Aller au contenu

lili80

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    33

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par lili80

  1. lili80
    voilà le rapport de combofix : ComboFix 08-09-14.02 - Administrateur 2008-09-16 14:57:17.4 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.601 [GMT 2:00] Lancé depuis: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\Administrateur\Bureau\CFScript.txt * Un nouveau point de restauration a été créé AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\0006662F C:\0006662F\000667D4 C:\WINDOWS\system32\tmpzydf1.exe C:\WINDOWS\system32\tmpzydf4.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_FTP -------\Service_FTP ((((((((((((((((((((((((((((( Fichiers cr‚‚s du 2008-08-16 au 2008-09-16 )))))))))))))))))))))))))))))))))))) . 2008-09-16 09:12 . 2008-09-16 09:12 44,484,547 --a------ C:\QooBox.zip 2008-09-15 09:02 . 2008-09-15 09:02 <REP> d-------- C:\WINDOWS\system32\CatRoot_bak 2008-09-15 09:00 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys 2008-09-15 09:00 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\dllcache\bthport.sys 2008-09-15 08:59 . 2008-04-11 20:51 683,520 --------- C:\WINDOWS\system32\dllcache\inetcomm.dll 2008-09-15 08:59 . 2008-05-01 16:31 331,776 --------- C:\WINDOWS\system32\dllcache\msadce.dll 2008-09-15 08:59 . 2008-05-08 14:28 202,752 --------- C:\WINDOWS\system32\dllcache\rmcast.sys 2008-09-15 08:58 . 2008-09-15 15:33 <REP> d--h----- C:\WINDOWS\$hf_mig$ 2008-09-15 08:58 . 2005-02-25 05:35 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-16 12:56 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Skype 2008-09-16 07:09 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\skypePM 2008-09-16 07:09 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\AVG7 2002-09-10 11:31 1,900 ----a-w C:\Documents and Settings\Administrateur\ntuser.com . ((((((((((((((((((((((((((((( snapshot@2008-09-14_ 9.14.54.48 ))))))))))))))))))))))))))))))))))))))))) . - 2002-09-09 11:50:24 1,257,472 ----a-w C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll + 2008-09-15 13:33:01 1,265,664 ----a-w C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll - 2002-09-09 11:50:24 1,224,704 ----a-w C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll + 2008-09-15 13:33:02 1,232,896 ----a-w C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll + 2008-09-15 13:33:09 61,440 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_41571c21\CustomMarshalers.dll + 2008-09-15 13:33:29 3,391,488 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_e9598642\mscorlib.dll + 2008-09-15 13:33:24 1,466,368 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_b7d0e0c6\System.Design.dll + 2008-09-15 13:33:10 90,112 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_c3161983\System.Drawing.Design.dll + 2008-09-15 13:33:26 835,584 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_9572348f\System.Drawing.dll + 2008-09-15 13:33:15 3,018,752 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_4be74967\System.Windows.Forms.dll + 2008-09-15 13:33:21 2,088,960 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_b5ab9a23\System.Xml.dll + 2008-09-15 13:33:08 1,966,080 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_d7e410b7\System.dll + 2008-06-14 17:59:52 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys - 2004-07-14 23:49:16 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll + 2007-04-13 19:30:52 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll - 2004-07-14 23:49:22 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe + 2007-04-13 19:30:52 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe - 2004-07-14 22:32:22 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll + 2007-04-13 18:57:52 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll - 2003-02-20 17:09:14 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll + 2007-04-13 18:57:58 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll - 2004-07-14 22:25:06 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll + 2007-04-13 18:56:30 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll - 2004-07-14 22:33:04 102,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll + 2007-04-13 18:58:00 102,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll - 2004-07-15 12:29:02 2,138,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll + 2007-04-13 18:50:46 2,142,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll - 2003-02-20 17:09:18 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll + 2007-04-13 18:58:02 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll - 2004-07-14 22:26:52 2,510,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll + 2007-04-13 18:57:00 2,523,136 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll - 2004-07-14 22:28:34 2,502,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll + 2007-04-13 18:57:28 2,514,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll - 2004-06-22 11:52:22 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe + 2007-01-15 14:11:26 73,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe + 2004-07-14 23:49:16 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1544\_aspnet_isapi.dll + 2004-07-14 22:32:22 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1544\_CORPerfMonExt.dll + 2004-07-14 22:24:30 282,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1544\_fusion.dll + 2004-07-14 22:25:06 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1544\_mscorjit.dll + 2004-07-15 12:29:02 2,138,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1544\_mscorlib.dll + 2003-02-20 17:09:18 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1544\_mscorsn.dll + 2004-07-14 22:26:52 2,510,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1544\_mscorsvr.dll + 2004-07-14 22:28:34 2,502,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1544\_mscorwks.dll + 2003-02-21 02:42:22 348,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1544\_msvcr71.dll + 2004-07-14 22:34:50 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1544\_PerfCounter.dll - 2004-07-15 12:31:16 1,224,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.dll + 2007-04-13 19:35:38 1,232,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.dll - 2004-07-15 12:29:00 1,257,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.dll + 2007-04-13 19:35:46 1,265,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.dll - 2004-08-04 07:54:22 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll + 2006-08-16 11:59:27 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll - 2004-08-04 07:54:22 1,017,344 ----a-w C:\WINDOWS\system32\browseui.dll + 2008-06-23 15:39:58 1,024,000 ----a-w C:\WINDOWS\system32\browseui.dll - 2004-08-04 07:54:22 151,552 ----a-w C:\WINDOWS\system32\cdfview.dll + 2008-06-23 15:39:58 152,064 ----a-w C:\WINDOWS\system32\cdfview.dll - 2004-08-04 07:54:24 1,056,256 ----a-w C:\WINDOWS\system32\danim.dll + 2008-06-23 15:39:59 1,056,768 ----a-w C:\WINDOWS\system32\danim.dll + 2006-08-16 11:59:27 100,352 ------w C:\WINDOWS\system32\dllcache\6to4svc.dll + 2008-06-20 10:44:38 138,368 ------w C:\WINDOWS\system32\dllcache\afd.sys + 2008-06-23 15:39:58 1,024,000 ------w C:\WINDOWS\system32\dllcache\browseui.dll + 2008-06-23 15:39:58 152,064 ------w C:\WINDOWS\system32\dllcache\cdfview.dll + 2008-06-23 15:39:59 1,056,768 ------w C:\WINDOWS\system32\dllcache\danim.dll + 2008-03-25 04:50:25 554,008 ------w C:\WINDOWS\system32\dllcache\dao360.dll + 2008-06-20 17:41:06 148,992 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll + 2008-06-23 15:40:00 357,888 ------w C:\WINDOWS\system32\dllcache\dxtmsft.dll + 2008-06-23 15:40:00 205,312 ------w C:\WINDOWS\system32\dllcache\dxtrans.dll + 2008-07-07 20:31:48 253,952 ------w C:\WINDOWS\system32\dllcache\es.dll + 2008-06-23 15:40:00 55,808 ------w C:\WINDOWS\system32\dllcache\extmgr.dll + 2008-06-23 09:49:29 18,432 ------w C:\WINDOWS\system32\dllcache\iedw.exe + 2008-06-23 15:40:00 251,392 ------w C:\WINDOWS\system32\dllcache\iepeers.dll + 2008-06-23 15:40:00 96,768 ------w C:\WINDOWS\system32\dllcache\inseng.dll + 2007-12-18 14:41:58 450,560 ------w C:\WINDOWS\system32\dllcache\jscript.dll + 2008-06-23 15:40:00 16,384 ------w C:\WINDOWS\system32\dllcache\jsproxy.dll + 2008-06-24 16:23:56 74,240 ------w C:\WINDOWS\system32\dllcache\mscms.dll + 2008-03-25 04:50:28 518,944 ------w C:\WINDOWS\system32\dllcache\msexch40.dll + 2008-03-25 04:50:30 326,432 ------w C:\WINDOWS\system32\dllcache\msexcl40.dll + 2008-06-23 15:40:02 3,080,704 ------w C:\WINDOWS\system32\dllcache\mshtml.dll + 2008-06-23 15:40:03 449,024 ------w C:\WINDOWS\system32\dllcache\mshtmled.dll + 2008-03-25 04:50:34 1,516,568 ------w C:\WINDOWS\system32\dllcache\msjet40.dll + 2008-03-25 04:50:40 355,112 ------w C:\WINDOWS\system32\dllcache\msjetol1.dll + 2008-03-25 04:51:08 194,144 ------w C:\WINDOWS\system32\dllcache\msjint40.dll + 2008-03-25 04:50:42 60,192 ------w C:\WINDOWS\system32\dllcache\msjter40.dll + 2008-03-25 04:50:42 248,608 ------w C:\WINDOWS\system32\dllcache\msjtes40.dll + 2008-03-25 04:50:44 219,936 ------w C:\WINDOWS\system32\dllcache\msltus40.dll + 2008-03-25 04:50:45 355,104 ------w C:\WINDOWS\system32\dllcache\mspbde40.dll + 2008-06-23 15:40:03 146,432 ------w C:\WINDOWS\system32\dllcache\msrating.dll + 2008-03-25 04:50:47 432,928 ------w C:\WINDOWS\system32\dllcache\msrd2x40.dll + 2008-03-25 04:50:49 322,336 ------w C:\WINDOWS\system32\dllcache\msrd3x40.dll + 2008-03-25 04:50:52 559,904 ------w C:\WINDOWS\system32\dllcache\msrepl40.dll + 2008-03-25 04:50:55 264,992 ------w C:\WINDOWS\system32\dllcache\mstext40.dll + 2008-06-23 15:40:04 532,480 ------w C:\WINDOWS\system32\dllcache\mstime.dll + 2008-03-25 04:50:57 838,432 ------w C:\WINDOWS\system32\dllcache\mswdat10.dll + 2008-06-20 17:41:06 247,808 ------w C:\WINDOWS\system32\dllcache\mswsock.dll + 2008-03-25 04:51:09 621,344 ------w C:\WINDOWS\system32\dllcache\mswstr10.dll + 2008-03-25 04:50:58 355,104 ------w C:\WINDOWS\system32\dllcache\msxbde40.dll + 2008-06-23 15:40:04 39,424 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll + 2008-05-07 05:15:36 1,293,824 ------w C:\WINDOWS\system32\dllcache\quartz.dll + 2008-06-23 15:40:05 1,495,040 ------w C:\WINDOWS\system32\dllcache\shdocvw.dll + 2008-06-23 15:40:06 474,624 ------w C:\WINDOWS\system32\dllcache\shlwapi.dll + 2008-06-20 10:45:13 360,320 ------w C:\WINDOWS\system32\dllcache\tcpip.sys + 2008-06-20 09:52:06 225,920 ------w C:\WINDOWS\system32\dllcache\tcpip6.sys + 2008-06-23 15:40:06 617,984 ------w C:\WINDOWS\system32\dllcache\urlmon.dll + 2007-12-18 14:41:59 417,792 ------w C:\WINDOWS\system32\dllcache\vbscript.dll + 2008-06-23 15:40:08 663,552 ------w C:\WINDOWS\system32\dllcache\wininet.dll - 2004-08-04 07:54:24 148,480 ----a-w C:\WINDOWS\system32\dnsapi.dll + 2008-06-20 17:41:06 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll - 2004-08-04 06:14:16 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys + 2008-06-20 10:44:38 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys - 2008-09-14 06:10:05 4,224 ----a-w C:\WINDOWS\system32\drivers\beep.sys + 2002-09-13 06:41:11 4,224 ----a-w C:\WINDOWS\system32\drivers\beep.sys - 2001-08-18 04:52:26 200,064 ----a-w C:\WINDOWS\system32\drivers\RMCast.sys + 2008-05-08 12:28:49 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys - 2004-08-04 06:14:42 359,040 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys + 2008-06-20 10:45:13 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys + 2008-06-20 10:45:13 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys.do - 2004-08-04 06:07:46 223,616 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys + 2008-06-20 09:52:06 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys - 2004-08-04 07:54:24 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll + 2008-06-23 15:40:00 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll - 2004-08-04 07:54:24 201,728 ----a-w C:\WINDOWS\system32\dxtrans.dll + 2008-06-23 15:40:00 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll - 2004-08-04 07:54:26 243,200 ----a-w C:\WINDOWS\system32\es.dll + 2008-07-07 20:31:48 253,952 ----a-w C:\WINDOWS\system32\es.dll - 2004-08-04 07:54:26 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll + 2008-06-23 15:40:00 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll - 2004-08-04 07:54:28 249,344 ----a-w C:\WINDOWS\system32\iepeers.dll + 2008-06-23 15:40:00 251,392 ----a-w C:\WINDOWS\system32\iepeers.dll - 2004-08-04 07:54:30 678,400 ----a-w C:\WINDOWS\system32\inetcomm.dll + 2008-04-11 18:51:06 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll - 2004-08-04 07:54:30 96,768 ----a-w C:\WINDOWS\system32\inseng.dll + 2008-06-23 15:40:00 96,768 ----a-w C:\WINDOWS\system32\inseng.dll - 2004-08-04 07:54:30 450,560 ----a-w C:\WINDOWS\system32\jscript.dll + 2007-12-18 14:41:58 450,560 ----a-w C:\WINDOWS\system32\jscript.dll - 2004-08-04 07:54:30 15,872 ----a-w C:\WINDOWS\system32\jsproxy.dll + 2008-06-23 15:40:00 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll - 2004-08-04 07:54:34 73,728 ----a-w C:\WINDOWS\system32\mscms.dll + 2008-06-24 16:23:56 74,240 ----a-w C:\WINDOWS\system32\mscms.dll - 2004-07-14 22:24:50 155,648 ----a-w C:\WINDOWS\system32\mscoree.dll + 2006-12-22 10:28:14 271,360 ----a-w C:\WINDOWS\system32\mscoree.dll - 2004-08-04 07:54:34 512,029 ----a-w C:\WINDOWS\system32\msexch40.dll + 2008-03-25 04:50:28 518,944 ----a-w C:\WINDOWS\system32\msexch40.dll - 2004-08-04 07:54:34 319,517 ----a-w C:\WINDOWS\system32\msexcl40.dll + 2008-03-25 04:50:30 326,432 ----a-w C:\WINDOWS\system32\msexcl40.dll - 2004-08-04 07:54:34 3,003,392 ----a-w C:\WINDOWS\system32\mshtml.dll + 2008-06-23 15:40:02 3,080,704 ----a-w C:\WINDOWS\system32\mshtml.dll - 2004-08-04 07:54:34 448,512 ----a-w C:\WINDOWS\system32\mshtmled.dll + 2008-06-23 15:40:03 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll - 2004-08-04 07:54:34 1,507,356 ----a-w C:\WINDOWS\system32\msjet40.dll + 2008-03-25 04:50:34 1,516,568 ----a-w C:\WINDOWS\system32\msjet40.dll - 2004-08-05 09:00:00 358,976 ----a-w C:\WINDOWS\system32\msjetoledb40.dll + 2008-03-25 04:50:40 355,112 ----a-w C:\WINDOWS\system32\msjetoledb40.dll - 2004-08-04 07:54:34 184,351 ----a-w C:\WINDOWS\system32\msjint40.dll + 2008-03-25 04:51:08 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll - 2004-08-04 07:54:34 53,279 ----a-w C:\WINDOWS\system32\msjter40.dll + 2008-03-25 04:50:42 60,192 ----a-w C:\WINDOWS\system32\msjter40.dll - 2004-08-04 07:54:34 241,693 ----a-w C:\WINDOWS\system32\msjtes40.dll + 2008-03-25 04:50:42 248,608 ----a-w C:\WINDOWS\system32\msjtes40.dll - 2004-08-04 07:54:34 213,023 ----a-w C:\WINDOWS\system32\msltus40.dll + 2008-03-25 04:50:44 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll - 2004-08-04 07:54:34 348,189 ----a-w C:\WINDOWS\system32\mspbde40.dll + 2008-03-25 04:50:45 355,104 ----a-w C:\WINDOWS\system32\mspbde40.dll - 2004-08-04 07:54:36 146,432 ----a-w C:\WINDOWS\system32\msrating.dll + 2008-06-23 15:40:03 146,432 ----a-w C:\WINDOWS\system32\msrating.dll - 2004-08-04 07:54:36 421,919 ----a-w C:\WINDOWS\system32\msrd2x40.dll + 2008-03-25 04:50:47 432,928 ----a-w C:\WINDOWS\system32\msrd2x40.dll - 2004-08-04 07:54:36 315,423 ----a-w C:\WINDOWS\system32\msrd3x40.dll + 2008-03-25 04:50:49 322,336 ----a-w C:\WINDOWS\system32\msrd3x40.dll - 2004-08-04 07:54:36 552,989 ----a-w C:\WINDOWS\system32\msrepl40.dll + 2008-03-25 04:50:52 559,904 ----a-w C:\WINDOWS\system32\msrepl40.dll - 2004-08-04 07:54:36 258,077 ----a-w C:\WINDOWS\system32\mstext40.dll + 2008-03-25 04:50:55 264,992 ----a-w C:\WINDOWS\system32\mstext40.dll - 2004-08-04 07:54:36 530,432 ----a-w C:\WINDOWS\system32\mstime.dll + 2008-06-23 15:40:04 532,480 ----a-w C:\WINDOWS\system32\mstime.dll - 2004-08-04 07:54:36 831,519 ----a-w C:\WINDOWS\system32\mswdat10.dll + 2008-03-25 04:50:57 838,432 ----a-w C:\WINDOWS\system32\mswdat10.dll - 2004-08-04 07:54:36 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll + 2008-06-20 17:41:06 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll - 2004-08-04 07:54:36 614,429 ----a-w C:\WINDOWS\system32\mswstr10.dll + 2008-03-25 04:51:09 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll - 2004-08-04 07:54:36 348,189 ----a-w C:\WINDOWS\system32\msxbde40.dll + 2008-03-25 04:50:58 355,104 ----a-w C:\WINDOWS\system32\msxbde40.dll + 2006-12-22 11:02:36 6,144 ----a-w C:\WINDOWS\system32\mui\0409\mscorees.dll - 2004-08-04 07:54:38 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll + 2008-06-23 15:40:04 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll - 2004-08-04 07:54:38 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll + 2008-05-07 05:15:36 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll - 2004-08-04 07:54:40 1,483,776 ----a-w C:\WINDOWS\system32\shdocvw.dll + 2008-06-23 15:40:05 1,495,040 ----a-w C:\WINDOWS\system32\shdocvw.dll - 2004-08-04 07:54:40 474,112 ----a-w C:\WINDOWS\system32\shlwapi.dll + 2008-06-23 15:40:06 474,624 ----a-w C:\WINDOWS\system32\shlwapi.dll - 2004-07-28 23:15:09 8,192 ----a-w C:\WINDOWS\system32\spmsg.dll + 2007-11-30 11:19:06 18,296 ------w C:\WINDOWS\system32\spmsg.dll + 2008-07-14 11:09:18 62,976 ------w C:\WINDOWS\system32\tzchange.exe - 2004-08-04 07:54:44 603,136 ----a-w C:\WINDOWS\system32\urlmon.dll + 2008-06-23 15:40:06 617,984 ----a-w C:\WINDOWS\system32\urlmon.dll - 2004-08-04 07:54:44 417,792 ----a-w C:\WINDOWS\system32\vbscript.dll + 2007-12-18 14:41:59 417,792 ----a-w C:\WINDOWS\system32\vbscript.dll - 2004-08-04 07:54:46 660,480 ----a-w C:\WINDOWS\system32\wininet.dll + 2008-06-23 15:40:08 663,552 ----a-w C:\WINDOWS\system32\wininet.dll + 2008-07-03 09:42:35 370,176 ------w C:\WINDOWS\system32\xpsp3res.dll + 2008-04-15 17:56:59 1,724,416 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\GdiPlus.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-08-12 21741864] "Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2007-08-30 4670704] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2002-09-10 171448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-09-30 155648] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-09-30 126976] "Smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [2003-07-30 143360] "SetRefresh"="C:\Program Files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2002-09-09 358447] "Funshion"="C:\Program Files\Funshion Online\Funshion\Funshion.exe" [2008-08-22 2695168] "MAKTray"="MAKTray.exe" [2004-08-27 C:\WINDOWS\MAKTray.exe] "LayoutM"="KLayMgr.exe" [2004-08-16 C:\WINDOWS\KLayMgr.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 15360] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2002-09-09 77870] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"= "C:\\Program Files\\Funshion Online\\Funshion\\Funshion.exe"= "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-16 14:59:55 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cach‚s ... Recherche d'‚l‚ments en d‚marrage automatique cach‚s ... Recherche de fichiers cach‚s ... Scan termin‚ avec succŠs Fichiers cach‚s: 0 ************************************************************************** . ------------------------ Autres processus actifs ------------------------ . C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\wscntfy.exe C:\PROGRA~1\Yahoo!\MESSEN~1\Ymsgr_tray.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe . ************************************************************************** . Heure de fin: 2008-09-16 15:01:08 - La machine a red‚marr‚ ComboFix-quarantined-files.txt 2008-09-16 13:01:05 ComboFix2.txt 2008-09-15 13:24:54 ComboFix3.txt 2008-09-15 07:23:35 ComboFix4.txt 2008-09-14 07:15:30 Avant-CF: 71,288,111,104 octets libres AprŠs-CF: 72,301,830,144 octets libres 302 --- E O F --- 2008-09-15 13:33:38
  2. lili80
    C'est moi qui te remercie, je vais continuer à suivre les étapes, le débit est faible depuis un petit moment ça n'est pas lié à l'infection.
  3. lili80
    Bonjour ; voilà le rapport de combofix : ComboFix 08-09-14.02 - Administrateur 2008-09-15 15:21:02.3 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.564 [GMT 2:00] Lancé depuis: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\Administrateur\Bureau\CFScript.txt * Un nouveau point de restauration a été créé AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\00050D94 C:\00050D94\00052998 C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\__fdkfjfjgjitijk C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\_inifid C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\_inifiletime3 C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\_inimac C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\_loaderfiletime2 C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\testmusic0 C:\Documents and Settings\All Users\Application Data\Microsoft\Media Player\obj\wmpobj.sys C:\Documents and Settings\All Users\Application Data\microsoft\office\userdata C:\Documents and Settings\All Users\Application Data\microsoft\office\userdata\_keepfile C:\Documents and Settings\All Users\Application Data\microsoft\office\userdata\jjrV8ldSDq.dll C:\Documents and Settings\All Users\zyndf16.ini C:\WINDOWS\cmmon32.exe C:\WINDOWS\system\zyndld32080913.dll C:\WINDOWS\system\zyndld32080913jt.dll C:\WINDOWS\system\zyndle080913.exe C:\WINDOWS\system32\aotoppt.dll C:\WINDOWS\system32\axbyqp.exe C:\WINDOWS\system32\bzpcax.tmp C:\WINDOWS\system32\caxyop.exe C:\WINDOWS\system32\dbeaf7d.sys C:\WINDOWS\system32\DBEAF7DC.dll C:\WINDOWS\system32\drivers\BFDDOS.sys C:\WINDOWS\system32\DRIVERS\HBKernel32.sys C:\WINDOWS\system32\HBJXSJ.dll C:\WINDOWS\system32\nwapi32dj.dll C:\WINDOWS\system32\pqaxbo.tmp C:\WINDOWS\system32\qabop.tmp C:\WINDOWS\system32\qaxboq.tmp C:\WINDOWS\system32\qcabyo.tmp C:\WINDOWS\system32\qprxyb.ini C:\WINDOWS\system32\sslsocket.dll C:\WINDOWS\system32\tmpzydf0.exe C:\WINDOWS\system32\twainyy.dll C:\WINDOWS\system32\vmdetdhc.exe C:\WINDOWS\system32\wtsapi32yt2.dll C:\WINDOWS\system32\xboqpx.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_DBEAF7D -------\Legacy_HBKERNEL32 -------\Legacy_PQAXBO -------\Legacy_QABOP -------\Legacy_QCABYO -------\Legacy_SDA -------\Legacy_WMPOBJ -------\Service_bzpcax -------\Service_dbeaf7d -------\Service_HBKernel32 -------\Service_pqaxbo -------\Service_qabop -------\Service_qaxboq -------\Service_qcabyo -------\Service_sda -------\Service_wmpobj ((((((((((((((((((((((((((((( Fichiers cr‚‚s du 2008-08-15 au 2008-09-15 )))))))))))))))))))))))))))))))))))) . 2008-09-15 15:19 . 2004-08-04 09:54 400,896 --a------ C:\WINDOWS\system32\tmpzydf1.exe 2008-09-15 10:08 . 2004-08-04 09:54 400,896 --a------ C:\WINDOWS\system32\tmpzydf4.exe 2008-09-15 09:02 . 2008-09-15 09:02 <REP> d-------- C:\WINDOWS\system32\CatRoot_bak 2008-09-15 08:58 . 2008-09-15 09:00 <REP> d--h----- C:\WINDOWS\$hf_mig$ 2008-09-15 08:58 . 2005-02-25 05:35 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-15 13:03 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Skype 2008-09-15 07:28 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\AVG7 2008-09-15 06:57 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\skypePM 2002-09-10 11:31 1,900 ----a-w C:\Documents and Settings\Administrateur\ntuser.com . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- Directory of C:\Documents and Settings\All Users\Application Data\Microsoft\Media Player\obj ---- 2008-09-11 06:18 162180 --a------ C:\Documents and Settings\All Users\Application Data\Microsoft\Media Player\obj\wmpobj.sys ------- Sigcheck ------- 2008-06-20 12:45 360320 2a5554fc5b1e04e131230e3ce035c3f9 C:\WINDOWS\SoftwareDistribution\Download\7b6e084e897a416dad6204fec54d1e00\sp2gdr\tcpip.sys 2008-06-20 12:44 360960 744e57c99232201ae98c49168b918f48 C:\WINDOWS\SoftwareDistribution\Download\7b6e084e897a416dad6204fec54d1e00\sp2qfe\tcpip.sys 2008-06-20 13:51 361600 9aefa14bd6b182d61e3119fa5f436d3d C:\WINDOWS\SoftwareDistribution\Download\7b6e084e897a416dad6204fec54d1e00\sp3gdr\tcpip.sys 2008-06-20 13:59 361600 ad978a1b783b5719720cff204b666c8e C:\WINDOWS\SoftwareDistribution\Download\7b6e084e897a416dad6204fec54d1e00\sp3qfe\tcpip.sys 2004-08-03 23:14 359040 9f4b36614a0fc234525ba224957de55c C:\WINDOWS\SoftwareDistribution\Download\be077a0a5c65554c0fa221a5c8a0529b\backup\tcpip.sys 2004-08-04 08:14 359040 3bb4b08619c111c7be8bda07aa0de6a2 C:\WINDOWS\system32\drivers\tcpip.sys . ((((((((((((((((((((((((((((( snapshot@2008-09-14_ 9.14.54.48 ))))))))))))))))))))))))))))))))))))))))) . + 2008-09-15 07:07:10 15,622 ----a-w C:\WINDOWS\SoftwareDistribution\EventCache\{93AACB04-3F02-4047-89B2-C9B44CEBEC11}.bin - 2008-09-14 06:10:05 4,224 ----a-w C:\WINDOWS\system32\drivers\beep.sys + 2002-09-13 06:41:11 4,224 ----a-w C:\WINDOWS\system32\drivers\beep.sys - 2004-07-28 23:15:09 8,192 ----a-w C:\WINDOWS\system32\spmsg.dll + 2005-02-25 03:35:24 15,072 ------w C:\WINDOWS\system32\spmsg.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-08-12 21741864] "Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2007-08-30 4670704] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2002-09-10 171448] "MINIFLASHGET"="C:\Program Files\FlashGet Network\FlashGet Mini\FlashGetMini.exe" [bU] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-09-30 155648] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-09-30 126976] "Smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [2003-07-30 143360] "SetRefresh"="C:\Program Files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2002-09-09 358447] "Funshion"="C:\Program Files\Funshion Online\Funshion\Funshion.exe" [2008-08-22 2695168] "MINIFLASHGET"="C:\Program Files\FlashGet Network\FlashGet Mini\FlashGetMini.exe" [bU] "MAKTray"="MAKTray.exe" [2004-08-27 C:\WINDOWS\MAKTray.exe] "LayoutM"="KLayMgr.exe" [2004-08-16 C:\WINDOWS\KLayMgr.exe] "HBService32"="System.exe" [bU] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 15360] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2002-09-09 77870] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"= "C:\\Program Files\\Funshion Online\\Funshion\\Funshion.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= S2 FTP;FTP Protocol Driver;C:\WINDOWS\system32\drivers\BFDDOS.sys [ ] S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] . - - - - ORPHELINS SUPPRIMES - - - - HKLM-Run-vmdetdhc.exe - C:\WINDOWS\system32\vmdetdhc.exe ShellExecuteHooks-{434FA69C-5F0A-42e1-82B8-10AF2C8E53C6} - C:\WINDOWS\system32\twainyy.dll ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-15 15:23:36 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cach‚s ... Recherche d'‚l‚ments en d‚marrage automatique cach‚s ... Recherche de fichiers cach‚s ... Scan termin‚ avec succŠs Fichiers cach‚s: 0 ************************************************************************** . ------------------------ Autres processus actifs ------------------------ . C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\MAKHkey.exe C:\PROGRA~1\Yahoo!\MESSEN~1\Ymsgr_tray.exe . ************************************************************************** . Heure de fin: 2008-09-15 15:24:53 - La machine a red‚marr‚ [Administrateur] ComboFix-quarantined-files.txt 2008-09-15 13:24:51 ComboFix2.txt 2008-09-15 07:23:35 ComboFix3.txt 2008-09-14 07:15:30 Avant-CF: 72,579,993,600 octets libres AprŠs-CF: 72,574,070,784 octets libres 165 --- E O F --- 2008-09-15 06:58:21 Pour le Qoobox.zip, le upload n'est pas encore terminé (le débit de ma connexion est affreusement bas), dès que ça sera fait, je te l'enverrai par mp, et je procèderai au scan en ligne. Merci.
  4. lili80
    bonjour ; j'ai commencé à suivre les étapes mais j'ai problème au niveau de l'étape 1, j'ai téléchargé le fichier, je l'ai fait glisser, juste après, combofix démarre et me signale l'erreur suivante : étiez vous en train d'éxécuter CFCscript, le nom de CFCscript semble mal écrit (avec quelques caractères erronés dans le texte), j'ai réexécuté combofix après sans faire glisser, le fichier mais il affiche dans le rapport qu'il n'y a aucune console d'installée, et il ne génère pas le fichier CF_RC.txt, que faire ?
  5. lili80
    bonjour ; j'ai lancé combofix, le scan a été rapide, à peine 4 minutes, le rapport est ci-dessous : ComboFix 08-09-13.05 - Administrateur 2008-09-14 8:11:45.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.292 [GMT 2:00] Lancé depuis: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe * Un nouveau point de restauration a été créé AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dll C:\Documents and Settings\Administrateur\Application Data\BITS C:\Documents and Settings\Administrateur\Application Data\BITS\BITS.ini C:\Documents and Settings\Administrateur\Application Data\BITS\DHTTable.dat C:\Documents and Settings\Administrateur\Application Data\BITS\ProxyList.ini C:\Documents and Settings\Administrateur\Application Data\BITS\UPnP.ini C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\__fdkfjfjgjitijk C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\_inifid C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\_inifiletime3 C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\_inimac C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\_loaderfiletime2 C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\2198.exe C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\cpush.exe C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\YiqilaiLyrics_2001.exe C:\Documents and Settings\All Users\Application Data\microsoft\office\userdata C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2198.dll C:\Documents and Settings\All Users\zyndf16.ini C:\Program Files\Fichiers communs\PushWare C:\Program Files\Fichiers communs\PushWare\cpush.dll C:\Program Files\Fichiers communs\PushWare\Uninst.exe C:\Program Files\FlashGet Network C:\Program Files\FlashGet Network\FlashGet Mini\adns.dll C:\Program Files\FlashGet Network\FlashGet Mini\BarSet.bmp C:\Program Files\FlashGet Network\FlashGet Mini\BarSet_eng.bmp C:\Program Files\FlashGet Network\FlashGet Mini\btcore.dll C:\Program Files\FlashGet Network\FlashGet Mini\BugReport.dll C:\Program Files\FlashGet Network\FlashGet Mini\BugReport.exe C:\Program Files\FlashGet Network\FlashGet Mini\core_stat.dll C:\Program Files\FlashGet Network\FlashGet Mini\dat\FlashGetMini.xml C:\Program Files\FlashGet Network\FlashGet Mini\dat\FlvDetector.ini C:\Program Files\FlashGet Network\FlashGet Mini\dat\taskdb.xml C:\Program Files\FlashGet Network\FlashGet Mini\dbghelp.dll C:\Program Files\FlashGet Network\FlashGet Mini\FlashGetExt.dll C:\Program Files\FlashGet Network\FlashGet Mini\FlashGetFlvdetector.htm C:\Program Files\FlashGet Network\FlashGet Mini\FlashGetMini.exe C:\Program Files\FlashGet Network\FlashGet Mini\FlvDetector.exe C:\Program Files\FlashGet Network\FlashGet Mini\GetAllUrl.htm C:\Program Files\FlashGet Network\FlashGet Mini\GetUrl.htm C:\Program Files\FlashGet Network\FlashGet Mini\help\change_log.txt C:\Program Files\FlashGet Network\FlashGet Mini\image\barbutton_left.png C:\Program Files\FlashGet Network\FlashGet Mini\image\barbutton_middle.png C:\Program Files\FlashGet Network\FlashGet Mini\image\barbutton_right.png C:\Program Files\FlashGet Network\FlashGet Mini\image\baritem_contents.png C:\Program Files\FlashGet Network\FlashGet Mini\image\baritem_delete.png C:\Program Files\FlashGet Network\FlashGet Mini\image\baritem_new.png C:\Program Files\FlashGet Network\FlashGet Mini\image\baritem_open.png C:\Program Files\FlashGet Network\FlashGet Mini\image\baritem_option.png C:\Program Files\FlashGet Network\FlashGet Mini\image\baritem_pause.png C:\Program Files\FlashGet Network\FlashGet Mini\image\baritem_play.png C:\Program Files\FlashGet Network\FlashGet Mini\image\BlankPanel.ico C:\Program Files\FlashGet Network\FlashGet Mini\image\btn_button.bmp C:\Program Files\FlashGet Network\FlashGet Mini\image\btn_check.bmp C:\Program Files\FlashGet Network\FlashGet Mini\image\CoverFlow\scroll_array_left.png C:\Program Files\FlashGet Network\FlashGet Mini\image\CoverFlow\scroll_array_right.png C:\Program Files\FlashGet Network\FlashGet Mini\image\CoverFlow\scroll_background.png C:\Program Files\FlashGet Network\FlashGet Mini\image\CoverFlow\scroll_bar.png C:\Program Files\FlashGet Network\FlashGet Mini\image\downloadListBack.png C:\Program Files\FlashGet Network\FlashGet Mini\image\EaseButton.ico C:\Program Files\FlashGet Network\FlashGet Mini\image\FB.ico C:\Program Files\FlashGet Network\FlashGet Mini\image\FriendButton.ico C:\Program Files\FlashGet Network\FlashGet Mini\image\infoshadow.png C:\Program Files\FlashGet Network\FlashGet Mini\image\jc.ico C:\Program Files\FlashGet Network\FlashGet Mini\image\jccfg.ico C:\Program Files\FlashGet Network\FlashGet Mini\image\MiniFlashGet.ico C:\Program Files\FlashGet Network\FlashGet Mini\image\MiniFlashgetLogo.bmp C:\Program Files\FlashGet Network\FlashGet Mini\image\MiniFlashgetLogo_eng.bmp C:\Program Files\FlashGet Network\FlashGet Mini\image\NetDiskButton.ico C:\Program Files\FlashGet Network\FlashGet Mini\image\notify.wav C:\Program Files\FlashGet Network\FlashGet Mini\image\Num.png C:\Program Files\FlashGet Network\FlashGet Mini\image\option_mini_tree.bmp C:\Program Files\FlashGet Network\FlashGet Mini\image\ProgressLeft.png C:\Program Files\FlashGet Network\FlashGet Mini\image\ProgressMiddle.png C:\Program Files\FlashGet Network\FlashGet Mini\image\ProgressRight.png C:\Program Files\FlashGet Network\FlashGet Mini\image\searchbutton.bmp C:\Program Files\FlashGet Network\FlashGet Mini\image\SkinTabBackground.png C:\Program Files\FlashGet Network\FlashGet Mini\image\SkinTabIcons.png C:\Program Files\FlashGet Network\FlashGet Mini\image\SkinTabSelectBack.png C:\Program Files\FlashGet Network\FlashGet Mini\image\SkinTabSelectBack_eng.png C:\Program Files\FlashGet Network\FlashGet Mini\image\SmallTaskBackLeft.png C:\Program Files\FlashGet Network\FlashGet Mini\image\SmallTaskBackMiddle.png C:\Program Files\FlashGet Network\FlashGet Mini\image\SmallTaskBackRight.png C:\Program Files\FlashGet Network\FlashGet Mini\image\suspendicons.png C:\Program Files\FlashGet Network\FlashGet Mini\image\task_status.png C:\Program Files\FlashGet Network\FlashGet Mini\image\TaskBackLeft.png C:\Program Files\FlashGet Network\FlashGet Mini\image\TaskBackMiddle.png C:\Program Files\FlashGet Network\FlashGet Mini\image\TaskBackRight.png C:\Program Files\FlashGet Network\FlashGet Mini\image\torrent.ico C:\Program Files\FlashGet Network\FlashGet Mini\image\TreeSelectBackLeft.bmp C:\Program Files\FlashGet Network\FlashGet Mini\image\TreeSelectBackMiddle.bmp C:\Program Files\FlashGet Network\FlashGet Mini\image\TreeSelectBackRight.bmp C:\Program Files\FlashGet Network\FlashGet Mini\image\Watch.png C:\Program Files\FlashGet Network\FlashGet Mini\image\WatchFlex.PNG C:\Program Files\FlashGet Network\FlashGet Mini\Info.exe C:\Program Files\FlashGet Network\FlashGet Mini\Krnlmodule.dll C:\Program Files\FlashGet Network\FlashGet Mini\Language-chs.xml C:\Program Files\FlashGet Network\FlashGet Mini\Language-eng.xml C:\Program Files\FlashGet Network\FlashGet Mini\libMiniBHO.dll C:\Program Files\FlashGet Network\FlashGet Mini\libScheduler.dll C:\Program Files\FlashGet Network\FlashGet Mini\libSkinX.dll C:\Program Files\FlashGet Network\FlashGet Mini\libStatistics.dll C:\Program Files\FlashGet Network\FlashGet Mini\P2PCfg.ini C:\Program Files\FlashGet Network\FlashGet Mini\P2PCore.dll C:\Program Files\FlashGet Network\FlashGet Mini\p2pprot.dll C:\Program Files\FlashGet Network\FlashGet Mini\p2snetio.dll C:\Program Files\FlashGet Network\FlashGet Mini\p2spmgr.dll C:\Program Files\FlashGet Network\FlashGet Mini\p2sprot.dll C:\Program Files\FlashGet Network\FlashGet Mini\pup.dat C:\Program Files\FlashGet Network\FlashGet Mini\skin.xml C:\Program Files\FlashGet Network\FlashGet Mini\skin_eng.xml C:\Program Files\FlashGet Network\FlashGet Mini\SysOptimize.exe C:\Program Files\FlashGet Network\FlashGet Mini\uninst.exe C:\Program Files\FlashGet Network\FlashGet Mini\zlib.dll C:\Program Files\Microsoft Office\SYSTEM\apcdli.sys C:\Program Files\Yiqilai C:\Program Files\Yiqilai\foobar\foo_ui_columns.dll C:\Program Files\Yiqilai\foobar\foo_ui_yqllyrics.dll C:\Program Files\Yiqilai\lib\YQL_Lyrics_Common.dll C:\Program Files\Yiqilai\realplayer\real_vis_yqllyrics.rpv C:\Program Files\Yiqilai\tools\GetMusic.exe C:\Program Files\Yiqilai\tools\Music.dll C:\Program Files\Yiqilai\tools\YiqilaiLyrics.exe C:\Program Files\Yiqilai\winamp\gen_yqllyrics.dll C:\Program Files\Yiqilai\winamp\vis_yqllyrics.dll C:\Program Files\Yiqilai\wmp\YiqilaiLyrics.dll C:\WINDOWS\HtmlPeek.dll C:\WINDOWS\system32\admshare.dat C:\WINDOWS\system32\adsntzt.dll C:\WINDOWS\system32\adsntzt.nls C:\WINDOWS\system32\avicapwm.dll C:\WINDOWS\system32\avicapwm.nls C:\WINDOWS\system32\biroas.dll C:\WINDOWS\system32\biroask.exe C:\WINDOWS\system32\bootvidgj.dll C:\WINDOWS\system32\bootvidgj.nls C:\WINDOWS\system32\catower.dll C:\WINDOWS\system32\certmgrkd.dll C:\WINDOWS\system32\certmgrkd.nls C:\WINDOWS\system32\cliconfgzx.dll C:\WINDOWS\system32\cliconfgzx.nls C:\WINDOWS\system32\Com\Config.cfg C:\WINDOWS\system32\comuidsg.dll C:\WINDOWS\system32\comuidsg.nls C:\WINDOWS\system32\dispexcb.dll C:\WINDOWS\system32\dispexcb.nls C:\WINDOWS\system32\dpvvoxmh.dll C:\WINDOWS\system32\dpvvoxmh.nls C:\WINDOWS\system32\drivers\svchost.exe C:\WINDOWS\system32\eskisl.dll C:\WINDOWS\system32\explore.exe C:\WINDOWS\system32\HBmhly.dll C:\WINDOWS\system32\imgutilhx2.dll C:\WINDOWS\system32\imgutilhx2.nls C:\WINDOWS\system32\johandy.dll C:\WINDOWS\system32\jolndyo.dll C:\WINDOWS\system32\kildh3l.dll C:\WINDOWS\system32\lensch.dll C:\WINDOWS\system32\lweurqhx.dll C:\WINDOWS\system32\lweurqhx.nls C:\WINDOWS\system32\mcromv.dll C:\WINDOWS\system32\mduaey.dll C:\WINDOWS\system32\mprmsgse.axz C:\WINDOWS\system32\ringtte.dll C:\WINDOWS\system32\scrruncqsj.dll C:\WINDOWS\system32\scrruncqsj.nls C:\WINDOWS\system32\slbiopfs2.dll C:\WINDOWS\system32\slbiopfs2.nls C:\WINDOWS\system32\system.exe C:\WINDOWS\system32\tscfgwmijxsj.dll C:\WINDOWS\system32\tscfgwmijxsj.nls C:\WINDOWS\system32\Update.dat C:\WINDOWS\system32\wllame.dll C:\WINDOWS\system32\wrm32.dll C:\WINDOWS\system32\xolehlpjh.dll C:\WINDOWS\system32\xolehlpjh.nls C:\WINDOWS\system32\YQL_Lyrics_Common.dll Une copie infectée de %~1 a été trouvée & désinfectée Copie restaurée à partir de - %~3 . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_APCDLI -------\Service_apcdli ((((((((((((((((((((((((((((( Fichiers cr‚‚s du 2008-08-14 au 2008-09-14 )))))))))))))))))))))))))))))))))))) . 2008-09-14 08:10 . 2008-09-14 08:10 24,576 --a------ C:\WINDOWS\system32\HBJXSJ.dll 2008-09-14 08:10 . 2008-09-14 08:11 2,654 --a------ C:\WINDOWS\system32\xboqpx.exe 2008-09-14 08:10 . 2008-09-14 08:10 1,669 --a------ C:\WINDOWS\system32\qprxyb.ini 2008-09-14 08:09 . 2008-09-14 08:10 <REP> d--hs---- C:\00050D94 2008-09-14 08:09 . 2004-08-04 09:54 400,896 --a------ C:\WINDOWS\system32\tmpzydf0.exe 2008-09-14 08:09 . 2008-09-14 08:09 3,328 --a------ C:\WINDOWS\system32\qaxboq.tmp 2008-09-06 03:59 . 2008-09-06 03:59 28,672 --a------ C:\WINDOWS\cmmon32.exe . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-14 06:11 2,654 ----a-w C:\WINDOWS\system32\caxyop.exe 2008-09-14 06:10 4,224 ----a-w C:\WINDOWS\system32\drivers\beep.sys 2008-09-14 06:10 2,298,284 ----a-w C:\WINDOWS\system32\nwapi32dj.dll 2008-09-14 06:10 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\skypePM 2008-09-14 06:10 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Skype 2008-09-14 06:09 2,250,900 ----a-w C:\WINDOWS\system32\wtsapi32yt2.dll 2008-09-14 06:08 28,672 ----a-w C:\WINDOWS\system32\aotoppt.dll 2002-09-10 11:31 1,900 ----a-w C:\Documents and Settings\Administrateur\ntuser.com 2002-09-13 06:45 40,960 --sh--w C:\WINDOWS\system32\axbyqp.exe 2002-09-10 11:34 164,846 --sha-w C:\WINDOWS\system32\DBEAF7DC.dll 2002-09-10 06:23 35,328 --sh--w C:\WINDOWS\system32\vmdetdhc.exe . ------- Sigcheck ------- 2004-08-04 08:14 359040 3bb4b08619c111c7be8bda07aa0de6a2 C:\WINDOWS\system32\drivers\tcpip.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-08-12 21741864] "Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2007-08-30 4670704] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2002-09-10 171448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-09-30 155648] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-09-30 126976] "Smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [2003-07-30 143360] "SetRefresh"="C:\Program Files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2002-09-09 358447] "vmdetdhc.exe"="C:\WINDOWS\system32\vmdetdhc.exe" [2002-09-10 35328] "Funshion"="C:\Program Files\Funshion Online\Funshion\Funshion.exe" [2008-08-22 2695168] "MAKTray"="MAKTray.exe" [2004-08-27 C:\WINDOWS\MAKTray.exe] "LayoutM"="KLayMgr.exe" [2004-08-16 C:\WINDOWS\KLayMgr.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 15360] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2002-09-09 77870] [HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run] "nzy_df"="C:\WINDOWS\system\zyndle080913.exe" [2002-09-13 31852] "mysys"="C:\WINDOWS\cmmon32.exe" [2008-09-06 28672] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{A2C3BA54-DF75-4881-8EB3-E54B26BBBBC9}"= "C:\WINDOWS\system32\nwapi32dj.dll" [2008-09-14 2298284] "{BA4B5EBD-AB43-4c2b-84F5-F1AD85E79E4A}"= "C:\WINDOWS\system32\wtsapi32yt2.dll" [2008-09-14 2250900] "{434FA69C-5F0A-42e1-82B8-10AF2C8E53C6}"= "C:\WINDOWS\system32\twainyy.dll" [2002-09-13 2619680] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "nwapi32dj.dll"= {A2C3BA54-DF75-4881-8EB3-E54B26BBBBC9} - C:\WINDOWS\system32\nwapi32dj.dll [2008-09-14 2298284] "wtsapi32yt2.dll"= {BA4B5EBD-AB43-4c2b-84F5-F1AD85E79E4A} - C:\WINDOWS\system32\wtsapi32yt2.dll [2008-09-14 2250900] "twainyy.dll"= {434FA69C-5F0A-42e1-82B8-10AF2C8E53C6} - C:\WINDOWS\system32\twainyy.dll [2002-09-13 2619680] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\DrvAnti.exe] "debugger"=ntsd -d [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\drwadins.exe] "debugger"=ntsd -d [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\drwebscd.exe] "debugger"=ntsd -d [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\drwebupw.exe] "debugger"=ntsd -d [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\RavCopy.exe] "debugger"=ntsd -d [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\RavXP.exe] "debugger"=ntsd -d [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\spiderml.exe] "debugger"=ntsd -d [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\spidernt.exe] "debugger"=ntsd -d [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\spiderui.exe] "debugger"=ntsd -d [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\spml_set.exe] "debugger"=ntsd -d [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sunesnk.exe] "debugger"=ntsd -d [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\taskmgar.exe] "debugger"=ntsd -d [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"= "C:\\Program Files\\Funshion Online\\Funshion\\Funshion.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 HBKernel32;HBKernel32 Driver;C:\WINDOWS\system32\DRIVERS\HBKernel32.sys [2002-09-13 14640] R2 FTP;FTP Protocol Driver;C:\WINDOWS\system32\drivers\BFDDOS.sys [2004-08-04 6656] R2 sda;wrtwwe;C:\WINDOWS\system32\axbyqp.exe [2002-09-13 40960] R2 wmpobj;wmpobj;C:\Documents and Settings\All Users\Application Data\Microsoft\Media Player\obj\wmpobj.sys [2008-09-11 162180] R3 dbeaf7d;dbeaf7d;C:\WINDOWS\system32\dbeaf7d.sys [2002-09-10 5504] S3 bzpcax;bzpcax;C:\WINDOWS\system32\bzpcax.tmp [2002-09-13 3328] S3 pqaxbo;pqaxbo;C:\WINDOWS\system32\pqaxbo.tmp [2002-09-10 3328] S3 qabop;qabop;C:\WINDOWS\system32\qabop.tmp [2002-09-14 3328] S3 qaxboq;qaxboq;C:\WINDOWS\system32\qaxboq.tmp [2008-09-14 3328] S3 qcabyo;qcabyo;C:\WINDOWS\system32\qcabyo.tmp [2002-09-13 3328] S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b47f1ae-c3ec-11d6-9d10-000ffe2d9223}] \shell\explore\command - E:\explorer.exe \shell\open\Command - E:\explorer.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b47f1b1-c3ec-11d6-9d10-000ffe2d9223}] \shell\explore\command - H:\explorer.exe \shell\open\Command - H:\explorer.exe . - - - - ORPHELINS SUPPRIMES - - - - BHO-{686488AF-13D5-9DDF-4FEF-9FB88698CFC1} - (no file) HKCU-Run-MINIFLASHGET - C:\Program Files\FlashGet Network\FlashGet Mini\FlashGetMini.exe HKLM-Run-MINIFLASHGET - C:\Program Files\FlashGet Network\FlashGet Mini\FlashGetMini.exe HKLM-Run-HBService32 - System.exe ShellExecuteHooks-{DBEAF7DC-D4AA-4A2E-958A-58E9A6BC11C7} - DBEAF7DC.dll . ------- Examen suppl‚mentaire ------- . R0 -: HKCU-Main,Start Page = about:blank R0 -: HKCU-Main,Search Page = hxxp://www.google.com R0 -: HKCU-Main,Search Bar = hxxp://www.google.com/ie R0 -: HKLM-Main,Default_Search_URL = hxxp://www.google.com/ie R0 -: HKLM-Main,Start Page = hxxp://fr.yahoo.com R0 -: HKCU-Search,SearchAssistant = hxxp://www.google.com/ie R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s R0 -: HKLM-Search,SearchAssistant = hxxp://www.google.com/ie O8 -: ʹÓÃÃÔÄã¿ì³µÏÂÔØ - C:\Program Files\FlashGet Network\FlashGet Mini\GetUrl.htm O8 -: ʹÓÃÃÔÄã¿ì³µÏÂÔظÃÍøÒ³FLV - C:\Program Files\FlashGet Network\FlashGet Mini\FlashGetFlvdetector.htm O8 -: ʹÓÃÃÔÄã¿ì³µÏÂÔØÈ«²¿Á´½Ó - C:\Program Files\FlashGet Network\FlashGet Mini\GetAllUrl.htm . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-14 08:14:08 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cach‚s ... Recherche d'‚l‚ments en d‚marrage automatique cach‚s ... HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run mysys = C:\WINDOWS\cmmon32.exe????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? Recherche de fichiers cach‚s ... Scan termin‚ avec succŠs Fichiers cach‚s: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bzpcax] "ImagePath"="\??\C:\WINDOWS\system32\bzpcax.tmp" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pqaxbo] "ImagePath"="\??\C:\WINDOWS\system32\pqaxbo.tmp" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\qabop] "ImagePath"="\??\C:\WINDOWS\system32\qabop.tmp" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\qaxboq] "ImagePath"="\??\C:\WINDOWS\system32\qaxboq.tmp" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\qcabyo] "ImagePath"="\??\C:\WINDOWS\system32\qcabyo.tmp" . ------------------------ Autres processus actifs ------------------------ . C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\MAKHkey.exe C:\PROGRA~1\Yahoo!\MESSEN~1\Ymsgr_tray.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\tmpzydf1.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\FGHFGD6589.tmp . ************************************************************************** . Heure de fin: 2008-09-14 9:15:29 - La machine a red‚marr‚ ComboFix-quarantined-files.txt 2008-09-14 07:15:26 Avant-CF: 73,026,269,184 octets libres AprŠs-CF: 72,984,309,760 octets libres 362
  6. lili80
    Effectivement, il me semble que je n'ai pas tout copié, voilà le fichier log : Logfile of random's system information tool (written by random/random) Run by Administrateur at 2002-09-10 13:32:16 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 70 GB (92%) free of 76 GB Total RAM: 759 MB (68% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:32:17, on 10/09/2002 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\cmmon32.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\WINDOWS\MAKTray.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\FlashGet Network\FlashGet Mini\FlashGetMini.exe C:\Program Files\Funshion Online\Funshion\Funshion.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\MAKHKEY.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Administrateur\ntuser.com C:\WINDOWS\system32\xybzpc C:\WINDOWS\system32\tmpzydf2.exe C:\WINDOWS\system\zyndle080908.exe C:\program files\internet explorer\iexplore.exe C:\Documents and Settings\Administrateur\Bureau\RSIT.exe C:\0006662F\000667D4 C:\Program Files\trend micro\Administrateur.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: MiniFlashGetBHO - {C74E94A7-B7BD-4891-9328-455395BCC7AD} - C:\Program Files\FlashGet Network\FlashGet Mini\libMiniBHO.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [MAKTray] MAKTray.exe O4 - HKLM\..\Run: [setRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe O4 - HKLM\..\Run: [LayoutM] KLayMgr.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [vmdetdhc.exe] C:\WINDOWS\system32\vmdetdhc.exe O4 - HKLM\..\Run: [MINIFLASHGET] "C:\Program Files\FlashGet Network\FlashGet Mini\FlashGetMini.exe" /minimize O4 - HKLM\..\Run: [Funshion] C:\Program Files\Funshion Online\Funshion\Funshion.exe /tray O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [MINIFLASHGET] "C:\Program Files\FlashGet Network\FlashGet Mini\FlashGetMini.exe" /minimize O4 - HKLM\..\Policies\Explorer\Run: [nzy_df] C:\WINDOWS\system\zyndle080908.exe O4 - HKLM\..\Policies\Explorer\Run: [mysys] C:\WINDOWS\cmmon32.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: ʹÓÃÃÔÄã¿ì³µÏÂÔØ - C:\Program Files\FlashGet Network\FlashGet Mini\GetUrl.htm O8 - Extra context menu item: ʹÓÃÃÔÄã¿ì³µÏÂÔظÃÍøÒ³FLV - C:\Program Files\FlashGet Network\FlashGet Mini\FlashGetFlvdetector.htm O8 - Extra context menu item: ʹÓÃÃÔÄã¿ì³µÏÂÔØÈ«²¿Á´½Ó - C:\Program Files\FlashGet Network\FlashGet Mini\GetAllUrl.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 4716 bytes Registry dump [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C74E94A7-B7BD-4891-9328-455395BCC7AD}] MiniFlashGetBHO - C:\Program Files\FlashGet Network\FlashGet Mini\libMiniBHO.dll [2008-08-22 271872] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2004-09-30 155648] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2004-09-30 126976] "Smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-07-30 143360] "MAKTray"=C:\WINDOWS\MAKTray.exe [2004-08-27 287232] "SetRefresh"=C:\Program Files\Compaq\SetRefresh\SetRefresh.exe [2003-11-20 525824] "LayoutM"=C:\WINDOWS\KLayMgr.exe [2004-08-16 45056] "AVG7_CC"=C:\PROGRA~1\Grisoft\AVG7\avgcc.exe [2002-09-09 358447] "vmdetdhc.exe"=C:\WINDOWS\system32\vmdetdhc.exe [2002-09-10 35328] "MINIFLASHGET"=C:\Program Files\FlashGet Network\FlashGet Mini\FlashGetMini.exe [2008-08-22 1758720] "Funshion"=C:\Program Files\Funshion Online\Funshion\Funshion.exe [2008-08-22 2695168] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "nzy_df"=C:\WINDOWS\system\zyndle080908.exe [2002-09-09 31912] "mysys"=C:\WINDOWS\cmmon32.exe [2008-09-06 28672] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360] "Skype"=C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized [] "MINIFLASHGET"=C:\Program Files\FlashGet Network\FlashGet Mini\FlashGetMini.exe [2008-08-22 1758720] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxsrvc.dll [2004-09-30 344064] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Grisoft\AVG7\avginet.exe"="C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe" "C:\Program Files\FlashGet Network\FlashGet Mini\FlashGetMini.exe"="C:\Program Files\FlashGet Network\FlashGet Mini\FlashGetMini.exe:*:Enabled:FlashGetMini" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b47f1ae-c3ec-11d6-9d10-000ffe2d9223}] shell\explore\command - E:\explorer.exe shell\open\command - E:\explorer.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b47f1b1-c3ec-11d6-9d10-000ffe2d9223}] shell\explore\command - H:\explorer.exe shell\open\command - H:\explorer.exe List of files/folders created in the last three months 2008-09-06 03:59:24 ----A---- C:\WINDOWS\cmmon32.exe 2008-08-07 08:21:34 ----A---- C:\WINDOWS\HtmlPeek.dll 2008-07-09 12:18:36 ----A---- C:\WINDOWS\system32\funshion.ini 2007-07-30 19:19:52 ----A---- C:\WINDOWS\system32\wuapi.dll.mui 2007-07-30 19:19:12 ----A---- C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19:04 ----A---- C:\WINDOWS\system32\wucltui.dll.mui 2007-07-30 19:18:48 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui 2004-08-30 13:43:40 ----A---- C:\WINDOWS\system32\BInstDll.dll 2004-08-23 16:21:45 ----RA---- C:\WINDOWS\system32\rsop.msc 2004-08-23 16:21:32 ----RA---- C:\WINDOWS\system32\perfmon.msc 2004-08-23 16:19:56 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest 2004-08-23 16:19:51 ----RA---- C:\WINDOWS\system32\kbdmon.dll 2004-08-23 16:19:50 ----RA---- C:\WINDOWS\system32\kbdycl.dll 2004-08-23 16:19:49 ----RA---- C:\WINDOWS\system32\kbdycc.dll 2004-08-23 16:19:49 ----RA---- C:\WINDOWS\system32\kbdsl1.dll 2004-08-23 16:19:48 ----RA---- C:\WINDOWS\system32\kbduzb.dll 2004-08-23 16:19:48 ----RA---- C:\WINDOWS\system32\kbdsl.dll 2004-08-23 16:19:47 ----RA---- C:\WINDOWS\system32\kbdhu1.dll 2004-08-23 16:19:47 ----RA---- C:\WINDOWS\system32\kbdest.dll 2004-08-23 16:19:46 ----RA---- C:\WINDOWS\system32\kbdhu.dll 2004-08-23 16:19:45 ----RA---- C:\WINDOWS\system32\kbdlv1.dll 2004-08-23 16:19:45 ----RA---- C:\WINDOWS\system32\kbdhept.dll 2004-08-23 16:19:44 ----RA---- C:\WINDOWS\system32\kbdru1.dll 2004-08-23 16:19:44 ----RA---- C:\WINDOWS\system32\kbdlv.dll 2004-08-23 16:19:44 ----RA---- C:\WINDOWS\system32\kbdhela3.dll 2004-08-23 16:19:43 ----RA---- C:\WINDOWS\system32\kbdru.dll 2004-08-23 16:19:43 ----RA---- C:\WINDOWS\system32\kbdlt1.dll 2004-08-23 16:19:43 ----RA---- C:\WINDOWS\system32\kbdhela2.dll 2004-08-23 16:19:43 ----RA---- C:\WINDOWS\system32\kbdcz2.dll 2004-08-23 16:19:42 ----RA---- C:\WINDOWS\system32\kbdur.dll 2004-08-23 16:19:42 ----RA---- C:\WINDOWS\system32\kbdro.dll 2004-08-23 16:19:42 ----RA---- C:\WINDOWS\system32\kbdlt.dll 2004-08-23 16:19:42 ----RA---- C:\WINDOWS\system32\kbdhe319.dll 2004-08-23 16:19:42 ----RA---- C:\WINDOWS\system32\kbdcz1.dll 2004-08-23 16:19:41 ----RA---- C:\WINDOWS\system32\kbdhe220.dll 2004-08-23 16:19:41 ----RA---- C:\WINDOWS\system32\kbdcz.dll 2004-08-23 16:19:40 ----RA---- C:\WINDOWS\system32\kbdpl1.dll 2004-08-23 16:19:40 ----RA---- C:\WINDOWS\system32\kbdhe.dll 2004-08-23 16:19:40 ----RA---- C:\WINDOWS\system32\kbdcr.dll 2004-08-23 16:19:39 ----RA---- C:\WINDOWS\system32\kbdpl.dll 2004-08-23 16:19:39 ----RA---- C:\WINDOWS\system32\kbdkyr.dll 2004-08-23 16:19:38 ----RA---- C:\WINDOWS\system32\kbdtuq.dll 2004-08-23 16:19:38 ----RA---- C:\WINDOWS\system32\kbdkaz.dll 2004-08-23 16:19:37 ----RA---- C:\WINDOWS\system32\kbdtuf.dll 2004-08-23 16:19:37 ----RA---- C:\WINDOWS\system32\kbdgkl.dll 2004-08-23 16:19:37 ----RA---- C:\WINDOWS\system32\kbdbu.dll 2004-08-23 16:19:36 ----RA---- C:\WINDOWS\system32\kbdtat.dll 2004-08-23 16:19:35 ----RA---- C:\WINDOWS\system32\kbdblr.dll 2004-08-23 16:19:32 ----RA---- C:\WINDOWS\system32\kbdazel.dll 2004-08-23 16:19:30 ----RA---- C:\WINDOWS\system32\kbdaze.dll 2004-08-23 16:19:29 ----RA---- C:\WINDOWS\system32\KBDAL.DLL 2004-08-23 16:17:56 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2004-08-23 16:13:49 ----RA---- C:\WINDOWS\SET8.TMP 2004-08-23 16:13:46 ----RA---- C:\WINDOWS\SET4.TMP 2004-08-23 16:13:43 ----RA---- C:\WINDOWS\SET3.TMP 2004-08-23 16:12:25 ----ASH---- C:\Documents and Settings\Administrateur\Application Data\desktop.ini 2004-08-23 16:12:24----ASH----C:\Documents and Settings\All Users\Application Data\desktop.ini 2004-08-16 12:36:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2004-08-16 12:31:36 ----A---- C:\WINDOWS\setuplog.txt 2004-08-16 12:31:34 ----A---- C:\WINDOWS\imsins.BAK 2004-08-16 12:25:12 ----A---- C:\WINDOWS\ODBCINST.INI 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\xpsp2res.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\xpsp1res.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\xpob2res.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\wzcsvc.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\wzcsapi.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\wowfaxui.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\wowfax.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\winhlp32.exe 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\usrvpa.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\usrvoica.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\usrv80a.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\usrv42a.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\usrsvpia.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\usrshuta.exe 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\usrsdpia.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\usrrtosa.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\usrprbda.exe 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\usrmlnka.exe 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\usrlbva.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\usrfaxa.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\usrdtea.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\usrdpa.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\usrcoina.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\usrcntra.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\tsbyuv.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\tourstart.exe 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\systeminfo.exe 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\streamci.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\sprio800.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\sprio600.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\spnike.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\shellstyle.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\schtasks.exe 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\pjlmon.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\pid.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\paqsp.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\pagefileconfig.vbs 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\openfiles.exe 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\msyuv.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\msjetoledb40.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\mfc42loc.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\mfc40loc.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\mdwmdmsp.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\mapi32.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\iyuv_32.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\hid.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\hal.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\gpresult.exe 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\eventtriggers.exe 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\eventquery.vbs 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\eventcreate.exe 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\dvdplay.exe 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\driverquery.exe 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\dmutil.dll 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\CONFIG.TMP 2004-08-05 11:00:00 ----A---- C:\WINDOWS\system32\cnbjmon.dll 2004-08-04 09:55:14 ----A---- C:\WINDOWS\system32\tsddd.dll 2004-08-04 09:55:14 ----A---- C:\WINDOWS\system32\rdpwsx.dll 2004-08-04 09:55:14 ----A---- C:\WINDOWS\system32\rdpdd.dll 2004-08-04 09:55:10 ----A---- C:\WINDOWS\system32\drmclien.dll 2004-08-04 09:55:08 ----A---- C:\WINDOWS\system32\wmvcore.dll 2004-08-04 09:55:08 ----A---- C:\WINDOWS\system32\drmv2clt.dll 2004-08-04 09:55:06 ----A---- C:\WINDOWS\system32\msscp.dll 2004-08-04 09:55:06 ----A---- C:\WINDOWS\system32\msnetobj.dll 2004-08-04 09:55:04 ----A---- C:\WINDOWS\system32\xcopy.exe 2004-08-04 09:55:04 ----A---- C:\WINDOWS\system32\wuauclt1.exe 2004-08-04 09:55:04 ----A---- C:\WINDOWS\system32\wuauclt.exe 2004-08-04 09:55:04 ----A---- C:\WINDOWS\system32\wscript.exe 2004-08-04 09:55:04 ----A---- C:\WINDOWS\system32\wscntfy.exe 2004-08-04 09:55:04 ----A---- C:\WINDOWS\system32\wpnpinst.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\winhlp32.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\wpabaln.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\winver.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\winlogon.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\wiaacmgr.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\wextract.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\vssvc.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\utilman.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\userinit.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\ups.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\upnpcont.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\tracert.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\tracerpt.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\tlntsvr.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\tlntsess.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\tlntadmn.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\taskmgr.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\sysocmgr.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\svchost.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\stimon.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\spoolsv.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\spider.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\sndrec32.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\smss.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\smlogsvc.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\smbinst.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\skeys.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\sigverif.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\shutdown.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\shrpubw.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\shmgrate.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\setup.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\sethc.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\sessmgr.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\services.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\secedit.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\sdbinst.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\scardsvr.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\savedump.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\runonce.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\rundll32.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\rtcshare.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\rsnotify.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\rsh.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\rexec.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\regsvr32.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\reg.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\rdshost.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\rdsaddin.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\rdpclip.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\rcp.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\rcimlby.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\rasphone.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\qprocess.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\proxycfg.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\proquota.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\progman.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\powercfg.exe 2004-08-04 09:55:02 ----A---- C:\WINDOWS\system32\ping.exe 2004-08-04 09:55:00 ----A---- C:\WINDOWS\system32\perfmon.exe 2004-08-04 09:55:00 ----A---- C:\WINDOWS\system32\packager.exe 2004-08-04 09:55:00 ----A---- C:\WINDOWS\system32\osk.exe 2004-08-04 09:55:00 ----A---- C:\WINDOWS\system32\odbcconf.exe 2004-08-04 09:55:00 ----A---- C:\WINDOWS\system32\odbcad32.exe 2004-08-04 09:55:00 ----A---- C:\WINDOWS\system32\ntvdm.exe 2004-08-04 09:55:00 ----A---- C:\WINDOWS\system32\ntbackup.exe 2004-08-04 09:55:00 ----A---- C:\WINDOWS\system32\nslookup.exe 2004-08-04 09:55:00 ----A---- C:\WINDOWS\system32\notepad.exe 2004-08-04 09:55:00 ----A---- C:\WINDOWS\system32\netstat.exe 2004-08-04 09:55:00 ----A---- C:\WINDOWS\system32\netsh.exe 2004-08-04 09:55:00 ----A---- C:\WINDOWS\system32\netdde.exe 2004-08-04 09:55:00 ----A---- C:\WINDOWS\system32\net1.exe 2004-08-04 09:55:00 ----A---- C:\WINDOWS\system32\net.exe 2004-08-04 09:55:00 ----A---- C:\WINDOWS\system32\nddeapir.exe 2004-08-04 09:55:00 ----A---- C:\WINDOWS\system32\narrator.exe 2004-08-04 09:55:00 ----A---- C:\WINDOWS\system32\mstinit.exe 2004-08-04 09:55:00 ----A---- C:\WINDOWS\system32\mspaint.exe 2004-08-04 09:55:00 ----A---- C:\WINDOWS\NOTEPAD.EXE 2004-08-04 09:54:58 ----A---- C:\WINDOWS\system32\msiexec.exe 2004-08-04 09:54:58 ----A---- C:\WINDOWS\system32\mshta.exe 2004-08-04 09:54:58 ----A---- C:\WINDOWS\system32\msdtc.exe 2004-08-04 09:54:58 ----A---- C:\WINDOWS\system32\mqtgsvc.exe 2004-08-04 09:54:58 ----A---- C:\WINDOWS\system32\mqsvc.exe 2004-08-04 09:54:58 ----A---- C:\WINDOWS\system32\mqbkup.exe 2004-08-04 09:54:58 ----A---- C:\WINDOWS\system32\mplay32.exe 2004-08-04 09:54:56 ----A---- C:\WINDOWS\system32\mobsync.exe 2004-08-04 09:54:54 ----A---- C:\WINDOWS\system32\mnmsrvc.exe 2004-08-04 09:54:54 ----A---- C:\WINDOWS\system32\mmc.exe 2004-08-04 09:54:54 ----A---- C:\WINDOWS\system32\makecab.exe 2004-08-04 09:54:54 ----A---- C:\WINDOWS\system32\magnify.exe 2004-08-04 09:54:54 ----A---- C:\WINDOWS\system32\lsass.exe 2004-08-04 09:54:54 ----A---- C:\WINDOWS\system32\logonui.exe 2004-08-04 09:54:54 ----A---- C:\WINDOWS\system32\logman.exe 2004-08-04 09:54:54 ----A---- C:\WINDOWS\system32\logagent.exe 2004-08-04 09:54:54 ----A---- C:\WINDOWS\system32\locator.exe 2004-08-04 09:54:54 ----A---- C:\WINDOWS\system32\ipxroute.exe 2004-08-04 09:54:54 ----A---- C:\WINDOWS\system32\ipv6.exe 2004-08-04 09:54:54 ----A---- C:\WINDOWS\system32\ipconfig.exe 2004-08-04 09:54:52 ----A---- C:\WINDOWS\system32\imapi.exe 2004-08-04 09:54:52 ----A---- C:\WINDOWS\system32\iexpress.exe 2004-08-04 09:54:52 ----A---- C:\WINDOWS\system32\ie4uinit.exe 2004-08-04 09:54:52 ----A---- C:\WINDOWS\system32\grpconv.exe 2004-08-04 09:54:52 ----A---- C:\WINDOWS\system32\ftp.exe 2004-08-04 09:54:52 ----A---- C:\WINDOWS\system32\fsquirt.exe 2004-08-04 09:54:52 ----A---- C:\WINDOWS\hh.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\fontview.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\fltMc.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\findstr.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\extrac32.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\eudcedit.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\dxdiag.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\dwwin.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\dvdupgrd.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\dumprep.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\dpvsetup.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\dpnsvr.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\dplaysvr.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\dmremote.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\dmadmin.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\dllhost.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\diskpart.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\diantz.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\dfrgntfs.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\dfrgfat.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\defrag.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\ddeshare.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\ctfmon.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\csrss.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\cscript.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\conime.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\cmstp.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\cmmon32.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\cmdl32.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\cmd.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\clipsrv.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\clipbrd.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\cliconfg.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\cleanmgr.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\cisvc.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\cipher.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\blastcln.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\autolfn.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\autoconv.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\auditusr.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\atmadm.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\at.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\asr_pfu.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\asr_fmt.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\alg.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\ahui.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\system32\actmovie.exe 2004-08-04 09:54:50 ----A---- C:\WINDOWS\explorer.exe 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\zipfldr.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\xolehlp.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\xmlprovi.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\xmlprov.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\xactsrv.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wzcdlg.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wuweb.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wups.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wucltui.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wuauserv.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wuaueng1.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wuaueng.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wuapi.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wtsapi32.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wstdecod.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wsock32.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wsnmp32.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wshtcpip.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\WshRm.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wship6.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wshext.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wshcon.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wshbth.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wsecedit.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wscsvc.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\ws2help.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\ws2_32.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wow32.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wmvdmoe2.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wmvdmod.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wmstream.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wmspdmoe.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wmspdmod.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wmsdmoe2.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wmsdmoe.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wmsdmod.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wmpui.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wmpshell.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wmpdxm.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wmpcore.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wmpcd.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wmpasf.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wmp.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wmnetmgr.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wmidx.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wmdmps.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wmdmlog.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wmasf.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wmadmoe.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\wmadmod.dll 2004-08-04 09:54:48 ----A---- C:\WINDOWS\system32\accwiz.exe 2004-08-04 09:54:46 ----A---- C:\WINDOWS\system32\wlnotify.dll 2004-08-04 09:54:46 ----A---- C:\WINDOWS\system32\wldap32.dll 2004-08-04 09:54:46 ----A---- C:\WINDOWS\system32\wkssvc.dll 2004-08-04 09:54:46 ----A---- C:\WINDOWS\system32\wintrust.dll 2004-08-04 09:54:46 ----A---- C:\WINDOWS\system32\winsta.dll 2004-08-04 09:54:46 ----A---- C:\WINDOWS\system32\winsrv.dll 2004-08-04 09:54:46 ----A---- C:\WINDOWS\system32\winshfhc.dll 2004-08-04 09:54:46 ----A---- C:\WINDOWS\system32\winscard.dll 2004-08-04 09:54:46 ----A---- C:\WINDOWS\system32\winrnr.dll 2004-08-04 09:54:46 ----A---- C:\WINDOWS\system32\winmm.dll 2004-08-04 09:54:46 ----A---- C:\WINDOWS\system32\winipsec.dll 2004-08-04 09:54:46 ----A---- C:\WINDOWS\system32\wininet.dll 2004-08-04 09:54:46 ----A---- C:\WINDOWS\system32\winhttp.dll 2004-08-04 09:54:46 ----A---- C:\WINDOWS\system32\win32spl.dll 2004-08-04 09:54:46 ----A---- C:\WINDOWS\system32\wiavideo.dll 2004-08-04 09:54:46 ----A---- C:\WINDOWS\system32\wiashext.dll 2004-08-04 09:54:46 ----A---- C:\WINDOWS\system32\wiaservc.dll 2004-08-04 09:54:46 ----A---- C:\WINDOWS\system32\wiascr.dll 2004-08-04 09:54:46 ----A---- C:\WINDOWS\system32\wiadss.dll 2004-08-04 09:54:46 ----A---- C:\WINDOWS\system32\wiadefui.dll 2004-08-04 09:54:46 ----A---- C:\WINDOWS\system32\webvw.dll 2004-08-04 09:54:46 ----A---- C:\WINDOWS\system32\webclnt.dll 2004-08-04 09:54:46 ----A---- C:\WINDOWS\system32\webcheck.dll 2004-08-04 09:54:46 ----A---- C:\WINDOWS\system32\wdigest.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\twain_32.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\w3ssl.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\w32time.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\vssapi.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\version.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\vdmredir.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\vdmdbg.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\vbscript.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\vbajet32.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\uxtheme.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\usp10.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\userenv.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\user32.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\usbmon.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\urlmon.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\url.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\upnpui.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\upnphost.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\upnp.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\untfs.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\uniplat.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\unimdmat.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\umpnpmgr.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\umandlg.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\ulib.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\udhisapi.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\txflog.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\twext.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\tscfgwmi.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\trkwks.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\tlntsvrp.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\themeui.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\termsrv.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\termmgr.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\tcpmonui.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\tcpmon.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\tcpmib.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\tapisrv.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\tapi32.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\tapi3.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\t2embed.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\syssetup.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\syncui.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\synceng.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\sxs.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\strmfilt.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\strmdll.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\stobject.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\sti_ci.dll 2004-08-04 09:54:44 ----A---- C:\WINDOWS\system32\sti.dll 2004-08-04 09:54:42 ----A---- C:\WINDOWS\system32\ssdpsrv.dll 2004-08-04 09:54:42 ----A---- C:\WINDOWS\system32\ssdpapi.dll 2004-08-04 09:54:42 ----A---- C:\WINDOWS\system32\srvsvc.dll 2004-08-04 09:54:42 ----A---- C:\WINDOWS\system32\srsvc.dll 2004-08-04 09:54:42 ----A---- C:\WINDOWS\system32\srrstr.dll 2004-08-04 09:54:42 ----A---- C:\WINDOWS\system32\srclient.dll 2004-08-04 09:54:42 ----A---- C:\WINDOWS\system32\sqlunirl.dll 2004-08-04 09:54:42 ----A---- C:\WINDOWS\system32\sqlsrv32.dll 2004-08-04 09:54:42 ----A---- C:\WINDOWS\system32\spoolss.dll 2004-08-04 09:54:42 ----A---- C:\WINDOWS\system32\snmpsnap.dll 2004-08-04 09:54:42 ----A---- C:\WINDOWS\system32\snmpapi.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\smlogcfg.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\slbiop.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\slayerxp.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\sigtab.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\shsvcs.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\shscrap.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\shmedia.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\shlwapi.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\shimgvw.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\shimeng.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\shgina.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\shfolder.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\shell32.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\shdocvw.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\sfcfiles.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\sfc_os.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\sfc.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\setupapi.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\servdeps.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\sensapi.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\sens.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\sendmail.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\sendcmsg.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\security.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\secur32.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\seclogon.dll 2004-08-04 09:54:40 ----A---- C:\WINDOWS\system32\sdhcinst.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\scrrun.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\scrobj.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\sclgntfy.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\schedsvc.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\schannel.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\scesrv.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\scecli.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\sccsccp.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\scarddlg.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\sbeio.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\sbe.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\samsrv.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\samlib.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\safrslv.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\safrdm.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\safrcdlg.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\rtutils.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\rtipxmib.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\rsmps.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\rshx32.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\rpcss.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\rpcrt4.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\riched20.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\resutils.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\remotepg.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\regwizc.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\regsvc.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\regapi.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\rdpsnd.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\rdchost.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\rcbdyctl.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\rastls.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\rastapi.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\rassapi.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\rasppp.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\rasmans.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\rasman.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\rasdlg.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\raschap.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\rasauto.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\rasapi32.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\rasadhlp.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\racpldlg.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\query.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\quartz.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\qmgrprxy.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\qmgr.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\qedit.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\qdvd.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\qdv.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\qcap.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\qasf.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\pstorsvc.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\pstorec.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\psbase.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\psapi.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\profmap.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\printui.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\powrprof.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\polstore.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\pnrpnsp.dll 2004-08-04 09:54:38 ----A---- C:\WINDOWS\system32\pngfilt.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\photowiz.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\perfproc.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\perfos.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\perfdisk.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\perfctrs.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\pdh.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\pautoenr.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\p2psvc.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\p2pnetsh.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\p2pgraph.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\p2pgasvc.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\p2p.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\osuninst.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\opengl32.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\olepro32.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\oleprn.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\oleaut32.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\ole32.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\offfilt.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\odtext32.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\odpdx32.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\odfox32.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\odexl32.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\oddbse32.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\odbctrac.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\odbcjt32.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\odbccu32.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\odbccr32.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\odbccp32.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\odbcconf.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\odbcbcp.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\odbc32gt.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\odbc32.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\occache.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\objsel.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\oakley.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\nwwks.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\nwprovau.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\ntshrui.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\ntprint.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\ntmssvc.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\ntmsmgr.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\ntmsdba.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\ntmsapi.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\ntmarta.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\ntlsapi.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\ntlanman.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\ntdsapi.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\npptools.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\nmmkcert.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\nlhtml.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\newdev.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\netui1.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\netui0.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\netshell.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\netrap.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\netplwiz.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\netman.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\netlogon.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\netid.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\netcfgx.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\netapi32.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\nddenb32.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\nddeapi.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\ncobjapi.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\mydocs.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\mtxoci.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\mtxclu.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\msxml3.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\msxml2.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\msxml.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\msxbde40.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\mswstr10.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\mswsock.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\mswmdm.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\mswebdvd.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\mswdat10.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\msw3prt.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\msvidctl.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\msvfw32.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\msvcrt.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\msvcp60.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\msvcirt.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\msvbvm60.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\msv1_0.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\msutb.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\mstlsapi.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\mstime.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\mstext40.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\mstask.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\mssap.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\msrle32.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\msrepl40.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\msrd3x40.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\msrd2x40.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\msrating.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\mspmsp.dll 2004-08-04 09:54:36 ----A---- C:\WINDOWS\system32\mspmsnsv.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\mspbde40.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\mspatcha.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msorcl32.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msoert2.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msoeacct.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msnsspc.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msltus40.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\mslbui.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msjtes40.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msjter40.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msjint40.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msjet40.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msisip.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\MSIMTF.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msimg32.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msihnd.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msieftp.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msidle.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msident.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msi.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\mshtmled.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\mshtml.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msgsvc.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msgina.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msftedit.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msexcl40.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msexch40.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msdtcuiu.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msdtctm.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msdtcprx.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msdtclog.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msdmo.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msdart.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msdadiag.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\MSCTFP.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\MSCTF.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\mscpxl32.dLL 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\msconf.dll 2004-08-04 09:54:34 ----A---- C:\WINDOWS\system32\mscms.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\msasn1.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\msapsspc.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\msacm32.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mqutil.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mqupgrd.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mqtrig.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mqsnap.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mqsec.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mqrtdep.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mqrt.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mqqm.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mqoa.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mqlogmgr.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mqise.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mqdscli.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mqad.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mprapi.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mpr.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mpg4dmod.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mp4sdmod.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mp43dmod.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\modemui.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mobsync.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mnmdd.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mmfutil.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mmcshext.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mmcndmgr.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mmcbase.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mlang.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\miglibnt.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\midimap.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mgmtapi.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mfcsubs.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mfc42u.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mfc42.dll 2004-08-04 09:54:32 ----A---- C:\WINDOWS\system32\mf3216.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\mdminst.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\mciwave.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\mciseq.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\mciqtz32.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\mciavi32.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\mcastmib.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\lsasrv.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\lprhelp.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\lpk.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\localui.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\localspl.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\localsec.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\loadperf.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\lmrt.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\lmhsvc.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\linkinfo.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\licwmi.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\licmgr10.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\licdll.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\laprxy.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\keymgr.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\kernel32.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\kerberos.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\jsproxy.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\jscript.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\ixsso.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\iuengine.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\itss.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\itircl.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\isrdbg32.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\isign32.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\ir50_qcx.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\ir50_qc.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\ir50_32.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\ir41_qcx.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\ir41_qc.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\ipv6mon.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\ipsmsnap.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\ipsecsvc.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\ipsecsnp.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\ippromon.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\ipnathlp.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\iphlpapi.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\inseng.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\input.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\initpki.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\inetppui.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\inetpp.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\inetmib1.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\inetcomm.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\inetcfg.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\imm32.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\imgutil.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\imeshare.dll 2004-08-04 09:54:30 ----A---- C:\WINDOWS\system32\ils.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\igmpagnt.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\ifmon.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\iesetup.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\iernonce.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\iepeers.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\ieencode.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\iedkcs32.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\ieaksie.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\ieakeng.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\idq.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\icwphbk.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\icwdial.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\icm32.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\iccvid.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\icaapi.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\iasrad.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\hypertrm.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\htui.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\httpapi.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\hotplug.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\hnetwiz.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\hnetcfg.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\hhsetup.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\h323msp.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\gptext.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\gpedit.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\glu32.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\gdi32.dll 2004-08-04 09:54:28 ----A---- C:\WINDOWS\system32\fwcfg.dll 2004-08-04 09:54:26 ----A---- C:\WINDOWS\system32\fontext.dll 2004-08-04 09:54:26 ----A---- C:\WINDOWS\system32\fltlib.dll 2004-08-04 09:54:26 ----A---- C:\WINDOWS\system32\fldrclnr.dll 2004-08-04 09:54:26 ----A---- C:\WINDOWS\system32\filemgmt.dll 2004-08-04 09:54:26 ----A---- C:\WINDOWS\system32\feclient.dll 2004-08-04 09:54:26 ----A---- C:\WINDOWS\system32\fdeploy.dll 2004-08-04 09:54:26 ----A---- C:\WINDOWS\system32\faultrep.dll 2004-08-04 09:54:26 ----A---- C:\WINDOWS\system32\extmgr.dll 2004-08-04 09:54:26 ----A---- C:\WINDOWS\system32\expsrv.dll 2004-08-04 09:54:26 ----A---- C:\WINDOWS\system32\eventlog.dll 2004-08-04 09:54:26 ----A---- C:\WINDOWS\system32\esent.dll 2004-08-04 09:54:26 ----A---- C:\WINDOWS\system32\es.dll 2004-08-04 09:54:26 ----A---- C:\WINDOWS\system32\ersvc.dll 2004-08-04 09:54:26 ----A---- C:\WINDOWS\system32\encdec.dll 2004-08-04 09:54:26 ----A---- C:\WINDOWS\system32\encapi.dll 2004-08-04 09:54:26 ----A---- C:\WINDOWS\system32\els.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\efsadu.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dxtrans.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dxtmsft.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dxmasf.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dxdiagn.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dx8vb.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dx7vb.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\duser.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dswave.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dsuiext.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dssec.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dsquery.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dsprop.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dsound3d.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dsound.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dskquota.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dsdmoprp.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dsdmo.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\ds32gt.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\drprov.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\drmstor.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dpwsockx.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dpvvox.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dpvoice.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dpvacm.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dpnhupnp.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dpnhpast.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dpnet.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dpmodemx.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dplayx.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dpcdll.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\docprop2.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dnsrslvr.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dnsapi.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dmusic.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dmsynth.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dmstyle.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dmserver.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dmscript.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dmloader.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dmime.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dmdskmgr.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dmcompos.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dmband.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dinput8.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dinput.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\digest.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dgnet.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dfsshlex.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dfrgui.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dfrgsnap.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\devmgr.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\devenum.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\ddrawex.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\ddraw.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dciman32.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dbnmpntw.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dbnetlib.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\davclnt.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\dataclen.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\danim.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\d3dim700.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\d3d9.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\d3d8thk.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\d3d8.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\csrsrv.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\cscui.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\cscdll.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\cryptui.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\cryptsvc.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\cryptnet.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\cryptext.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\cryptdll.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\cryptdlg.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\crypt32.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\credui.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\corpol.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\comuid.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\comsvcs.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\comres.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\compstui.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\compatUI.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\comdlg32.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\comctl32.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\colbact.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\cmutil.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\cmsetACL.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\cmprops.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\cmdial32.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\cmcfg32.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\clusapi.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\cliconfg.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\clbcatq.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\clbcatex.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\ciodm.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\cfgbkend.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\cewmdm.dll 2004-08-04 09:54:24 ----A---- C:\WINDOWS\system32\certmgr.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\certcli.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\cdosys.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\cdm.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\cdfview.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\catsrvut.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\catsrvps.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\catsrv.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\camocx.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\cabview.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\btpanui.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\bthserv.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\bthci.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\browsewm.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\browseui.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\browser.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\blackbox.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\bitsprx3.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\bitsprx2.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\bidispl.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\batt.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\batmeter.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\basesrv.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\avifil32.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\authz.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\audiosrv.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\atmlib.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\atl.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\asycfilt.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\appmgr.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\appmgmts.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\apphelp.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\amstream.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\alrsvc.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\advpack.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\advapi32.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\adsnt.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\adsmsext.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\adsldpc.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\adsldp.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\admparse.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\actxprxy.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\activeds.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\aclui.dll 2004-08-04 09:54:22 ----A---- C:\WINDOWS\system32\6to4svc.dll 2004-08-04 09:54:14 ----A---- C:\WINDOWS\system32\wmploc.dll 2004-08-04 09:54:10 ----A---- C:\WINDOWS\system32\wmi.dll 2004-08-04 09:54:10 ----A---- C:\WINDOWS\system32\wmerror.dll 2004-08-04 09:54:08 ----A---- C:\WINDOWS\system32\winbrand.dll 2004-08-04 09:53:44 ----A---- C:\WINDOWS\system32\shdoclc.dll 2004-08-04 09:53:42 ----A---- C:\WINDOWS\system32\qedwipes.dll 2004-08-04 09:53:38 ----A---- C:\WINDOWS\system32\odbcp32r.dll 2004-08-04 09:53:38 ----A---- C:\WINDOWS\system32\odbcji32.dll 2004-08-04 09:53:38 ----A---- C:\WINDOWS\system32\odbcint.dll 2004-08-04 09:53:32 ----A---- C:\WINDOWS\system32\msprivs.dll 2004-08-04 09:53:32 ----A---- C:\WINDOWS\system32\msorc32r.dll 2004-08-04 09:53:32 ----A---- C:\WINDOWS\system32\msimsg.dll 2004-08-04 09:53:16 ----A---- C:\WINDOWS\system32\mshtmler.dll 2004-08-04 09:53:14 ----A---- C:\WINDOWS\system32\msdxmlc.dll 2004-08-04 09:53:14 ----A---- C:\WINDOWS\system32\mscpx32r.dLL 2004-08-04 09:53:14 ----A---- C:\WINDOWS\system32\msafd.dll 2004-08-04 09:53:12 ----A---- C:\WINDOWS\system32\moricons.dll 2004-08-04 09:53:10 ----A---- C:\WINDOWS\system32\kbdukx.dll 2004-08-04 09:53:10 ----A---- C:\WINDOWS\system32\kbdsmsno.dll 2004-08-04 09:53:10 ----A---- C:\WINDOWS\system32\kbdsmsfi.dll 2004-08-04 09:53:10 ----A---- C:\WINDOWS\system32\kbdno1.dll 2004-08-04 09:53:10 ----A---- C:\WINDOWS\system32\kbdmlt48.dll 2004-08-04 09:53:10 ----A---- C:\WINDOWS\system32\kbdmlt47.dll 2004-08-04 09:53:10 ----A---- C:\WINDOWS\system32\kbdmaori.dll 2004-08-04 09:53:10 ----A---- C:\WINDOWS\system32\kbdinmal.dll 2004-08-04 09:53:10 ----A---- C:\WINDOWS\system32\kbdinben.dll 2004-08-04 09:53:10 ----A---- C:\WINDOWS\system32\kbdinbe1.dll 2004-08-04 09:53:10 ----A---- C:\WINDOWS\system32\kbdfi1.dll 2004-08-04 09:53:04 ----A---- C:\WINDOWS\system32\inetres.dll 2004-08-04 09:53:04 ----A---- C:\WINDOWS\system32\icmp.dll 2004-08-04 09:53:02 ----A---- C:\WINDOWS\system32\gpkrsrc.dll 2004-08-04 09:53:02 ----A---- C:\WINDOWS\system32\framebuf.dll 2004-08-04 09:52:58 ----A---- C:\WINDOWS\system32\dsprpres.dll 2004-08-04 09:52:58 ----A---- C:\WINDOWS\system32\dpnlobby.dll 2004-08-04 09:52:58 ----A---- C:\WINDOWS\system32\dpnaddr.dll 2004-08-04 09:52:52 ----A---- C:\WINDOWS\system32\cfgmgr32.dll 2004-08-04 09:52:52 ----A---- C:\WINDOWS\system32\browselc.dll 2004-08-04 09:52:50 ----A---- C:\WINDOWS\system32\atmfd.dll 2004-08-04 09:52:50 ----A---- C:\WINDOWS\system32\asferror.dll 2004-08-04 09:49:16 ----A---- C:\WINDOWS\system32\ntoskrnl.exe 2004-08-04 09:37:24 ----A---- C:\WINDOWS\system32\tscupgrd.exe 2004-08-04 09:37:18 ----A---- C:\WINDOWS\system32\mstsc.exe 2004-08-04 09:37:16 ----A---- C:\WINDOWS\system32\mmsystem.dll 2004-08-04 07:59:44 ----A---- C:\WINDOWS\system32\mstscax.dll 2004-08-04 07:59:36 ----A---- C:\WINDOWS\system32\spiisupd.exe 2004-08-04 07:59:24 ----A---- C:\WINDOWS\system32\kd1394.dll 2004-08-04 07:58:26 ----A---- C:\WINDOWS\system32\msvcrt40.dll 2004-08-04 07:51:28 ----A---- C:\WINDOWS\system32\dosx.exe 2004-08-04 07:51:20 ----A---- C:\WINDOWS\system32\winnls.dll 2004-08-04 07:49:58 ----A---- C:\WINDOWS\system32\krnl386.exe 2004-08-04 07:48:48 ----A---- C:\WINDOWS\system32\redir.exe 2004-08-04 07:31:44 ----A---- C:\WINDOWS\system32\slbcsp.dll 2004-08-04 07:31:44 ----A---- C:\WINDOWS\system32\sccbase.dll 2004-08-04 07:31:44 ----A---- C:\WINDOWS\system32\rsaenh.dll 2004-08-04 07:31:44 ----A---- C:\WINDOWS\system32\gpkcsp.dll 2004-08-04 07:31:44 ----A---- C:\WINDOWS\system32\dssenh.dll 2004-08-04 04:54:44 ----A---- C:\WINDOWS\system32\usbui.dll 2004-08-04 04:54:44 ----A---- C:\WINDOWS\system32\storprop.dll 2004-08-04 04:54:30 ----A---- C:\WINDOWS\system32\ksuser.dll 2004-08-04 04:54:28 ----A---- C:\WINDOWS\system32\i81xdnt5.dll 2004-07-17 20:46:14 ----A---- C:\WINDOWS\system32\tcpmon.ini 2004-07-17 20:39:04 ----A---- C:\WINDOWS\system32\xenroll.dll 2004-07-17 20:36:44 ----A---- C:\WINDOWS\system32\odbc16gt.dll 2004-07-17 20:36:44 ----A---- C:\WINDOWS\system32\ds16gt.dLL 2004-07-15 00:24:50 ----A---- C:\WINDOWS\system32\mscoree.dll 2004-07-14 23:34:06 ----A---- C:\WINDOWS\system32\mscorier.dll 2004-05-28 17:37:08 ----A---- C:\WINDOWS\system32\BSelList.dll 2004-02-04 18:21:02 ----A---- C:\WINDOWS\system32\Baspi32i.exe 2003-09-29 18:13:10 ----A---- C:\WINDOWS\system32\basp32un.exe 2003-09-29 18:12:58 ----A---- C:\WINDOWS\system32\basp2kun.exe 2003-02-20 19:16:34 ----A---- C:\WINDOWS\system32\netfxperf.dll 2003-02-20 19:09:14 ----A---- C:\WINDOWS\system32\mscories.dll 2002-09-10 13:32:15 ----SHD---- C:\0006662F 2002-09-10 13:31:44 ----A---- C:\WINDOWS\system32\pqaxbo.tmp 2002-09-10 13:31:08 ----D---- C:\Program Files\trend micro 2002-09-10 13:31:07 ----D---- C:\rsit 2002-09-10 13:30:28 ----A---- C:\WINDOWS\system32\tmpzydf2.exe 2002-09-10 08:24:35 ----A---- C:\WINDOWS\funshionplugin2.INI 2002-09-10 08:24:29 ----D---- C:\Program Files\Funshion Online 2002-09-10 08:24:27 ----D---- C:\Documents and Settings\Administrateur\Application Data\BITS 2002-09-10 08:24:19 ----D---- C:\Program Files\FlashGet Network 2002-09-10 08:23:36 ----A---- C:\WINDOWS\system32\RecordIni.ini 2002-09-10 08:23:33 ----A---- C:\WINDOWS\system32\xxxz23.ini 2002-09-10 08:23:16 ----SH---- C:\WINDOWS\system32\vmdetdhc.exe 2002-09-09 22:42:12 ----A---- C:\WINDOWS\system32\igfxzoom.exe 2002-09-09 22:42:12 ----A---- C:\WINDOWS\system32\igfxtray.exe 2002-09-09 22:42:12 ----A---- C:\WINDOWS\system32\igfxsrvc.dll 2002-09-09 22:42:12 ----A---- C:\WINDOWS\system32\igfxress.dll 2002-09-09 22:42:12 ----A---- C:\WINDOWS\system32\igfxpph.dll 2002-09-09 22:42:12 ----A---- C:\WINDOWS\system32\igfxhk.dll 2002-09-09 22:42:12 ----A---- C:\WINDOWS\system32\igfxext.exe 2002-09-09 22:42:12 ----A---- C:\WINDOWS\system32\igfxexps.dll 2002-09-09 22:42:12 ----A---- C:\WINDOWS\system32\igfxeud.dll 2002-09-09 22:42:12 ----A---- C:\WINDOWS\system32\igfxdo.dll 2002-09-09 22:42:12 ----A---- C:\WINDOWS\system32\igfxdiag.exe 2002-09-09 22:42:12 ----A---- C:\WINDOWS\system32\igfxdgps.dll 2002-09-09 22:42:12 ----A---- C:\WINDOWS\system32\igfxdev.dll 2002-09-09 22:42:11 ----A---- C:\WINDOWS\system32\igfxcfg.exe 2002-09-09 22:42:11 ----A---- C:\WINDOWS\system32\ialmrnt5.dll 2002-09-09 22:42:11 ----A---- C:\WINDOWS\system32\ialmrem.dll 2002-09-09 22:42:11 ----A---- C:\WINDOWS\system32\ialmgicd.dll 2002-09-09 22:42:11 ----A---- C:\WINDOWS\system32\ialmgdev.dll 2002-09-09 22:42:11 ----A---- C:\WINDOWS\system32\ialmdnt5.dll 2002-09-09 22:42:11 ----A---- C:\WINDOWS\system32\ialmdev5.dll 2002-09-09 22:42:11 ----A---- C:\WINDOWS\system32\ialmdd5.dll 2002-09-09 22:42:11 ----A---- C:\WINDOWS\system32\iAlmCoIn_v3924.dll 2002-09-09 22:42:11 ----A---- C:\WINDOWS\system32\hkcmd.exe 2002-09-09 22:42:11 ----A---- C:\WINDOWS\system32\hccutils.dll 2002-09-09 22:42:00 ----A---- C:\WINDOWS\system32\a3d.dll 2002-09-09 22:41:48 ----SD---- C:\WINDOWS\Tasks 2002-09-09 22:41:48 ----RD---- C:\WINDOWS\Web 2002-09-09 22:41:48 ----D---- C:\WINDOWS\WinSxS 2002-09-09 22:41:48 ----D---- C:\WINDOWS\twain_32 2002-09-09 22:41:48 ----D---- C:\WINDOWS\Temp 2002-09-09 22:41:47 ----D---- C:\WINDOWS\system32\xircom 2002-09-09 22:41:47 ----D---- C:\WINDOWS\system32\wins 2002-09-09 22:41:47 ----D---- C:\WINDOWS\system32\wbem 2002-09-09 22:41:47 ----D---- C:\WINDOWS\system32\usmt 2002-09-09 22:41:47 ----D---- C:\WINDOWS\system32\spool 2002-09-09 22:41:47 ----D---- C:\WINDOWS\system32\ShellExt 2002-09-09 22:41:47 ----D---- C:\WINDOWS\system32\Setup 2002-09-09 22:41:47 ----D---- C:\WINDOWS\system32\Restore 2002-09-09 22:41:47 ----D---- C:\WINDOWS\system32\ras 2002-09-09 22:41:46 ----SD---- C:\WINDOWS\system32\Microsoft 2002-09-09 22:41:46 ----RSHD---- C:\WINDOWS\system32\dllcache 2002-09-09 22:41:46 ----D---- C:\WINDOWS\system32\oobe 2002-09-09 22:41:46 ----D---- C:\WINDOWS\system32\npp 2002-09-09 22:41:46 ----D---- C:\WINDOWS\system32\mui 2002-09-09 22:41:46 ----D---- C:\WINDOWS\system32\MsDtc 2002-09-09 22:41:46 ----D---- C:\WINDOWS\system32\Macromed 2002-09-09 22:41:46 ----D---- C:\WINDOWS\system32\inetsrv 2002-09-09 22:41:46 ----D---- C:\WINDOWS\system32\IME 2002-09-09 22:41:46 ----D---- C:\WINDOWS\system32\icsxml 2002-09-09 22:41:46 ----D---- C:\WINDOWS\system32\ias 2002-09-09 22:41:46 ----D---- C:\WINDOWS\system32\export 2002-09-09 22:41:46 ----D---- C:\WINDOWS\system32\drivers 2002-09-09 22:41:46 ----D---- C:\WINDOWS\system32\DirectX 2002-09-09 22:41:46 ----D---- C:\WINDOWS\system32\dhcp 2002-09-09 22:41:46 ----D---- C:\WINDOWS\system32\config 2002-09-09 22:41:45 ----RD---- C:\WINDOWS\Offline Web Pages 2002-09-09 22:41:45 ----D---- C:\WINDOWS\system32\Com 2002-09-09 22:41:45 ----D---- C:\WINDOWS\system32\CatRoot2 2002-09-09 22:41:45 ----D---- C:\WINDOWS\system32\CatRoot 2002-09-09 22:41:45 ----D---- C:\WINDOWS\system32\3com_dmi 2002-09-09 22:41:45 ----D---- C:\WINDOWS\system32\3076 2002-09-09 22:41:45 ----D---- C:\WINDOWS\system32\2052 2002-09-09 22:41:45 ----D---- C:\WINDOWS\system32\1054 2002-09-09 22:41:45 ----D---- C:\WINDOWS\system32\1042 2002-09-09 22:41:45 ----D---- C:\WINDOWS\system32\1041 2002-09-09 22:41:45 ----D---- C:\WINDOWS\system32\1037 2002-09-09 22:41:45 ----D---- C:\WINDOWS\system32\1036 2002-09-09 22:41:45 ----D---- C:\WINDOWS\system32\1033 2002-09-09 22:41:45 ----D---- C:\WINDOWS\system32\1031 2002-09-09 22:41:45 ----D---- C:\WINDOWS\system32\1028 2002-09-09 22:41:45 ----D---- C:\WINDOWS\system32\1025 2002-09-09 22:41:45 ----D---- C:\WINDOWS\system32 2002-09-09 22:41:45 ----D---- C:\WINDOWS\system 2002-09-09 22:41:45 ----D---- C:\WINDOWS\srchasst 2002-09-09 22:41:45 ----D---- C:\WINDOWS\SoftwareDistribution 2002-09-09 22:41:45 ----D---- C:\WINDOWS\security 2002-09-09 22:41:45 ----D---- C:\WINDOWS\Resources 2002-09-09 22:41:45 ----D---- C:\WINDOWS\repair 2002-09-09 22:41:45 ----D---- C:\WINDOWS\Registration 2002-09-09 22:41:45 ----D---- C:\WINDOWS\Provisioning 2002-09-09 22:41:45 ----D---- C:\WINDOWS\Prefetch 2002-09-09 22:41:45 ----D---- C:\WINDOWS\PeerNet 2002-09-09 22:41:45 ----D---- C:\WINDOWS\pchealth 2002-09-09 22:41:45 ----D---- C:\WINDOWS\mui 2002-09-09 22:41:45 ----D---- C:\WINDOWS\msapps 2002-09-09 22:41:45 ----D---- C:\WINDOWS\msagent 2002-09-09 22:41:44 ----SHD---- C:\WINDOWS\Installer 2002-09-09 22:41:44 ----HD---- C:\WINDOWS\inf 2002-09-09 22:41:44 ----D---- C:\WINDOWS\Media 2002-09-09 22:41:44 ----D---- C:\WINDOWS\java 2002-09-09 22:41:44 ----D---- C:\WINDOWS\ime 2002-09-09 22:41:43 ----SHD---- C:\System Volume Information 2002-09-09 22:41:43 ----SD---- C:\WINDOWS\Downloaded Program Files 2002-09-09 22:41:43 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2002-09-09 22:41:43 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft 2002-09-09 22:41:43 ----RSD---- C:\WINDOWS\Fonts 2002-09-09 22:41:43 ----RD---- C:\Program Files 2002-09-09 22:41:43 ----HD---- C:\Program Files\WindowsUpdate 2002-09-09 22:41:43 ----HD---- C:\Program Files\Uninstall Information 2002-09-09 22:41:43 ----D---- C:\WINDOWS\Help 2002-09-09 22:41:43 ----D---- C:\WINDOWS\ehome 2002-09-09 22:41:43 ----D---- C:\WINDOWS\Driver Cache 2002-09-09 22:41:43 ----D---- C:\WINDOWS\Debug 2002-09-09 22:41:43 ----D---- C:\WINDOWS\Cursors 2002-09-09 22:41:43 ----D---- C:\WINDOWS\Connection Wizard 2002-09-09 22:41:43 ----D---- C:\WINDOWS\Config 2002-09-09 22:41:43 ----D---- C:\WINDOWS\AppPatch 2002-09-09 22:41:43 ----D---- C:\WINDOWS\addins 2002-09-09 22:41:43 ----D---- C:\WINDOWS 2002-09-09 22:41:43 ----D---- C:\Program Files\xerox 2002-09-09 22:41:43 ----D---- C:\Program Files\Windows NT 2002-09-09 22:41:43 ----D---- C:\Program Files\Windows Media Player 2002-09-09 22:41:43 ----D---- C:\Program Files\Services en ligne 2002-09-09 22:41:43 ----D---- C:\Program Files\Outlook Express 2002-09-09 22:41:43 ----D---- C:\Program Files\Online Services 2002-09-09 22:41:43 ----D---- C:\Program Files\NetMeeting 2002-09-09 22:41:43 ----D---- C:\Program Files\MSN Gaming Zone 2002-09-09 22:41:43 ----D---- C:\Program Files\MSN 2002-09-09 22:41:43 ----D---- C:\Program Files\Movie Maker 2002-09-09 22:41:43 ----D---- C:\Program Files\microsoft frontpage 2002-09-09 22:41:43 ----D---- C:\Program Files\Messenger 2002-09-09 22:41:43 ----D---- C:\Program Files\Internet Explorer 2002-09-09 22:41:43 ----D---- C:\Program Files\Fichiers communs\System 2002-09-09 22:41:43 ----D---- C:\Program Files\Fichiers communs\SpeechEngines 2002-09-09 22:41:43 ----D---- C:\Program Files\Fichiers communs\Services 2002-09-09 22:41:43 ----D---- C:\Program Files\Fichiers communs\ODBC 2002-09-09 22:41:43 ----D---- C:\Program Files\Fichiers communs\MSSoap 2002-09-09 22:41:43 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2002-09-09 22:41:43 ----D---- C:\Program Files\Fichiers communs 2002-09-09 22:41:43 ----D---- C:\Program Files\ComPlus Applications 2002-09-09 22:41:43 ----D---- C:\Documents and Settings\Administrateur\Application Data\Identities 2002-09-09 22:41:43 ----D---- C:\Documents and Settings 2002-09-09 22:41:41 ----D---- C:\Cpqapps 2002-09-09 22:36:16 ----RASH---- C:\boot.ini 2002-09-09 22:34:57 ----A---- C:\WINDOWS\win.ini 2002-09-09 22:34:56 ----A---- C:\WINDOWS\vbaddin.ini 2002-09-09 22:34:56 ----A---- C:\WINDOWS\vb.ini 2002-09-09 22:34:41 ----A---- C:\WINDOWS\system32\winntbbu.dll 2002-09-09 22:34:04 ----A---- C:\WINDOWS\system32\vwipxspx.exe 2002-09-09 22:34:03 ----A---- C:\WINDOWS\system32\usrlogon.cmd 2002-09-09 22:33:54 ----A---- C:\WINDOWS\system32\telnet.exe 2002-09-09 22:33:45 ----A---- C:\WINDOWS\system32\spnpinst.exe 2002-09-09 22:33:38 ----A---- C:\WINDOWS\system32\share.exe 2002-09-09 22:33:26 ----A---- C:\WINDOWS\system32\prodspec.ini 2002-09-09 22:33:24 ----A---- C:\WINDOWS\system32\pidgen.dll 2002-09-09 22:33:24 ----A---- C:\WINDOWS\system32\perffilt.ini 2002-09-09 22:32:35 ----A---- C:\WINDOWS\system32\ntsdexts.dll 2002-09-09 22:32:35 ----A---- C:\WINDOWS\system32\ntsd.exe 2002-09-09 22:32:31 ----A---- C:\WINDOWS\system32\ntdll.dll 2002-09-09 22:32:27 ----A---- C:\WINDOWS\system32\netsetup.exe 2002-09-09 22:32:05 ----A---- C:\WINDOWS\system32\mscdexnt.exe 2002-09-09 22:31:53 ----A---- C:\WINDOWS\system32\login.cmd 2002-09-09 22:31:52 ----A---- C:\WINDOWS\system32\loadfix.com 2002-09-09 22:31:48 ----A---- C:\WINDOWS\system32\kbdusx.dll 2002-09-09 22:31:48 ----A---- C:\WINDOWS\system32\kbdusr.dll 2002-09-09 22:31:48 ----A---- C:\WINDOWS\system32\kbdusl.dll 2002-09-09 22:31:48 ----A---- C:\WINDOWS\system32\kbdus.dll 2002-09-09 22:31:48 ----A---- C:\WINDOWS\system32\kbduk.dll 2002-09-09 22:31:48 ----A---- C:\WINDOWS\system32\kbdsw.dll 2002-09-09 22:31:48 ----A---- C:\WINDOWS\system32\kbdsp.dll 2002-09-09 22:31:48 ----A---- C:\WINDOWS\system32\kbdsg.dll 2002-09-09 22:31:48 ----A---- C:\WINDOWS\system32\kbdsf.dll 2002-09-09 22:31:48 ----A---- C:\WINDOWS\system32\kbdpo.dll 2002-09-09 22:31:48 ----A---- C:\WINDOWS\system32\kbdno.dll 2002-09-09 22:31:48 ----A---- C:\WINDOWS\system32\kbdnec.dll 2002-09-09 22:31:48 ----A---- C:\WINDOWS\system32\kbdne.dll 2002-09-09 22:31:48 ----A---- C:\WINDOWS\system32\kbdla.dll 2002-09-09 22:31:48 ----A---- C:\WINDOWS\system32\kbdit142.dll 2002-09-09 22:31:48 ----A---- C:\WINDOWS\system32\kbdit.dll 2002-09-09 22:31:48 ----A---- C:\WINDOWS\system32\kbdir.dll 2002-09-09 22:31:48 ----A---- C:\WINDOWS\system32\kbdic.dll 2002-09-09 22:31:47 ----A---- C:\WINDOWS\system32\kbdgr1.dll 2002-09-09 22:31:47 ----A---- C:\WINDOWS\system32\kbdgr.dll 2002-09-09 22:31:47 ----A---- C:\WINDOWS\system32\kbdgae.dll 2002-09-09 22:31:47 ----A---- C:\WINDOWS\system32\kbdfr.dll 2002-09-09 22:31:47 ----A---- C:\WINDOWS\system32\kbdfi.dll 2002-09-09 22:31:47 ----A---- C:\WINDOWS\system32\kbdfc.dll 2002-09-09 22:31:47 ----A---- C:\WINDOWS\system32\kbdes.dll 2002-09-09 22:31:47 ----A---- C:\WINDOWS\system32\kbddv.dll 2002-09-09 22:31:47 ----A---- C:\WINDOWS\system32\kbdda.dll 2002-09-09 22:31:47 ----A---- C:\WINDOWS\system32\kbdca.dll 2002-09-09 22:31:47 ----A---- C:\WINDOWS\system32\kbdbr.dll 2002-09-09 22:31:47 ----A---- C:\WINDOWS\system32\kbdbe.dll 2002-09-09 22:31:41 ----A---- C:\WINDOWS\system32\imagehlp.dll 2002-09-09 22:31:34 ----A---- C:\WINDOWS\system32\h323log.txt 2002-09-09 22:31:31 ----A---- C:\WINDOWS\system32\fastopen.exe 2002-09-09 22:31:30 ----A---- C:\WINDOWS\system32\exts.dll 2002-09-09 22:31:29 ----A---- C:\WINDOWS\system32\expand.exe 2002-09-09 22:31:28 ----A---- C:\WINDOWS\system32\eula.txt 2002-09-09 22:30:41 ----AH---- C:\WINDOWS\system32\desktop.ini 2002-09-09 22:30:40 ----A---- C:\WINDOWS\system32\dbghelp.dll 2002-09-09 22:30:39 ----A---- C:\WINDOWS\system32\dbgeng.dll 2002-09-09 22:30:13 ----A---- C:\WINDOWS\system32\cabinet.dll 2002-09-09 22:30:09 ----A---- C:\WINDOWS\system32\autofmt.exe 2002-09-09 22:30:08 ----A---- C:\WINDOWS\system32\autochk.exe 2002-09-09 22:29:27 ----A---- C:\WINDOWS\system.ini 2002-09-09 22:29:08 ----A---- C:\WINDOWS\regedit.exe 2002-09-09 22:28:30 ----A---- C:\WINDOWS\msdfmap.ini 2002-09-09 22:28:22 ----AH---- C:\WINDOWS\desktop.ini 2002-09-09 22:28:22 ----A---- C:\WINDOWS\control.ini 2002-09-09 22:27:04 ----A---- C:\WINDOWS\SchedLgU.Txt 2002-09-09 22:27:00 ----A---- C:\WINDOWS\OEWABLog.txt 2002-09-09 22:18:17 ----D---- C:\i386 2002-09-09 22:16:41 ----A---- C:\WINDOWS\system32\oeminfo.ini 2002-09-09 22:14:55 ----D---- C:\Compaq 2002-09-09 22:11:23 ----HD---- C:\SYSTEM.SAV 2002-09-09 22:09:04 ----RASH---- C:\NTDETECT.COM 2002-09-09 14:25:53 ----D---- C:\WINDOWS\system32\SoftwareDistribution 2002-09-09 14:20:26 ----D---- C:\Program Files\Skype 2002-09-09 14:20:17 ----A---- C:\eee.bat 2002-09-09 14:19:39 ----A---- C:\not.exe 2002-09-09 14:17:02 ----D---- C:\Documents and Settings\Administrateur\Application Data\AVG7 2002-09-09 14:16:55 ----A---- C:\WINDOWS\system32\msvcr71.dll 2002-09-09 14:16:55 ----A---- C:\WINDOWS\system32\msvcp71.dll 2002-09-09 14:16:48 ----D---- C:\Program Files\Grisoft 2002-09-09 14:16:48 ----D---- C:\Documents and Settings\All Users\Application Data\Grisoft 2002-09-09 14:16:48 ----D---- C:\Documents and Settings\All Users\Application Data\avg7 2002-09-09 14:15:16 ----D---- C:\Program Files\WinRAR 2002-09-09 14:03:20 ----D---- C:\Intel 2002-09-09 14:03:20 ----A---- C:\WINDOWS\system32\igfxres.dll 2002-09-09 14:03:11 ----A---- C:\WINDOWS\system32\wmpns.dll 2002-09-09 14:01:31 ----D---- C:\Program Files\Raccourcis de programmes 2002-09-09 13:58:10 ----SHD---- C:\RECYCLER 2002-09-09 13:58:10 ----A---- C:\WINDOWS\smscfg.ini 2002-09-09 13:56:13 ----A---- C:\WINDOWS\IsUn040c.exe 2002-09-09 13:56:08 ----A---- C:\WINDOWS\KLayMgr.exe 2002-09-09 13:55:49 ----D---- C:\Program Files\Hewlett-Packard 2002-09-09 13:55:49 ----A---- C:\WINDOWS\system32\std201mt.dll 2002-09-09 13:55:49 ----A---- C:\WINDOWS\system32\scapflex.dll 2002-09-09 13:55:49 ----A---- C:\WINDOWS\system32\scagplus.dll 2002-09-09 13:55:49 ----A---- C:\WINDOWS\system32\scagpl8k.dll 2002-09-09 13:55:49 ----A---- C:\WINDOWS\system32\msgeppg1.dll 2002-09-09 13:55:49 ----A---- C:\WINDOWS\system32\hp-common-msg.dll 2002-09-09 13:55:49 ----A---- C:\WINDOWS\system32\gpatools.dll 2002-09-09 13:55:49 ----A---- C:\WINDOWS\system32\gparm.dll 2002-09-09 13:55:49 ----A---- C:\WINDOWS\system32\gpa.dll 2002-09-09 13:55:49 ----A---- C:\WINDOWS\system32\epppflex.dll 2002-09-09 13:55:49 ----A---- C:\WINDOWS\system32\eppgplus.dll 2002-09-09 13:55:49 ----A---- C:\WINDOWS\system32\eppgpl8k.dll 2002-09-09 13:55:34 ----D---- C:\Program Files\Compaq 2002-09-09 13:55:26 ----D---- C:\Program Files\HPMAK 2002-09-09 13:55:26 ----A---- C:\WINDOWS\MAKUSB.dll 2002-09-09 13:55:26 ----A---- C:\WINDOWS\MAKTray.exe 2002-09-09 13:55:26 ----A---- C:\WINDOWS\MAKHkey.exe 2002-09-09 13:55:26 ----A---- C:\WINDOWS\MAKHkdll.dll 2002-09-09 13:53:30 ----D---- C:\Program Files\HPQ 2002-09-09 13:53:12 ----A---- C:\WINDOWS\system32\IVIresizeW7.dll 2002-09-09 13:53:12 ----A---- C:\WINDOWS\system32\IVIresizePX.dll 2002-09-09 13:53:12 ----A---- C:\WINDOWS\system32\IVIresizeP6.dll 2002-09-09 13:53:12 ----A---- C:\WINDOWS\system32\IVIresizeM6.dll 2002-09-09 13:53:12 ----A---- C:\WINDOWS\system32\IVIresizeA6.dll 2002-09-09 13:53:12 ----A---- C:\WINDOWS\system32\IVIresize.dll 2002-09-09 13:53:11 ----D---- C:\Program Files\InterVideo 2002-09-09 13:52:59 ----D---- C:\Program Files\Altiris 2002-09-09 13:52:40 ----A---- C:\WINDOWS\system32\Baspxp32.dll 2002-09-09 13:52:39 ----D---- C:\Program Files\Broadcom 2002-09-09 13:52:36 ----D---- C:\WINDOWS\Downloaded Installations 2002-09-09 13:51:48 ----A---- C:\WINDOWS\system32\wdmioctl.dll 2002-09-09 13:51:48 ----A---- C:\WINDOWS\system32\SMMedia.dll 2002-09-09 13:51:48 ----A---- C:\WINDOWS\SynthCoreA.Dll 2002-09-09 13:51:47 ----HD---- C:\Program Files\InstallShield Installation Information 2002-09-09 13:51:47 ----D---- C:\Program Files\Analog Devices 2002-09-09 13:51:47 ----A---- C:\WINDOWS\system32\SynthCore11Resources.dll 2002-09-09 13:51:47 ----A---- C:\WINDOWS\system32\Syncor11.dll 2002-09-09 13:51:47 ----A---- C:\WINDOWS\system32\S11thk32.dll 2002-09-09 13:51:47 ----A---- C:\WINDOWS\system32\msssc.dll 2002-09-09 13:51:47 ----A---- C:\WINDOWS\system32\DSndUp.exe 2002-09-09 13:51:47 ----A---- C:\WINDOWS\system32\CleanUp.exe 2002-09-09 13:51:47 ----A---- C:\WINDOWS\SynCor.exe 2002-09-09 13:51:45 ----D---- C:\Program Files\Fichiers communs\InstallShield 2002-09-09 13:51:12 ----A---- C:\WINDOWS\system32\javaws.exe 2002-09-09 13:51:12 ----A---- C:\WINDOWS\system32\javaw.exe 2002-09-09 13:51:12 ----A---- C:\WINDOWS\system32\java.exe 2002-09-09 13:50:56 ----D---- C:\Program Files\Java 2002-09-09 13:50:55 ----D---- C:\Program Files\Fichiers communs\Java 2002-09-09 13:50:40 ----HDC---- C:\WINDOWS\$NtUninstallKB886199$ 2002-09-09 13:50:40 ----A---- C:\WINDOWS\system32\spmsg.dll 2002-09-09 13:48:53 ----RSD---- C:\WINDOWS\assembly 2002-09-09 13:48:53 ----D---- C:\WINDOWS\Microsoft.NET 2002-09-09 13:48:52 ----D---- C:\WINDOWS\system32\URTTemp 2002-09-09 13:47:24 ----D---- C:\WINDOWS\system32\ReinstallBackups 2002-09-09 13:46:29 ----A---- C:\WINDOWS\system32\hccoin.dll List of drivers R1 Avg7Core;AVG7 Kernel; C:\WINDOWS\system32\System32\Drivers\avg7core.sys [] R1 Avg7RsW;AVG7 Wrap Driver; C:\WINDOWS\system32\System32\Drivers\avg7rsw.sys [] R1 Avg7RsXP;AVG7 Resident Driver XP; C:\WINDOWS\system32\System32\Drivers\avg7rsxp.sys [] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 40320] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848] R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-10-23 100384] R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2004-11-16 190592] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-09-30 752093] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 pqaxbo;pqaxbo; \??\C:\WINDOWS\system32\pqaxbo.tmp [] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-04-15 612416] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S1 P3;Pilote processeur Intel Pentium III; C:\WINDOWS\system32\DRIVERS\p3.sys [2004-08-05 46720] S3 ac97intc;Service d'installation du pilote audio Intel® 82801 (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-18 96256] S3 Blfp;Broadcom Advanced Server Program Driver; C:\WINDOWS\system32\DRIVERS\baspxp32.sys [2004-02-04 51584] S3 E100B;Pilote de carte Intel ® PRO; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-23 117760] S3 i81x;i81x; C:\WINDOWS\system32\DRIVERS\i81xnt5.sys [2004-08-04 161020] S3 iAimFP0;iAimFP0; C:\WINDOWS\system32\DRIVERS\wADV01nt.sys [2004-08-04 12415] S3 iAimFP1;iAimFP1; C:\WINDOWS\system32\DRIVERS\wADV02NT.sys [2004-08-04 12127] S3 iAimFP2;iAimFP2; C:\WINDOWS\system32\DRIVERS\wADV05NT.sys [2004-08-04 11775] S3 iAimFP3;iAimFP3; C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys [2004-08-04 12063] S3 iAimFP4;iAimFP4; C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys [2004-08-04 19455] S3 iAimFP5;iAimFP5; C:\WINDOWS\system32\DRIVERS\wADV07nt.sys [2004-08-04 11807] S3 iAimFP6;iAimFP6; C:\WINDOWS\system32\DRIVERS\wADV08nt.sys [2004-08-04 11295] S3 iAimFP7;iAimFP7; C:\WINDOWS\system32\DRIVERS\wADV09nt.sys [2004-08-04 11871] S3 iAimTV0;iAimTV0; C:\WINDOWS\system32\DRIVERS\wATV01nt.sys [2004-08-04 29311] S3 iAimTV1;iAimTV1; C:\WINDOWS\system32\DRIVERS\wATV02NT.sys [2004-08-04 19551] S3 iAimTV3;iAimTV3; C:\WINDOWS\system32\DRIVERS\wATV04nt.sys [2004-08-04 33599] S3 iAimTV4;iAimTV4; C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys [2004-08-04 23615] S3 iAimTV5;iAimTV5; C:\WINDOWS\system32\DRIVERS\wATV10nt.sys [2004-08-04 25471] S3 iAimTV6;iAimTV6; C:\WINDOWS\system32\DRIVERS\wATV06nt.sys [2004-08-04 22271] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S4 adpu320;adpu320; C:\WINDOWS\system32\system32\DRIVERS\adpu320.sys [] S4 IntelIde;IntelIde; C:\WINDOWS\system32\system32\DRIVERS\intelide.sys [] S4 Symmpi;Symmpi; C:\WINDOWS\system32\system32\DRIVERS\symmpi.sys [] List of services R2 Avg7Alrt;AVG7 Alert Manager Server; C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe [2002-09-09 330291] R2 Avg7UpdSvc;AVG7 Update Service; C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe [2002-09-09 39987] R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 hpqwmi;HP WMI Interface; C:\Program Files\HPQ\Shared\hpqwmi.exe [2004-07-27 98304] -----------------EOF----------------- et voilà le fichier info : info.txt logfile of random's system information tool 2002-09-10 13:31:58 Uninstall list -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf ÃÔÄã¿ì³µ(FlashGetMini)-1.2°æ-->C:\Program Files\FlashGet Network\FlashGet Mini\uninst.exe Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Broadcom Management Programs-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{64A77F14-0E08-4A97-A859-E93CFF428756} /l1036 Funshion Movie on Demand-->C:\Program Files\Funshion Online\Funshion\Uninstall.exe HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall HP Help and Support-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\SETUP.EXE" -l0x40c HP ProtectTools Security Manager 1.00 C2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{914E1AB1-DCA0-4A7D-935F-B58C4B887A2B}\SETUP.exe" -l0x40c hpquninst HP Smart Card Security for ProtectTools 5.00 D4-->C:\Program Files\Hewlett-Packard\HP Smart Card Security for ProtectTools\ahpunset.exe -{0515803B-5068-4599-8666-963E143C7381} Intel® Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2782 PCI\VEN_8086&DEV_2582 InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000} Keyboard Layout Management Application-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79770F05-E3B8-4DAA-BEDB-9EBF29EAF527}\SETUP.EXE" -l0x9 MAK-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{269F596B-E679-40DD-866A-DF7182A483BF}\Setup.exe" -l0x40c Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Skype 2.5-->"C:\Program Files\Skype\Phone\unins000.exe" Software Setup-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\COMPAQ\Software Setup\Uninst.isu" -c"C:\Program Files\COMPAQ\Software Setup\CPQUNST.DLL" SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\SETUP.EXE" Système anti-virus AVG 7.1-->C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL Hosts File Missing je vais télécharger et lancer combofix de suite. merci
  7. lili80
    merci pour les indications : le fichier log est le suivant : Logfile of random's system information tool (written by random/random) Run by Administrateur at 2002-09-10 13:32:16 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 70 GB (92%) free of 76 GB Total RAM: 759 MB (68% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:32:17, on 10/09/2002 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\cmmon32.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\WINDOWS\MAKTray.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\FlashGet Network\FlashGet Mini\FlashGetMini.exe C:\Program Files\Funshion Online\Funshion\Funshion.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\MAKHKEY.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Administrateur\ntuser.com C:\WINDOWS\system32\xybzpc C:\WINDOWS\system32\tmpzydf2.exe C:\WINDOWS\system\zyndle080908.exe C:\program files\internet explorer\iexplore.exe C:\Documents and Settings\Administrateur\Bureau\RSIT.exe C:\0006662F\000667D4 C:\Program Files\trend micro\Administrateur.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: MiniFlashGetBHO - {C74E94A7-B7BD-4891-9328-455395BCC7AD} - C:\Program Files\FlashGet Network\FlashGet Mini\libMiniBHO.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [MAKTray] MAKTray.exe O4 - HKLM\..\Run: [setRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe O4 - HKLM\..\Run: [LayoutM] KLayMgr.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [vmdetdhc.exe] C:\WINDOWS\system32\vmdetdhc.exe O4 - HKLM\..\Run: [MINIFLASHGET] "C:\Program Files\FlashGet Network\FlashGet Mini\FlashGetMini.exe" /minimize O4 - HKLM\..\Run: [Funshion] C:\Program Files\Funshion Online\Funshion\Funshion.exe /tray O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [MINIFLASHGET] "C:\Program Files\FlashGet Network\FlashGet Mini\FlashGetMini.exe" /minimize O4 - HKLM\..\Policies\Explorer\Run: [nzy_df] C:\WINDOWS\system\zyndle080908.exe O4 - HKLM\..\Policies\Explorer\Run: [mysys] C:\WINDOWS\cmmon32.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') ****le fichier info est le suivant : info.txt logfile of random's system information tool 2002-09-10 13:31:58 Uninstall list -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf ÃÔÄã¿ì³µ(FlashGetMini)-1.2°æ-->C:\Program Files\FlashGet Network\FlashGet Mini\uninst.exe Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Broadcom Management Programs-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{64A77F14-0E08-4A97-A859-E93CFF428756} /l1036 Funshion Movie on Demand-->C:\Program Files\Funshion Online\Funshion\Uninstall.exe HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall HP Help and Support-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\SETUP.EXE" -l0x40c HP ProtectTools Security Manager 1.00 C2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{914E1AB1-DCA0-4A7D-935F-B58C4B887A2B}\SETUP.exe" -l0x40c hpquninst HP Smart Card Security for ProtectTools 5.00 D4-->C:\Program Files\Hewlett-Packard\HP Smart Card Security for ProtectTools\ahpunset.exe -{0515803B-5068-4599-8666-963E143C7381} Intel® Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2782 PCI\VEN_8086&DEV_2582 InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000} Keyboard Layout Management Application-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79770F05-E3B8-4DAA-BEDB-9EBF29EAF527}\SETUP.EXE" -l0x9 MAK-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{269F596B-E679-40DD-866A-DF7182A483BF}\Setup.exe" -l0x40c Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Skype 2.5-->"C:\Program Files\Skype\Phone\unins000.exe" Software Setup-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\COMPAQ\Software Setup\Uninst.isu" -c"C:\Program Files\COMPAQ\Software Setup\CPQUNST.DLL" SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\SETUP.EXE" Système anti-virus AVG 7.1-->C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL Hosts File Missing
  8. lili80
    bonjour ; Mon pc est infecté, j'ai remarqué que ma page d'accueil affiche un site chinois, des logiciels et raccourcis vers des sites chinois se sont installés tous seuls, des erreurs sont fréquemment signalées, mes programmes se ferment et mon pc a même redémarré tout seul, je venais d'installer kaspersky mais pour une raison que je ne connais pas il est désactivé. donc, j'ai pensé à restaurer le système et à formatter, et c'est ce que j'ai fait. je croyais que c'était réglé mais il a suffi que j'éteigne mon pc et que je le rallume pour que ça recommence. je ne sais plus quoi faire, aidez moi svp.
×
×
  • Créer...