Aller au contenu

ng_lo

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    13

  • Inscription

  • Dernière visite

ng_lo's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. ng_lo
    merci de tes conseils !!
  2. ng_lo
    oki j'ai réussis a tout faire grâce a tres explications simples et patiente !!!! merci pour ton aide c'est du bon boulot !!!! par contre j'ai un deuxieme ordi qui as l'air d'avoir de gros soucis de spy j'ai commencer les procedures decrites plus haut et rien que avec ewido j'ai trouvé 130 fichiers suspects !!!! En parlant ewido il est vraiment efficace car je le lancer en verif total ça me prends 50 minutes il trouve sur l'ordi que nous avons reparer ensemble encore plus des fichiers infectés.Une fois sont travaille fini et logiquement nettoyé, je le relance et il en trouve toujours ? j'avou que je comprends pas trop ....
  3. ng_lo
    bonjour, j'ai un petit soucis pour la procedure lorsque tu écris: * Enregistre ce fichier sur le bureau:ie-spyad2 d'Eric L. Howes si je fais un enregister sous , j'enregistre une page html et lorsque je clique dessus pour voir si le fichier est pas sur la page avec 30 000 truc marqué aurai tu un lien direct vers le fichier que tu veux que je prenne ? merci
  4. ng_lo
    etrange j'ai bien suivi ta procedure..... 2 fois de suite meme !!! a la lecture de se rapport la ligne 15 à disparu ce qui semble etre bon ! Pourrai tu me conseiller un logiciel efficace de protection pour le rapport voila : Logfile of HijackThis v1.99.1 Scan saved at 10:21:10, on 16/06/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\oodag.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\POP Peeper\POPPeeper.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\ange\Bureau\hijackthis\HijackThis.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [unlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [POP Peeper] "C:\Program Files\POP Peeper\POPPeeper.exe" -min O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spikehell.spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{88A19066-D480-4B0A-B860-725B7AC463B5}: NameServer = 192.168.0.1 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
  5. ng_lo
    alors le rapport du scan : Incident Statut Analyse Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\ange\Application Data\Mozilla\Firefox\Profiles\egdq25bx.default\cookies.txt[.xiti.com/] Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\ange\Application Data\Mozilla\Firefox\Profiles\egdq25bx.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\ange\Application Data\Mozilla\Firefox\Profiles\egdq25bx.default\cookies.txt[.atdmt.com/] Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\ange\Application Data\Mozilla\Firefox\Profiles\egdq25bx.default\cookies.txt[.weborama.fr/] Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\ange\Application Data\Mozilla\Firefox\Profiles\egdq25bx.default\cookies.txt[fe.lea.lycos.fr/] Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\ange\Bureau\SmitfraudFix\SmitfraudFix\Process.exe Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\ange\Cookies\[email protected][2].txt Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\ange\Cookies\ange@atdmt[1].txt Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\ange\Cookies\ange@doubleclick[1].txt Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\ange\Cookies\ange@weborama[2].txt Outil indésirable:Application/Processor No Désinfecté C:\RECYCLER\S-1-5-21-57989841-115176313-839522115-1003\Dc2.zip[smitfraudFix/Process.exe] Logfile of HijackThis v1.99.1 Scan saved at 21:31:42, on 15/06/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\oodag.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\POP Peeper\POPPeeper.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\ange\Bureau\hijackthis\HijackThis.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [unlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [POP Peeper] "C:\Program Files\POP Peeper\POPPeeper.exe" -min O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.flingstone.com O15 - Trusted Zone: *.i-lookup.com O15 - Trusted Zone: *.offshoreclicks.com O15 - Trusted Zone: *.teensguru.com O15 - Trusted Zone: *.xxxtoolbar.com O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spikehell.spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{88A19066-D480-4B0A-B860-725B7AC463B5}: NameServer = 192.168.0.1 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
  6. ng_lo
    oui j'ai utilisé l option 3
  7. ng_lo
    alors voila: Rapport de scan_20060615.txt --------------------------------------------------------- ewido anti-malware - Rapport de scan --------------------------------------------------------- + Créé le: 19:15:23, 15/06/2006 + Somme de contrôle: 465D29F0 + Résultats du scan: :mozilla.13:C:\Documents and Settings\ange\Application Data\Mozilla\Firefox\Profiles\egdq25bx.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder :mozilla.21:C:\Documents and Settings\ange\Application Data\Mozilla\Firefox\Profiles\egdq25bx.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder :mozilla.22:C:\Documents and Settings\ange\Application Data\Mozilla\Firefox\Profiles\egdq25bx.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder :mozilla.33:C:\Documents and Settings\ange\Application Data\Mozilla\Firefox\Profiles\egdq25bx.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyer et sauvegarder :mozilla.36:C:\Documents and Settings\ange\Application Data\Mozilla\Firefox\Profiles\egdq25bx.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder :mozilla.38:C:\Documents and Settings\ange\Application Data\Mozilla\Firefox\Profiles\egdq25bx.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder :mozilla.40:C:\Documents and Settings\ange\Application Data\Mozilla\Firefox\Profiles\egdq25bx.default\cookies.txt -> TrackingCookie.Estat : Nettoyer et sauvegarder :mozilla.42:C:\Documents and Settings\ange\Application Data\Mozilla\Firefox\Profiles\egdq25bx.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.43:C:\Documents and Settings\ange\Application Data\Mozilla\Firefox\Profiles\egdq25bx.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.44:C:\Documents and Settings\ange\Application Data\Mozilla\Firefox\Profiles\egdq25bx.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.56:C:\Documents and Settings\ange\Application Data\Mozilla\Firefox\Profiles\egdq25bx.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder :mozilla.57:C:\Documents and Settings\ange\Application Data\Mozilla\Firefox\Profiles\egdq25bx.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder :mozilla.58:C:\Documents and Settings\ange\Application Data\Mozilla\Firefox\Profiles\egdq25bx.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder :mozilla.59:C:\Documents and Settings\ange\Application Data\Mozilla\Firefox\Profiles\egdq25bx.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder :mozilla.60:C:\Documents and Settings\ange\Application Data\Mozilla\Firefox\Profiles\egdq25bx.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyer et sauvegarder :mozilla.61:C:\Documents and Settings\ange\Application Data\Mozilla\Firefox\Profiles\egdq25bx.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyer et sauvegarder :mozilla.62:C:\Documents and Settings\ange\Application Data\Mozilla\Firefox\Profiles\egdq25bx.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyer et sauvegarder :mozilla.67:C:\Documents and Settings\ange\Application Data\Mozilla\Firefox\Profiles\egdq25bx.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder ::Fin du rapport Logfile of HijackThis v1.99.1 Scan saved at 19:24:53, on 15/06/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\oodag.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\POP Peeper\POPPeeper.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\ange\Bureau\hijackthis\HijackThis.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {2D38A51A-23C9-48a1-A33C-48675AA2B494} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [unlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [POP Peeper] "C:\Program Files\POP Peeper\POPPeeper.exe" -min O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.flingstone.com O15 - Trusted Zone: *.i-lookup.com O15 - Trusted Zone: *.offshoreclicks.com O15 - Trusted Zone: *.teensguru.com O15 - Trusted Zone: *.xxxtoolbar.com O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spikehell.spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123 O17 - HKLM\System\CCS\Services\Tcpip\..\{88A19066-D480-4B0A-B860-725B7AC463B5}: NameServer = 192.168.0.1 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: O20 - Winlogon Notify: winuns32 - winuns32.dll (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
  8. ng_lo
    salut en effet j'ai voulu poster les rapport mais le forum était fermé !!! alors voila pour vous : SmitFraudFix v2.59 _________________ Rapport fait à 15:08:24,14, 15/06/2006 Executé à partir de C:\Documents and Settings\ange\Bureau\SmitfraudFix\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\ange\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ange\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin HijackThis _________ Logfile of HijackThis v1.99.1 Scan saved at 15:09:05, on 15/06/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\oodag.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\POP Peeper\POPPeeper.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\ange\Bureau\hijackthis\HijackThis.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {2D38A51A-23C9-48a1-A33C-48675AA2B494} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [unlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [POP Peeper] "C:\Program Files\POP Peeper\POPPeeper.exe" -min O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.flingstone.com O15 - Trusted Zone: *.i-lookup.com O15 - Trusted Zone: *.offshoreclicks.com O15 - Trusted Zone: *.teensguru.com O15 - Trusted Zone: *.xxxtoolbar.com O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spikehell.spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123 O17 - HKLM\System\CCS\Services\Tcpip\..\{88A19066-D480-4B0A-B860-725B7AC463B5}: NameServer = 192.168.0.1 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: O20 - Winlogon Notify: winuns32 - winuns32.dll (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe Ent tout cas le probleme à disparu et je vous doit un grand merci pour votre aide ! j 'oublié : windatfind _________ Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est CC39-585D R‚pertoire de C:\ 15/06/2006 15:10 0 dirdat.txt 15/06/2006 15:08 1ÿ144 rapport.txt 15/06/2006 14:53 2ÿ411ÿ724ÿ800 pagefile.sys 12/06/2006 17:44 212 boot.ini 04/05/2006 14:07 0 CONFIG.SYS 04/05/2006 14:07 0 IO.SYS 04/05/2006 14:07 0 MSDOS.SYS 04/05/2006 14:07 0 AUTOEXEC.BAT 03/08/2004 22:59 251ÿ712 ntldr 03/08/2004 22:38 47ÿ564 NTDETECT.COM 28/08/2001 14:00 4ÿ952 Bootfont.bin 11 fichier(s) 2ÿ412ÿ030ÿ384 octets 0 R‚p(s) 33ÿ288ÿ200ÿ192 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est CC39-585D R‚pertoire de C:\WINDOWS\system32 15/06/2006 14:54 43ÿ573 nvapps.xml 15/06/2006 14:53 38ÿ994 OODBS.lor 12/06/2006 16:58 2 wintsvtr.exe 10/06/2006 20:49 2ÿ206 wpa.dbl 04/06/2006 16:31 34ÿ308 BASSMOD.dll 24/05/2006 13:21 3ÿ072 CONFIG.NT 04/05/2006 18:38 48ÿ616 perfc00C.dat 04/05/2006 18:38 367ÿ658 perfh00C.dat 04/05/2006 18:38 311ÿ604 perfh009.dat 04/05/2006 18:38 39ÿ992 perfc009.dat 04/05/2006 18:38 775ÿ210 PerfStringBackup.INI 04/05/2006 18:30 110ÿ192 FNTCACHE.DAT 04/05/2006 16:03 0 h323log.txt 04/05/2006 14:09 261 $winnt$.inf 04/05/2006 14:07 16ÿ832 amcompat.tlb 04/05/2006 14:07 23ÿ392 nscompat.tlb 04/05/2006 14:06 488 WindowsLogon.manifest 04/05/2006 14:06 488 logonui.exe.manifest 04/05/2006 14:06 749 cdplayer.exe.manifest 04/05/2006 14:06 749 nwc.cpl.manifest 04/05/2006 14:06 749 sapi.cpl.manifest 04/05/2006 14:06 749 wuaucpl.cpl.manifest 04/05/2006 14:06 749 ncpa.cpl.manifest 04/05/2006 14:05 21ÿ892 emptyregdb.dat 27/04/2006 17:49 288ÿ417 SrchSTS.exe 22/04/2006 17:22 60ÿ200 sirenacm.dll 09/03/2006 17:59 180ÿ224 NVUninst.exe 09/03/2006 15:29 180ÿ224 nvudisp.exe 31/01/2006 14:35 91ÿ904 S32EVNT1.DLL 09/01/2006 10:36 40ÿ960 swsc.exe 09/01/2006 10:36 42ÿ496 swreg.exe 09/12/2005 21:06 16ÿ356 nvdisp.nvu 09/12/2005 21:06 573ÿ440 nvhwvid.dll 09/12/2005 21:06 229ÿ376 nvmccs.dll 09/12/2005 21:06 147ÿ456 nvcolor.exe 09/12/2005 21:06 86ÿ016 nvmctray.dll 09/12/2005 21:06 35ÿ840 nvcodins.dll 09/12/2005 21:06 7ÿ311ÿ360 nvcpl.dll 09/12/2005 21:06 45ÿ056 nvmccsrs.dll 09/12/2005 21:06 1ÿ466ÿ368 nview.dll 09/12/2005 21:06 3ÿ955ÿ456 nv4_disp.dll 09/12/2005 21:06 425ÿ984 keystone.exe 09/12/2005 21:06 5ÿ402ÿ624 nvoglnt.dll 09/12/2005 21:06 466ÿ944 nvshell.dll 09/12/2005 21:06 131ÿ139 nvsvc32.exe 09/12/2005 21:06 73ÿ728 nvtuicpl.cpl 09/12/2005 21:06 1ÿ519ÿ616 nwiz.exe 09/12/2005 21:06 35ÿ840 nvcod.dll 09/12/2005 21:06 442ÿ368 nvappbar.exe 09/12/2005 21:06 110ÿ592 nvapi.dll 09/12/2005 21:06 1ÿ019ÿ904 nvwimg.dll 09/12/2005 21:06 180ÿ224 nvuaudio.exe 09/12/2005 21:06 1ÿ662ÿ976 nvwdmcpl.dll 09/12/2005 21:06 81ÿ920 nvwddi.dll 09/12/2005 21:06 1ÿ339ÿ392 nvdspsch.exe 09/12/2005 21:06 180ÿ224 nvuenet.exe 09/12/2005 21:06 286ÿ720 nvnt4cpl.dll 08/12/2005 13:56 65ÿ536 QuickTimeVR.qtx 08/12/2005 13:56 49ÿ152 QuickTime.qts 05/12/2005 07:12 339ÿ968 pxwave.dll 05/12/2005 07:12 28ÿ672 vxblock.dll 05/12/2005 07:12 172ÿ032 pxmas.dll 05/12/2005 07:12 56ÿ320 pxinsa64.exe 05/12/2005 07:12 61ÿ440 pxhpinst.exe 05/12/2005 07:12 405ÿ504 pxdrv.dll 05/12/2005 07:12 56ÿ832 pxcpya64.exe 05/12/2005 07:12 339ÿ968 px.dll 11/10/2005 21:54 4ÿ096 oodbsrs.dll 11/10/2005 21:54 112ÿ237 oodbs.exe 11/10/2005 21:52 265ÿ216 oodag.exe 11/10/2005 21:50 10ÿ240 oodagrs.dll 11/10/2005 21:48 11ÿ776 oodagmg.dll 11/10/2005 20:04 9ÿ216 ootmapi.dll 22/07/2005 19:59 2ÿ319ÿ568 d3dx9_27.dll 31/05/2005 10:20 79ÿ432 GEARAspi.dll 14/04/2005 14:42 29ÿ696 FILTER.AX 05/04/2005 11:17 132ÿ824 SymRedir.dll 05/04/2005 11:17 517ÿ848 SymNeti.dll 18/03/2005 17:19 2ÿ337ÿ488 d3dx9_25.dll 25/02/2005 00:00 29ÿ696 escwiad.dll 25/02/2005 00:00 46ÿ080 escimgd.dll 25/02/2005 00:00 22ÿ016 esccmd.dll 05/02/2005 19:45 2ÿ222ÿ800 d3dx9_24.dll 28/01/2005 13:44 25ÿ088 MsPMSNSv.dll 28/01/2005 13:44 173ÿ568 MsPMSP.dll 28/01/2005 13:44 294ÿ912 blackbox.dll 28/01/2005 13:44 142ÿ336 msnetobj.dll 28/01/2005 13:44 364ÿ784 MSSCP.dll 28/01/2005 13:44 6ÿ656 laprxy.dll 28/01/2005 13:44 1ÿ003ÿ008 wmvdmoe2.dll 28/01/2005 13:44 66ÿ560 wpdmtpus.dll 28/01/2005 13:44 1ÿ119ÿ744 wmsdmoe2.dll 28/01/2005 13:44 413ÿ944 wmspdmod.dll 28/01/2005 13:44 150ÿ016 wmidx.dll 28/01/2005 13:44 290ÿ816 WMDRMNet.dll 28/01/2005 13:44 335ÿ872 WMDRMdev.dll 28/01/2005 13:44 33ÿ792 WMDMPS.dll 28/01/2005 13:44 96ÿ768 logagent.exe 28/01/2005 13:44 28ÿ160 WMDMLOG.dll 28/01/2005 13:44 224ÿ768 wmasf.dll 28/01/2005 13:44 716ÿ288 wmadmoe.dll 28/01/2005 13:44 396ÿ528 wmadmod.dll 28/01/2005 13:44 940ÿ544 wmspdmoe.dll 28/01/2005 13:44 38ÿ912 wpd_ci.dll 28/01/2005 13:44 10ÿ752 wpdtrace.dll 28/01/2005 13:44 331ÿ264 wpdsp.dll 28/01/2005 13:44 2ÿ370ÿ296 wmvcore.dll 28/01/2005 13:44 774ÿ904 wmsdmod.dll 28/01/2005 13:44 1ÿ512ÿ448 WMVADVE.DLL 28/01/2005 13:44 1ÿ027ÿ072 wmnetmgr.dll 28/01/2005 13:44 1ÿ218ÿ808 wmvadvd.dll 28/01/2005 13:44 38ÿ912 wdfmgr.exe 28/01/2005 13:44 15ÿ872 wdfapi.dll 28/01/2005 13:44 61ÿ952 wpdconns.dll 28/01/2005 13:44 114ÿ176 wpdmtp.dll 28/01/2005 13:44 221ÿ184 qasf.dll 28/01/2005 13:44 502ÿ272 drmv2clt.dll 28/01/2005 13:44 331ÿ776 wpdmtpdr.dll 28/01/2005 13:44 315ÿ904 MSWMDM.dll 28/01/2005 13:44 258ÿ296 drmclien.dll 28/01/2005 13:44 164ÿ864 cewmdm.dll 28/01/2005 13:44 96ÿ768 drmstor.dll 28/01/2005 13:44 47ÿ104 uwdf.exe 28/01/2005 13:44 895ÿ736 wmvdmod.dll 16/01/2005 14:39 52 registersld.bat 20/12/2004 12:10 61ÿ440 xvid.ax 20/12/2004 12:08 155ÿ648 xvidvfw.dll 20/12/2004 12:03 679ÿ936 xvidcore.dll 25/11/2004 07:07 79ÿ679 E_FLMACE.DLL 27/10/2004 00:38 577ÿ536 divxdec.ax 10/09/2004 22:12 49ÿ152 E_DCINST.DLL 30/08/2004 14:25 438ÿ272 vp6vfw.dll 30/08/2004 14:23 327ÿ680 vp6dec.ax 26/08/2004 12:25 163ÿ840 cmuda.dll 24/08/2004 11:22 466ÿ944 capicom.dll 23/08/2004 22:35 245ÿ760 CoreVorbis.ax 16/08/2004 15:39 344ÿ064 MatroskaSplitter.ax 13/08/2004 00:11 774ÿ144 VSFilter.dll 04/08/2004 02:54 77ÿ312 usbui.dll 04/08/2004 02:54 76ÿ800 storprop.dll 04/08/2004 01:08 1ÿ788 Dcache.bin 04/08/2004 01:05 2ÿ058ÿ880 ntkrnlpa.exe 04/08/2004 01:05 359ÿ936 wzcsvc.dll 04/08/2004 01:05 15ÿ360 pjlmon.dll 04/08/2004 01:05 50ÿ688 cnbjmon.dll 04/08/2004 01:05 23ÿ552 wdmaud.drv 04/08/2004 01:05 47ÿ616 iyuv_32.dll 04/08/2004 01:05 58ÿ880 dmutil.dll 04/08/2004 01:05 17ÿ408 msyuv.dll 04/08/2004 01:05 35ÿ328 pid.dll 04/08/2004 01:05 51ÿ712 wzcsapi.dll 04/08/2004 01:05 294ÿ912 msh263.drv 04/08/2004 01:05 20ÿ992 hid.dll 04/08/2004 00:57 332ÿ800 netsetup.exe 04/08/2004 00:55 12ÿ168 tsddd.dll 04/08/2004 00:55 87ÿ176 rdpwsx.dll 04/08/2004 00:55 92ÿ168 rdpdd.dll 04/08/2004 00:55 684ÿ032 sstext3d.scr 04/08/2004 00:55 14ÿ336 ssstars.scr 04/08/2004 00:55 610ÿ304 sspipes.scr 04/08/2004 00:55 221ÿ184 msadds32.ax 04/08/2004 00:55 188ÿ416 msh261.drv 04/08/2004 00:55 18ÿ944 ssmyst.scr 04/08/2004 00:55 258ÿ048 wmvds32.ax 04/08/2004 00:55 47ÿ104 ssmypics.scr 04/08/2004 00:55 20ÿ992 ssmarque.scr 04/08/2004 00:55 393ÿ216 ssflwbox.scr 04/08/2004 00:55 19ÿ968 ssbezier.scr 04/08/2004 00:55 708ÿ608 ss3dfo.scr 04/08/2004 00:55 278ÿ559 wmv8ds32.ax 04/08/2004 00:55 262ÿ144 mpg4ds32.ax 04/08/2004 00:55 148ÿ992 mpg2splt.ax 04/08/2004 00:55 118ÿ272 mpeg2data.ax 04/08/2004 00:55 626ÿ176 mmsys.cpl 04/08/2004 00:55 69ÿ632 msscds32.ax 04/08/2004 00:55 32ÿ768 wpnpinst.exe 04/08/2004 00:55 221ÿ696 logon.scr 04/08/2004 00:55 13ÿ824 wscntfy.exe 04/08/2004 00:55 114ÿ688 wscript.exe 04/08/2004 00:55 57ÿ344 ndptsp.tsp 04/08/2004 00:55 32ÿ768 odbccp32.cpl 04/08/2004 00:55 130ÿ048 ksproxy.ax 04/08/2004 00:55 148ÿ480 wscui.cpl 04/08/2004 00:55 33ÿ280 kmddsp.tsp 04/08/2004 00:55 555ÿ008 appwiz.cpl 04/08/2004 00:55 30ÿ720 xcopy.exe 04/08/2004 00:55 70ÿ144 joy.cpl 04/08/2004 00:55 305ÿ152 sysdm.cpl 04/08/2004 00:55 154ÿ624 ivfsrc.ax 04/08/2004 00:55 380ÿ928 irprops.cpl 04/08/2004 00:55 17ÿ408 ipconf.tsp 04/08/2004 00:55 9ÿ216 scrnsave.scr 04/08/2004 00:55 110ÿ592 bthprops.cpl 04/08/2004 00:55 25ÿ600 netsetup.cpl 04/08/2004 00:55 146ÿ944 winspool.drv 04/08/2004 00:55 94ÿ208 timedate.cpl 04/08/2004 00:55 134ÿ144 intl.cpl 04/08/2004 00:55 359ÿ936 inetcpl.cpl 04/08/2004 00:55 138ÿ240 desk.cpl 04/08/2004 00:55 71ÿ680 access.cpl 04/08/2004 00:55 118ÿ272 powercfg.cpl 04/08/2004 00:55 80ÿ384 firewall.cpl 04/08/2004 00:55 30ÿ208 hidphone.tsp 04/08/2004 00:55 164ÿ352 wstpager.ax 04/08/2004 00:55 76ÿ800 remotesp.tsp 04/08/2004 00:55 30ÿ720 vbisurf.ax 04/08/2004 00:55 157ÿ184 hdwwiz.cpl 04/08/2004 00:55 207ÿ872 unimdm.tsp 04/08/2004 00:55 239ÿ616 wstrenderer.ax 04/08/2004 00:55 266ÿ752 h323.tsp 04/08/2004 00:55 112ÿ640 wuauclt.exe 04/08/2004 00:55 168ÿ960 wuauclt1.exe 04/08/2004 00:55 163ÿ840 wuaucpl.cpl 04/08/2004 00:55 53ÿ248 vbicodec.ax 04/08/2004 00:55 261ÿ120 nusrmgr.cpl 04/08/2004 00:55 62ÿ464 rdpclip.exe 04/08/2004 00:55 23ÿ040 rcp.exe 04/08/2004 00:55 35ÿ840 rcimlby.exe 04/08/2004 00:55 57ÿ344 rasphone.exe 04/08/2004 00:55 13ÿ824 rdsaddin.exe 04/08/2004 00:55 32ÿ256 wpabaln.exe 04/08/2004 00:55 20ÿ992 qprocess.exe 04/08/2004 00:55 67ÿ072 rdshost.exe 04/08/2004 00:55 295ÿ424 vssvc.exe 04/08/2004 00:55 53ÿ248 reg.exe 04/08/2004 00:55 50ÿ176 utilman.exe 04/08/2004 00:55 12ÿ288 regsvr32.exe 04/08/2004 00:55 14ÿ848 rexec.exe 04/08/2004 00:55 15ÿ872 rsh.exe 04/08/2004 00:55 107ÿ520 rsnotify.exe 04/08/2004 00:55 9ÿ728 proxycfg.exe 04/08/2004 00:55 50ÿ688 proquota.exe 04/08/2004 00:55 109ÿ568 progman.exe 04/08/2004 00:55 49ÿ152 powercfg.exe 04/08/2004 00:55 78ÿ336 rtcshare.exe 04/08/2004 00:55 33ÿ792 rundll32.exe 04/08/2004 00:55 19ÿ456 ping.exe 04/08/2004 00:55 14ÿ336 runonce.exe 04/08/2004 00:55 13ÿ824 savedump.exe 04/08/2004 00:55 25ÿ088 userinit.exe 04/08/2004 00:55 100ÿ352 scardsvr.exe 04/08/2004 00:55 130ÿ560 schtasks.exe 04/08/2004 00:55 78ÿ848 sdbinst.exe 04/08/2004 00:55 19ÿ456 secedit.exe 04/08/2004 00:55 18ÿ432 ups.exe 04/08/2004 00:55 16ÿ896 upnpcont.exe 04/08/2004 00:55 13ÿ312 tracert.exe 04/08/2004 00:55 260ÿ096 tracerpt.exe 04/08/2004 00:55 108ÿ544 services.exe 04/08/2004 00:55 142ÿ336 sessmgr.exe 04/08/2004 00:55 32ÿ768 sethc.exe 04/08/2004 00:55 23ÿ040 setup.exe 04/08/2004 00:55 42ÿ496 shmgrate.exe 04/08/2004 00:55 78ÿ848 shrpubw.exe 04/08/2004 00:55 20ÿ480 shutdown.exe 04/08/2004 00:55 66ÿ560 wextract.exe 04/08/2004 00:55 347ÿ136 tourstart.exe 04/08/2004 00:55 71ÿ168 sigverif.exe 04/08/2004 00:55 26ÿ112 skeys.exe 04/08/2004 00:55 8ÿ192 smbinst.exe 04/08/2004 00:55 93ÿ184 smlogsvc.exe 04/08/2004 00:55 50ÿ688 smss.exe 04/08/2004 00:55 133ÿ120 sndrec32.exe 04/08/2004 00:55 539ÿ136 spider.exe 04/08/2004 00:55 11ÿ776 spnpinst.exe 04/08/2004 00:55 57ÿ856 spoolsv.exe 04/08/2004 00:55 75ÿ264 tlntsvr.exe 04/08/2004 00:55 14ÿ848 stimon.exe 04/08/2004 00:55 80ÿ384 tlntsess.exe 04/08/2004 00:55 14ÿ336 svchost.exe 04/08/2004 00:55 63ÿ488 tlntadmn.exe 04/08/2004 00:55 77ÿ824 telnet.exe 04/08/2004 00:55 5ÿ632 winver.exe 04/08/2004 00:55 506ÿ368 winlogon.exe 04/08/2004 00:55 107ÿ520 sysocmgr.exe 04/08/2004 00:55 438ÿ784 wiaacmgr.exe 04/08/2004 00:55 143ÿ360 taskmgr.exe 04/08/2004 00:55 114ÿ176 netdde.exe 04/08/2004 00:55 88ÿ576 netsh.exe 04/08/2004 00:55 124ÿ928 net1.exe 04/08/2004 00:55 42ÿ496 net.exe 04/08/2004 00:55 4ÿ096 nddeapir.exe 04/08/2004 00:55 37ÿ888 netstat.exe 04/08/2004 00:55 70ÿ656 notepad.exe 04/08/2004 00:55 32ÿ768 odbcad32.exe 04/08/2004 00:55 55ÿ296 narrator.exe 04/08/2004 00:55 71ÿ680 openfiles.exe 04/08/2004 00:55 216ÿ576 osk.exe 04/08/2004 00:55 59ÿ904 packager.exe 04/08/2004 00:55 15ÿ872 perfmon.exe 04/08/2004 00:55 420ÿ864 ntvdm.exe 04/08/2004 00:55 12ÿ288 mstinit.exe 04/08/2004 00:55 347ÿ648 mspaint.exe 04/08/2004 00:55 1ÿ230ÿ848 ntbackup.exe 04/08/2004 00:55 79ÿ360 nslookup.exe 04/08/2004 00:55 69ÿ632 odbcconf.exe 04/08/2004 00:54 19ÿ968 mqbkup.exe 04/08/2004 00:54 29ÿ184 mshta.exe 04/08/2004 00:54 6ÿ144 msdtc.exe 04/08/2004 00:54 117ÿ248 mqtgsvc.exe 04/08/2004 00:54 4ÿ608 mqsvc.exe 04/08/2004 00:54 124ÿ928 mplay32.exe 04/08/2004 00:54 77ÿ312 msiexec.exe 04/08/2004 00:54 144ÿ384 mobsync.exe 04/08/2004 00:54 75ÿ264 locator.exe 04/08/2004 00:54 61ÿ952 logman.exe 04/08/2004 00:54 515ÿ584 logonui.exe 04/08/2004 00:54 58ÿ368 ipconfig.exe 04/08/2004 00:54 13ÿ312 lsass.exe 04/08/2004 00:54 53ÿ760 ipv6.exe 04/08/2004 00:54 85ÿ504 makecab.exe 04/08/2004 00:54 816ÿ128 mmc.exe 04/08/2004 00:54 73ÿ216 magnify.exe 04/08/2004 00:54 32ÿ768 mnmsrvc.exe 04/08/2004 00:54 24ÿ576 ipxroute.exe 04/08/2004 00:54 150ÿ016 imapi.exe 04/08/2004 00:54 193ÿ024 fsquirt.exe 04/08/2004 00:54 39ÿ424 grpconv.exe 04/08/2004 00:54 46ÿ080 ftp.exe 04/08/2004 00:54 114ÿ688 iexpress.exe 04/08/2004 00:54 123ÿ392 gpresult.exe 04/08/2004 00:54 34ÿ304 ie4uinit.exe 04/08/2004 00:54 22ÿ528 fltMc.exe 04/08/2004 00:54 85ÿ504 diantz.exe 04/08/2004 00:54 6ÿ144 csrss.exe 04/08/2004 00:54 4ÿ096 actmovie.exe 04/08/2004 00:54 21ÿ504 fontview.exe 04/08/2004 00:54 11ÿ264 autolfn.exe 04/08/2004 00:54 29ÿ184 findstr.exe 04/08/2004 00:54 616ÿ960 autofmt.exe 04/08/2004 00:54 45ÿ568 extrac32.exe 04/08/2004 00:54 71ÿ680 blastcln.exe 04/08/2004 00:54 167ÿ936 diskpart.exe 04/08/2004 00:54 52ÿ736 eventcreate.exe 04/08/2004 00:54 98ÿ304 cscript.exe 04/08/2004 00:54 195ÿ072 eudcedit.exe 04/08/2004 00:54 5ÿ120 dllhost.exe 04/08/2004 00:54 638ÿ976 autoconv.exe 04/08/2004 00:54 225ÿ280 dmadmin.exe 04/08/2004 00:54 625ÿ152 autochk.exe 04/08/2004 00:54 15ÿ360 ctfmon.exe 04/08/2004 00:54 1ÿ298ÿ432 dxdiag.exe 04/08/2004 00:54 27ÿ648 conime.exe 04/08/2004 00:54 14ÿ336 auditusr.exe 04/08/2004 00:54 104ÿ960 dfrgntfs.exe 04/08/2004 00:54 11ÿ264 atmadm.exe 04/08/2004 00:54 82ÿ432 dfrgfat.exe 04/08/2004 00:54 180ÿ224 dwwin.exe 04/08/2004 00:54 65ÿ536 cmstp.exe 04/08/2004 00:54 15ÿ872 dmremote.exe 04/08/2004 00:54 17ÿ920 dvdupgrd.exe 04/08/2004 00:54 40ÿ448 cmmon32.exe 04/08/2004 00:54 10ÿ752 dumprep.exe 04/08/2004 00:54 47ÿ104 cmdl32.exe 04/08/2004 00:54 25ÿ088 at.exe 04/08/2004 00:54 32ÿ768 asr_pfu.exe 04/08/2004 00:54 400ÿ896 cmd.exe 04/08/2004 00:54 33ÿ280 clipsrv.exe 04/08/2004 00:54 30ÿ720 asr_fmt.exe 04/08/2004 00:54 104ÿ448 clipbrd.exe 04/08/2004 00:54 83ÿ456 dpvsetup.exe 04/08/2004 00:54 98ÿ304 ahui.exe 04/08/2004 00:54 44ÿ544 alg.exe 04/08/2004 00:54 20ÿ480 cliconfg.exe 04/08/2004 00:54 18ÿ432 dpnsvr.exe 04/08/2004 00:54 30ÿ208 dplaysvr.exe 04/08/2004 00:54 25ÿ088 defrag.exe 04/08/2004 00:54 65ÿ536 cleanmgr.exe 04/08/2004 00:54 5ÿ632 cisvc.exe 04/08/2004 00:54 56ÿ832 cipher.exe 04/08/2004 00:54 31ÿ744 ddeshare.exe 04/08/2004 00:54 25ÿ088 wsock32.dll 04/08/2004 00:54 42ÿ496 wsnmp32.dll 04/08/2004 00:54 19ÿ968 wshtcpip.dll 04/08/2004 00:54 11ÿ776 WshRm.dll 04/08/2004 00:54 14ÿ336 wship6.dll 04/08/2004 00:54 51ÿ200 wstdecod.dll 04/08/2004 00:54 65ÿ536 wshext.dll 04/08/2004 00:54 28ÿ672 wshcon.dll 04/08/2004 00:54 108ÿ032 wshbth.dll 04/08/2004 00:54 18ÿ432 wtsapi32.dll 04/08/2004 00:54 432ÿ640 wuapi.dll 04/08/2004 00:54 614ÿ400 wsecedit.dll 04/08/2004 00:54 81ÿ408 wscsvc.dll 04/08/2004 00:54 1ÿ134ÿ592 wuaueng.dll 04/08/2004 00:54 184ÿ320 wuaueng1.dll 04/08/2004 00:54 6ÿ656 wuauserv.dll 04/08/2004 00:54 114ÿ176 wucltui.dll 04/08/2004 00:54 19ÿ968 ws2help.dll 04/08/2004 00:54 265ÿ216 wow32.dll 04/08/2004 00:54 303ÿ616 wmstream.dll 04/08/2004 00:54 340ÿ480 zipfldr.dll 04/08/2004 00:54 115ÿ200 wmsdmoe.dll 04/08/2004 00:54 36ÿ864 wups.dll 04/08/2004 00:54 20ÿ480 wmpui.dll 04/08/2004 00:54 120ÿ320 wuweb.dll 04/08/2004 00:54 378ÿ880 wzcdlg.dll 04/08/2004 00:54 189ÿ952 accwiz.exe 04/08/2004 00:54 102ÿ400 wmpshell.dll 04/08/2004 00:54 233ÿ472 wmpdxm.dll 04/08/2004 00:54 20ÿ480 wmpcore.dll 04/08/2004 00:54 91ÿ648 xactsrv.dll 04/08/2004 00:54 129ÿ536 xmlprov.dll 04/08/2004 00:54 50ÿ176 xmlprovi.dll 04/08/2004 00:54 11ÿ776 xolehlp.dll 04/08/2004 00:54 20ÿ480 wmpcd.dll 04/08/2004 00:54 114ÿ688 wmpasf.dll 04/08/2004 00:54 4ÿ874ÿ240 wmp.dll 04/08/2004 00:54 82ÿ944 ws2_32.dll 04/08/2004 00:54 49ÿ152 wdigest.dll 04/08/2004 00:54 67ÿ584 webclnt.dll 04/08/2004 00:54 136ÿ192 webvw.dll 04/08/2004 00:54 465ÿ920 wiadefui.dll 04/08/2004 00:54 124ÿ928 wiadss.dll 04/08/2004 00:54 75ÿ776 wiascr.dll 04/08/2004 00:54 333ÿ824 wiaservc.dll 04/08/2004 00:54 594ÿ432 wiashext.dll 04/08/2004 00:54 111ÿ104 wiavideo.dll 04/08/2004 00:54 102ÿ400 win32spl.dll 04/08/2004 00:54 351ÿ232 winhttp.dll 04/08/2004 00:54 660ÿ480 wininet.dll 04/08/2004 00:54 32ÿ768 winipsec.dll 04/08/2004 00:54 180ÿ736 winmm.dll 04/08/2004 00:54 16ÿ896 winrnr.dll 04/08/2004 00:54 100ÿ352 winscard.dll 04/08/2004 00:54 17ÿ408 winshfhc.dll 04/08/2004 00:54 291ÿ328 winsrv.dll 04/08/2004 00:54 53ÿ760 winsta.dll 04/08/2004 00:54 176ÿ640 wintrust.dll 04/08/2004 00:54 132ÿ096 wkssvc.dll 04/08/2004 00:54 172ÿ544 wldap32.dll 04/08/2004 00:54 94ÿ208 wlnotify.dll 04/08/2004 00:54 281ÿ600 webcheck.dll 04/08/2004 00:54 37ÿ888 url.dll 04/08/2004 00:54 603ÿ136 urlmon.dll 04/08/2004 00:54 860ÿ160 tapi3.dll 04/08/2004 00:54 181ÿ760 tapi32.dll 04/08/2004 00:54 16ÿ896 usbmon.dll 04/08/2004 00:54 246ÿ272 tapisrv.dll 04/08/2004 00:54 578ÿ048 user32.dll 04/08/2004 00:54 14ÿ848 tcpmib.dll 04/08/2004 00:54 46ÿ592 tcpmon.dll 04/08/2004 00:54 47ÿ104 tcpmonui.dll 04/08/2004 00:54 210ÿ432 t2embed.dll 04/08/2004 00:54 297ÿ984 termsrv.dll 04/08/2004 00:54 1ÿ005ÿ056 syssetup.dll 04/08/2004 00:54 240ÿ128 upnpui.dll 04/08/2004 00:54 185ÿ344 upnphost.dll 04/08/2004 00:54 197ÿ120 syncui.dll 04/08/2004 00:54 57ÿ856 synceng.dll 04/08/2004 00:54 132ÿ608 upnp.dll 04/08/2004 00:54 391ÿ168 themeui.dll 04/08/2004 00:54 177ÿ664 w32time.dll 04/08/2004 00:54 25ÿ600 udhisapi.dll 04/08/2004 00:54 716ÿ800 sxs.dll 04/08/2004 00:54 311ÿ808 ulib.dll 04/08/2004 00:54 30ÿ749 vbajet32.dll 04/08/2004 00:54 430ÿ592 vssapi.dll 04/08/2004 00:54 75ÿ776 strmfilt.dll 04/08/2004 00:54 246ÿ302 strmdll.dll 04/08/2004 00:54 122ÿ368 stobject.dll 04/08/2004 00:54 13ÿ824 uniplat.dll 04/08/2004 00:54 731ÿ136 userenv.dll 04/08/2004 00:54 138ÿ240 sti_ci.dll 04/08/2004 00:54 15ÿ872 w3ssl.dll 04/08/2004 00:54 68ÿ096 sti.dll 04/08/2004 00:54 406ÿ528 usp10.dll 04/08/2004 00:54 417ÿ792 vbscript.dll 04/08/2004 00:54 119ÿ808 umpnpmgr.dll 04/08/2004 00:54 36ÿ864 umandlg.dll 04/08/2004 00:54 7ÿ168 tlntsvrp.dll 04/08/2004 00:54 219ÿ648 uxtheme.dll 04/08/2004 00:54 90ÿ624 trkwks.dll 04/08/2004 00:54 26ÿ112 vdmdbg.dll 04/08/2004 00:54 18ÿ944 version.dll 04/08/2004 00:54 78ÿ848 unimdmat.dll 04/08/2004 00:54 94ÿ208 tscfgwmi.dll 04/08/2004 00:54 358ÿ912 termmgr.dll 04/08/2004 00:54 44ÿ032 twext.dll 04/08/2004 00:54 316ÿ416 untfs.dll 04/08/2004 00:54 101ÿ376 txflog.dll 04/08/2004 00:54 51ÿ712 vdmredir.dll 04/08/2004 00:54 18ÿ944 snmpapi.dll 04/08/2004 00:54 184ÿ320 snmpsnap.dll 04/08/2004 00:54 74ÿ752 spoolss.dll 04/08/2004 00:54 442ÿ368 sqlsrv32.dll 04/08/2004 00:54 180ÿ800 sqlunirl.dll 04/08/2004 00:54 67ÿ584 srclient.dll 04/08/2004 00:54 241ÿ664 srrstr.dll 04/08/2004 00:54 171ÿ008 srsvc.dll 04/08/2004 00:54 96ÿ768 srvsvc.dll 04/08/2004 00:54 34ÿ816 ssdpapi.dll 04/08/2004 00:54 71ÿ680 ssdpsrv.dll 04/08/2004 00:54 6ÿ656 sensapi.dll 04/08/2004 00:54 38ÿ912 sens.dll 04/08/2004 00:54 56ÿ320 servdeps.dll 04/08/2004 00:54 55ÿ296 sendmail.dll 04/08/2004 00:54 29ÿ696 sendcmsg.dll 04/08/2004 00:54 1ÿ003ÿ520 setupapi.dll 04/08/2004 00:54 5ÿ632 security.dll 04/08/2004 00:54 5ÿ120 sfc.dll 04/08/2004 00:54 1ÿ548ÿ288 sfcfiles.dll 04/08/2004 00:54 142ÿ336 sfc_os.dll 04/08/2004 00:54 55ÿ808 secur32.dll 04/08/2004 00:54 18ÿ944 seclogon.dll 04/08/2004 00:54 1ÿ483ÿ776 shdocvw.dll 04/08/2004 00:54 29ÿ184 sdhcinst.dll 04/08/2004 00:54 68ÿ096 shgina.dll 04/08/2004 00:54 8ÿ440ÿ320 shell32.dll 04/08/2004 00:54 440ÿ320 shimgvw.dll 04/08/2004 00:54 25ÿ088 shfolder.dll 04/08/2004 00:54 474ÿ112 shlwapi.dll 04/08/2004 00:54 153ÿ088 shmedia.dll 04/08/2004 00:54 28ÿ160 shscrap.dll 04/08/2004 00:54 135ÿ168 shsvcs.dll 04/08/2004 00:54 13ÿ824 sigtab.dll 04/08/2004 00:54 25ÿ600 slayerxp.dll 04/08/2004 00:54 98ÿ304 slbiop.dll 04/08/2004 00:54 370ÿ688 smlogcfg.dll 04/08/2004 00:54 65ÿ536 shimeng.dll 04/08/2004 00:54 34ÿ304 pstorsvc.dll 04/08/2004 00:54 159ÿ232 ptpusd.dll 04/08/2004 00:54 192ÿ512 qcap.dll 04/08/2004 00:54 279ÿ040 qdv.dll 04/08/2004 00:54 43ÿ520 pstorec.dll 04/08/2004 00:54 386ÿ048 qdvd.dll 04/08/2004 00:54 563ÿ200 qedit.dll 04/08/2004 00:54 382ÿ464 qmgr.dll 04/08/2004 00:54 18ÿ944 qmgrprxy.dll 04/08/2004 00:54 98ÿ816 psbase.dll 04/08/2004 00:54 23ÿ040 psapi.dll 04/08/2004 00:54 1ÿ293ÿ824 quartz.dll 04/08/2004 00:54 1ÿ440ÿ768 query.dll 04/08/2004 00:54 27ÿ648 profmap.dll 04/08/2004 00:54 151ÿ552 scrrun.dll 04/08/2004 00:54 159ÿ744 scrobj.dll 04/08/2004 00:54 22ÿ016 sclgntfy.dll 04/08/2004 00:54 193ÿ024 schedsvc.dll 04/08/2004 00:54 144ÿ896 schannel.dll 04/08/2004 00:54 328ÿ704 scesrv.dll 04/08/2004 00:54 186ÿ368 scecli.dll 04/08/2004 00:54 578ÿ560 printui.dll 04/08/2004 00:54 171ÿ520 sccsccp.dll 04/08/2004 00:54 43ÿ520 racpldlg.dll 04/08/2004 00:54 8ÿ192 rasadhlp.dll 04/08/2004 00:54 71ÿ168 scarddlg.dll 04/08/2004 00:54 17ÿ408 powrprof.dll 04/08/2004 00:54 237ÿ056 rasapi32.dll 04/08/2004 00:54 106ÿ496 polstore.dll 04/08/2004 00:54 48ÿ640 pnrpnsp.dll 04/08/2004 00:54 159ÿ232 sbeio.dll 04/08/2004 00:54 39ÿ424 pngfilt.dll 04/08/2004 00:54 270ÿ848 sbe.dll 04/08/2004 00:54 89ÿ088 rasauto.dll 04/08/2004 00:54 431ÿ104 samsrv.dll 04/08/2004 00:54 64ÿ000 samlib.dll 04/08/2004 00:54 45ÿ568 safrslv.dll 04/08/2004 00:54 29ÿ696 safrdm.dll 04/08/2004 00:54 43ÿ520 safrcdlg.dll 04/08/2004 00:54 69ÿ632 raschap.dll 04/08/2004 00:54 685ÿ056 rasdlg.dll 04/08/2004 00:54 44ÿ032 rtutils.dll 04/08/2004 00:54 19ÿ968 rdpsnd.dll 04/08/2004 00:54 31ÿ744 rtipxmib.dll 04/08/2004 00:54 61ÿ440 rasman.dll 04/08/2004 00:54 174ÿ080 rasmans.dll 04/08/2004 00:54 18ÿ944 rsmps.dll 04/08/2004 00:54 206ÿ336 rasppp.dll 04/08/2004 00:54 395ÿ776 rpcss.dll 04/08/2004 00:54 581ÿ120 rpcrt4.dll 04/08/2004 00:54 16ÿ896 rassapi.dll 04/08/2004 00:54 431ÿ616 riched20.dll 04/08/2004 00:54 58ÿ880 rastapi.dll 04/08/2004 00:54 58ÿ880 resutils.dll 04/08/2004 00:54 113ÿ152 rastls.dll 04/08/2004 00:54 61ÿ952 remotepg.dll 04/08/2004 00:54 405ÿ504 regwizc.dll 04/08/2004 00:54 103ÿ424 rcbdyctl.dll 04/08/2004 00:54 59ÿ904 regsvc.dll 04/08/2004 00:54 147ÿ968 rdchost.dll 04/08/2004 00:54 49ÿ664 regapi.dll 04/08/2004 00:54 40ÿ960 rshx32.dll 04/08/2004 00:54 288ÿ768 objsel.dll 04/08/2004 00:54 97ÿ280 occache.dll 04/08/2004 00:54 267ÿ776 oakley.dll 04/08/2004 00:54 249ÿ856 odbc32.dll 04/08/2004 00:54 64ÿ000 nwwks.dll 04/08/2004 00:54 147ÿ968 nwprovau.dll 04/08/2004 00:54 16ÿ384 odbc32gt.dll 04/08/2004 00:54 24ÿ576 odbcbcp.dll 04/08/2004 00:54 145ÿ920 ntshrui.dll 04/08/2004 00:54 135ÿ168 odbcconf.dll 04/08/2004 00:54 91ÿ648 ntprint.dll 04/08/2004 00:54 106ÿ496 odbccp32.dll 04/08/2004 00:54 65ÿ536 odbccr32.dll 04/08/2004 00:54 65ÿ536 odbccu32.dll 04/08/2004 00:54 278ÿ559 odbcjt32.dll 04/08/2004 00:54 147ÿ456 odbctrac.dll 04/08/2004 00:54 20ÿ511 oddbse32.dll 04/08/2004 00:54 20ÿ510 odexl32.dll 04/08/2004 00:54 20ÿ510 odfox32.dll 04/08/2004 00:54 438ÿ272 ntmssvc.dll 04/08/2004 00:54 496ÿ640 ntmsmgr.dll 04/08/2004 00:54 20ÿ510 odpdx32.dll 04/08/2004 00:54 20ÿ511 odtext32.dll 04/08/2004 00:54 120ÿ832 offfilt.dll 04/08/2004 00:54 181ÿ248 ntmsdba.dll 04/08/2004 00:54 1ÿ281ÿ024 ole32.dll 04/08/2004 00:54 40ÿ960 ntmsapi.dll 04/08/2004 00:54 553ÿ472 oleaut32.dll 04/08/2004 00:54 119ÿ808 ntmarta.dll 04/08/2004 00:54 110ÿ592 oleprn.dll 04/08/2004 00:54 8ÿ192 ntlsapi.dll 04/08/2004 00:54 83ÿ456 olepro32.dll 04/08/2004 00:54 67ÿ072 ntdsapi.dll 04/08/2004 00:54 713ÿ728 opengl32.dll 04/08/2004 00:54 68ÿ096 osuninst.dll 04/08/2004 00:54 116ÿ224 p2p.dll 04/08/2004 00:54 86ÿ016 p2pgasvc.dll 04/08/2004 00:54 312ÿ320 p2pgraph.dll 04/08/2004 00:54 88ÿ064 p2pnetsh.dll 04/08/2004 00:54 55ÿ296 npptools.dll 04/08/2004 00:54 526ÿ848 p2psvc.dll 04/08/2004 00:54 65ÿ024 pautoenr.dll 04/08/2004 00:54 286ÿ208 pdh.dll 04/08/2004 00:54 42ÿ496 perfctrs.dll 04/08/2004 00:54 28ÿ672 nmmkcert.dll 04/08/2004 00:54 27ÿ136 perfdisk.dll 04/08/2004 00:54 26ÿ624 perfos.dll 04/08/2004 00:54 35ÿ840 perfproc.dll 04/08/2004 00:54 103ÿ936 nlhtml.dll 04/08/2004 00:54 172ÿ032 photowiz.dll 04/08/2004 00:54 251ÿ392 newdev.dll 04/08/2004 00:54 245ÿ760 netui1.dll 04/08/2004 00:54 83ÿ456 netui0.dll 04/08/2004 00:54 1ÿ723ÿ904 netshell.dll 04/08/2004 00:54 12ÿ288 netrap.dll 04/08/2004 00:54 885ÿ248 netplwiz.dll 04/08/2004 00:54 198ÿ144 netman.dll 04/08/2004 00:54 407ÿ040 netlogon.dll 04/08/2004 00:54 144ÿ896 netid.dll 04/08/2004 00:54 633ÿ856 netcfgx.dll 04/08/2004 00:54 332ÿ288 netapi32.dll 04/08/2004 00:54 19ÿ456 nddenb32.dll 04/08/2004 00:54 18ÿ432 nddeapi.dll 04/08/2004 00:54 36ÿ352 ncobjapi.dll 04/08/2004 00:54 91ÿ648 mydocs.dll 04/08/2004 00:54 90ÿ112 mtxoci.dll 04/08/2004 00:54 66ÿ560 mtxclu.dll 04/08/2004 00:54 1ÿ236ÿ480 msxml3.dll 04/08/2004 00:54 701ÿ440 msxml2.dll 04/08/2004 00:54 506ÿ368 msxml.dll 04/08/2004 00:54 348ÿ189 msxbde40.dll 04/08/2004 00:54 614ÿ429 mswstr10.dll 04/08/2004 00:54 247ÿ808 mswsock.dll 04/08/2004 00:54 204ÿ800 mswebdvd.dll 04/08/2004 00:54 831ÿ519 mswdat10.dll 04/08/2004 00:54 72ÿ704 msw3prt.dll 04/08/2004 00:54 1ÿ433ÿ600 msvidctl.dll 04/08/2004 00:54 121ÿ856 msvfw32.dll 04/08/2004 00:54 343ÿ040 msvcrt.dll 04/08/2004 00:54 413ÿ696 msvcp60.dll 04/08/2004 00:54 54ÿ784 msvcirt.dll 04/08/2004 00:54 1ÿ392ÿ671 msvbvm60.dll 04/08/2004 00:54 129ÿ536 msv1_0.dll 04/08/2004 00:54 195ÿ584 msutb.dll 04/08/2004 00:54 115ÿ712 mstlsapi.dll 04/08/2004 00:54 530ÿ432 mstime.dll 04/08/2004 00:54 258ÿ077 mstext40.dll 04/08/2004 00:54 281ÿ600 mstask.dll 04/08/2004 00:54 134ÿ656 mssap.dll 04/08/2004 00:54 11ÿ264 msrle32.dll 04/08/2004 00:54 552ÿ989 msrepl40.dll 04/08/2004 00:54 315ÿ423 msrd3x40.dll 04/08/2004 00:54 421ÿ919 msrd2x40.dll 04/08/2004 00:54 146ÿ432 msrating.dll 04/08/2004 00:54 43ÿ520 ntlanman.dll 04/08/2004 00:54 30ÿ208 mspatcha.dll 04/08/2004 00:54 143ÿ360 msorcl32.dll 04/08/2004 00:54 105ÿ984 msoert2.dll 04/08/2004 00:54 252ÿ928 msoeacct.dll 04/08/2004 00:54 290ÿ816 msnsspc.dll 04/08/2004 00:54 213ÿ023 msltus40.dll 04/08/2004 00:54 25ÿ600 mslbui.dll 04/08/2004 00:54 241ÿ693 msjtes40.dll 04/08/2004 00:54 53ÿ279 msjter40.dll 04/08/2004 00:54 184ÿ351 msjint40.dll 04/08/2004 00:54 1ÿ507ÿ356 msjet40.dll 04/08/2004 00:54 44ÿ032 msisip.dll 04/08/2004 00:54 159ÿ232 MSIMTF.dll 04/08/2004 00:54 4ÿ608 msimg32.dll 04/08/2004 00:54 331ÿ264 msihnd.dll 04/08/2004 00:54 252ÿ416 msieftp.dll 04/08/2004 00:54 6ÿ656 msidle.dll 04/08/2004 00:54 51ÿ712 msident.dll 04/08/2004 00:54 2ÿ804ÿ224 msi.dll 04/08/2004 00:54 73ÿ728 mscms.dll 04/08/2004 00:54 69ÿ632 msconf.dll 04/08/2004 00:54 448ÿ512 mshtmled.dll 04/08/2004 00:54 36ÿ864 mscpxl32.dLL 04/08/2004 00:54 512ÿ029 msexch40.dll 04/08/2004 00:54 294ÿ400 MSCTF.dll 04/08/2004 00:54 3ÿ003ÿ392 mshtml.dll 04/08/2004 00:54 69ÿ120 MSCTFP.dll 04/08/2004 00:54 118ÿ784 msdadiag.dll 04/08/2004 00:54 151ÿ552 msdart.dll 04/08/2004 00:54 14ÿ336 msdmo.dll 04/08/2004 00:54 58ÿ880 msdtclog.dll 04/08/2004 00:54 33ÿ792 msgsvc.dll 04/08/2004 00:54 425ÿ472 msdtcprx.dll 04/08/2004 00:54 949ÿ248 msdtctm.dll 04/08/2004 00:54 161ÿ280 msdtcuiu.dll 04/08/2004 00:54 1ÿ004ÿ032 msgina.dll 04/08/2004 00:54 537ÿ088 msftedit.dll 04/08/2004 00:54 319ÿ517 msexcl40.dll 04/08/2004 00:54 348ÿ189 mspbde40.dll 04/08/2004 00:54 123ÿ392 mqrtdep.dll 04/08/2004 00:54 177ÿ152 mqrt.dll 04/08/2004 00:54 660ÿ992 mqqm.dll 04/08/2004 00:54 95ÿ744 mqsec.dll 04/08/2004 00:54 517ÿ632 mqsnap.dll 04/08/2004 00:54 186ÿ880 mqtrig.dll 04/08/2004 00:54 48ÿ640 mqupgrd.dll 04/08/2004 00:54 225ÿ280 mqoa.dll 04/08/2004 00:54 89ÿ088 mqlogmgr.dll 04/08/2004 00:54 16ÿ896 mqise.dll 04/08/2004 00:54 47ÿ104 mqdscli.dll 04/08/2004 00:54 138ÿ240 mqad.dll 04/08/2004 00:54 527ÿ360 mqutil.dll 04/08/2004 00:54 1ÿ028ÿ096 mfc42.dll 04/08/2004 00:54 1ÿ024ÿ000 mfc42u.dll 04/08/2004 00:54 72ÿ192 msacm32.dll 04/08/2004 00:54 22ÿ528 mfcsubs.dll 04/08/2004 00:54 14ÿ848 mgmtapi.dll 04/08/2004 00:54 18ÿ944 midimap.dll 04/08/2004 00:54 60ÿ928 miglibnt.dll 04/08/2004 00:54 586ÿ240 mlang.dll 04/08/2004 00:54 79ÿ872 mmcbase.dll 04/08/2004 00:54 86ÿ016 msapsspc.dll 04/08/2004 00:54 87ÿ040 mprapi.dll 04/08/2004 00:54 59ÿ904 mpr.dll 04/08/2004 00:54 57ÿ344 msasn1.dll 04/08/2004 00:54 1ÿ198ÿ080 mmcndmgr.dll 04/08/2004 00:54 240ÿ640 mpg4dmod.dll 04/08/2004 00:54 50ÿ688 mmcshext.dll 04/08/2004 00:54 17ÿ920 mmfutil.dll 04/08/2004 00:54 34ÿ560 mnmdd.dll 04/08/2004 00:54 210ÿ432 mobsync.dll 04/08/2004 00:54 156ÿ160 modemui.dll 04/08/2004 00:54 39ÿ936 mf3216.dll 04/08/2004 00:54 384ÿ512 mp4sdmod.dll 04/08/2004 00:54 310ÿ272 mp43dmod.dll 04/08/2004 00:54 332ÿ800 ipnathlp.dll 04/08/2004 00:54 96ÿ768 inseng.dll 04/08/2004 00:54 126ÿ464 input.dll 04/08/2004 00:54 147ÿ456 initpki.dll 04/08/2004 00:54 355ÿ840 ippromon.dll 04/08/2004 00:54 16ÿ384 inetppui.dll 04/08/2004 00:54 75ÿ264 inetpp.dll 04/08/2004 00:54 33ÿ280 inetmib1.dll 04/08/2004 00:54 361ÿ472 ipsecsnp.dll 04/08/2004 00:54 678ÿ400 inetcomm.dll 04/08/2004 00:54 282ÿ624 inetcfg.dll 04/08/2004 00:54 110ÿ080 imm32.dll 04/08/2004 00:54 35ÿ840 imgutil.dll 04/08/2004 00:54 36ÿ921 imeshare.dll 04/08/2004 00:54 184ÿ320 ipsecsvc.dll 04/08/2004 00:54 388ÿ096 ipsmsnap.dll 04/08/2004 00:54 144ÿ384 imagehlp.dll 04/08/2004 00:54 81ÿ920 ils.dll 04/08/2004 00:54 59ÿ904 ipv6mon.dll 04/08/2004 00:54 86ÿ016 isign32.dll 04/08/2004 00:54 32ÿ768 isrdbg32.dll 04/08/2004 00:54 143ÿ872 itircl.dll 04/08/2004 00:54 134ÿ144 itss.dll 04/08/2004 00:54 294ÿ400 kerberos.dll 04/08/2004 00:54 1ÿ048ÿ576 kernel32.dll 04/08/2004 00:54 192ÿ000 iuengine.dll 04/08/2004 00:54 54ÿ784 ixsso.dll 04/08/2004 00:54 450ÿ560 jscript.dll 04/08/2004 00:54 157ÿ184 keymgr.dll 04/08/2004 00:54 15ÿ872 jsproxy.dll 04/08/2004 00:54 95ÿ744 iphlpapi.dll 04/08/2004 00:54 120ÿ320 mdminst.dll 04/08/2004 00:54 23ÿ552 mciwave.dll 04/08/2004 00:54 23ÿ040 mciseq.dll 04/08/2004 00:54 4ÿ096 ksuser.dll 04/08/2004 00:54 35ÿ328 mciqtz32.dll 04/08/2004 00:54 14ÿ848 mcastmib.dll 04/08/2004 00:54 85ÿ504 mciavi32.dll 04/08/2004 00:54 728ÿ576 lsasrv.dll 04/08/2004 00:54 10ÿ240 lprhelp.dll 04/08/2004 00:54 22ÿ016 lpk.dll 04/08/2004 00:54 11ÿ776 localui.dll 04/08/2004 00:54 344ÿ576 localspl.dll 04/08/2004 00:54 228ÿ352 localsec.dll 04/08/2004 00:54 100ÿ352 loadperf.dll 04/08/2004 00:54 399ÿ872 lmrt.dll 04/08/2004 00:54 424ÿ960 licdll.dll 04/08/2004 00:54 22ÿ528 licmgr10.dll 04/08/2004 00:54 58ÿ880 licwmi.dll 04/08/2004 00:54 13ÿ824 lmhsvc.dll 04/08/2004 00:54 18ÿ944 linkinfo.dll 04/08/2004 00:54 278ÿ016 gdi32.dll 04/08/2004 00:54 7ÿ168 hccoin.dll 04/08/2004 00:54 614ÿ912 h323msp.dll 04/08/2004 00:54 201ÿ216 gptext.dll 04/08/2004 00:54 38ÿ912 hhsetup.dll 04/08/2004 00:54 221ÿ696 ieaksie.dll 04/08/2004 00:54 11ÿ264 icaapi.dll 04/08/2004 00:54 80ÿ384 iccvid.dll 04/08/2004 00:54 577ÿ536 gpedit.dll 04/08/2004 00:54 323ÿ584 iedkcs32.dll 04/08/2004 00:54 123ÿ904 glu32.dll 04/08/2004 00:54 81ÿ920 ieencode.dll 04/08/2004 00:54 347ÿ648 hnetcfg.dll 04/08/2004 00:54 336ÿ384 hnetwiz.dll 04/08/2004 00:54 249ÿ344 iepeers.dll 04/08/2004 00:54 8ÿ192 igmpagnt.dll 04/08/2004 00:54 146ÿ944 hotplug.dll 04/08/2004 00:54 60ÿ416 fwcfg.dll 04/08/2004 00:54 142ÿ848 ifmon.dll 04/08/2004 00:54 253ÿ952 icm32.dll 04/08/2004 00:54 24ÿ576 httpapi.dll 04/08/2004 00:54 63ÿ488 iesetup.dll 04/08/2004 00:54 73ÿ728 icwdial.dll 04/08/2004 00:54 119ÿ808 iasrad.dll 04/08/2004 00:54 65ÿ536 icwphbk.dll 04/08/2004 00:54 49ÿ152 iernonce.dll 04/08/2004 00:54 352ÿ256 hypertrm.dll 04/08/2004 00:54 43ÿ008 htui.dll 04/08/2004 00:54 121ÿ856 idq.dll 04/08/2004 00:54 139ÿ264 ieakeng.dll 04/08/2004 00:54 16ÿ896 fltlib.dll 04/08/2004 00:54 88ÿ064 fldrclnr.dll 04/08/2004 00:54 348ÿ160 filemgmt.dll 04/08/2004 00:54 21ÿ504 feclient.dll 04/08/2004 00:54 23ÿ040 ersvc.dll 04/08/2004 00:54 76ÿ288 fdeploy.dll 04/08/2004 00:54 80ÿ896 faultrep.dll 04/08/2004 00:54 187ÿ392 els.dll 04/08/2004 00:54 55ÿ808 extmgr.dll 04/08/2004 00:54 380ÿ957 expsrv.dll 04/08/2004 00:54 20ÿ480 encapi.dll 04/08/2004 00:54 186ÿ368 encdec.dll 04/08/2004 00:54 55ÿ808 eventlog.dll 04/08/2004 00:54 1ÿ097ÿ728 esent.dll 04/08/2004 00:54 243ÿ200 es.dll 04/08/2004 00:54 386ÿ560 fontext.dll 04/08/2004 00:54 181ÿ248 dmime.dll 04/08/2004 00:54 213ÿ504 dpvoice.dll 04/08/2004 00:54 27ÿ136 ddrawex.dll 04/08/2004 00:54 116ÿ736 dpvvox.dll 04/08/2004 00:54 32ÿ768 csrsrv.dll 04/08/2004 00:54 77ÿ824 cliconfg.dll 04/08/2004 00:54 57ÿ856 dpwsockx.dll 04/08/2004 00:54 165ÿ376 dinput.dll 04/08/2004 00:54 21ÿ504 dpvacm.dll 04/08/2004 00:54 45ÿ568 dnsrslvr.dll 04/08/2004 00:54 501ÿ248 clbcatq.dll 04/08/2004 00:54 611ÿ328 comctl32.dll 04/08/2004 00:54 110ÿ080 clbcatex.dll 04/08/2004 00:54 266ÿ240 ddraw.dll 04/08/2004 00:54 57ÿ856 clusapi.dll 04/08/2004 00:54 8ÿ704 dciman32.dll 04/08/2004 00:54 59ÿ904 devenum.dll 04/08/2004 00:54 35ÿ840 dmloader.dll 04/08/2004 00:54 357ÿ888 dxtmsft.dll 04/08/2004 00:54 69ÿ120 ciodm.dll 04/08/2004 00:54 290ÿ816 devmgr.dll 04/08/2004 00:54 48ÿ640 docprop2.dll 04/08/2004 00:54 28ÿ672 dbnmpntw.dll 04/08/2004 00:54 14ÿ336 drprov.dll 04/08/2004 00:54 15ÿ872 cmcfg32.dll 04/08/2004 00:54 13ÿ824 cmsetACL.dll 04/08/2004 00:54 352ÿ256 cmdial32.dll 04/08/2004 00:54 191ÿ488 cmprops.dll 04/08/2004 00:54 110ÿ592 dbnetlib.dll 04/08/2004 00:54 24ÿ576 dbmsrpcn.dll 04/08/2004 00:54 82ÿ432 dmscript.dll 04/08/2004 00:54 281ÿ088 comdlg32.dll 04/08/2004 00:54 16ÿ384 ds32gt.dll 04/08/2004 00:54 39ÿ424 dfrgsnap.dll 04/08/2004 00:54 201ÿ728 dxtrans.dll 04/08/2004 00:54 187ÿ904 dinput8.dll 04/08/2004 00:54 24ÿ576 dmserver.dll 04/08/2004 00:54 105ÿ984 dmstyle.dll 04/08/2004 00:54 181ÿ760 dsdmo.dll 04/08/2004 00:54 39ÿ424 cfgbkend.dll 04/08/2004 00:54 2ÿ113ÿ536 dxdiagn.dll 04/08/2004 00:54 640ÿ000 dbghelp.dll 04/08/2004 00:54 1ÿ227ÿ264 dx8vb.dll 04/08/2004 00:54 72ÿ192 dsdmoprp.dll 04/08/2004 00:54 123ÿ904 dfrgui.dll 04/08/2004 00:54 253ÿ440 compatUI.dll 04/08/2004 00:54 93ÿ696 dskquota.dll 04/08/2004 00:54 103ÿ424 dmsynth.dll 04/08/2004 00:54 200ÿ704 dmdskmgr.dll 04/08/2004 00:54 25ÿ088 davclnt.dll 04/08/2004 00:54 55ÿ296 dataclen.dll 04/08/2004 00:54 104ÿ448 dmusic.dll 04/08/2004 00:54 60ÿ928 dpnhupnp.dll 04/08/2004 00:54 467ÿ968 certmgr.dll 04/08/2004 00:54 230ÿ912 compstui.dll 04/08/2004 00:54 27ÿ136 efsadu.dll 04/08/2004 00:54 1ÿ056ÿ256 danim.dll 04/08/2004 00:54 35ÿ328 dpnhpast.dll 04/08/2004 00:54 367ÿ616 dsound.dll 04/08/2004 00:54 52ÿ736 dssec.dll 04/08/2004 00:54 825ÿ344 d3dim700.dll 04/08/2004 00:54 148ÿ480 dnsapi.dll 04/08/2004 00:54 28ÿ672 dfsshlex.dll 04/08/2004 00:54 375ÿ296 dpnet.dll 04/08/2004 00:54 851ÿ968 comres.dll 04/08/2004 00:54 61ÿ440 dmcompos.dll 04/08/2004 00:54 1ÿ689ÿ088 d3d9.dll 04/08/2004 00:54 28ÿ672 dmband.dll 04/08/2004 00:54 24ÿ064 dpmodemx.dll 04/08/2004 00:54 62ÿ464 colbact.dll 04/08/2004 00:54 8ÿ192 d3d8thk.dll 04/08/2004 00:54 619ÿ008 dx7vb.dll 04/08/2004 00:54 115ÿ200 dgnet.dll 04/08/2004 00:54 1ÿ294ÿ336 dsound3d.dll 04/08/2004 00:54 229ÿ888 dplayx.dll 04/08/2004 00:54 1ÿ251ÿ840 comsvcs.dll 04/08/2004 00:54 145ÿ408 dsprop.dll 04/08/2004 00:54 540ÿ160 comuid.dll 04/08/2004 00:54 35ÿ328 corpol.dll 04/08/2004 00:54 165ÿ888 credui.dll 04/08/2004 00:54 604ÿ672 crypt32.dll 04/08/2004 00:54 1ÿ179ÿ648 d3d8.dll 04/08/2004 00:54 240ÿ640 dsquery.dll 04/08/2004 00:54 75ÿ776 cryptdlg.dll 04/08/2004 00:54 111ÿ616 dhcpcsvc.dll 04/08/2004 00:54 33ÿ280 cryptdll.dll 04/08/2004 00:54 54ÿ784 cryptext.dll 04/08/2004 00:54 63ÿ488 cryptnet.dll 04/08/2004 00:54 40ÿ960 cmutil.dll 04/08/2004 00:54 68ÿ608 digest.dll 04/08/2004 00:54 113ÿ664 dsuiext.dll 04/08/2004 00:54 60ÿ416 cryptsvc.dll 04/08/2004 00:54 530ÿ432 cryptui.dll 04/08/2004 00:54 102ÿ912 cscdll.dll 04/08/2004 00:54 337ÿ920 cscui.dll 04/08/2004 00:54 19ÿ456 dswave.dll 04/08/2004 00:54 499ÿ741 dxmasf.dll 04/08/2004 00:54 304ÿ128 duser.dll 04/08/2004 00:54 59ÿ904 cabinet.dll 04/08/2004 00:54 30ÿ208 bthserv.dll 04/08/2004 00:54 20ÿ992 bthci.dll 04/08/2004 00:54 85ÿ504 cabview.dll 04/08/2004 00:54 50ÿ688 camocx.dll 04/08/2004 00:54 229ÿ888 catsrv.dll 04/08/2004 00:54 78ÿ336 browsewm.dll 04/08/2004 00:54 1ÿ017ÿ344 browseui.dll 04/08/2004 00:54 77ÿ312 browser.dll 04/08/2004 00:54 7ÿ168 bitsprx3.dll 04/08/2004 00:54 61ÿ440 admparse.dll 04/08/2004 00:54 8ÿ192 bitsprx2.dll 04/08/2004 00:54 17ÿ408 bidispl.dll 04/08/2004 00:54 8ÿ704 batt.dll 04/08/2004 00:54 28ÿ672 batmeter.dll 04/08/2004 00:54 85ÿ504 catsrvps.dll 04/08/2004 00:54 175ÿ616 adsldp.dll 04/08/2004 00:54 52ÿ736 basesrv.dll 04/08/2004 00:54 85ÿ504 avifil32.dll 04/08/2004 00:54 56ÿ832 authz.dll 04/08/2004 00:54 628ÿ224 catsrvut.dll 04/08/2004 00:54 151ÿ552 cdfview.dll 04/08/2004 00:54 101ÿ888 actxprxy.dll 04/08/2004 00:54 66ÿ560 cdm.dll 04/08/2004 00:54 2ÿ067ÿ968 cdosys.dll 04/08/2004 00:54 42ÿ496 audiosrv.dll 04/08/2004 00:54 200ÿ192 certcli.dll 04/08/2004 00:54 30ÿ208 atmlib.dll 04/08/2004 00:54 58ÿ880 atl.dll 04/08/2004 00:54 126ÿ976 apphelp.dll 04/08/2004 00:54 100ÿ352 6to4svc.dll 04/08/2004 00:54 194ÿ048 activeds.dll 04/08/2004 00:54 143ÿ360 adsldpc.dll 04/08/2004 00:54 119ÿ296 aclui.dll 04/08/2004 00:54 176ÿ640 appmgmts.dll 04/08/2004 00:54 68ÿ096 adsmsext.dll 04/08/2004 00:54 263ÿ680 adsnt.dll 04/08/2004 00:54 65ÿ024 asycfilt.dll 04/08/2004 00:54 70ÿ656 amstream.dll 04/08/2004 00:54 685ÿ056 advapi32.dll 04/08/2004 00:54 17ÿ408 alrsvc.dll 04/08/2004 00:54 101ÿ888 advpack.dll 04/08/2004 00:54 302ÿ592 appmgr.dll 04/08/2004 00:54 50ÿ688 btpanui.dll 04/08/2004 00:54 733ÿ184 ntdll.dll 04/08/2004 00:54 2ÿ985ÿ984 wmploc.dll 04/08/2004 00:54 5ÿ632 wmi.dll 04/08/2004 00:54 200ÿ704 wmerror.dll 04/08/2004 00:54 938ÿ496 winbrand.dll 04/08/2004 00:54 773ÿ632 winntbbu.dll 04/08/2004 00:53 2ÿ986ÿ496 xpsp2res.dll 04/08/2004 00:53 197ÿ632 xpsp1res.dll 04/08/2004 00:53 86ÿ016 sl_anet.acm 04/08/2004 00:53 97ÿ280 dpcdll.dll 04/08/2004 00:53 572ÿ416 shdoclc.dll 04/08/2004 00:53 733ÿ696 qedwipes.dll 04/08/2004 00:53 445ÿ440 xpob2res.dll 04/08/2004 00:53 98ÿ304 odbcint.dll 04/08/2004 00:53 61ÿ712 odbcji32.dll 04/08/2004 00:53 12ÿ288 odbcp32r.dll 04/08/2004 00:53 24ÿ576 msorc32r.dll 04/08/2004 00:53 48ÿ128 msprivs.dll 04/08/2004 00:53 884ÿ736 msimsg.dll 04/08/2004 00:53 57ÿ344 mshtmler.dll 04/08/2004 00:53 177ÿ152 MSCTFIME.IME 04/08/2004 00:53 3ÿ584 msafd.dll 04/08/2004 00:53 14ÿ848 msadp32.acm 04/08/2004 00:53 12ÿ288 mscpx32r.dLL
  9. ng_lo
    premiere etape voici SmitFraudFix v2.59 Rapport fait à 14:48:14,26, 13/06/2006 Executé à partir de C:\Documents and Settings\ange\Bureau\SmitfraudFix\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 C:\WINDOWS\system32\erxbx.dll PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\ange\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ange\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{315f73fc-a7b1-49e6-a3c4-cc00cf8a3fdb}"="fossilage" [HKEY_CLASSES_ROOT\CLSID\{315f73fc-a7b1-49e6-a3c4-cc00cf8a3fdb}\InProcServer32] @="C:\WINDOWS\system32\erxbx.dll" [HKEY_CURRENT_USER\Software\Classes\CLSID\{315f73fc-a7b1-49e6-a3c4-cc00cf8a3fdb}\InProcServer32] @="C:\WINDOWS\system32\erxbx.dll" »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin
  10. ng_lo
    voila voila, Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est CC39-585D R‚pertoire de C:\ 13/06/2006 10:37 0 dirdat.txt 13/06/2006 10:30 2ÿ411ÿ724ÿ800 pagefile.sys 12/06/2006 22:49 1ÿ254 rapport.txt 12/06/2006 17:44 212 boot.ini 04/05/2006 14:07 0 CONFIG.SYS 04/05/2006 14:07 0 IO.SYS 04/05/2006 14:07 0 MSDOS.SYS 04/05/2006 14:07 0 AUTOEXEC.BAT 03/08/2004 22:59 251ÿ712 ntldr 03/08/2004 22:38 47ÿ564 NTDETECT.COM 28/08/2001 14:00 4ÿ952 Bootfont.bin 11 fichier(s) 2ÿ412ÿ030ÿ494 octets 0 R‚p(s) 18ÿ926ÿ567ÿ424 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est CC39-585D R‚pertoire de C:\WINDOWS\system32 13/06/2006 10:31 43ÿ573 nvapps.xml 13/06/2006 10:30 37ÿ248 OODBS.lor 12/06/2006 17:00 176ÿ128 erxbx.dll 12/06/2006 16:58 2 wintsvtr.exe 12/06/2006 16:58 13ÿ312 93900fed.exe 10/06/2006 20:49 2ÿ206 wpa.dbl 04/06/2006 16:31 34ÿ308 BASSMOD.dll 24/05/2006 13:21 3ÿ072 CONFIG.NT 04/05/2006 18:38 367ÿ658 perfh00C.dat 04/05/2006 18:38 48ÿ616 perfc00C.dat 04/05/2006 18:38 39ÿ992 perfc009.dat 04/05/2006 18:38 311ÿ604 perfh009.dat 04/05/2006 18:38 775ÿ210 PerfStringBackup.INI 04/05/2006 18:30 110ÿ192 FNTCACHE.DAT 04/05/2006 16:03 0 h323log.txt 04/05/2006 14:09 261 $winnt$.inf 04/05/2006 14:07 23ÿ392 nscompat.tlb 04/05/2006 14:07 16ÿ832 amcompat.tlb 04/05/2006 14:06 488 logonui.exe.manifest 04/05/2006 14:06 488 WindowsLogon.manifest 04/05/2006 14:06 749 cdplayer.exe.manifest 04/05/2006 14:06 749 nwc.cpl.manifest 04/05/2006 14:06 749 wuaucpl.cpl.manifest 04/05/2006 14:06 749 ncpa.cpl.manifest 04/05/2006 14:06 749 sapi.cpl.manifest 04/05/2006 14:05 21ÿ892 emptyregdb.dat 27/04/2006 17:49 288ÿ417 SrchSTS.exe 22/04/2006 17:22 60ÿ200 sirenacm.dll 09/03/2006 17:59 180ÿ224 NVUninst.exe 09/03/2006 15:29 180ÿ224 nvudisp.exe 31/01/2006 14:35 91ÿ904 S32EVNT1.DLL 09/01/2006 10:36 40ÿ960 swsc.exe 09/01/2006 10:36 42ÿ496 swreg.exe
  11. ng_lo
    oki je vous ai envoyé le lien merci ! voila, merci encore
  12. ng_lo
    bonjour, j'ai le même soucis que beaucoup de monde je vous envoye donc les resultats des scripts : SmitfraudFix: ___________ SmitFraudFix v2.59 Rapport fait à 21:06:39,75, 12/06/2006 Executé à partir de C:\Documents and Settings\ange\Bureau\SmitfraudFix\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\ange\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ange\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{315f73fc-a7b1-49e6-a3c4-cc00cf8a3fdb}"="fossilage" [HKEY_CLASSES_ROOT\CLSID\{315f73fc-a7b1-49e6-a3c4-cc00cf8a3fdb}\InProcServer32] @="C:\WINDOWS\system32\erxbx.dll" [HKEY_CURRENT_USER\Software\Classes\CLSID\{315f73fc-a7b1-49e6-a3c4-cc00cf8a3fdb}\InProcServer32] @="C:\WINDOWS\system32\erxbx.dll" »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin et HijackThis : ___________ Logfile of HijackThis v1.99.1 Scan saved at 21:07:11, on 12/06/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\POP Peeper\POPPeeper.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\SecuritySuite.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\ange\Bureau\hijackthis\HijackThis.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {2D38A51A-23C9-48a1-A33C-48675AA2B494} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [unlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [POP Peeper] "C:\Program Files\POP Peeper\POPPeeper.exe" -min O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.flingstone.com O15 - Trusted Zone: *.i-lookup.com O15 - Trusted Zone: *.offshoreclicks.com O15 - Trusted Zone: *.teensguru.com O15 - Trusted Zone: *.xxxtoolbar.com O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123 O17 - HKLM\System\CCS\Services\Tcpip\..\{88A19066-D480-4B0A-B860-725B7AC463B5}: NameServer = 192.168.0.1 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: O20 - Winlogon Notify: winuns32 - winuns32.dll (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe merci pour votre aide !!!
  13. ng_lo
    bonjour, j'ai le même soucis je vous envoye donc les resultats des scripts : SmitfraudFix: ___________ SmitFraudFix v2.59 Rapport fait à 21:06:39,75, 12/06/2006 Executé à partir de C:\Documents and Settings\ange\Bureau\SmitfraudFix\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\ange\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ange\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{315f73fc-a7b1-49e6-a3c4-cc00cf8a3fdb}"="fossilage" [HKEY_CLASSES_ROOT\CLSID\{315f73fc-a7b1-49e6-a3c4-cc00cf8a3fdb}\InProcServer32] @="C:\WINDOWS\system32\erxbx.dll" [HKEY_CURRENT_USER\Software\Classes\CLSID\{315f73fc-a7b1-49e6-a3c4-cc00cf8a3fdb}\InProcServer32] @="C:\WINDOWS\system32\erxbx.dll" »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin et HijackThis : ___________ Logfile of HijackThis v1.99.1 Scan saved at 21:07:11, on 12/06/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\POP Peeper\POPPeeper.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\SecuritySuite.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\ange\Bureau\hijackthis\HijackThis.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {2D38A51A-23C9-48a1-A33C-48675AA2B494} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [unlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [POP Peeper] "C:\Program Files\POP Peeper\POPPeeper.exe" -min O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.flingstone.com O15 - Trusted Zone: *.i-lookup.com O15 - Trusted Zone: *.offshoreclicks.com O15 - Trusted Zone: *.teensguru.com O15 - Trusted Zone: *.xxxtoolbar.com O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123 O17 - HKLM\System\CCS\Services\Tcpip\..\{88A19066-D480-4B0A-B860-725B7AC463B5}: NameServer = 192.168.0.1 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: O20 - Winlogon Notify: winuns32 - winuns32.dll (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe merci pour votre aide !!!
×
×
  • Créer...