Fenêtres intempestives Messenger Skinner + Adult Friend Finder + Rogue
Dernière réponse : dans Sécurité
Bonjour,
L'ordinateur d'une amie est infecté assez gravement par des pubs intempestives. De plus, il était impossible il y a 5 minutes d'aller sur Internet, mais ce problème est réglé. Voici l'HJT
J'ai déjà passé Navilog1 pour les pubs Messenger Skinner, puis Vundofix car il y avait cette ligne dans le log de Navilog:
Mais ces 2 outils n'on rien détecté...
Merci d'avance pour elle![;)]( ";)")
L'ordinateur d'une amie est infecté assez gravement par des pubs intempestives. De plus, il était impossible il y a 5 minutes d'aller sur Internet, mais ce problème est réglé. Voici l'HJT
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:23:49, on 28.07.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\lxdicoms.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\tatiana\Bureau\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXDICATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDItime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [BMa3cc4621] Rundll32.exe "C:\WINDOWS\system32\vwmhypmn.dll",s
O4 - HKLM\..\Run: [a0ff75bd] rundll32.exe "C:\WINDOWS\system32\jikhcekw.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\tatiana\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 7289 bytes
Scan saved at 16:23:49, on 28.07.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\lxdicoms.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\tatiana\Bureau\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXDICATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDItime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [BMa3cc4621] Rundll32.exe "C:\WINDOWS\system32\vwmhypmn.dll",s
O4 - HKLM\..\Run: [a0ff75bd] rundll32.exe "C:\WINDOWS\system32\jikhcekw.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\tatiana\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 7289 bytes
J'ai déjà passé Navilog1 pour les pubs Messenger Skinner, puis Vundofix car il y avait cette ligne dans le log de Navilog:
*nom de fichier* détecté, infection Vundo possible, non traitée par cet outil
Mais ces 2 outils n'on rien détecté...
Merci d'avance pour elle
Autres pages sur : fenetres intempestives messenger skinner adult friend finder rogue
Lassé par la pub ? Créez un compte
Bonjour,Télécharge Combofix à partir d'**ICI** ou bien **ICI** et enregistre-le sur ton bureau.
**Note 1 : Dans le cas où tu aurais déjà une version de combofix, il faudra que tu en télécharges une autre, la toute dernière. De plus il est très important de le sauvegarder directement sur ton bureau.**
Très important : Désactive temporairement toutes tes protections résidentes de tous tes logiciels de sécurité avant de lancer un scan avec Combofix. Ils risqueraient d'altérer le bon déroulement du scan de Combofix, ce qui pourrait avoir des conséquences imprévues et désastreuses.
, merci de me poser la question.**Note 2 : Ne pas cliquer dans la fenêtre de combofix pendant qu'il travaille. Tu risquerais de planter le PC et de causer d'importants dommages.**
Alors voilà le ComboFix:
Et le nouvel HJT:
![;)]( ";)")
ComboFix 08-07-28.6 - tatiana 2008-07-29 15:57:25.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.178 [GMT 2:00]
Endroit: C:\Documents and Settings\tatiana\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\FBrowserAdvisor
C:\Program Files\FBrowsingAdvisor
C:\Program Files\FBrowsingAdvisor\IXPCOMEvents.xpt
C:\Program Files\FBrowsingAdvisor\Logo.png
C:\Program Files\FBrowsingAdvisor\main.db
C:\Program Files\FBrowsingAdvisor\unins000.dat
C:\Program Files\FBrowsingAdvisor\unins000.exe
C:\Program Files\FBrowsingAdvisor\XPCOMEvents.dll
C:\WINDOWS\BMa3cc4621.txt
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\eujdoiei.dll
C:\WINDOWS\system32\fcccywUM.dll
C:\WINDOWS\system32\hcxpbhdy.ini
C:\WINDOWS\system32\hgGvtQkk.dll
C:\WINDOWS\system32\iifcaxvV.dll
C:\WINDOWS\system32\kkQtvGgh.ini
C:\WINDOWS\system32\kkQtvGgh.ini2
C:\WINDOWS\system32\kxpvfoox.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\nkmjnwjh.ini
C:\WINDOWS\system32\nwpbofon.ini
C:\WINDOWS\system32\nxsgcdwx.ini
C:\WINDOWS\system32\oplklh.dll
C:\WINDOWS\system32\phhnyhuj.ini
C:\WINDOWS\system32\rbspdd.dll
C:\WINDOWS\system32\wkechkij.ini
C:\WINDOWS\system32\wypmtiwb.ini
C:\WINDOWS\system32\ybakfxuu.dll
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-28 to 2008-07-29 ))))))))))))))))))))))))))))))))))))
.
2008-07-29 16:06 . 2008-07-29 16:06 22 --a------ C:\WINDOWS\pskt.ini
2008-07-29 12:39 . 2008-07-29 12:39 105,472 --a------ C:\WINDOWS\system32\pcnwpo.dll
2008-07-29 12:38 . 2008-07-29 12:39 105,472 --a------ C:\WINDOWS\system32\atjdviwr.dll
2008-07-29 12:35 . 2008-07-29 12:36 83,456 --a------ C:\WINDOWS\system32\nofobpwn.dll
2008-07-29 12:32 . 2008-07-29 12:33 91,648 --a------ C:\WINDOWS\system32\dmeliwgr.dll
2008-07-28 16:38 . 2008-07-28 16:38 0 --a------ C:\WINDOWS\nsreg.dat
2008-07-28 16:12 . 2008-07-28 16:12 <REP> d-------- C:\VundoFix Backups
2008-07-28 12:38 . 2008-07-28 12:38 105,472 --a------ C:\WINDOWS\system32\pxsdcn.dll
2008-07-28 12:38 . 2008-07-28 12:38 105,472 --a------ C:\WINDOWS\system32\bdbmecfh.dll
2008-07-28 12:32 . 2008-07-28 12:32 91,648 --a------ C:\WINDOWS\system32\vwmhypmn.dll
2008-07-27 12:38 . 2008-07-27 12:38 105,472 --a------ C:\WINDOWS\system32\yskrjq.dll
2008-07-27 12:38 . 2008-07-27 12:38 105,472 --a------ C:\WINDOWS\system32\hpsawmed.dll
2008-07-27 12:35 . 2008-07-27 12:35 83,456 --------- C:\WINDOWS\system32\juhynhhp.dll
2008-07-27 12:32 . 2008-07-27 12:32 91,648 --a------ C:\WINDOWS\system32\ocluvrgt.dll
2008-07-26 12:38 . 2008-07-26 12:38 105,472 --a------ C:\WINDOWS\system32\whtwukos.dll
2008-07-26 12:38 . 2008-07-26 12:38 105,472 --a------ C:\WINDOWS\system32\tmtgcj.dll
2008-07-26 12:32 . 2008-07-26 12:32 91,648 --a------ C:\WINDOWS\system32\jejuvyov.dll
2008-07-25 12:34 . 2008-07-25 12:34 105,472 --a------ C:\WINDOWS\system32\xcsfuvlc.dll
2008-07-25 12:34 . 2008-07-25 12:34 105,472 --a------ C:\WINDOWS\system32\imlbmu.dll
2008-07-25 12:31 . 2008-07-25 12:31 91,648 --a------ C:\WINDOWS\system32\svshmndc.dll
2008-07-23 12:29 . 2008-07-29 16:07 111,558 --a------ C:\WINDOWS\BMa3cc4621.xml
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-29 11:50 --------- d-----w C:\Program Files\eChanblard
2008-07-28 14:33 2,122 ----a-w C:\WINDOWS\system32\tmp.reg
2008-07-28 14:10 --------- d-----w C:\Program Files\Navilog1
2008-07-28 09:39 --------- d-----w C:\Program Files\Incomplete
2008-07-28 09:39 --------- d-----w C:\Documents and Settings\tatiana\Application Data\LimeWire
2008-07-28 09:38 --------- d-----w C:\Program Files\LimeWire
2008-07-28 09:37 --------- d-----w C:\Documents and Settings\tatiana\Application Data\OpenOffice.org2
2008-07-27 09:55 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-07-25 16:00 --------- d-----w C:\Program Files\Norton Security Scan
2008-07-23 10:29 --------- d-----w C:\Program Files\SmartEnhancer
2008-07-23 10:29 --------- d-----w C:\Program Files\AdvancedAdvisor
2008-07-13 14:54 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\OpenOffice.org2
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-14 23:07 --------- d-----w C:\Documents and Settings\tatiana\Application Data\Ahead
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-02 20:16 --------- d-----w C:\Program Files\vanBasco's Karaoke Player
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
.
((((((((((((((((((((((((((((( snapshot@2008-05-27_18.02.18.36 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-02-26 11:49:32 297,984 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\SP2QFE\msctf.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\updspapi.dll
+ 2008-04-23 07:19:26 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\advpack.dll
+ 2008-04-23 07:19:26 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\dxtmsft.dll
+ 2008-04-23 07:19:26 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\dxtrans.dll
+ 2008-04-23 07:19:26 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\extmgr.dll
+ 2008-04-23 07:19:26 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\icardie.dll
+ 2008-04-22 08:02:19 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe
+ 2008-04-23 07:19:26 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieakeng.dll
+ 2008-04-23 07:19:26 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieaksie.dll
+ 2008-04-20 05:07:38 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dat
+ 2008-04-23 07:19:26 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dll
+ 2008-04-23 07:19:26 388,608 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iedkcs32.dll
+ 2008-04-23 07:19:26 6,068,224 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieframe.dll
+ 2008-04-23 07:19:26 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iernonce.dll
+ 2008-04-23 07:19:26 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iertutil.dll
+ 2008-04-22 08:02:19 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe
+ 2008-04-22 08:02:46 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
+ 2008-04-23 07:19:26 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\jsproxy.dll
+ 2008-04-23 07:19:27 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\msfeeds.dll
+ 2008-04-23 07:19:27 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\msfeedsbs.dll
+ 2008-04-23 07:19:27 3,593,728 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
+ 2008-04-23 07:19:27 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\mshtmled.dll
+ 2008-04-23 07:19:27 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\msrating.dll
+ 2008-04-23 07:19:27 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\mstime.dll
+ 2008-04-23 07:19:27 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\occache.dll
+ 2008-04-23 07:19:27 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\pngfilt.dll
+ 2008-04-23 07:19:27 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\url.dll
+ 2008-04-23 07:19:27 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\urlmon.dll
+ 2008-04-23 07:19:27 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\webcheck.dll
+ 2008-04-23 07:19:27 827,392 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\update\updspapi.dll
+ 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB950760\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950760\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\updspapi.dll
+ 2008-05-08 12:14:51 203,008 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP2QFE\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP3GDR\rmcast.sys
+ 2008-05-08 13:58:17 203,136 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP3QFE\rmcast.sys
+ 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB950762\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950762\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\updspapi.dll
+ 2008-06-14 18:03:13 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
+ 2008-06-14 17:33:37 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
+ 2008-06-14 17:40:19 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\updspapi.dll
+ 2008-04-14 16:17:04 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP2QFE\bthport.sys
+ 2008-04-14 15:59:30 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP3GDR\bthport.sys
+ 2008-04-14 16:22:05 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP3QFE\bthport.sys
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951376\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951376\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\updspapi.dll
+ 2008-05-07 04:55:47 1,294,336 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:11:24 1,294,336 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:59 1,294,336 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\updspapi.dll
+ 2006-03-02 12:00:00 294,400 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\msctf.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\updspapi.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB950760$\spuninst\updspapi.dll
+ 2006-07-13 08:48:58 202,240 -c----w C:\WINDOWS\$NtUninstallKB950762$\rmcast.sys
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB950762$\spuninst\updspapi.dll
+ 2008-04-14 15:52:45 272,768 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\bthport.sys
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\updspapi.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS\$NtUninstallKB951376$\spuninst\updspapi.dll
+ 2007-10-29 22:43:32 1,293,824 -c----w C:\WINDOWS\$NtUninstallKB951698$\quartz.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB951698$\spuninst\updspapi.dll
+ 2008-06-14 17:59:52 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2005-10-20 18:02:28 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2008-03-01 12:58:06 124,928 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\advpack.dll
+ 2008-03-01 12:58:06 347,136 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtmsft.dll
+ 2008-03-01 12:58:06 214,528 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtrans.dll
+ 2008-03-01 12:58:06 133,120 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\extmgr.dll
+ 2008-03-01 12:58:06 63,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\icardie.dll
+ 2008-02-29 08:56:41 70,656 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ie4uinit.exe
+ 2008-03-01 12:58:06 153,088 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakeng.dll
+ 2008-03-01 12:58:06 230,400 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakui.dll
+ 2008-03-01 12:58:07 383,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieapfltr.dll
+ 2008-03-01 12:58:07 384,512 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iedkcs32.dll
+ 2008-03-01 12:58:08 6,066,176 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieframe.dll
+ 2008-03-01 12:58:08 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iernonce.dll
+ 2008-03-01 12:58:08 267,776 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iertutil.dll
+ 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieudinit.exe
+ 2008-02-29 08:57:05 625,664 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe
+ 2008-03-01 12:58:08 27,648 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\jsproxy.dll
+ 2008-03-01 12:58:08 459,264 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeeds.dll
+ 2008-03-01 12:58:08 52,224 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeedsbs.dll
+ 2008-03-01 16:28:10 3,591,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtml.dll
+ 2008-03-01 12:58:09 478,208 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtmled.dll
+ 2008-03-01 12:58:10 193,024 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msrating.dll
+ 2008-03-01 12:58:10 671,232 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mstime.dll
+ 2008-03-01 12:58:10 102,912 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\occache.dll
+ 2008-03-01 12:58:10 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\updspapi.dll
+ 2008-03-01 12:58:10 105,984 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\url.dll
+ 2008-03-01 12:58:10 1,159,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\urlmon.dll
+ 2008-03-01 12:58:11 233,472 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\webcheck.dll
+ 2008-03-01 12:58:11 826,368 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll
- 2000-08-31 06:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
+ 2000-08-31 06:00:00 28,672 ----a-w C:\WINDOWS\Nircmd.exe
- 2008-03-01 12:58:06 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-04-23 04:16:39 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2008-03-01 12:58:06 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-04-23 04:16:39 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
- 2006-03-02 12:00:00 138,496 -c--a-w C:\WINDOWS\system32\dllcache\afd.sys
+ 2008-06-20 10:44:38 138,368 -c--a-w C:\WINDOWS\system32\dllcache\afd.sys
+ 2008-06-14 17:59:52 272,768 -c----w C:\WINDOWS\system32\dllcache\bthport.sys
- 2008-02-20 05:35:05 148,992 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2008-06-20 17:41:06 148,992 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
- 2008-03-01 12:58:06 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-04-23 04:16:39 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2008-03-01 12:58:06 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-04-23 04:16:39 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2008-03-01 12:58:06 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-04-23 04:16:39 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2008-03-01 12:58:06 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-04-23 04:16:39 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2008-02-29 08:56:41 70,656 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-04-22 07:41:08 70,656 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2008-03-01 12:58:06 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-04-23 04:16:39 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2008-03-01 12:58:06 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-04-23 04:16:39 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2008-02-15 05:44:25 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-04-20 05:07:51 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2008-03-01 12:58:07 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-04-23 04:16:39 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2008-03-01 12:58:07 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-04-23 04:16:39 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2008-03-01 12:58:08 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-04-23 04:16:39 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2008-03-01 12:58:08 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-04-23 04:16:39 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2008-03-01 12:58:08 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-04-23 04:16:39 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2008-04-22 07:39:58 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2008-02-29 08:57:05 625,664 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2008-04-22 07:41:30 625,664 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2008-03-01 12:58:08 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-04-23 04:16:40 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2006-03-02 12:00:00 294,400 -c--a-w C:\WINDOWS\system32\dllcache\msctf.dll
+ 2008-02-26 12:00:31 294,912 -c--a-w C:\WINDOWS\system32\dllcache\msctf.dll
- 2008-03-01 12:58:08 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-04-23 04:16:40 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2008-03-01 12:58:08 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-04-23 04:16:40 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2008-03-01 16:28:10 3,591,680 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-04-23 20:16:42 3,591,680 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2008-03-01 12:58:09 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-04-23 04:16:40 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2008-03-01 12:58:10 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-04-23 04:16:40 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2008-03-01 12:58:10 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-04-23 04:16:40 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2006-03-02 12:00:00 247,808 -c--a-w C:\WINDOWS\system32\dllcache\mswsock.dll
+ 2008-06-20 17:41:06 247,808 -c--a-w C:\WINDOWS\system32\dllcache\mswsock.dll
- 2008-03-01 12:58:10 102,912 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-04-23 04:16:40 102,912 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-03-01 12:58:10 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-04-23 04:16:40 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2007-10-29 22:43:32 1,293,824 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2008-05-07 05:15:36 1,293,824 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
- 2006-07-13 08:48:58 202,240 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2008-05-08 12:28:49 202,752 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
- 2007-10-30 17:20:55 360,064 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2008-06-20 10:45:13 360,320 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
- 2006-08-16 09:37:30 225,664 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
- 2008-03-01 12:58:10 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-04-23 04:16:40 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
- 2008-03-01 12:58:10 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-04-23 04:16:40 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2008-03-01 12:58:11 233,472 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-04-23 04:16:40 233,472 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2008-03-01 12:58:11 826,368 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-04-23 04:16:40 826,368 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
- 2008-02-20 05:35:05 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-06-20 17:41:06 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
- 2008-04-14 16:16:40 79,424 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys
+ 2008-07-19 12:25:45 75,072 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys
- 2006-07-13 08:48:58 202,240 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
+ 2008-05-08 12:28:49 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
- 2008-03-01 12:58:06 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-04-23 04:16:39 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2008-03-01 12:58:06 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-04-23 04:16:39 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2008-03-01 12:58:06 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-04-23 04:16:39 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2008-03-01 12:58:06 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2008-04-23 04:16:39 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2008-02-29 08:56:41 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-04-22 07:41:08 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2008-03-01 12:58:06 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2008-04-23 04:16:39 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
- 2008-03-01 12:58:06 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2008-04-23 04:16:39 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
- 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2008-04-20 05:07:51 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
- 2008-03-01 12:58:07 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-04-23 04:16:39 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2008-03-01 12:58:07 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-04-23 04:16:39 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
- 2008-03-01 12:58:08 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2008-04-23 04:16:39 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2008-03-01 12:58:08 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2008-04-23 04:16:39 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
- 2008-03-01 12:58:08 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2008-04-23 04:16:39 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2008-02-22 10:00:51 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-04-22 07:39:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2008-03-01 12:58:08 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-04-23 04:16:40 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
- 2008-05-09 21:35:04 16,863,864 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-05-29 23:35:11 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe
- 2006-03-02 12:00:00 294,400 ----a-w C:\WINDOWS\system32\MSCTF.dll
+ 2008-02-26 12:00:31 294,912 ----a-w C:\WINDOWS\system32\msctf.dll
- 2008-03-01 12:58:08 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-04-23 04:16:40 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2008-03-01 12:58:08 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-04-23 04:16:40 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2008-03-01 16:28:10 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-04-23 20:16:42 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-03-01 12:58:09 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-04-23 04:16:40 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2008-03-01 12:58:10 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-04-23 04:16:40 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
- 2008-03-01 12:58:10 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-04-23 04:16:40 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
- 2008-03-01 12:58:10 102,912 ----a-w C:\WINDOWS\system32\occache.dll
+ 2008-04-23 04:16:40 102,912 ----a-w C:\WINDOWS\system32\occache.dll
- 2008-03-01 12:58:10 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-04-23 04:16:40 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2006-10-16 15:10:58 14,640 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 12:39:29 18,296 ------w C:\WINDOWS\system32\spmsg.dll
- 2008-03-01 12:58:10 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-04-23 04:16:40 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2008-03-01 12:58:10 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-04-23 04:16:40 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2008-03-01 12:58:11 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-04-23 04:16:40 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
- 2008-03-01 12:58:11 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-04-23 04:16:40 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9c6edcf9-d1a1-4cbe-a7aa-02780c441a46}]
2008-07-29 12:39 105472 --a------ C:\WINDOWS\system32\pcnwpo.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 14:00 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 17:14 147456]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-02 18:23 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 17:41 45056]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-03-28 02:07 593920]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-19 14:25 266497]
"lxdimon.exe"="C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe" [2007-03-06 16:43 435120]
"lxdiamon"="C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe" [2007-03-05 20:40 20480]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2007-03-06 16:51 312240]
"LXDICATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDItime.dll" [2007-02-26 15:44 102400]
"a0ff75bd"="C:\WINDOWS\system32\nofobpwn.dll" [2008-07-29 12:36 83456]
"BMa3cc4621"="C:\WINDOWS\system32\dmeliwgr.dll" [2008-07-29 12:33 91648]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 14:00 15360]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\WINDOWS\\system32\\lxdicoms.exe"=
"C:\\Program Files\\Lexmark 3500-4500 Series\\lxdiamon.exe"=
"C:\\Program Files\\Lexmark 3500-4500 Series\\App4R.exe"=
"C:\\Program Files\\eChanblard\\emule.exe"=
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdipswx.exe"=
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdijswx.exe"=
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxditime.exe"=
"C:\\Program Files\\Lexmark 3500-4500 Series\\lxdimon.exe"=
R2 lxdi_device;lxdi_device;C:\WINDOWS\system32\lxdicoms.exe [2007-03-06 16:45]
R3 AN983;Carte Fast Ethernet 10/100 Mbps ADMtek AN983/AN985/ADM951X;C:\WINDOWS\system32\DRIVERS\AN983.sys [2004-08-04 00:31]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 00:08]
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
2008-07-27 C:\WINDOWS\Tasks\Norton Security Scan.job
- C:\Program Files\Norton Security Scan\Nss.exe [2008-01-09 04:08]
.
.
------- Supplementary Scan -------
.
O9 -: {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\tatiana\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
O16 -: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - hxxp://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_2_0_4_9.cab
C:\WINDOWS\Downloaded Program Files\hardwaredetection.inf
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-29 16:04:35
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
C:\WINDOWS\system32\nwpbofon.ini 294 bytes
Scan termin‚ avec succŠs
Les fichiers cach‚s: 1
**************************************************************************
.
--------------------- DLLs a charg‚ sous des processus courants ---------------------
PROCESS: C:\WINDOWS\explorer.exe
-> C:\WINDOWS\system32\nofobpwn.dll
-> C:\WINDOWS\system32\dmeliwgr.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.bin
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-07-29 16:13:36 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-29 14:13:28
ComboFix2.txt 2008-05-27 16:02:31
Pre-Run: 57,298,042,880 octets libres
Post-Run: 57,368,096,768 octets libres
456 --- E O F --- 2008-07-10 21:27:36
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.178 [GMT 2:00]
Endroit: C:\Documents and Settings\tatiana\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\FBrowserAdvisor
C:\Program Files\FBrowsingAdvisor
C:\Program Files\FBrowsingAdvisor\IXPCOMEvents.xpt
C:\Program Files\FBrowsingAdvisor\Logo.png
C:\Program Files\FBrowsingAdvisor\main.db
C:\Program Files\FBrowsingAdvisor\unins000.dat
C:\Program Files\FBrowsingAdvisor\unins000.exe
C:\Program Files\FBrowsingAdvisor\XPCOMEvents.dll
C:\WINDOWS\BMa3cc4621.txt
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\eujdoiei.dll
C:\WINDOWS\system32\fcccywUM.dll
C:\WINDOWS\system32\hcxpbhdy.ini
C:\WINDOWS\system32\hgGvtQkk.dll
C:\WINDOWS\system32\iifcaxvV.dll
C:\WINDOWS\system32\kkQtvGgh.ini
C:\WINDOWS\system32\kkQtvGgh.ini2
C:\WINDOWS\system32\kxpvfoox.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\nkmjnwjh.ini
C:\WINDOWS\system32\nwpbofon.ini
C:\WINDOWS\system32\nxsgcdwx.ini
C:\WINDOWS\system32\oplklh.dll
C:\WINDOWS\system32\phhnyhuj.ini
C:\WINDOWS\system32\rbspdd.dll
C:\WINDOWS\system32\wkechkij.ini
C:\WINDOWS\system32\wypmtiwb.ini
C:\WINDOWS\system32\ybakfxuu.dll
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-28 to 2008-07-29 ))))))))))))))))))))))))))))))))))))
.
2008-07-29 16:06 . 2008-07-29 16:06 22 --a------ C:\WINDOWS\pskt.ini
2008-07-29 12:39 . 2008-07-29 12:39 105,472 --a------ C:\WINDOWS\system32\pcnwpo.dll
2008-07-29 12:38 . 2008-07-29 12:39 105,472 --a------ C:\WINDOWS\system32\atjdviwr.dll
2008-07-29 12:35 . 2008-07-29 12:36 83,456 --a------ C:\WINDOWS\system32\nofobpwn.dll
2008-07-29 12:32 . 2008-07-29 12:33 91,648 --a------ C:\WINDOWS\system32\dmeliwgr.dll
2008-07-28 16:38 . 2008-07-28 16:38 0 --a------ C:\WINDOWS\nsreg.dat
2008-07-28 16:12 . 2008-07-28 16:12 <REP> d-------- C:\VundoFix Backups
2008-07-28 12:38 . 2008-07-28 12:38 105,472 --a------ C:\WINDOWS\system32\pxsdcn.dll
2008-07-28 12:38 . 2008-07-28 12:38 105,472 --a------ C:\WINDOWS\system32\bdbmecfh.dll
2008-07-28 12:32 . 2008-07-28 12:32 91,648 --a------ C:\WINDOWS\system32\vwmhypmn.dll
2008-07-27 12:38 . 2008-07-27 12:38 105,472 --a------ C:\WINDOWS\system32\yskrjq.dll
2008-07-27 12:38 . 2008-07-27 12:38 105,472 --a------ C:\WINDOWS\system32\hpsawmed.dll
2008-07-27 12:35 . 2008-07-27 12:35 83,456 --------- C:\WINDOWS\system32\juhynhhp.dll
2008-07-27 12:32 . 2008-07-27 12:32 91,648 --a------ C:\WINDOWS\system32\ocluvrgt.dll
2008-07-26 12:38 . 2008-07-26 12:38 105,472 --a------ C:\WINDOWS\system32\whtwukos.dll
2008-07-26 12:38 . 2008-07-26 12:38 105,472 --a------ C:\WINDOWS\system32\tmtgcj.dll
2008-07-26 12:32 . 2008-07-26 12:32 91,648 --a------ C:\WINDOWS\system32\jejuvyov.dll
2008-07-25 12:34 . 2008-07-25 12:34 105,472 --a------ C:\WINDOWS\system32\xcsfuvlc.dll
2008-07-25 12:34 . 2008-07-25 12:34 105,472 --a------ C:\WINDOWS\system32\imlbmu.dll
2008-07-25 12:31 . 2008-07-25 12:31 91,648 --a------ C:\WINDOWS\system32\svshmndc.dll
2008-07-23 12:29 . 2008-07-29 16:07 111,558 --a------ C:\WINDOWS\BMa3cc4621.xml
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-29 11:50 --------- d-----w C:\Program Files\eChanblard
2008-07-28 14:33 2,122 ----a-w C:\WINDOWS\system32\tmp.reg
2008-07-28 14:10 --------- d-----w C:\Program Files\Navilog1
2008-07-28 09:39 --------- d-----w C:\Program Files\Incomplete
2008-07-28 09:39 --------- d-----w C:\Documents and Settings\tatiana\Application Data\LimeWire
2008-07-28 09:38 --------- d-----w C:\Program Files\LimeWire
2008-07-28 09:37 --------- d-----w C:\Documents and Settings\tatiana\Application Data\OpenOffice.org2
2008-07-27 09:55 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-07-25 16:00 --------- d-----w C:\Program Files\Norton Security Scan
2008-07-23 10:29 --------- d-----w C:\Program Files\SmartEnhancer
2008-07-23 10:29 --------- d-----w C:\Program Files\AdvancedAdvisor
2008-07-13 14:54 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\OpenOffice.org2
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-14 23:07 --------- d-----w C:\Documents and Settings\tatiana\Application Data\Ahead
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-02 20:16 --------- d-----w C:\Program Files\vanBasco's Karaoke Player
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
.
((((((((((((((((((((((((((((( snapshot@2008-05-27_18.02.18.36 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-02-26 11:49:32 297,984 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\SP2QFE\msctf.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\updspapi.dll
+ 2008-04-23 07:19:26 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\advpack.dll
+ 2008-04-23 07:19:26 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\dxtmsft.dll
+ 2008-04-23 07:19:26 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\dxtrans.dll
+ 2008-04-23 07:19:26 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\extmgr.dll
+ 2008-04-23 07:19:26 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\icardie.dll
+ 2008-04-22 08:02:19 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe
+ 2008-04-23 07:19:26 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieakeng.dll
+ 2008-04-23 07:19:26 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieaksie.dll
+ 2008-04-20 05:07:38 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dat
+ 2008-04-23 07:19:26 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dll
+ 2008-04-23 07:19:26 388,608 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iedkcs32.dll
+ 2008-04-23 07:19:26 6,068,224 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieframe.dll
+ 2008-04-23 07:19:26 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iernonce.dll
+ 2008-04-23 07:19:26 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iertutil.dll
+ 2008-04-22 08:02:19 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe
+ 2008-04-22 08:02:46 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
+ 2008-04-23 07:19:26 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\jsproxy.dll
+ 2008-04-23 07:19:27 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\msfeeds.dll
+ 2008-04-23 07:19:27 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\msfeedsbs.dll
+ 2008-04-23 07:19:27 3,593,728 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
+ 2008-04-23 07:19:27 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\mshtmled.dll
+ 2008-04-23 07:19:27 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\msrating.dll
+ 2008-04-23 07:19:27 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\mstime.dll
+ 2008-04-23 07:19:27 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\occache.dll
+ 2008-04-23 07:19:27 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\pngfilt.dll
+ 2008-04-23 07:19:27 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\url.dll
+ 2008-04-23 07:19:27 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\urlmon.dll
+ 2008-04-23 07:19:27 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\webcheck.dll
+ 2008-04-23 07:19:27 827,392 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\update\updspapi.dll
+ 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB950760\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950760\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\updspapi.dll
+ 2008-05-08 12:14:51 203,008 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP2QFE\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP3GDR\rmcast.sys
+ 2008-05-08 13:58:17 203,136 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP3QFE\rmcast.sys
+ 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB950762\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950762\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\updspapi.dll
+ 2008-06-14 18:03:13 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
+ 2008-06-14 17:33:37 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
+ 2008-06-14 17:40:19 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\updspapi.dll
+ 2008-04-14 16:17:04 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP2QFE\bthport.sys
+ 2008-04-14 15:59:30 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP3GDR\bthport.sys
+ 2008-04-14 16:22:05 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP3QFE\bthport.sys
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951376\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951376\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\updspapi.dll
+ 2008-05-07 04:55:47 1,294,336 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:11:24 1,294,336 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:59 1,294,336 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\updspapi.dll
+ 2006-03-02 12:00:00 294,400 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\msctf.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\updspapi.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB950760$\spuninst\updspapi.dll
+ 2006-07-13 08:48:58 202,240 -c----w C:\WINDOWS\$NtUninstallKB950762$\rmcast.sys
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB950762$\spuninst\updspapi.dll
+ 2008-04-14 15:52:45 272,768 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\bthport.sys
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\updspapi.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS\$NtUninstallKB951376$\spuninst\updspapi.dll
+ 2007-10-29 22:43:32 1,293,824 -c----w C:\WINDOWS\$NtUninstallKB951698$\quartz.dll
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w C:\WINDOWS\$NtUninstallKB951698$\spuninst\updspapi.dll
+ 2008-06-14 17:59:52 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2005-10-20 18:02:28 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2008-03-01 12:58:06 124,928 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\advpack.dll
+ 2008-03-01 12:58:06 347,136 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtmsft.dll
+ 2008-03-01 12:58:06 214,528 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtrans.dll
+ 2008-03-01 12:58:06 133,120 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\extmgr.dll
+ 2008-03-01 12:58:06 63,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\icardie.dll
+ 2008-02-29 08:56:41 70,656 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ie4uinit.exe
+ 2008-03-01 12:58:06 153,088 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakeng.dll
+ 2008-03-01 12:58:06 230,400 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakui.dll
+ 2008-03-01 12:58:07 383,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieapfltr.dll
+ 2008-03-01 12:58:07 384,512 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iedkcs32.dll
+ 2008-03-01 12:58:08 6,066,176 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieframe.dll
+ 2008-03-01 12:58:08 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iernonce.dll
+ 2008-03-01 12:58:08 267,776 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iertutil.dll
+ 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieudinit.exe
+ 2008-02-29 08:57:05 625,664 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe
+ 2008-03-01 12:58:08 27,648 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\jsproxy.dll
+ 2008-03-01 12:58:08 459,264 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeeds.dll
+ 2008-03-01 12:58:08 52,224 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeedsbs.dll
+ 2008-03-01 16:28:10 3,591,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtml.dll
+ 2008-03-01 12:58:09 478,208 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtmled.dll
+ 2008-03-01 12:58:10 193,024 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msrating.dll
+ 2008-03-01 12:58:10 671,232 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mstime.dll
+ 2008-03-01 12:58:10 102,912 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\occache.dll
+ 2008-03-01 12:58:10 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\updspapi.dll
+ 2008-03-01 12:58:10 105,984 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\url.dll
+ 2008-03-01 12:58:10 1,159,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\urlmon.dll
+ 2008-03-01 12:58:11 233,472 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\webcheck.dll
+ 2008-03-01 12:58:11 826,368 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll
- 2000-08-31 06:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
+ 2000-08-31 06:00:00 28,672 ----a-w C:\WINDOWS\Nircmd.exe
- 2008-03-01 12:58:06 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-04-23 04:16:39 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2008-03-01 12:58:06 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-04-23 04:16:39 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
- 2006-03-02 12:00:00 138,496 -c--a-w C:\WINDOWS\system32\dllcache\afd.sys
+ 2008-06-20 10:44:38 138,368 -c--a-w C:\WINDOWS\system32\dllcache\afd.sys
+ 2008-06-14 17:59:52 272,768 -c----w C:\WINDOWS\system32\dllcache\bthport.sys
- 2008-02-20 05:35:05 148,992 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2008-06-20 17:41:06 148,992 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
- 2008-03-01 12:58:06 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-04-23 04:16:39 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2008-03-01 12:58:06 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-04-23 04:16:39 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2008-03-01 12:58:06 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-04-23 04:16:39 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2008-03-01 12:58:06 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-04-23 04:16:39 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2008-02-29 08:56:41 70,656 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-04-22 07:41:08 70,656 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2008-03-01 12:58:06 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-04-23 04:16:39 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2008-03-01 12:58:06 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-04-23 04:16:39 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2008-02-15 05:44:25 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-04-20 05:07:51 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2008-03-01 12:58:07 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-04-23 04:16:39 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2008-03-01 12:58:07 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-04-23 04:16:39 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2008-03-01 12:58:08 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-04-23 04:16:39 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2008-03-01 12:58:08 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-04-23 04:16:39 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2008-03-01 12:58:08 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-04-23 04:16:39 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2008-04-22 07:39:58 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2008-02-29 08:57:05 625,664 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2008-04-22 07:41:30 625,664 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2008-03-01 12:58:08 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-04-23 04:16:40 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2006-03-02 12:00:00 294,400 -c--a-w C:\WINDOWS\system32\dllcache\msctf.dll
+ 2008-02-26 12:00:31 294,912 -c--a-w C:\WINDOWS\system32\dllcache\msctf.dll
- 2008-03-01 12:58:08 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-04-23 04:16:40 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2008-03-01 12:58:08 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-04-23 04:16:40 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2008-03-01 16:28:10 3,591,680 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-04-23 20:16:42 3,591,680 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2008-03-01 12:58:09 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-04-23 04:16:40 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2008-03-01 12:58:10 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-04-23 04:16:40 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2008-03-01 12:58:10 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-04-23 04:16:40 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2006-03-02 12:00:00 247,808 -c--a-w C:\WINDOWS\system32\dllcache\mswsock.dll
+ 2008-06-20 17:41:06 247,808 -c--a-w C:\WINDOWS\system32\dllcache\mswsock.dll
- 2008-03-01 12:58:10 102,912 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-04-23 04:16:40 102,912 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-03-01 12:58:10 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-04-23 04:16:40 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2007-10-29 22:43:32 1,293,824 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2008-05-07 05:15:36 1,293,824 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
- 2006-07-13 08:48:58 202,240 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2008-05-08 12:28:49 202,752 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
- 2007-10-30 17:20:55 360,064 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2008-06-20 10:45:13 360,320 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
- 2006-08-16 09:37:30 225,664 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
- 2008-03-01 12:58:10 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-04-23 04:16:40 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
- 2008-03-01 12:58:10 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-04-23 04:16:40 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2008-03-01 12:58:11 233,472 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-04-23 04:16:40 233,472 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2008-03-01 12:58:11 826,368 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-04-23 04:16:40 826,368 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
- 2008-02-20 05:35:05 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-06-20 17:41:06 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
- 2008-04-14 16:16:40 79,424 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys
+ 2008-07-19 12:25:45 75,072 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys
- 2006-07-13 08:48:58 202,240 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
+ 2008-05-08 12:28:49 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
- 2008-03-01 12:58:06 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-04-23 04:16:39 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2008-03-01 12:58:06 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-04-23 04:16:39 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2008-03-01 12:58:06 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-04-23 04:16:39 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2008-03-01 12:58:06 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2008-04-23 04:16:39 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2008-02-29 08:56:41 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-04-22 07:41:08 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2008-03-01 12:58:06 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2008-04-23 04:16:39 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
- 2008-03-01 12:58:06 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2008-04-23 04:16:39 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
- 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2008-04-20 05:07:51 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
- 2008-03-01 12:58:07 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-04-23 04:16:39 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2008-03-01 12:58:07 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-04-23 04:16:39 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
- 2008-03-01 12:58:08 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2008-04-23 04:16:39 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2008-03-01 12:58:08 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2008-04-23 04:16:39 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
- 2008-03-01 12:58:08 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2008-04-23 04:16:39 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2008-02-22 10:00:51 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-04-22 07:39:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2008-03-01 12:58:08 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-04-23 04:16:40 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
- 2008-05-09 21:35:04 16,863,864 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-05-29 23:35:11 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe
- 2006-03-02 12:00:00 294,400 ----a-w C:\WINDOWS\system32\MSCTF.dll
+ 2008-02-26 12:00:31 294,912 ----a-w C:\WINDOWS\system32\msctf.dll
- 2008-03-01 12:58:08 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-04-23 04:16:40 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2008-03-01 12:58:08 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-04-23 04:16:40 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2008-03-01 16:28:10 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-04-23 20:16:42 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-03-01 12:58:09 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-04-23 04:16:40 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2008-03-01 12:58:10 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-04-23 04:16:40 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
- 2008-03-01 12:58:10 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-04-23 04:16:40 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
- 2008-03-01 12:58:10 102,912 ----a-w C:\WINDOWS\system32\occache.dll
+ 2008-04-23 04:16:40 102,912 ----a-w C:\WINDOWS\system32\occache.dll
- 2008-03-01 12:58:10 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-04-23 04:16:40 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2006-10-16 15:10:58 14,640 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 12:39:29 18,296 ------w C:\WINDOWS\system32\spmsg.dll
- 2008-03-01 12:58:10 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-04-23 04:16:40 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2008-03-01 12:58:10 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-04-23 04:16:40 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2008-03-01 12:58:11 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-04-23 04:16:40 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
- 2008-03-01 12:58:11 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-04-23 04:16:40 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9c6edcf9-d1a1-4cbe-a7aa-02780c441a46}]
2008-07-29 12:39 105472 --a------ C:\WINDOWS\system32\pcnwpo.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 14:00 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 17:14 147456]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-02 18:23 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 17:41 45056]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-03-28 02:07 593920]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-19 14:25 266497]
"lxdimon.exe"="C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe" [2007-03-06 16:43 435120]
"lxdiamon"="C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe" [2007-03-05 20:40 20480]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2007-03-06 16:51 312240]
"LXDICATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDItime.dll" [2007-02-26 15:44 102400]
"a0ff75bd"="C:\WINDOWS\system32\nofobpwn.dll" [2008-07-29 12:36 83456]
"BMa3cc4621"="C:\WINDOWS\system32\dmeliwgr.dll" [2008-07-29 12:33 91648]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 14:00 15360]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\WINDOWS\\system32\\lxdicoms.exe"=
"C:\\Program Files\\Lexmark 3500-4500 Series\\lxdiamon.exe"=
"C:\\Program Files\\Lexmark 3500-4500 Series\\App4R.exe"=
"C:\\Program Files\\eChanblard\\emule.exe"=
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdipswx.exe"=
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdijswx.exe"=
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxditime.exe"=
"C:\\Program Files\\Lexmark 3500-4500 Series\\lxdimon.exe"=
R2 lxdi_device;lxdi_device;C:\WINDOWS\system32\lxdicoms.exe [2007-03-06 16:45]
R3 AN983;Carte Fast Ethernet 10/100 Mbps ADMtek AN983/AN985/ADM951X;C:\WINDOWS\system32\DRIVERS\AN983.sys [2004-08-04 00:31]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 00:08]
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
2008-07-27 C:\WINDOWS\Tasks\Norton Security Scan.job
- C:\Program Files\Norton Security Scan\Nss.exe [2008-01-09 04:08]
.
.
------- Supplementary Scan -------
.
O9 -: {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\tatiana\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
O16 -: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - hxxp://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_2_0_4_9.cab
C:\WINDOWS\Downloaded Program Files\hardwaredetection.inf
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-29 16:04:35
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
C:\WINDOWS\system32\nwpbofon.ini 294 bytes
Scan termin‚ avec succŠs
Les fichiers cach‚s: 1
**************************************************************************
.
--------------------- DLLs a charg‚ sous des processus courants ---------------------
PROCESS: C:\WINDOWS\explorer.exe
-> C:\WINDOWS\system32\nofobpwn.dll
-> C:\WINDOWS\system32\dmeliwgr.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.bin
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-07-29 16:13:36 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-29 14:13:28
ComboFix2.txt 2008-05-27 16:02:31
Pre-Run: 57,298,042,880 octets libres
Post-Run: 57,368,096,768 octets libres
456 --- E O F --- 2008-07-10 21:27:36
Et le nouvel HJT:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:15:48, on 29.07.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\lxdicoms.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\tatiana\Bureau\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: {64a144c0-8720-aa7a-ebc4-1a1d9fcde6c9} - {9c6edcf9-d1a1-4cbe-a7aa-02780c441a46} - C:\WINDOWS\system32\pcnwpo.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXDICATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDItime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [a0ff75bd] rundll32.exe "C:\WINDOWS\system32\nofobpwn.dll",b
O4 - HKLM\..\Run: [BMa3cc4621] Rundll32.exe "C:\WINDOWS\system32\dmeliwgr.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\tatiana\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 7889 bytes
Scan saved at 16:15:48, on 29.07.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\lxdicoms.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\tatiana\Bureau\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: {64a144c0-8720-aa7a-ebc4-1a1d9fcde6c9} - {9c6edcf9-d1a1-4cbe-a7aa-02780c441a46} - C:\WINDOWS\system32\pcnwpo.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXDICATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDItime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [a0ff75bd] rundll32.exe "C:\WINDOWS\system32\nofobpwn.dll",b
O4 - HKLM\..\Run: [BMa3cc4621] Rundll32.exe "C:\WINDOWS\system32\dmeliwgr.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\tatiana\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 7889 bytes
Re,
Evite de mettre les rapports entre balises stp![:)]( ":)")
***
Sélectionne l'intégralité du cadre ci-dessous :
Copie/colle le dans le Bloc Notes (Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Enregistre le sous sur ton bureau sous le nom de CFScript.txt
Glisse maintenant le fichier CFScript.txt dans ComboFix.exe comme ci-dessous :
![]()
Cela va relancer Combofix.
ComboFix créera ces fichiers sur ton Bureau :
- Un fichier zippé nommé Submit [Date Time].zip
- Un second fichier nommé - CF-Submit.htm
ComboFix peut exiger un redémarrage pour compléter son travail. Accepte.
Lorsque l'outil aura terminé, un rapport ComboFix.log apparaîtra à l'écran.
Une nouvelle fenêtre avec invite "Submit Files for further analysis" s'ouvrira. Clique "OK"
Ton navigateur se lancera automatiquement avec le fichier CF-Submit.htm et une fenêtre s'ouvrira :
- Clique sur le bouton "Browse"("Parcourir") et navigue vers le fichier
Submit [Date Time].zip qui est sur ton Bureau.
- Clique sur le fichier afin de le sélectionner.
Soumets le fichier en cliquant "OK"
Lorsque cette opération sera complétée, tu peux supprimer ces deux fichiers qui se trouvent sur ton Bureau.
Poste le contenu du rapport ComboFix.txt après redémarrage s'il y en a un.
![;)]( ";)")
Evite de mettre les rapports entre balises stp
***
Sélectionne l'intégralité du cadre ci-dessous :
Collect::
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\pcnwpo.dll
C:\WINDOWS\system32\atjdviwr.dll
C:\WINDOWS\system32\nofobpwn.dll
C:\WINDOWS\system32\dmeliwgr.dll
C:\WINDOWS\system32\pxsdcn.dll
C:\WINDOWS\system32\bdbmecfh.dll
C:\WINDOWS\system32\vwmhypmn.dll
C:\WINDOWS\system32\yskrjq.dll
C:\WINDOWS\system32\hpsawmed.dll
C:\WINDOWS\system32\juhynhhp.dll
C:\WINDOWS\system32\ocluvrgt.dll
C:\WINDOWS\system32\whtwukos.dll
C:\WINDOWS\system32\tmtgcj.dll
C:\WINDOWS\system32\jejuvyov.dll
C:\WINDOWS\system32\xcsfuvlc.dll
C:\WINDOWS\system32\imlbmu.dll
C:\WINDOWS\system32\svshmndc.dll
C:\WINDOWS\BMa3cc4621.xml
Folder::
C:\VundoFix Backups
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9c6edcf9-d1a1-4cbe-a7aa-02780c441a46}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"a0ff75bd"=-
"BMa3cc4621"=-
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\pcnwpo.dll
C:\WINDOWS\system32\atjdviwr.dll
C:\WINDOWS\system32\nofobpwn.dll
C:\WINDOWS\system32\dmeliwgr.dll
C:\WINDOWS\system32\pxsdcn.dll
C:\WINDOWS\system32\bdbmecfh.dll
C:\WINDOWS\system32\vwmhypmn.dll
C:\WINDOWS\system32\yskrjq.dll
C:\WINDOWS\system32\hpsawmed.dll
C:\WINDOWS\system32\juhynhhp.dll
C:\WINDOWS\system32\ocluvrgt.dll
C:\WINDOWS\system32\whtwukos.dll
C:\WINDOWS\system32\tmtgcj.dll
C:\WINDOWS\system32\jejuvyov.dll
C:\WINDOWS\system32\xcsfuvlc.dll
C:\WINDOWS\system32\imlbmu.dll
C:\WINDOWS\system32\svshmndc.dll
C:\WINDOWS\BMa3cc4621.xml
Folder::
C:\VundoFix Backups
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9c6edcf9-d1a1-4cbe-a7aa-02780c441a46}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"a0ff75bd"=-
"BMa3cc4621"=-
- Un fichier zippé nommé Submit [Date Time].zip
- Un second fichier nommé - CF-Submit.htm
- Clique sur le bouton "Browse"("Parcourir") et navigue vers le fichier
Submit [Date Time].zip qui est sur ton Bureau.
- Clique sur le fichier afin de le sélectionner.
Poste le contenu du rapport ComboFix.txt après redémarrage s'il y en a un.
Hello,
Premièrement, je suis navré de cette réponse quelques mois après mais la personne concernée m'a dit que, après le ComboFix, tout était réglé. Mais elle ne trouvait pas le log. Et avec la reprise des cours etc, ça a traîné.
Quoi qu'il en soit, elle ne sait pas où est situé le log et maintenant, des virus seraient revenus![[:art903:1]]( "[:art903:1]")
Elle doit refaire un ComboFix ?
Et encore désolé du retard
Premièrement, je suis navré de cette réponse quelques mois après mais la personne concernée m'a dit que, après le ComboFix, tout était réglé. Mais elle ne trouvait pas le log. Et avec la reprise des cours etc, ça a traîné.
Quoi qu'il en soit, elle ne sait pas où est situé le log et maintenant, des virus seraient revenus
![[:art903:1]](http://m.bestofmedia.com/sfp/design/usr/fr/smilies/7e/1b/art903:1.gif "[:art903:1]")
Elle doit refaire un ComboFix ?
Et encore désolé du retard
Lassé par la pub ? Créez un compte
