\WINDOWS\system32\NumberCrunch.ocx
2008-08-27 19:01 . 2006-08-09 20:37 57,344 --a------ C:\WINDOWS\system32\WordSearch.ocx
2008-08-27 19:01 . 2006-08-16 11:32 49,152 --a------ C:\WINDOWS\system32\SpellingTest.ocx
2008-08-27 19:01 . 2006-08-20 15:00 49,152 --a------ C:\WINDOWS\system32\Reading.ocx
2008-08-25 18:38 . 2007-09-02 20:56 1,686,016 --a------ C:\WINDOWS\system32\clinetsuitex6.ocx
2008-08-25 18:38 . 2004-03-09 16:45 662,288 --a------ C:\WINDOWS\system32\MSCOMCT2.OCX
2008-08-25 18:38 . 2004-06-14 14:56 427,864 --a------ C:\WINDOWS\system32\XceedZip.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-24 20:35 --------- d-----w C:\Program Files\InternetSoftware
2008-09-24 20:34 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\OpenOffice.org2
2008-09-24 20:31 --------- d-----w C:\Program Files\Wanadoo
2008-09-23 11:40 --------- d-----w C:\Program Files\epson
2008-09-22 17:08 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-21 00:57 31,102 ----a-w C:\Documents and Settings\Compaq_Propriétaire\Application Data\wklnhst.dat
2008-09-17 22:30 --------- d-----w C:\Program Files\LimeWire
2008-09-16 21:38 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\LimeWire
2008-09-16 21:08 --------- d-----w C:\Program Files\eMule
2008-09-13 10:19 --------- d-----w C:\Program Files\Sport cérébral Brain challenge
2008-09-12 23:47 --------- d-----w C:\Program Files\CCleaner
2008-09-10 11:04 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-09-09 22:04 38,528 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-09 22:03 17,200 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2008-09-07 20:25 --------- d-----w C:\Program Files\Wanadoo Messager
2008-08-31 22:24 --------- d-----w C:\Program Files\Java
2008-08-27 16:43 --------- d-----w C:\Program Files\Bible
2008-08-25 21:27 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-08-22 01:37 --------- d-----w C:\Program Files\PourCent
2008-08-22 01:14 --------- d-----w C:\Program Files\DVD Decrypter
2008-08-16 21:20 --------- d-----w C:\Program Files\Systeme
2008-08-16 21:19 --------- d-----w C:\Program Files\menumath
2008-08-14 23:58 73,728 ----a-w C:\WINDOWS\ALCFDRTM.EXE
2008-08-14 21:22 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AdobeUM
2008-08-14 01:30 --------- d-----w C:\Program Files\scrabbleproB1.0.8
2008-08-13 02:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-12 17:22 --------- d-----w C:\Program Files\Micro Trivial Pursuit
2008-08-11 23:27 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-08-11 23:27 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\DAEMON Tools
2008-08-11 22:58 --------- d-----w C:\Program Files\MSN Messenger
2008-08-11 22:20 --------- d-----w C:\Documents and Settings\LocalService\Application Data\agi
2008-08-11 22:19 327,680 ----a-w C:\WINDOWS\system32\pythoncom25.dll
2008-08-11 22:19 2,113,536 ----a-w C:\WINDOWS\system32\python25.dll
2008-08-11 22:19 102,400 ----a-w C:\WINDOWS\system32\pywintypes25.dll
2008-08-11 22:19 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\agi
2008-07-28 15:53 110 ----a-w C:\ripp.bat
2008-07-28 14:34 --------- d-----w C:\Program Files\AviSynth 2.5
2008-07-26 11:22 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-25 08:36 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-07-24 20:53 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-07-23 16:50 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-07-23 16:48 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-07-23 16:48 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-07-23 16:46 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\dllcache\es.dll
2008-07-06 00:23 3,460 ----a-w C:\Program Files\SETUP.LST
2008-07-06 00:16 290,816 ------w C:\WINDOWS\Setup1.exe
2008-06-26 22:00 74,752 ------w C:\WINDOWS\ST6UNST.EXE
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\dllcache\mscms.dll
2008-06-24 16:12 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll
2008-06-24 08:28 3,592,192 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-04-02 21:37 5,170,176 ----a-w C:\Program Files\WindowsDefender.msi
1998-07-12 22:00 21,504 ----a-w C:\Program Files\TABCTFR.DLL
2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 11:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
2007-12-17 13:43 27,648 --sh--w C:\WINDOWS\system32\Smab0.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 122880]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-06 15360]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"Acme.PCHButton"="C:\PROGRA~1\HELPAN~1\HPQ\XPXWWPP5\plugin\bin\PCHButton.exe" [2006-09-17 159744]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 1832272]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288]
"filehippo.com"="C:\Program Files\filehippo.com\UpdateChecker.exe" [2008-07-03 137216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-08 52736]
"KBD"="C:\HP\KBD\KBD.EXE" [2003-02-12 61440]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2004-10-13 278528]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-15 233472]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-04 344064]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2003-09-13 98304]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-15 253952]
"Reminder"="C:\Windows\Creator\Remind_XP.exe" [2004-12-14 663552]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 20480]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 32768]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-18 266497]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-08-19 185896]
"BigDogPath"="C:\WINDOWS\VM_STI.EXE" [2004-06-09 40960]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"a-squared"="C:\Program Files\a-squared Anti-Dialer\a2adguard.exe" [2008-06-03 1497744]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 C:\WINDOWS\system32\Hdaudpropshortcut.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-30 C:\WINDOWS\AGRSMMSG.exe]
"SoundMan"="SOUNDMAN.EXE" [2005-02-22 C:\WINDOWS\SOUNDMAN.EXE]
"AlcWzrd"="ALCWZRD.EXE" [2005-02-19 C:\WINDOWS\ALCWZRD.EXE]
C:\Documents and Settings\Yvan\Menu D?marrer\Programmes\D?marrage\
M?mento.lnk - C:\QUICKENW\BILLMIND.EXE [2007-11-13 32768]
C:\Documents and Settings\Compaq_Propri?taire\Menu D?marrer\Programmes\D?marrage\
M?mento.lnk - C:\QUICKENW\BILLMIND.EXE [2007-11-13 32768]
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216]
Secunia PSI (RC3).lnk - C:\Program Files\Secunia\PSI (RC3)\psi.exe [2008-06-16 663552]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"vidc.yv12"= yv12vfw.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\avcenter.exe"=
"C:\\WINDOWS\\system32\\fxsclnt.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"17250:TCP"= 17250:TCP:emule
"53747:UDP"= 53747:UDP:emule
"6346:TCP"= 6346:TCP:Gnutella
"6346:UDP"= 6346:UDP:Gnutella
R2 a2AntiDialer;a-squared Anti-Dialer Service;C:\Program Files\a-squared Anti-Dialer\a2service.exe [2008-09-17 380536]
R3 PSI;PSI;C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2008-06-16 7808]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{28a6a304-9541-11d9-b668-806d6172696f}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
.
Contenu du dossier 'Tâches planifiées'
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-ares - C:\Program Files\Ares\Ares.exe
HKCU-Run-DAEMON Tools Lite - C:\Program Files\DAEMON Tools Lite\daemon.exe
HKLM-Run-EPSON Stylus DX3800 Series - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
HKLM-Run-DAEMON Tools - C:\Program Files\DAEMON Tools\daemon.exe
.
------- Examen supplémentaire -------
.
R0 -: HKCU-Main,Start Page = www.clubic.com...
R0 -: HKCU-Main,Default_Search_URL = ie.redirect.hp.com...
R0 -: HKLM-Main,Search Bar = ie.redirect.hp.com...
O16 -: CabBuilder - kiw.imgag.com...
C:\WINDOWS\Downloaded Program Files\OSDED4D.OSD
C:\WINDOWS\Downloaded Program Files\InstallerControl.dll
O16 -: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - jeuxmultijoueurs.orange.fr...
C:\WINDOWS\Downloaded Program Files\OberonGameHost_dbg.inf
C:\WINDOWS\Downloaded Program Files\OberonGameHost.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, www.gmer.net...
Rootkit scan 2008-09-24 22:38:52
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
Heure de fin: 2008-09-24 22:40:25
ComboFix-quarantined-files.txt 2008-09-24 20:40:22
Avant-CF: 1ÿ634ÿ369ÿ536 octets libres
Après-CF: 2,267,590,656 octets libres
222 --- E O F --- 2008-09-24 09:09:04
combofix m'a supprimé des trucs, c'était encore des infections ?
j'aimerais savoir par contre, pourquoi lors d'infections comme celles-ci le pc est rapide les premieres minutes et ensuite il rame, pourquoi il rame pas dès l'ouverture ?
excuse pour toutes ces questions, mais à la maison je ne suis pas seule à me la poser
hormis bitedefender où je vais effectuer un scan en ligne es-ce que je peux encore faire autre chose pour etre sure que mon pc est sain
il rame très léger encore, mais possible qu'il faut encore que j'ouvre mon unité centrale et que dépoussière à l'interieur et surtout dans le ventilo, car il fait du bruit depuis quelques jours
vraiment merci pour ton aide et celle de tous,
Edité le 24/09/2008 à 23:10
voici le rapport de comboFix
ComboFix 08-09-24.01 - Compaq_Propri?taire 2008-09-24 22:35:17.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.169 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\Compaq_Propri?taire\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\InternetSoftware\pcre3.dll
C:\Program Files\InternetSoftware\uninstall.exe
C:\WINDOWS\Downloaded Program Files\setup.inf
D:\Autorun.inf
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-24 au 2008-09-24 ))))))))))))))))))))))))))))))))))))
.
2008-09-24 11:08 . 2008-09-24 11:08 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-09-24 10:50 . 2008-07-18 22:07 270,880 --a------ C:\WINDOWS\system32\mucltui.dll
2008-09-24 10:50 . 2008-07-18 22:07 29,728 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-09-23 23:20 . <REP> C:\Documents and Settings\Compaq_Propriétaire\Application Data\vlc
2008-09-23 21:53 . 2008-09-23 21:53 <REP> d-------- C:\Program Files\filehippo.com
2008-09-23 20:04 . 2008-09-23 20:04 <REP> d-------- C:\Program Files\Secunia
2008-09-19 00:00 . 2008-09-19 00:00 <REP> d-------- C:\VundoFix Backups
2008-09-17 17:11 . 2008-09-20 19:12 <REP> d-------- C:\Program Files\a-squared Anti-Dialer
2008-09-17 13:49 . <REP> C:\Documents and Settings\Compaq_Propriétaire\DoctorWeb
2008-09-16 21:49 . 2008-09-16 21:48 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-09-15 20:37 . 2008-09-15 20:37 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-09-13 14:51 . 2008-09-17 20:01 <REP> d-------- C:\Program Files\DivX
2008-09-07 23:52 . 2008-09-07 23:52 <REP> d-------- C:\WINDOWS\system32\hdined32.nls.{00021401-0000-0000-C000-000000000046}
2008-09-07 23:51 . 2008-09-08 00:10 <REP> d-------- C:\Program Files\burnatonce
2008-08-29 20:38 . 2008-09-05 22:15 <REP> d-------- C:\WINDOWS\system32\CatRoot_bak
2008-08-28 10:31 . 2008-08-28 10:31 13,580 --a------ C:\Documents and Settings\@4ad749ef87874a367f01c31e87803d0a2d9c4c98
2008-08-27 19:01 . 2006-08-09 11:08 241,664 --a------ C:\WINDOWS\system32\SuDoku.ocx
2008-08-27 19:01 . 2004-03-09 00:00 212,240 --a------ C:\WINDOWS\system32\RICHTX32.OCX
2008-08-27 19:01 . 2006-08-09 10:54 86,016 --a------ C:\WINDOWS\system32\NumberSequence.ocx
2008-08-27 19:01 . 2006-08-08 17:36 61,440 --a------ C:\WINDOWS\system32\NumberCrunch.ocx
2008-08-27 19:01 . 2006-08-09 20:37 57,344 --a------ C:\WINDOWS\system32\WordSearch.ocx
2008-08-27 19:01 . 2006-08-16 11:32 49,152 --a------ C:\WINDOWS\system32\SpellingTest.ocx
2008-08-27 19:01 . 2006-08-20 15:00 49,152 --a------ C:\WINDOWS\system32\Reading.ocx
2008-08-25 18:38 . 2007-09-02 20:56 1,686,016 --a------ C:\WINDOWS\system32\clinetsuitex6.ocx
2008-08-25 18:38 . 2004-03-09 16:45 662,288 --a------ C:\WINDOWS\system32\MSCOMCT2.OCX
2008-08-25 18:38 . 2004-06-14 14:56 427,864 --a------ C:\WINDOWS\system32\XceedZip.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-24 20:35 --------- d-----w C:\Program Files\InternetSoftware
2008-09-24 20:34 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\OpenOffice.org2
2008-09-24 20:31 --------- d-----w C:\Program Files\Wanadoo
2008-09-23 11:40 --------- d-----w C:\Program Files\epson
2008-09-22 17:08 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-21 00:57 31,102 ----a-w C:\Documents and Settings\Compaq_Propriétaire\Application Data\wklnhst.dat
2008-09-17 22:30 --------- d-----w C:\Program Files\LimeWire
2008-09-16 21:38 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\LimeWire
2008-09-16 21:08 --------- d-----w C:\Program Files\eMule
2008-09-13 10:19 --------- d-----w C:\Program Files\Sport cérébral Brain challenge
2008-09-12 23:47 --------- d-----w C:\Program Files\CCleaner
2008-09-10 11:04 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-09-09 22:04 38,528 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-09 22:03 17,200 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2008-09-07 20:25 --------- d-----w C:\Program Files\Wanadoo Messager
2008-08-31 22:24 --------- d-----w C:\Program Files\Java
2008-08-27 16:43 --------- d-----w C:\Program Files\Bible
2008-08-25 21:27 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-08-22 01:37 --------- d-----w C:\Program Files\PourCent
2008-08-22 01:14 --------- d-----w C:\Program Files\DVD Decrypter
2008-08-16 21:20 --------- d-----w C:\Program Files\Systeme
2008-08-16 21:19 --------- d-----w C:\Program Files\menumath
2008-08-14 23:58 73,728 ----a-w C:\WINDOWS\ALCFDRTM.EXE
2008-08-14 21:22 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AdobeUM
2008-08-14 01:30 --------- d-----w C:\Program Files\scrabbleproB1.0.8
2008-08-13 02:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-12 17:22 --------- d-----w C:\Program Files\Micro Trivial Pursuit
2008-08-11 23:27 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-08-11 23:27 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\DAEMON Tools
2008-08-11 22:58 --------- d-----w C:\Program Files\MSN Messenger
2008-08-11 22:20 --------- d-----w C:\Documents and Settings\LocalService\Application Data\agi
2008-08-11 22:19 327,680 ----a-w C:\WINDOWS\system32\pythoncom25.dll
2008-08-11 22:19 2,113,536 ----a-w C:\WINDOWS\system32\python25.dll
2008-08-11 22:19 102,400 ----a-w C:\WINDOWS\system32\pywintypes25.dll
2008-08-11 22:19 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\agi
2008-07-28 15:53 110 ----a-w C:\ripp.bat
2008-07-28 14:34 --------- d-----w C:\Program Files\AviSynth 2.5
2008-07-26 11:22 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-25 08:36 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-07-24 20:53 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-07-23 16:50 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-07-23 16:48 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-07-23 16:48 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-07-23 16:46 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\dllcache\es.dll
2008-07-06 00:23 3,460 ----a-w C:\Program Files\SETUP.LST
2008-07-06 00:16 290,816 ------w C:\WINDOWS\Setup1.exe
2008-06-26 22:00 74,752 ------w C:\WINDOWS\ST6UNST.EXE
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\dllcache\mscms.dll
2008-06-24 16:12 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll
2008-06-24 08:28 3,592,192 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-04-02 21:37 5,170,176 ----a-w C:\Program Files\WindowsDefender.msi
1998-07-12 22:00 21,504 ----a-w C:\Program Files\TABCTFR.DLL
2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 11:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
2007-12-17 13:43 27,648 --sh--w C:\WINDOWS\system32\Smab0.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 122880]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-06 15360]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"Acme.PCHButton"="C:\PROGRA~1\HELPAN~1\HPQ\XPXWWPP5\plugin\bin\PCHButton.exe" [2006-09-17 159744]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 1832272]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288]
"filehippo.com"="C:\Program Files\filehippo.com\UpdateChecker.exe" [2008-07-03 137216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-08 52736]
"KBD"="C:\HP\KBD\KBD.EXE" [2003-02-12 61440]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2004-10-13 278528]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-15 233472]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-04 344064]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2003-09-13 98304]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-15 253952]
"Reminder"="C:\Windows\Creator\Remind_XP.exe" [2004-12-14 663552]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 20480]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 32768]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-18 266497]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-08-19 185896]
"BigDogPath"="C:\WINDOWS\VM_STI.EXE" [2004-06-09 40960]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"a-squared"="C:\Program Files\a-squared Anti-Dialer\a2adguard.exe" [2008-06-03 1497744]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 C:\WINDOWS\system32\Hdaudpropshortcut.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-30 C:\WINDOWS\AGRSMMSG.exe]
"SoundMan"="SOUNDMAN.EXE" [2005-02-22 C:\WINDOWS\SOUNDMAN.EXE]
"AlcWzrd"="ALCWZRD.EXE" [2005-02-19 C:\WINDOWS\ALCWZRD.EXE]
C:\Documents and Settings\Yvan\Menu D?marrer\Programmes\D?marrage\
M?mento.lnk - C:\QUICKENW\BILLMIND.EXE [2007-11-13 32768]
C:\Documents and Settings\Compaq_Propri?taire\Menu D?marrer\Programmes\D?marrage\
M?mento.lnk - C:\QUICKENW\BILLMIND.EXE [2007-11-13 32768]
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216]
Secunia PSI (RC3).lnk - C:\Program Files\Secunia\PSI (RC3)\psi.exe [2008-06-16 663552]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"vidc.yv12"= yv12vfw.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\avcenter.exe"=
"C:\\WINDOWS\\system32\\fxsclnt.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"17250:TCP"= 17250:TCP:emule
"53747:UDP"= 53747:UDP:emule
"6346:TCP"= 6346:TCP:Gnutella
"6346:UDP"= 6346:UDP:Gnutella
R2 a2AntiDialer;a-squared Anti-Dialer Service;C:\Program Files\a-squared Anti-Dialer\a2service.exe [2008-09-17 380536]
R3 PSI;PSI;C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2008-06-16 7808]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{28a6a304-9541-11d9-b668-806d6172696f}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
.
Contenu du dossier 'Tâches planifiées'
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-ares - C:\Program Files\Ares\Ares.exe
HKCU-Run-DAEMON Tools Lite - C:\Program Files\DAEMON Tools Lite\daemon.exe
HKLM-Run-EPSON Stylus DX3800 Series - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
HKLM-Run-DAEMON Tools - C:\Program Files\DAEMON Tools\daemon.exe
.
------- Examen supplémentaire -------
.
R0 -: HKCU-Main,Start Page = www.clubic.com...
R0 -: HKCU-Main,Default_Search_URL = ie.redirect.hp.com...
R0 -: HKLM-Main,Search Bar = ie.redirect.hp.com...
O16 -: CabBuilder - kiw.imgag.com...
C:\WINDOWS\Downloaded Program Files\OSDED4D.OSD
C:\WINDOWS\Downloaded Program Files\InstallerControl.dll
O16 -: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - jeuxmultijoueurs.orange.fr...
C:\WINDOWS\Downloaded Program Files\OberonGameHost_dbg.inf
C:\WINDOWS\Downloaded Program Files\OberonGameHost.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, www.gmer.net...
Rootkit scan 2008-09-24 22:38:52
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
Heure de fin: 2008-09-24 22:40:25
ComboFix-quarantined-files.txt 2008-09-24 20:40:22
Avant-CF: 1ÿ634ÿ369ÿ536 octets libres
Après-CF: 2,267,590,656 octets libres
222 --- E O F --- 2008-09-24 09:09:04
combofix m'a supprimé des trucs, c'était encore des infections ?
j'aimerais savoir par contre, pourquoi lors d'infections comme celles-ci le pc est rapide les premieres minutes et ensuite il rame, pourquoi il rame pas dès l'ouverture ?
excuse pour toutes ces questions, mais à la maison je ne suis pas seule à me la poser
hormis bitedefender où je vais effectuer un scan en ligne es-ce que je peux encore faire autre chose pour etre sure que mon pc est sain
il rame très léger encore, mais possible qu'il faut encore que j'ouvre mon unité centrale et que dépoussière à l'interieur et surtout dans le ventilo, car il fait du bruit depuis quelques jours
vraiment merci pour ton aide et celle de tous,
Edité le 24/09/2008 à 23:10
Sauvegarde...
Oui.combofix m'a supprimé des trucs, c'était encore des infections ?
Car les fichier infecter ne doivent pas ce charger dés le démarrage'aimerais savoir par contre, pourquoi lors d'infections comme celles-ci le pc est rapide les premieres minutes et ensuite il rame, pourquoi il rame pas dès l'ouverture ?
Désactive tes proctections
Télécharge ce fichier puis fait le glisser sur combofix
Tu peut faire d'autre scan en ligne, il sont pour la plupart mis ici vers le milieux www.clubic.com...
Edité le 24/09/2008 à 23:18
Sauvegarde...
je désactive les protections:)
je télécharge l'antivirus NOD32 sur le bureau ?
et ensuite je fais un glisser poser sur le logo de combofix ?
je fais quoi ensuite avec l'anti virus qui est dans combofix
es-ce que je conserve mon anti virus actuelle?
je télécharge l'antivirus NOD32 sur le bureau ?
et ensuite je fais un glisser poser sur le logo de combofix ?
je fais quoi ensuite avec l'anti virus qui est dans combofix
es-ce que je conserve mon anti virus actuelle?
Sauvegarde...
quand je vais dans le lien que tu m'as donné en premier, je vois télécharger antivirus ...
j'ai cliqué aussi dans free téléchargé ce fichier et ça me conduit à une page blanche où c'est marqué :
File::
C:\WINDOWS\system32\Smab0.dll
Folder::
C:\Program Files\InternetSoftware
sinon avec le lien de clubic, j'ai reléchargé hijacthis et il a scanner completement
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:01:15, on 25/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\VM_STI.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\MaxiMemo\MaxiMemo.exe
C:\Program Files\Secunia\PSI (RC3)\psi.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\FFC7W4EH\HiJackThis[1].exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Compaq_Propriétaire\Bureau\scan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = ie.redirect.hp.com...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.clubic.com...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = ie.redirect.hp.com...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - (no file)
O3 - Toolbar: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - (no file)
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\HPQ\XPXWWPP5\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: Mémento.lnk = C:\QUICKENW\BILLMIND.EXE
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Startup: Secunia PSI (RC3).lnk = C:\Program Files\Secunia\PSI (RC3)\psi.exe
O4 - Startup: SHARE.lnk = C:\Program Files\SHARE 1.0 EX2\Share.bat
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: MaxiMemo.lnk = C:\Program Files\MaxiMemo\MaxiMemo.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - www.wanadoo.fr... (file missing) (HKCU)
O15 - Trusted Zone: toolbar.imageshack.us...
O16 - DPF: CabBuilder - kiw.imgag.com...
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - webscanner.kaspersky.fr...
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - messenger.zone.msn.com...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - messenger.zone.msn.com...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - download.bitdefender.com...
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - cdn.scan.onecare.live.com...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - espoirenjesus.spaces.live.com...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - messenger.zone.msn.com...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - jeuxmultijoueurs.orange.fr...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com...
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
--
End of file - 10457 bytes
je fais un scan en ligne qui est sur clubic et je pense qu'après ça, se sera le dernier
Edité le 25/09/2008 à 22:10
j'ai cliqué aussi dans free téléchargé ce fichier et ça me conduit à une page blanche où c'est marqué :
File::
C:\WINDOWS\system32\Smab0.dll
Folder::
C:\Program Files\InternetSoftware
sinon avec le lien de clubic, j'ai reléchargé hijacthis et il a scanner completement
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:01:15, on 25/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\VM_STI.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\MaxiMemo\MaxiMemo.exe
C:\Program Files\Secunia\PSI (RC3)\psi.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\FFC7W4EH\HiJackThis[1].exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Compaq_Propriétaire\Bureau\scan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = ie.redirect.hp.com...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.clubic.com...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = ie.redirect.hp.com...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - (no file)
O3 - Toolbar: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - (no file)
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\HPQ\XPXWWPP5\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: Mémento.lnk = C:\QUICKENW\BILLMIND.EXE
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Startup: Secunia PSI (RC3).lnk = C:\Program Files\Secunia\PSI (RC3)\psi.exe
O4 - Startup: SHARE.lnk = C:\Program Files\SHARE 1.0 EX2\Share.bat
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: MaxiMemo.lnk = C:\Program Files\MaxiMemo\MaxiMemo.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - www.wanadoo.fr... (file missing) (HKCU)
O15 - Trusted Zone: toolbar.imageshack.us...
O16 - DPF: CabBuilder - kiw.imgag.com...
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - webscanner.kaspersky.fr...
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - messenger.zone.msn.com...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - messenger.zone.msn.com...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - download.bitdefender.com...
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - cdn.scan.onecare.live.com...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - espoirenjesus.spaces.live.com...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - messenger.zone.msn.com...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - jeuxmultijoueurs.orange.fr...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com...
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
--
End of file - 10457 bytes
je fais un scan en ligne qui est sur clubic et je pense qu'après ça, se sera le dernier
Edité le 25/09/2008 à 22:10
Sauvegarde...
Fait clique droit enregistrer sous sur ce lien puis fait glisser le fichier sur comofix
Sauvegarde...
voici le log de combofix :
ComboFix 08-09-25.03 - Compaq_Propri?taire 2008-09-26 3:55:01.2 - NTFSx86
Lancé depuis: C:\Documents and Settings\Compaq_Propri?taire\Bureau\ComboFix.exe
Commutateurs utilisés :: C:\Documents and Settings\Compaq_Propri?taire\Bureau\CFScript.txt
FILE ::
C:\WINDOWS\system32\Smab0.dll
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\InternetSoftware
C:\WINDOWS\system32\Smab0.dll
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-26 au 2008-09-26 ))))))))))))))))))))))))))))))))))))
.
2008-09-26 01:39 . 2008-09-26 01:39 <REP> d-------- C:\WINDOWS\LastGood.Tmp
2008-09-26 00:54 . 2008-09-26 00:54 <REP> d-------- C:\WINDOWS\system32\fr
2008-09-26 00:54 . 2008-09-26 00:54 <REP> d-------- C:\WINDOWS\system32\bits
2008-09-26 00:54 . 2008-09-26 00:54 <REP> d-------- C:\WINDOWS\l2schemas
2008-09-26 00:35 . 2008-09-26 00:57 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-09-25 23:24 . 2008-09-25 23:25 <REP> d-------- C:\WINDOWS\EHome
2008-09-25 22:16 . 2008-09-25 22:34 <REP> d-------- C:\Program Files\EsetOnlineScanner
2008-09-24 11:08 . 2008-09-24 11:08 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-09-24 10:50 . 2008-07-18 22:07 270,880 --a------ C:\WINDOWS\system32\mucltui.dll
2008-09-24 10:50 . 2008-07-18 22:07 29,728 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-09-23 23:20 . <REP> C:\Documents and Settings\Compaq_Propriétaire\Application Data\vlc
2008-09-23 20:04 . 2008-09-23 20:04 <REP> d-------- C:\Program Files\Secunia
2008-09-17 17:11 . 2008-09-25 00:54 <REP> d-------- C:\Program Files\a-squared Anti-Dialer
2008-09-17 13:49 . <REP> C:\Documents and Settings\Compaq_Propriétaire\DoctorWeb
2008-09-16 21:49 . 2008-09-16 21:48 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-09-15 20:37 . 2008-09-15 20:37 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-09-13 14:51 . 2008-09-17 20:01 <REP> d-------- C:\Program Files\DivX
2008-09-07 23:52 . 2008-09-07 23:52 <REP> d-------- C:\WINDOWS\system32\hdined32.nls.{00021401-0000-0000-C000-000000000046}
2008-09-07 23:51 . 2008-09-08 00:10 <REP> d-------- C:\Program Files\burnatonce
2008-08-29 20:52 . 2004-08-04 00:38 327,168 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2008-08-28 10:31 . 2008-08-28 10:31 13,580 --a------ C:\Documents and Settings\@4ad749ef87874a367f01c31e87803d0a2d9c4c98
2008-08-27 19:01 . 2006-08-09 11:08 241,664 --a------ C:\WINDOWS\system32\SuDoku.ocx
2008-08-27 19:01 . 2004-03-09 00:00 212,240 --a------ C:\WINDOWS\system32\RICHTX32.OCX
2008-08-27 19:01 . 2006-08-09 10:54 86,016 --a------ C:\WINDOWS\system32\NumberSequence.ocx
2008-08-27 19:01 . 2006-08-08 17:36 61,440 --a------ C:\WINDOWS\system32\NumberCrunch.ocx
2008-08-27 19:01 . 2006-08-09 20:37 57,344 --a------ C:\WINDOWS\system32\WordSearch.ocx
2008-08-27 19:01 . 2006-08-16 11:32 49,152 --a------ C:\WINDOWS\system32\SpellingTest.ocx
2008-08-27 19:01 . 2006-08-20 15:00 49,152 --a------ C:\WINDOWS\system32\Reading.ocx
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-26 01:31 --------- d-----w C:\Program Files\Wanadoo
2008-09-26 01:15 --------- d-----w C:\Program Files\MSN Messenger
2008-09-26 01:14 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\OpenOffice.org2
2008-09-25 20:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-24 22:31 --------- d-----w C:\Program Files\eMule
2008-09-23 11:40 --------- d-----w C:\Program Files\epson
2008-09-22 17:08 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-21 00:57 31,102 ----a-w C:\Documents and Settings\Compaq_Propriétaire\Application Data\wklnhst.dat
2008-09-17 22:30 --------- d-----w C:\Program Files\LimeWire
2008-09-16 21:38 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\LimeWire
2008-09-13 10:19 --------- d-----w C:\Program Files\Sport cérébral Brain challenge
2008-09-12 23:47 --------- d-----w C:\Program Files\CCleaner
2008-09-10 11:04 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-09-09 22:04 38,528 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-09 22:03 17,200 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2008-09-07 20:25 --------- d-----w C:\Program Files\Wanadoo Messager
2008-08-31 22:24 --------- d-----w C:\Program Files\Java
2008-08-27 16:43 --------- d-----w C:\Program Files\Bible
2008-08-25 21:27 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-08-22 01:37 --------- d-----w C:\Program Files\PourCent
2008-08-22 01:14 --------- d-----w C:\Program Files\DVD Decrypter
2008-08-16 21:20 --------- d-----w C:\Program Files\Systeme
2008-08-16 21:19 --------- d-----w C:\Program Files\menumath
2008-08-14 23:58 73,728 ----a-w C:\WINDOWS\ALCFDRTM.EXE
2008-08-14 21:22 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AdobeUM
2008-08-14 01:30 --------- d-----w C:\Program Files\scrabbleproB1.0.8
2008-08-12 17:22 --------- d-----w C:\Program Files\Micro Trivial Pursuit
2008-08-11 23:27 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-08-11 23:27 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\DAEMON Tools
2008-08-11 22:20 --------- d-----w C:\Documents and Settings\LocalService\Application Data\agi
2008-08-11 22:19 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\agi
2008-07-28 15:53 110 ----a-w C:\ripp.bat
2008-07-28 14:34 --------- d-----w C:\Program Files\AviSynth 2.5
2008-07-26 11:22 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-06 00:23 3,460 ----a-w C:\Program Files\SETUP.LST
2008-07-06 00:16 290,816 ------w C:\WINDOWS\Setup1.exe
2008-06-26 22:00 74,752 ------w C:\WINDOWS\ST6UNST.EXE
2007-04-02 21:37 5,170,176 ----a-w C:\Program Files\WindowsDefender.msi
1998-07-12 22:00 21,504 ----a-w C:\Program Files\TABCTFR.DLL
2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 11:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
.
((((((((((((((((((((((((((((( snapshot@2008-09-24_22.40.00.81 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-08-04 13:07:10 82,944 -c----w C:\WINDOWS\$NtUninstallKB946648$\msgsc.dll
+ 2004-08-04 13:07:10 82,944 -c----w C:\WINDOWS\$NtUninstallKB946648_0$\msgsc.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB946648_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB946648_0$\spuninst\updspapi.dll
- 2004-08-05 04:00:00 200,064 -c----w C:\WINDOWS\$NtUninstallKB950762$\rmcast.sys
+ 2004-08-05 04:00:00 200,064 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\rmcast.sys
+ 2007-11-30 12:39:29 26,488 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\spcustom.dll
+ 2007-11-30 12:39:29 18,296 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\spmsg.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\spuninst.exe
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\spuninst\updspapi.dll
+ 2007-11-30 12:39:29 767,352 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\update.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\updspapi.dll
- 2005-07-26 04:39:57 243,200 -c----w C:\WINDOWS\$NtUninstallKB950974$\es.dll
+ 2005-07-26 04:39:57 243,200 -c----w C:\WINDOWS\$NtUninstallKB950974_0$\es.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB950974_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:29 406,392 -c----w C:\WINDOWS\$NtUninstallKB950974_0$\spuninst\updspapi.dll
- 2007-08-21 06:17:23 683,520 -c----w C:\WINDOWS\$NtUninstallKB951066$\inetcomm.dll
+ 2007-08-21 06:17:23 683,520 -c----w C:\WINDOWS\$NtUninstallKB951066_0$\inetcomm.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB951066_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB951066_0$\spuninst\updspapi.dll
- 2008-04-14 15:52:45 272,768 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\bthport.sys
+ 2008-04-14 15:52:45 272,768 -c----w C:\WINDOWS\$NtUninstallKB951376-v2_0$\bthport.sys
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951376-v2_0$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS\$NtUninstallKB951376-v2_0$\spuninst\updspapi.dll
+ 2007-11-30 11:19:06 26,488 -c----w C:\WINDOWS\$NtUninstallKB951376_0$\spcustom.dll
+ 2007-11-30 11:19:06 18,296 -c----w C:\WINDOWS\$NtUninstallKB951376_0$\spmsg.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951376_0$\spuninst.exe
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951376_0$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS\$NtUninstallKB951376_0$\spuninst\updspapi.dll
+ 2007-11-30 11:19:06 767,352 -c----w C:\WINDOWS\$NtUninstallKB951376_0$\update.exe
+ 2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS\$NtUninstallKB951376_0$\updspapi.dll
- 2004-08-06 01:00:00 1,293,824 -c----w C:\WINDOWS\$NtUninstallKB951698$\quartz.dll
+ 2004-08-06 01:00:00 1,293,824 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\quartz.dll
+ 2007-11-30 11:19:06 26,488 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\spcustom.dll
+ 2007-11-30 11:19:06 18,296 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\spmsg.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\spuninst.exe
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\spuninst\updspapi.dll
+ 2007-11-30 12:39:29 767,352 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\update.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\updspapi.dll
- 2004-08-06 01:00:00 138,496 -c----w C:\WINDOWS\$NtUninstallKB951748$\afd.sys
- 2008-02-20 05:35:05 148,992 -c----w C:\WINDOWS\$NtUninstallKB951748$\dnsapi.dll
- 2004-08-06 01:00:00 247,808 -c----w C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll
- 2007-10-30 17:20:55 360,064 -c----w C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
- 2006-08-16 09:37:30 225,664 -c----w C:\WINDOWS\$NtUninstallKB951748$\tcpip6.sys
+ 2004-08-06 01:00:00 138,496 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\afd.sys
+ 2008-02-20 05:35:05 148,992 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\dnsapi.dll
+ 2004-08-06 01:00:00 247,808 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\mswsock.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:29 406,392 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\spuninst\updspapi.dll
+ 2007-10-30 17:20:55 360,064 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
+ 2006-08-16 09:37:30 225,664 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\tcpip6.sys
- 2004-08-06 01:00:00 331,776 -c----w C:\WINDOWS\$NtUninstallKB952287$\msadce.dll
+ 2004-08-06 01:00:00 331,776 -c----w C:\WINDOWS\$NtUninstallKB952287_0$\msadce.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB952287_0$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS\$NtUninstallKB952287_0$\spuninst\updspapi.dll
- 2005-06-29 01:49:41 74,240 -c----w C:\WINDOWS\$NtUninstallKB952954$\mscms.dll
+ 2005-06-29 01:49:41 74,240 -c----w C:\WINDOWS\$NtUninstallKB952954_0$\mscms.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB952954_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB952954_0$\spuninst\updspapi.dll
- 2006-10-04 14:05:26 39,424 ------w C:\WINDOWS\AppPatch\acadproc.dll
+ 2008-04-14 02:33:18 39,424 ----a-w C:\WINDOWS\AppPatch\acadproc.dll
- 2004-08-06 01:00:00 1,852,416 ----a-w C:\WINDOWS\AppPatch\AcGenral.dll
+ 2008-04-14 02:33:18 1,852,928 ----a-w C:\WINDOWS\AppPatch\acgenral.dll
- 2004-08-06 01:00:00 450,048 ----a-w C:\WINDOWS\AppPatch\AcLayers.dll
+ 2008-04-14 02:33:18 451,072 ----a-w C:\WINDOWS\AppPatch\aclayers.dll
- 2004-08-06 01:00:00 137,728 ----a-w C:\WINDOWS\AppPatch\AcLua.dll
+ 2008-04-14 02:33:18 141,312 ----a-w C:\WINDOWS\AppPatch\aclua.dll
- 2004-08-06 01:00:00 244,736 ----a-w C:\WINDOWS\AppPatch\AcSpecfc.dll
+ 2008-04-14 02:33:18 245,248 ----a-w C:\WINDOWS\AppPatch\acspecfc.dll
- 2004-08-06 01:00:00 116,224 ----a-w C:\WINDOWS\AppPatch\AcXtrnal.dll
+ 2008-04-14 02:33:18 116,224 ----a-w C:\WINDOWS\AppPatch\acxtrnal.dll
- 2007-10-19 17:44:37 181,760 ----a-w C:\WINDOWS\BDOSCAN8\bdcore.dll
+ 2008-09-25 08:51:41 102,400 ----a-w C:\WINDOWS\BDOSCAN8\bdcore.dll
- 2006-05-24 23:21:00 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
+ 2008-01-09 13:01:48 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
- 2006-05-24 23:21:14 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll
+ 2008-01-09 13:01:48 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll
- 2007-10-19 17:44:38 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll
+ 2008-09-25 08:51:41 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll
+ 2008-01-09 13:01:48 118,784 ----a-w C:\WINDOWS\Downloaded Program Files\CONFLICT.1\bdupd.dll
+ 2008-01-09 13:01:48 53,248 ----a-w C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ipsupd.dll
- 2008-06-14 17:59:52 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2008-06-14 17:33:37 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
- 2007-06-13 13:22:28 1,037,312 ----a-w C:\WINDOWS\explorer.exe
+ 2008-04-14 02:34:03 1,037,824 ----a-w C:\WINDOWS\explorer.exe
- 2004-08-06 01:00:00 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll
+ 2008-04-14 02:33:41 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll
- 2004-08-06 01:00:00 33,280 ----a-w C:\WINDOWS\Help\sstub.dll
+ 2008-04-14 02:33:46 33,280 ----a-w C:\WINDOWS\Help\sstub.dll
- 2004-08-06 01:00:00 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll
+ 2008-04-14 02:33:46 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll
- 2005-05-26 23:22:01 10,752 ----a-w C:\WINDOWS\hh.exe
+ 2008-04-14 02:34:06 10,752 ----a-w C:\WINDOWS\hh.exe
- 2004-08-05 04:00:00 175,104 ----a-w C:\WINDOWS\ime\chsime\applets\PINTLCSA.DLL
+ 2008-04-14 02:32:16 175,104 ----a-w C:\WINDOWS\ime\chsime\applets\pintlcsa.dll
- 2004-08-05 04:00:00 53,760 ----a-w C:\WINDOWS\ime\chsime\applets\PINTLCSD.DLL
+ 2008-04-14 02:32:16 53,760 ----a-w C:\WINDOWS\ime\chsime\applets\pintlcsd.dll
- 2004-08-05 04:00:00 97,792 ----a-w C:\WINDOWS\ime\CHTIME\Applets\CHTMBX.DLL
+ 2008-04-14 02:31:03 97,792 ----a-w C:\WINDOWS\ime\CHTIME\Applets\chtmbx.dll
- 2004-08-05 04:00:00 56,320 ----a-w C:\WINDOWS\ime\CHTIME\Applets\CHTSKDIC.DLL
+ 2008-04-14 02:31:03 56,320 ----a-w C:\WINDOWS\ime\CHTIME\Applets\chtskdic.dll
- 2004-08-05 04:00:00 173,568 ----a-w C:\WINDOWS\ime\CHTIME\Applets\CHTSKF.DLL
+ 2008-04-14 02:31:03 173,568 ----a-w C:\WINDOWS\ime\CHTIME\Applets\chtskf.dll
- 2004-08-05 04:00:00 426,041 ----a-w C:\WINDOWS\ime\imjp8_1\applets\voicepad.dll
+ 2008-04-14 02:32:46 426,041 ----a-w C:\WINDOWS\ime\imjp8_1\applets\voicepad.dll
- 2004-08-05 04:00:00 86,073 ----a-w C:\WINDOWS\ime\imjp8_1\applets\voicesub.dll
+ 2008-04-14 02:32:46 86,073 ----a-w C:\WINDOWS\ime\imjp8_1\applets\voicesub.dll
- 2004-08-05 04:00:00 368,696 ----a-w C:\WINDOWS\ime\imjp8_1\imjpcic.dll
+ 2008-04-14 02:31:33 368,696 ----a-w C:\WINDOWS\ime\imjp8_1\imjpcic.dll
- 2004-08-05 04:00:00 716,856 ----a-w C:\WINDOWS\ime\imjp8_1\imjpcus.dll
+ 2008-04-14 02:31:33 716,856 ----a-w C:\WINDOWS\ime\imjp8_1\imjpcus.dll
- 2004-08-05 04:00:00 81,976 ----a-w C:\WINDOWS\ime\imjp8_1\imjpdct.dll
+ 2008-04-14 02:31:33 81,976 ----a-w C:\WINDOWS\ime\imjp8_1\imjpdct.dll
- 2004-08-05 04:00:00 274,489 ----a-w C:\WINDOWS\ime\imjp8_1\imjputyc.dll
+ 2008-04-14 02:31:34 274,489 ----a-w C:\WINDOWS\ime\imjp8_1\imjputyc.dll
- 2004-08-05 04:00:00 86,016 ----a-w C:\WINDOWS\ime\imkr6_1\applets\imekrmbx.dll
+ 2008-04-14 02:31:33 86,016 ----a-w C:\WINDOWS\ime\imkr6_1\applets\imekrmbx.dll
- 2004-08-05 04:00:00 106,496 ----a-w C:\WINDOWS\ime\imkr6_1\imekrcic.dll
+ 2008-04-14 02:31:33 106,496 ----a-w C:\WINDOWS\ime\imkr6_1\imekrcic.dll
- 2004-08-06 01:00:00 220,160 ----a-w C:\WINDOWS\ime\mscandui.dll
+ 2008-04-14 02:33:30 220,160 ----a-w C:\WINDOWS\ime\mscandui.dll
- 2004-08-05 04:00:00 102,456 ----a-w C:\WINDOWS\ime\shared\imlang.dll
+ 2008-04-14 02:31:34 102,456 ----a-w C:\WINDOWS\ime\shared\imlang.dll
- 2004-08-05 04:00:00 15,872 ----a-w C:\WINDOWS\ime\shared\res\PADRS404.DLL
+ 2008-04-14 02:32:16 15,872 ----a-w C:\WINDOWS\ime\shared\res\padrs404.dll
- 2004-08-05 04:00:00 15,360 ----a-w C:\WINDOWS\ime\shared\res\padrs804.dll
+ 2008-04-14 02:32:16 15,360 ----a-w C:\WINDOWS\ime\shared\res\padrs804.dll
- 2004-08-06 01:00:00 130,048 ----a-w C:\WINDOWS\ime\SOFTKBD.DLL
+ 2008-04-14 02:33:41 130,048 ----a-w C:\WINDOWS\ime\softkbd.dll
- 2004-08-06 01:00:00 62,976 ----a-w C:\WINDOWS\ime\SPGRMR.dll
+ 2008-04-13 16:43:18 62,976 ----a-w C:\WINDOWS\ime\spgrmr.dll
- 2004-08-06 01:00:00 272,384 ----a-w C:\WINDOWS\ime\SPTIP.dll
+ 2008-04-14 02:33:46 272,384 ----a-w C:\WINDOWS\ime\sptip.dll
- 2008-07-24 19:56:28 29,926 ----a-r C:\WINDOWS\Installer\{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}\MsblIco.Exe
+ 2008-09-26 01:15:58 29,926 ----a-r C:\WINDOWS\Installer\{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}\MsblIco.Exe
+ 2008-01-18 15:13:09 2,247 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscdsbl.bat
+ 2007-12-12 10:33:51 18,917 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscinst.vbs
+ 2007-10-30 10:06:46 13,801 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscuinst.vbs
+ 2008-04-14 02:33:06 25,600 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscupdc.dll
- 2004-08-06 01:00:00 24,064 ----a-w C:\WINDOWS\msagent\agentanm.dll
+ 2008-04-14 02:33:18 24,064 ----a-w C:\WINDOWS\msagent\agentanm.dll
- 2004-08-06 01:00:00 214,016 ----a-w C:\WINDOWS\msagent\agentctl.dll
+ 2008-04-14 02:33:18 214,016 ----a-w C:\WINDOWS\msagent\agentctl.dll
- 2006-10-12 14:04:13 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll
+ 2008-04-14 02:33:18 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll
- 2007-03-09 13:48:06 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll
+ 2008-04-14 02:33:18 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll
- 2004-08-06 01:00:00 49,152 ----a-w C:\WINDOWS\msagent\agentmpx.dll
+ 2008-04-14 02:33:18 49,152 ----a-w C:\WINDOWS\msagent\agentmpx.dll
- 2004-08-06 01:00:00 24,064 ----a-w C:\WINDOWS\msagent\agentpsh.dll
+ 2008-04-14 02:33:18 24,064 ----a-w C:\WINDOWS\msagent\agentpsh.dll
- 2004-08-06 01:00:00 44,032 ----a-w C:\WINDOWS\msagent\agentsr.dll
+ 2008-04-14 02:33:18 44,032 ----a-w C:\WINDOWS\msagent\agentsr.dll
- 2006-10-12 11:09:53 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
+ 2008-04-14 02:33:53 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
- 2004-08-06 01:00:00 24,064 ----a-w C:\WINDOWS\msagent\agtintl.dll
+ 2008-04-14 02:33:19 24,064 ----a-w C:\WINDOWS\msagent\agtintl.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0405.dll
+ 2007-04-02 18:25:59 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0405.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0406.dll
+ 2007-04-02 18:25:59 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0406.dll
- 2004-08-05 04:00:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt0407.dll
+ 2007-04-02 18:26:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt0407.dll
- 2004-08-05 04:00:00 22,016 ----a-w C:\WINDOWS\msagent\intl\agt0408.dll
+ 2007-04-02 18:26:00 22,016 ----a-w C:\WINDOWS\msagent\intl\agt0408.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0409.dll
+ 2008-04-13 17:32:28 19,968 ----a-w C:\WINDOWS\msagent\intl\agt0409.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt040b.dll
+ 2007-04-02 18:26:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt040b.dll
- 2004-08-05 04:00:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt040c.dll
+ 2007-04-02 18:26:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt040c.dll
- 2004-08-05 04:00:00 19,968 ----a-w C:\WINDOWS\msagent\intl\agt040e.dll
+ 2007-04-02 18:26:00 19,968 ----a-w C:\WINDOWS\msagent\intl\agt040e.dll
- 2004-08-05 04:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0410.dll
+ 2007-04-02 18:26:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0410.dll
- 2004-08-05 04:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0413.dll
+ 2007-04-02 18:26:01 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0413.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0414.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0414.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0415.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0415.dll
- 2004-08-05 04:00:00 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0416.dll
+ 2007-04-02 18:26:01 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0416.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0419.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0419.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041d.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041d.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041f.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041f.dll
- 2004-08-05 04:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0816.dll
+ 2007-04-02 18:26:02 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0816.dll
- 2004-08-05 04:00:00 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0c0a.dll
+ 2007-04-02 18:26:02 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0c0a.dll
- 2004-08-06 01:00:00 39,936 ----a-w C:\WINDOWS\msagent\mslwvtts.dll
+ 2008-04-14 02:33:32 39,936 ----a-w C:\WINDOWS\msagent\mslwvtts.dll
- 2006-06-02 19:32:20 33,792 ------w C:\WINDOWS\network diagnostic\custsat.dll
+ 2008-04-14 02:33:22 33,792 ------w C:\WINDOWS\network diagnostic\custsat.dll
- 2006-10-10 12:44:50 557,568 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe
+ 2008-04-13 18:53:32 558,080 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe
- 2004-08-06 01:00:00 70,656 ----a-w C:\WINDOWS\NOTEPAD.EXE
+ 2008-04-14 02:34:15 70,656 ----a-w C:\WINDOWS\notepad.exe
- 2004-08-06 01:00:00 768,512 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe
+ 2008-04-14 02:34:06 769,024 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe
- 2004-08-06 01:00:00 743,936 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpSvc.exe
+ 2008-04-14 02:34:06 744,448 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe
- 2004-08-06 01:00:00 18,944 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HscUpd.exe
+ 2008-04-14 02:34:06 18,432 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\hscupd.exe
- 2004-08-06 01:00:00 160,768 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
+ 2008-04-14 02:34:12 172,544 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
- 2004-08-06 01:00:00 381,952 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msinfo.dll
+ 2008-04-14 02:33:32 382,464 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msinfo.dll
- 2004-08-06 01:00:00 102,400 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchshell.dll
+ 2008-04-14 02:33:38 102,912 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchshell.dll
- 2004-08-06 01:00:00 38,912 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
+ 2008-04-14 02:33:38 38,400 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
- 2006-09-17 02:12:40 82,203 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat
+ 2008-09-25 23:25:23 82,203 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat
- 2006-09-17 02:12:40 3,744 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin
+ 2008-09-25 23:25:24 4,050 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin
- 2004-08-06 01:00:00 151,040 ----a-w C:\WINDOWS\pchealth\UploadLB\Binaries\UploadM.exe
+ 2008-04-14 02:34:26 151,040 ----a-w C:\WINDOWS\pchealth\UploadLB\Binaries\uploadm.exe
- 2004-08-06 01:00:00 151,552 ----a-w C:\WINDOWS\PeerNet\sqldb20.dll
+ 2008-04-14 02:33:46 151,552 ----a-w C:\WINDOWS\PeerNet\sqldb20.dll
- 2004-08-06 01:00:00 462,848 ----a-w C:\WINDOWS\PeerNet\sqlqp20.dll
+ 2008-04-14 02:33:46 462,848 ----a-w C:\WINDOWS\PeerNet\sqlqp20.dll
- 2004-08-06 01:00:00 110,592 ----a-w C:\WINDOWS\PeerNet\sqlse20.dll
+ 2008-04-14 02:33:46 110,592 ----a-w C:\WINDOWS\PeerNet\sqlse20.dll
- 2004-08-06 01:00:00 153,088 ----a-w C:\WINDOWS\regedit.exe
+ 2008-04-14 02:34:19 153,088 ----a-w C:\WINDOWS\regedit.exe
+ 2008-04-13 18:46:18 53,376 ------w C:\WINDOWS\ServicePackFiles\i386\1394bus.sys
+ 2008-04-13 18:40:50 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\4mmdat.sys
+ 2008-04-13 18:46:20 48,128 ------w C:\WINDOWS\ServicePackFiles\i386\61883.sys
+ 2008-04-14 02:33:18 100,352 ------w C:\WINDOWS\ServicePackFiles\i386\6to4svc.dll
+ 2008-04-14 02:33:18 136,192 ------w C:\WINDOWS\ServicePackFiles\i386\aaclient.dll
+ 2004-08-03 20:32:22 231,552 ------w C:\WINDOWS\ServicePackFiles\i386\ac97ali.sys
+ 2004-08-03 20:32:32 84,480 ------w C:\WINDOWS\ServicePackFiles\i386\ac97via.sys
+ 2008-04-14 02:33:18 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\acadproc.dll
+ 2008-04-14 02:33:53 190,464 ------w C:\WINDOWS\ServicePackFiles\i386\accwiz.exe
+ 2008-04-14 02:33:18 1,852,928 ------w C:\WINDOWS\ServicePackFiles\i386\acgenral.dll
+ 2008-04-14 02:33:18 451,072 ------w C:\WINDOWS\ServicePackFiles\i386\aclayers.dll
+ 2008-04-14 02:33:18 141,312 ------w C:\WINDOWS\ServicePackFiles\i386\aclua.dll
+ 2008-04-14 02:33:18 120,320 ------w C:\WINDOWS\ServicePackFiles\i386\aclui.dll
+ 2008-04-14 01:52:42 188,672 ------w C:\WINDOWS\ServicePackFiles\i386\acpi.sys
+ 2008-04-14 02:33:18 245,248 ------w C:\WINDOWS\ServicePackFiles\i386\acspecfc.dll
+ 2008-04-14 02:33:18 193,536 ------w C:\WINDOWS\ServicePackFiles\i386\activeds.dll
+ 2008-04-14 02:33:53 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\actmovie.exe
+ 2008-04-14 02:33:18 98,304 ------w C:\WINDOWS\ServicePackFiles\i386\actxprxy.dll
+ 2008-04-14 02:33:18 116,224 ------w C:\WINDOWS\ServicePackFiles\i386\acxtrnal.dll
+ 2008-04-14 02:33:18 20,540 ------w C:\WINDOWS\ServicePackFiles\i386\admin.dll
+ 2008-04-14 02:33:53 16,439 ------w C:\WINDOWS\ServicePackFiles\i386\admin.exe
+ 2004-08-03 20:32:24 10,880 ------w C:\WINDOWS\ServicePackFiles\i386\admjoy.sys
+ 2008-04-14 02:33:18 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\admparse.dll
+ 2008-04-14 02:33:18 175,616 ------w C:\WINDOWS\ServicePackFiles\i386\adsldp.dll
+ 2008-04-14 02:33:18 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\adsldpc.dll
+ 2008-04-14 02:33:18 68,096 ------w C:\WINDOWS\ServicePackFiles\i386\adsmsext.dll
+ 2008-04-14 02:33:18 263,680 ------w C:\WINDOWS\ServicePackFiles\i386\adsnt.dll
+ 2008-04-14 02:33:18 4,255 ------w C:\WINDOWS\ServicePackFiles\i386\adv01nt5.dll
+ 2008-04-14 02:33:18 3,967 ------w C:\WINDOWS\ServicePackFiles\i386\adv02nt5.dll
+ 2008-04-14 02:33:18 3,615 ------w C:\WINDOWS\ServicePackFiles\i386\adv05nt5.dll
+ 2008-04-14 02:33:18 3,647 ------w C:\WINDOWS\ServicePackFiles\i386\adv07nt5.dll
+ 2008-04-14 02:33:18 3,135 ------w C:\WINDOWS\ServicePackFiles\i386\adv08nt5.dll
+ 2008-04-14 02:33:18 3,711 ------w C:\WINDOWS\ServicePackFiles\i386\adv09nt5.dll
+ 2008-04-14 02:33:18 3,775 ------w C:\WINDOWS\ServicePackFiles\i386\adv11nt5.dll
+ 2008-04-14 02:33:18 685,568 ------w C:\WINDOWS\ServicePackFiles\i386\advapi32.dll
+ 2008-04-14 02:33:18 101,888 ------w C:\WINDOWS\ServicePackFiles\i386\advpack.dll
+ 2008-04-13 16:39:23 142,592 ------w C:\WINDOWS\ServicePackFiles\i386\aec.sys
+ 2008-04-13 19:19:23 138,112 ------w C:\WINDOWS\ServicePackFiles\i386\afd.sys
+ 2008-04-14 02:33:18 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\agentanm.dll
+ 2008-04-14 02:33:18 214,016 ------w C:\WINDOWS\ServicePackFiles\i386\agentctl.dll
+ 2008-04-14 02:33:18 42,496 ------w C:\WINDOWS\ServicePackFiles\i386\agentdp2.dll
+ 2008-04-14 02:33:18 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\agentdpv.dll
+ 2008-04-14 02:33:18 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\agentmpx.dll
+ 2008-04-14 02:33:18 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\agentpsh.dll
+ 2008-04-14 02:33:18 44,032 ------w C:\WINDOWS\ServicePackFiles\i386\agentsr.dll
+ 2008-04-14 02:33:53 256,512 ------w C:\WINDOWS\ServicePackFiles\i386\agentsvr.exe
+ 2008-04-13 18:36:38 42,368 ------w C:\WINDOWS\ServicePackFiles\i386\agp440.sys
+ 2008-04-13 18:36:39 44,928 ------w C:\WINDOWS\ServicePackFiles\i386\agpcpq.sys
+ 2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0401.dll
+ 2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0404.dll
+ 2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0405.dll
+ 2007-04-02 18:25:59 19,456 ------w C:\WINDO
ComboFix 08-09-25.03 - Compaq_Propri?taire 2008-09-26 3:55:01.2 - NTFSx86
Lancé depuis: C:\Documents and Settings\Compaq_Propri?taire\Bureau\ComboFix.exe
Commutateurs utilisés :: C:\Documents and Settings\Compaq_Propri?taire\Bureau\CFScript.txt
FILE ::
C:\WINDOWS\system32\Smab0.dll
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\InternetSoftware
C:\WINDOWS\system32\Smab0.dll
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-26 au 2008-09-26 ))))))))))))))))))))))))))))))))))))
.
2008-09-26 01:39 . 2008-09-26 01:39 <REP> d-------- C:\WINDOWS\LastGood.Tmp
2008-09-26 00:54 . 2008-09-26 00:54 <REP> d-------- C:\WINDOWS\system32\fr
2008-09-26 00:54 . 2008-09-26 00:54 <REP> d-------- C:\WINDOWS\system32\bits
2008-09-26 00:54 . 2008-09-26 00:54 <REP> d-------- C:\WINDOWS\l2schemas
2008-09-26 00:35 . 2008-09-26 00:57 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-09-25 23:24 . 2008-09-25 23:25 <REP> d-------- C:\WINDOWS\EHome
2008-09-25 22:16 . 2008-09-25 22:34 <REP> d-------- C:\Program Files\EsetOnlineScanner
2008-09-24 11:08 . 2008-09-24 11:08 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-09-24 10:50 . 2008-07-18 22:07 270,880 --a------ C:\WINDOWS\system32\mucltui.dll
2008-09-24 10:50 . 2008-07-18 22:07 29,728 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-09-23 23:20 . <REP> C:\Documents and Settings\Compaq_Propriétaire\Application Data\vlc
2008-09-23 20:04 . 2008-09-23 20:04 <REP> d-------- C:\Program Files\Secunia
2008-09-17 17:11 . 2008-09-25 00:54 <REP> d-------- C:\Program Files\a-squared Anti-Dialer
2008-09-17 13:49 . <REP> C:\Documents and Settings\Compaq_Propriétaire\DoctorWeb
2008-09-16 21:49 . 2008-09-16 21:48 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-09-15 20:37 . 2008-09-15 20:37 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-09-13 14:51 . 2008-09-17 20:01 <REP> d-------- C:\Program Files\DivX
2008-09-07 23:52 . 2008-09-07 23:52 <REP> d-------- C:\WINDOWS\system32\hdined32.nls.{00021401-0000-0000-C000-000000000046}
2008-09-07 23:51 . 2008-09-08 00:10 <REP> d-------- C:\Program Files\burnatonce
2008-08-29 20:52 . 2004-08-04 00:38 327,168 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2008-08-28 10:31 . 2008-08-28 10:31 13,580 --a------ C:\Documents and Settings\@4ad749ef87874a367f01c31e87803d0a2d9c4c98
2008-08-27 19:01 . 2006-08-09 11:08 241,664 --a------ C:\WINDOWS\system32\SuDoku.ocx
2008-08-27 19:01 . 2004-03-09 00:00 212,240 --a------ C:\WINDOWS\system32\RICHTX32.OCX
2008-08-27 19:01 . 2006-08-09 10:54 86,016 --a------ C:\WINDOWS\system32\NumberSequence.ocx
2008-08-27 19:01 . 2006-08-08 17:36 61,440 --a------ C:\WINDOWS\system32\NumberCrunch.ocx
2008-08-27 19:01 . 2006-08-09 20:37 57,344 --a------ C:\WINDOWS\system32\WordSearch.ocx
2008-08-27 19:01 . 2006-08-16 11:32 49,152 --a------ C:\WINDOWS\system32\SpellingTest.ocx
2008-08-27 19:01 . 2006-08-20 15:00 49,152 --a------ C:\WINDOWS\system32\Reading.ocx
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-26 01:31 --------- d-----w C:\Program Files\Wanadoo
2008-09-26 01:15 --------- d-----w C:\Program Files\MSN Messenger
2008-09-26 01:14 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\OpenOffice.org2
2008-09-25 20:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-24 22:31 --------- d-----w C:\Program Files\eMule
2008-09-23 11:40 --------- d-----w C:\Program Files\epson
2008-09-22 17:08 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-21 00:57 31,102 ----a-w C:\Documents and Settings\Compaq_Propriétaire\Application Data\wklnhst.dat
2008-09-17 22:30 --------- d-----w C:\Program Files\LimeWire
2008-09-16 21:38 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\LimeWire
2008-09-13 10:19 --------- d-----w C:\Program Files\Sport cérébral Brain challenge
2008-09-12 23:47 --------- d-----w C:\Program Files\CCleaner
2008-09-10 11:04 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-09-09 22:04 38,528 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-09 22:03 17,200 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2008-09-07 20:25 --------- d-----w C:\Program Files\Wanadoo Messager
2008-08-31 22:24 --------- d-----w C:\Program Files\Java
2008-08-27 16:43 --------- d-----w C:\Program Files\Bible
2008-08-25 21:27 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-08-22 01:37 --------- d-----w C:\Program Files\PourCent
2008-08-22 01:14 --------- d-----w C:\Program Files\DVD Decrypter
2008-08-16 21:20 --------- d-----w C:\Program Files\Systeme
2008-08-16 21:19 --------- d-----w C:\Program Files\menumath
2008-08-14 23:58 73,728 ----a-w C:\WINDOWS\ALCFDRTM.EXE
2008-08-14 21:22 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AdobeUM
2008-08-14 01:30 --------- d-----w C:\Program Files\scrabbleproB1.0.8
2008-08-12 17:22 --------- d-----w C:\Program Files\Micro Trivial Pursuit
2008-08-11 23:27 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-08-11 23:27 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\DAEMON Tools
2008-08-11 22:20 --------- d-----w C:\Documents and Settings\LocalService\Application Data\agi
2008-08-11 22:19 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\agi
2008-07-28 15:53 110 ----a-w C:\ripp.bat
2008-07-28 14:34 --------- d-----w C:\Program Files\AviSynth 2.5
2008-07-26 11:22 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-06 00:23 3,460 ----a-w C:\Program Files\SETUP.LST
2008-07-06 00:16 290,816 ------w C:\WINDOWS\Setup1.exe
2008-06-26 22:00 74,752 ------w C:\WINDOWS\ST6UNST.EXE
2007-04-02 21:37 5,170,176 ----a-w C:\Program Files\WindowsDefender.msi
1998-07-12 22:00 21,504 ----a-w C:\Program Files\TABCTFR.DLL
2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 11:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
.
((((((((((((((((((((((((((((( snapshot@2008-09-24_22.40.00.81 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-08-04 13:07:10 82,944 -c----w C:\WINDOWS\$NtUninstallKB946648$\msgsc.dll
+ 2004-08-04 13:07:10 82,944 -c----w C:\WINDOWS\$NtUninstallKB946648_0$\msgsc.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB946648_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB946648_0$\spuninst\updspapi.dll
- 2004-08-05 04:00:00 200,064 -c----w C:\WINDOWS\$NtUninstallKB950762$\rmcast.sys
+ 2004-08-05 04:00:00 200,064 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\rmcast.sys
+ 2007-11-30 12:39:29 26,488 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\spcustom.dll
+ 2007-11-30 12:39:29 18,296 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\spmsg.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\spuninst.exe
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\spuninst\updspapi.dll
+ 2007-11-30 12:39:29 767,352 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\update.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB950762_0$\updspapi.dll
- 2005-07-26 04:39:57 243,200 -c----w C:\WINDOWS\$NtUninstallKB950974$\es.dll
+ 2005-07-26 04:39:57 243,200 -c----w C:\WINDOWS\$NtUninstallKB950974_0$\es.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB950974_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:29 406,392 -c----w C:\WINDOWS\$NtUninstallKB950974_0$\spuninst\updspapi.dll
- 2007-08-21 06:17:23 683,520 -c----w C:\WINDOWS\$NtUninstallKB951066$\inetcomm.dll
+ 2007-08-21 06:17:23 683,520 -c----w C:\WINDOWS\$NtUninstallKB951066_0$\inetcomm.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB951066_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB951066_0$\spuninst\updspapi.dll
- 2008-04-14 15:52:45 272,768 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\bthport.sys
+ 2008-04-14 15:52:45 272,768 -c----w C:\WINDOWS\$NtUninstallKB951376-v2_0$\bthport.sys
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951376-v2_0$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS\$NtUninstallKB951376-v2_0$\spuninst\updspapi.dll
+ 2007-11-30 11:19:06 26,488 -c----w C:\WINDOWS\$NtUninstallKB951376_0$\spcustom.dll
+ 2007-11-30 11:19:06 18,296 -c----w C:\WINDOWS\$NtUninstallKB951376_0$\spmsg.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951376_0$\spuninst.exe
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951376_0$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS\$NtUninstallKB951376_0$\spuninst\updspapi.dll
+ 2007-11-30 11:19:06 767,352 -c----w C:\WINDOWS\$NtUninstallKB951376_0$\update.exe
+ 2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS\$NtUninstallKB951376_0$\updspapi.dll
- 2004-08-06 01:00:00 1,293,824 -c----w C:\WINDOWS\$NtUninstallKB951698$\quartz.dll
+ 2004-08-06 01:00:00 1,293,824 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\quartz.dll
+ 2007-11-30 11:19:06 26,488 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\spcustom.dll
+ 2007-11-30 11:19:06 18,296 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\spmsg.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\spuninst.exe
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\spuninst\updspapi.dll
+ 2007-11-30 12:39:29 767,352 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\update.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB951698_0$\updspapi.dll
- 2004-08-06 01:00:00 138,496 -c----w C:\WINDOWS\$NtUninstallKB951748$\afd.sys
- 2008-02-20 05:35:05 148,992 -c----w C:\WINDOWS\$NtUninstallKB951748$\dnsapi.dll
- 2004-08-06 01:00:00 247,808 -c----w C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll
- 2007-10-30 17:20:55 360,064 -c----w C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
- 2006-08-16 09:37:30 225,664 -c----w C:\WINDOWS\$NtUninstallKB951748$\tcpip6.sys
+ 2004-08-06 01:00:00 138,496 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\afd.sys
+ 2008-02-20 05:35:05 148,992 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\dnsapi.dll
+ 2004-08-06 01:00:00 247,808 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\mswsock.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:29 406,392 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\spuninst\updspapi.dll
+ 2007-10-30 17:20:55 360,064 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
+ 2006-08-16 09:37:30 225,664 -c----w C:\WINDOWS\$NtUninstallKB951748_0$\tcpip6.sys
- 2004-08-06 01:00:00 331,776 -c----w C:\WINDOWS\$NtUninstallKB952287$\msadce.dll
+ 2004-08-06 01:00:00 331,776 -c----w C:\WINDOWS\$NtUninstallKB952287_0$\msadce.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB952287_0$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS\$NtUninstallKB952287_0$\spuninst\updspapi.dll
- 2005-06-29 01:49:41 74,240 -c----w C:\WINDOWS\$NtUninstallKB952954$\mscms.dll
+ 2005-06-29 01:49:41 74,240 -c----w C:\WINDOWS\$NtUninstallKB952954_0$\mscms.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB952954_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB952954_0$\spuninst\updspapi.dll
- 2006-10-04 14:05:26 39,424 ------w C:\WINDOWS\AppPatch\acadproc.dll
+ 2008-04-14 02:33:18 39,424 ----a-w C:\WINDOWS\AppPatch\acadproc.dll
- 2004-08-06 01:00:00 1,852,416 ----a-w C:\WINDOWS\AppPatch\AcGenral.dll
+ 2008-04-14 02:33:18 1,852,928 ----a-w C:\WINDOWS\AppPatch\acgenral.dll
- 2004-08-06 01:00:00 450,048 ----a-w C:\WINDOWS\AppPatch\AcLayers.dll
+ 2008-04-14 02:33:18 451,072 ----a-w C:\WINDOWS\AppPatch\aclayers.dll
- 2004-08-06 01:00:00 137,728 ----a-w C:\WINDOWS\AppPatch\AcLua.dll
+ 2008-04-14 02:33:18 141,312 ----a-w C:\WINDOWS\AppPatch\aclua.dll
- 2004-08-06 01:00:00 244,736 ----a-w C:\WINDOWS\AppPatch\AcSpecfc.dll
+ 2008-04-14 02:33:18 245,248 ----a-w C:\WINDOWS\AppPatch\acspecfc.dll
- 2004-08-06 01:00:00 116,224 ----a-w C:\WINDOWS\AppPatch\AcXtrnal.dll
+ 2008-04-14 02:33:18 116,224 ----a-w C:\WINDOWS\AppPatch\acxtrnal.dll
- 2007-10-19 17:44:37 181,760 ----a-w C:\WINDOWS\BDOSCAN8\bdcore.dll
+ 2008-09-25 08:51:41 102,400 ----a-w C:\WINDOWS\BDOSCAN8\bdcore.dll
- 2006-05-24 23:21:00 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
+ 2008-01-09 13:01:48 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
- 2006-05-24 23:21:14 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll
+ 2008-01-09 13:01:48 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll
- 2007-10-19 17:44:38 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll
+ 2008-09-25 08:51:41 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll
+ 2008-01-09 13:01:48 118,784 ----a-w C:\WINDOWS\Downloaded Program Files\CONFLICT.1\bdupd.dll
+ 2008-01-09 13:01:48 53,248 ----a-w C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ipsupd.dll
- 2008-06-14 17:59:52 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2008-06-14 17:33:37 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
- 2007-06-13 13:22:28 1,037,312 ----a-w C:\WINDOWS\explorer.exe
+ 2008-04-14 02:34:03 1,037,824 ----a-w C:\WINDOWS\explorer.exe
- 2004-08-06 01:00:00 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll
+ 2008-04-14 02:33:41 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll
- 2004-08-06 01:00:00 33,280 ----a-w C:\WINDOWS\Help\sstub.dll
+ 2008-04-14 02:33:46 33,280 ----a-w C:\WINDOWS\Help\sstub.dll
- 2004-08-06 01:00:00 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll
+ 2008-04-14 02:33:46 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll
- 2005-05-26 23:22:01 10,752 ----a-w C:\WINDOWS\hh.exe
+ 2008-04-14 02:34:06 10,752 ----a-w C:\WINDOWS\hh.exe
- 2004-08-05 04:00:00 175,104 ----a-w C:\WINDOWS\ime\chsime\applets\PINTLCSA.DLL
+ 2008-04-14 02:32:16 175,104 ----a-w C:\WINDOWS\ime\chsime\applets\pintlcsa.dll
- 2004-08-05 04:00:00 53,760 ----a-w C:\WINDOWS\ime\chsime\applets\PINTLCSD.DLL
+ 2008-04-14 02:32:16 53,760 ----a-w C:\WINDOWS\ime\chsime\applets\pintlcsd.dll
- 2004-08-05 04:00:00 97,792 ----a-w C:\WINDOWS\ime\CHTIME\Applets\CHTMBX.DLL
+ 2008-04-14 02:31:03 97,792 ----a-w C:\WINDOWS\ime\CHTIME\Applets\chtmbx.dll
- 2004-08-05 04:00:00 56,320 ----a-w C:\WINDOWS\ime\CHTIME\Applets\CHTSKDIC.DLL
+ 2008-04-14 02:31:03 56,320 ----a-w C:\WINDOWS\ime\CHTIME\Applets\chtskdic.dll
- 2004-08-05 04:00:00 173,568 ----a-w C:\WINDOWS\ime\CHTIME\Applets\CHTSKF.DLL
+ 2008-04-14 02:31:03 173,568 ----a-w C:\WINDOWS\ime\CHTIME\Applets\chtskf.dll
- 2004-08-05 04:00:00 426,041 ----a-w C:\WINDOWS\ime\imjp8_1\applets\voicepad.dll
+ 2008-04-14 02:32:46 426,041 ----a-w C:\WINDOWS\ime\imjp8_1\applets\voicepad.dll
- 2004-08-05 04:00:00 86,073 ----a-w C:\WINDOWS\ime\imjp8_1\applets\voicesub.dll
+ 2008-04-14 02:32:46 86,073 ----a-w C:\WINDOWS\ime\imjp8_1\applets\voicesub.dll
- 2004-08-05 04:00:00 368,696 ----a-w C:\WINDOWS\ime\imjp8_1\imjpcic.dll
+ 2008-04-14 02:31:33 368,696 ----a-w C:\WINDOWS\ime\imjp8_1\imjpcic.dll
- 2004-08-05 04:00:00 716,856 ----a-w C:\WINDOWS\ime\imjp8_1\imjpcus.dll
+ 2008-04-14 02:31:33 716,856 ----a-w C:\WINDOWS\ime\imjp8_1\imjpcus.dll
- 2004-08-05 04:00:00 81,976 ----a-w C:\WINDOWS\ime\imjp8_1\imjpdct.dll
+ 2008-04-14 02:31:33 81,976 ----a-w C:\WINDOWS\ime\imjp8_1\imjpdct.dll
- 2004-08-05 04:00:00 274,489 ----a-w C:\WINDOWS\ime\imjp8_1\imjputyc.dll
+ 2008-04-14 02:31:34 274,489 ----a-w C:\WINDOWS\ime\imjp8_1\imjputyc.dll
- 2004-08-05 04:00:00 86,016 ----a-w C:\WINDOWS\ime\imkr6_1\applets\imekrmbx.dll
+ 2008-04-14 02:31:33 86,016 ----a-w C:\WINDOWS\ime\imkr6_1\applets\imekrmbx.dll
- 2004-08-05 04:00:00 106,496 ----a-w C:\WINDOWS\ime\imkr6_1\imekrcic.dll
+ 2008-04-14 02:31:33 106,496 ----a-w C:\WINDOWS\ime\imkr6_1\imekrcic.dll
- 2004-08-06 01:00:00 220,160 ----a-w C:\WINDOWS\ime\mscandui.dll
+ 2008-04-14 02:33:30 220,160 ----a-w C:\WINDOWS\ime\mscandui.dll
- 2004-08-05 04:00:00 102,456 ----a-w C:\WINDOWS\ime\shared\imlang.dll
+ 2008-04-14 02:31:34 102,456 ----a-w C:\WINDOWS\ime\shared\imlang.dll
- 2004-08-05 04:00:00 15,872 ----a-w C:\WINDOWS\ime\shared\res\PADRS404.DLL
+ 2008-04-14 02:32:16 15,872 ----a-w C:\WINDOWS\ime\shared\res\padrs404.dll
- 2004-08-05 04:00:00 15,360 ----a-w C:\WINDOWS\ime\shared\res\padrs804.dll
+ 2008-04-14 02:32:16 15,360 ----a-w C:\WINDOWS\ime\shared\res\padrs804.dll
- 2004-08-06 01:00:00 130,048 ----a-w C:\WINDOWS\ime\SOFTKBD.DLL
+ 2008-04-14 02:33:41 130,048 ----a-w C:\WINDOWS\ime\softkbd.dll
- 2004-08-06 01:00:00 62,976 ----a-w C:\WINDOWS\ime\SPGRMR.dll
+ 2008-04-13 16:43:18 62,976 ----a-w C:\WINDOWS\ime\spgrmr.dll
- 2004-08-06 01:00:00 272,384 ----a-w C:\WINDOWS\ime\SPTIP.dll
+ 2008-04-14 02:33:46 272,384 ----a-w C:\WINDOWS\ime\sptip.dll
- 2008-07-24 19:56:28 29,926 ----a-r C:\WINDOWS\Installer\{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}\MsblIco.Exe
+ 2008-09-26 01:15:58 29,926 ----a-r C:\WINDOWS\Installer\{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}\MsblIco.Exe
+ 2008-01-18 15:13:09 2,247 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscdsbl.bat
+ 2007-12-12 10:33:51 18,917 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscinst.vbs
+ 2007-10-30 10:06:46 13,801 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscuinst.vbs
+ 2008-04-14 02:33:06 25,600 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscupdc.dll
- 2004-08-06 01:00:00 24,064 ----a-w C:\WINDOWS\msagent\agentanm.dll
+ 2008-04-14 02:33:18 24,064 ----a-w C:\WINDOWS\msagent\agentanm.dll
- 2004-08-06 01:00:00 214,016 ----a-w C:\WINDOWS\msagent\agentctl.dll
+ 2008-04-14 02:33:18 214,016 ----a-w C:\WINDOWS\msagent\agentctl.dll
- 2006-10-12 14:04:13 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll
+ 2008-04-14 02:33:18 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll
- 2007-03-09 13:48:06 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll
+ 2008-04-14 02:33:18 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll
- 2004-08-06 01:00:00 49,152 ----a-w C:\WINDOWS\msagent\agentmpx.dll
+ 2008-04-14 02:33:18 49,152 ----a-w C:\WINDOWS\msagent\agentmpx.dll
- 2004-08-06 01:00:00 24,064 ----a-w C:\WINDOWS\msagent\agentpsh.dll
+ 2008-04-14 02:33:18 24,064 ----a-w C:\WINDOWS\msagent\agentpsh.dll
- 2004-08-06 01:00:00 44,032 ----a-w C:\WINDOWS\msagent\agentsr.dll
+ 2008-04-14 02:33:18 44,032 ----a-w C:\WINDOWS\msagent\agentsr.dll
- 2006-10-12 11:09:53 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
+ 2008-04-14 02:33:53 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
- 2004-08-06 01:00:00 24,064 ----a-w C:\WINDOWS\msagent\agtintl.dll
+ 2008-04-14 02:33:19 24,064 ----a-w C:\WINDOWS\msagent\agtintl.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0405.dll
+ 2007-04-02 18:25:59 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0405.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0406.dll
+ 2007-04-02 18:25:59 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0406.dll
- 2004-08-05 04:00:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt0407.dll
+ 2007-04-02 18:26:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt0407.dll
- 2004-08-05 04:00:00 22,016 ----a-w C:\WINDOWS\msagent\intl\agt0408.dll
+ 2007-04-02 18:26:00 22,016 ----a-w C:\WINDOWS\msagent\intl\agt0408.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0409.dll
+ 2008-04-13 17:32:28 19,968 ----a-w C:\WINDOWS\msagent\intl\agt0409.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt040b.dll
+ 2007-04-02 18:26:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt040b.dll
- 2004-08-05 04:00:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt040c.dll
+ 2007-04-02 18:26:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt040c.dll
- 2004-08-05 04:00:00 19,968 ----a-w C:\WINDOWS\msagent\intl\agt040e.dll
+ 2007-04-02 18:26:00 19,968 ----a-w C:\WINDOWS\msagent\intl\agt040e.dll
- 2004-08-05 04:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0410.dll
+ 2007-04-02 18:26:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0410.dll
- 2004-08-05 04:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0413.dll
+ 2007-04-02 18:26:01 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0413.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0414.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0414.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0415.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0415.dll
- 2004-08-05 04:00:00 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0416.dll
+ 2007-04-02 18:26:01 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0416.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0419.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0419.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041d.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041d.dll
- 2004-08-05 04:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041f.dll
+ 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041f.dll
- 2004-08-05 04:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0816.dll
+ 2007-04-02 18:26:02 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0816.dll
- 2004-08-05 04:00:00 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0c0a.dll
+ 2007-04-02 18:26:02 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0c0a.dll
- 2004-08-06 01:00:00 39,936 ----a-w C:\WINDOWS\msagent\mslwvtts.dll
+ 2008-04-14 02:33:32 39,936 ----a-w C:\WINDOWS\msagent\mslwvtts.dll
- 2006-06-02 19:32:20 33,792 ------w C:\WINDOWS\network diagnostic\custsat.dll
+ 2008-04-14 02:33:22 33,792 ------w C:\WINDOWS\network diagnostic\custsat.dll
- 2006-10-10 12:44:50 557,568 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe
+ 2008-04-13 18:53:32 558,080 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe
- 2004-08-06 01:00:00 70,656 ----a-w C:\WINDOWS\NOTEPAD.EXE
+ 2008-04-14 02:34:15 70,656 ----a-w C:\WINDOWS\notepad.exe
- 2004-08-06 01:00:00 768,512 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe
+ 2008-04-14 02:34:06 769,024 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe
- 2004-08-06 01:00:00 743,936 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpSvc.exe
+ 2008-04-14 02:34:06 744,448 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe
- 2004-08-06 01:00:00 18,944 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HscUpd.exe
+ 2008-04-14 02:34:06 18,432 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\hscupd.exe
- 2004-08-06 01:00:00 160,768 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
+ 2008-04-14 02:34:12 172,544 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
- 2004-08-06 01:00:00 381,952 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msinfo.dll
+ 2008-04-14 02:33:32 382,464 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msinfo.dll
- 2004-08-06 01:00:00 102,400 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchshell.dll
+ 2008-04-14 02:33:38 102,912 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchshell.dll
- 2004-08-06 01:00:00 38,912 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
+ 2008-04-14 02:33:38 38,400 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
- 2006-09-17 02:12:40 82,203 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat
+ 2008-09-25 23:25:23 82,203 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat
- 2006-09-17 02:12:40 3,744 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin
+ 2008-09-25 23:25:24 4,050 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin
- 2004-08-06 01:00:00 151,040 ----a-w C:\WINDOWS\pchealth\UploadLB\Binaries\UploadM.exe
+ 2008-04-14 02:34:26 151,040 ----a-w C:\WINDOWS\pchealth\UploadLB\Binaries\uploadm.exe
- 2004-08-06 01:00:00 151,552 ----a-w C:\WINDOWS\PeerNet\sqldb20.dll
+ 2008-04-14 02:33:46 151,552 ----a-w C:\WINDOWS\PeerNet\sqldb20.dll
- 2004-08-06 01:00:00 462,848 ----a-w C:\WINDOWS\PeerNet\sqlqp20.dll
+ 2008-04-14 02:33:46 462,848 ----a-w C:\WINDOWS\PeerNet\sqlqp20.dll
- 2004-08-06 01:00:00 110,592 ----a-w C:\WINDOWS\PeerNet\sqlse20.dll
+ 2008-04-14 02:33:46 110,592 ----a-w C:\WINDOWS\PeerNet\sqlse20.dll
- 2004-08-06 01:00:00 153,088 ----a-w C:\WINDOWS\regedit.exe
+ 2008-04-14 02:34:19 153,088 ----a-w C:\WINDOWS\regedit.exe
+ 2008-04-13 18:46:18 53,376 ------w C:\WINDOWS\ServicePackFiles\i386\1394bus.sys
+ 2008-04-13 18:40:50 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\4mmdat.sys
+ 2008-04-13 18:46:20 48,128 ------w C:\WINDOWS\ServicePackFiles\i386\61883.sys
+ 2008-04-14 02:33:18 100,352 ------w C:\WINDOWS\ServicePackFiles\i386\6to4svc.dll
+ 2008-04-14 02:33:18 136,192 ------w C:\WINDOWS\ServicePackFiles\i386\aaclient.dll
+ 2004-08-03 20:32:22 231,552 ------w C:\WINDOWS\ServicePackFiles\i386\ac97ali.sys
+ 2004-08-03 20:32:32 84,480 ------w C:\WINDOWS\ServicePackFiles\i386\ac97via.sys
+ 2008-04-14 02:33:18 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\acadproc.dll
+ 2008-04-14 02:33:53 190,464 ------w C:\WINDOWS\ServicePackFiles\i386\accwiz.exe
+ 2008-04-14 02:33:18 1,852,928 ------w C:\WINDOWS\ServicePackFiles\i386\acgenral.dll
+ 2008-04-14 02:33:18 451,072 ------w C:\WINDOWS\ServicePackFiles\i386\aclayers.dll
+ 2008-04-14 02:33:18 141,312 ------w C:\WINDOWS\ServicePackFiles\i386\aclua.dll
+ 2008-04-14 02:33:18 120,320 ------w C:\WINDOWS\ServicePackFiles\i386\aclui.dll
+ 2008-04-14 01:52:42 188,672 ------w C:\WINDOWS\ServicePackFiles\i386\acpi.sys
+ 2008-04-14 02:33:18 245,248 ------w C:\WINDOWS\ServicePackFiles\i386\acspecfc.dll
+ 2008-04-14 02:33:18 193,536 ------w C:\WINDOWS\ServicePackFiles\i386\activeds.dll
+ 2008-04-14 02:33:53 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\actmovie.exe
+ 2008-04-14 02:33:18 98,304 ------w C:\WINDOWS\ServicePackFiles\i386\actxprxy.dll
+ 2008-04-14 02:33:18 116,224 ------w C:\WINDOWS\ServicePackFiles\i386\acxtrnal.dll
+ 2008-04-14 02:33:18 20,540 ------w C:\WINDOWS\ServicePackFiles\i386\admin.dll
+ 2008-04-14 02:33:53 16,439 ------w C:\WINDOWS\ServicePackFiles\i386\admin.exe
+ 2004-08-03 20:32:24 10,880 ------w C:\WINDOWS\ServicePackFiles\i386\admjoy.sys
+ 2008-04-14 02:33:18 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\admparse.dll
+ 2008-04-14 02:33:18 175,616 ------w C:\WINDOWS\ServicePackFiles\i386\adsldp.dll
+ 2008-04-14 02:33:18 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\adsldpc.dll
+ 2008-04-14 02:33:18 68,096 ------w C:\WINDOWS\ServicePackFiles\i386\adsmsext.dll
+ 2008-04-14 02:33:18 263,680 ------w C:\WINDOWS\ServicePackFiles\i386\adsnt.dll
+ 2008-04-14 02:33:18 4,255 ------w C:\WINDOWS\ServicePackFiles\i386\adv01nt5.dll
+ 2008-04-14 02:33:18 3,967 ------w C:\WINDOWS\ServicePackFiles\i386\adv02nt5.dll
+ 2008-04-14 02:33:18 3,615 ------w C:\WINDOWS\ServicePackFiles\i386\adv05nt5.dll
+ 2008-04-14 02:33:18 3,647 ------w C:\WINDOWS\ServicePackFiles\i386\adv07nt5.dll
+ 2008-04-14 02:33:18 3,135 ------w C:\WINDOWS\ServicePackFiles\i386\adv08nt5.dll
+ 2008-04-14 02:33:18 3,711 ------w C:\WINDOWS\ServicePackFiles\i386\adv09nt5.dll
+ 2008-04-14 02:33:18 3,775 ------w C:\WINDOWS\ServicePackFiles\i386\adv11nt5.dll
+ 2008-04-14 02:33:18 685,568 ------w C:\WINDOWS\ServicePackFiles\i386\advapi32.dll
+ 2008-04-14 02:33:18 101,888 ------w C:\WINDOWS\ServicePackFiles\i386\advpack.dll
+ 2008-04-13 16:39:23 142,592 ------w C:\WINDOWS\ServicePackFiles\i386\aec.sys
+ 2008-04-13 19:19:23 138,112 ------w C:\WINDOWS\ServicePackFiles\i386\afd.sys
+ 2008-04-14 02:33:18 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\agentanm.dll
+ 2008-04-14 02:33:18 214,016 ------w C:\WINDOWS\ServicePackFiles\i386\agentctl.dll
+ 2008-04-14 02:33:18 42,496 ------w C:\WINDOWS\ServicePackFiles\i386\agentdp2.dll
+ 2008-04-14 02:33:18 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\agentdpv.dll
+ 2008-04-14 02:33:18 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\agentmpx.dll
+ 2008-04-14 02:33:18 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\agentpsh.dll
+ 2008-04-14 02:33:18 44,032 ------w C:\WINDOWS\ServicePackFiles\i386\agentsr.dll
+ 2008-04-14 02:33:53 256,512 ------w C:\WINDOWS\ServicePackFiles\i386\agentsvr.exe
+ 2008-04-13 18:36:38 42,368 ------w C:\WINDOWS\ServicePackFiles\i386\agp440.sys
+ 2008-04-13 18:36:39 44,928 ------w C:\WINDOWS\ServicePackFiles\i386\agpcpq.sys
+ 2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0401.dll
+ 2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0404.dll
+ 2007-04-02 18:25:59 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0405.dll
+ 2007-04-02 18:25:59 19,456 ------w C:\WINDO