Trojan.Win32.Monderd.l
Scarecrow
-
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
J'utilise Kaspersky AV (mis a jour) qui me detecte plusieurs trojans (cleui du titre ainsi que Trojan.Win32.Generic).
Mon pc est tres lent par moment malgre les nombreuses "reparations" tentees via Kaspersky.
Voic le log Hijack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:45:32, on 21/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pyrodeathsquad.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O2 - BHO: {dd0a4b64-48a6-8ee8-5004-b2bc5badc6d3} - {3d6cdab5-cb2b-4005-8ee8-6a8446b4a0dd} - C:\WINDOWS\system32\bgtsaf.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {c2742f47-7937-4f46-838e-e532f45a5cb6} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Anti-Blaxx Manager] C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [UVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [jatomujupu] Rundll32.exe "C:\WINDOWS\system32\wehokepu.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader5.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {66D845A0-C3BB-45AD-807C-9BFEAF20EF2C} (InPEditor Class) - https://www.sle-eur.com/content/static/ecm/activex/Enable_Edit_In_Place.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader4.cab
O20 - AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd.dll c:\windows\system32\yakiyayi.dll c:\windows\system32\zifutoro.dll bgtsaf.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - (no file)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
J'utilise Kaspersky AV (mis a jour) qui me detecte plusieurs trojans (cleui du titre ainsi que Trojan.Win32.Generic).
Mon pc est tres lent par moment malgre les nombreuses "reparations" tentees via Kaspersky.
Voic le log Hijack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:45:32, on 21/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pyrodeathsquad.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O2 - BHO: {dd0a4b64-48a6-8ee8-5004-b2bc5badc6d3} - {3d6cdab5-cb2b-4005-8ee8-6a8446b4a0dd} - C:\WINDOWS\system32\bgtsaf.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {c2742f47-7937-4f46-838e-e532f45a5cb6} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Anti-Blaxx Manager] C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [UVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [jatomujupu] Rundll32.exe "C:\WINDOWS\system32\wehokepu.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader5.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {66D845A0-C3BB-45AD-807C-9BFEAF20EF2C} (InPEditor Class) - https://www.sle-eur.com/content/static/ecm/activex/Enable_Edit_In_Place.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader4.cab
O20 - AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd.dll c:\windows\system32\yakiyayi.dll c:\windows\system32\zifutoro.dll bgtsaf.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - (no file)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
A voir également:
- Trojan.Win32.Monderd.l
- Trojan.win32.generic - Forum Virus
- Trojan.Win32.Crypt.t - Forum Virus
- Trojan.win32.sepeh.gen - Forum Virus
- HEUR:Trojan.Win32.Generic ✓ - Forum Virus
- PDM Trojan.Win32.Generic ✓ - Forum Virus
12 réponses
slt,
scan avec
MalwareByte's Anti-Malware après mise a jour, en mode normal et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
________________________
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
scan avec
MalwareByte's Anti-Malware après mise a jour, en mode normal et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
________________________
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1684
Windows 5.1.2600 Service Pack 2
24/01/2009 0:24:44
mbam-log-2009-01-24 (00-24-44).txt
Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 149275
Temps écoulé: 2 hour(s), 9 minute(s), 52 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 5
Clé(s) du Registre infectée(s): 9
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 5
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 33
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\repudana.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\kimulizi.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\gotasura.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\bujokatu.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\foyorere.dll (Trojan.Vundo.H) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2742f47-7937-4f46-838e-e532f45a5cb6} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c2742f47-7937-4f46-838e-e532f45a5cb6} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c2742f47-7937-4f46-838e-e532f45a5cb6} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\1416d033 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\jatomujupu (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm1725e3af (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo.H) -> Delete on reboot.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\gotasura.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\gotasura.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\bujokatu.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\bujokatu.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\bujokatu.dll -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\WINDOWS\system32\AppCert (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\DomPlayer (Trojan.Lop) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\jiyazami.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\imazayij.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lezaromo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\omorazel.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\repudana.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\anaduper.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sokazoya.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\ayozakos.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\foyorere.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\gotasura.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\kimulizi.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\bujokatu.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029091.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029099.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029112.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nimaboyu.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kinotige.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dufizige.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gejekoyu.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\meyaforu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pujojiwu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wazuhope.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oiizhh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tyajdq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\davotudo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\AppCert\options.dat (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\talefake.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\huhukuge.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lipoyiya.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mojekogi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mesekaho.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vurotipe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\zekuboli.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
Logfile of random's system information tool 1.05 (written by random/random)
Run by Scarecrow at 2009-01-24 00:37:20
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 2 GB (7%) free of 30 GB
Total RAM: 1535 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:37:25, on 24/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Scarecrow\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Scarecrow.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.pyrodeathsquad.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Anti-Blaxx Manager] C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [UVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [jatomujupu] Rundll32.exe "C:\WINDOWS\system32\foyorere.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader5.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {66D845A0-C3BB-45AD-807C-9BFEAF20EF2C} (InPEditor Class) - https://www.sle-eur.com/content/static/ecm/activex/Enable_Edit_In_Place.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader4.cab
O20 - AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd.dll c:\windows\system32\yakiyayi.dll c:\windows\system32\zifutoro.dll,
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
Version de la base de données: 1684
Windows 5.1.2600 Service Pack 2
24/01/2009 0:24:44
mbam-log-2009-01-24 (00-24-44).txt
Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 149275
Temps écoulé: 2 hour(s), 9 minute(s), 52 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 5
Clé(s) du Registre infectée(s): 9
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 5
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 33
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\repudana.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\kimulizi.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\gotasura.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\bujokatu.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\foyorere.dll (Trojan.Vundo.H) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2742f47-7937-4f46-838e-e532f45a5cb6} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c2742f47-7937-4f46-838e-e532f45a5cb6} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c2742f47-7937-4f46-838e-e532f45a5cb6} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\1416d033 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\jatomujupu (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm1725e3af (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo.H) -> Delete on reboot.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\gotasura.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\gotasura.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\bujokatu.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\bujokatu.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\bujokatu.dll -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\WINDOWS\system32\AppCert (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\DomPlayer (Trojan.Lop) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\jiyazami.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\imazayij.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lezaromo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\omorazel.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\repudana.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\anaduper.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sokazoya.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\ayozakos.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\foyorere.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\gotasura.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\kimulizi.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\bujokatu.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029091.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029099.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029112.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nimaboyu.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kinotige.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dufizige.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gejekoyu.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\meyaforu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pujojiwu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wazuhope.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oiizhh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tyajdq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\davotudo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\AppCert\options.dat (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\talefake.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\huhukuge.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lipoyiya.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mojekogi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mesekaho.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vurotipe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\zekuboli.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
Logfile of random's system information tool 1.05 (written by random/random)
Run by Scarecrow at 2009-01-24 00:37:20
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 2 GB (7%) free of 30 GB
Total RAM: 1535 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:37:25, on 24/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Scarecrow\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Scarecrow.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.pyrodeathsquad.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Anti-Blaxx Manager] C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [UVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [jatomujupu] Rundll32.exe "C:\WINDOWS\system32\foyorere.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader5.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {66D845A0-C3BB-45AD-807C-9BFEAF20EF2C} (InPEditor Class) - https://www.sle-eur.com/content/static/ecm/activex/Enable_Edit_In_Place.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader4.cab
O20 - AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd.dll c:\windows\system32\yakiyayi.dll c:\windows\system32\zifutoro.dll,
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
vire ce qui est en quarantaine dans malwarbeyte
_____________________
télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
___________________________
mettre a jour internet explorer
https://www.01net.com/telecharger/windows/Internet/navigateur/fiches/33081.html
______________________________
mettre à jour adobe reader
https://acrobat.adobe.com/fr/fr/acrobat/pdf-reader.html
Mettre a jour java:
Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries.
Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
Double-clique sur le répertoire JavaRa obtenu.
Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)
Clique sur Search For Updates.
Sélectionne Update Using jucheck.exe puis clique sur Search.
Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log
(c:\JavaRa.log)
Ferme l'application.
si cela ne fonctionne pas
https://www.java.com/fr/download/windows_manual.jsp?locale=fr&host=www.java.com:80
tu peux désinstaller les vieilles versions.
_______________________________
remets un rapport rsit
_____________________
télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
___________________________
mettre a jour internet explorer
https://www.01net.com/telecharger/windows/Internet/navigateur/fiches/33081.html
______________________________
mettre à jour adobe reader
https://acrobat.adobe.com/fr/fr/acrobat/pdf-reader.html
Mettre a jour java:
Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries.
Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
Double-clique sur le répertoire JavaRa obtenu.
Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)
Clique sur Search For Updates.
Sélectionne Update Using jucheck.exe puis clique sur Search.
Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log
(c:\JavaRa.log)
Ferme l'application.
si cela ne fonctionne pas
https://www.java.com/fr/download/windows_manual.jsp?locale=fr&host=www.java.com:80
tu peux désinstaller les vieilles versions.
_______________________________
remets un rapport rsit
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Bonjour,
J'ai eu des soucis avec java, apres l'installation via le site (Jvara ne fonctionnait pas pour la ;ise a jour), j'ai utilise javara pour supprimer les anciennes versions et ca a plante en plein milieu de la suppression....
ComboFix 09-01-21.04 - Scarecrow 2009-01-24 10:17:17.6 - NTFSx86
Lancé depuis: c:\documents and settings\Scarecrow\Bureau\ComboFix.exe
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\windows\system32\bafuvisi.dll
c:\windows\system32\egojolah.ini
c:\windows\system32\ewegiduw.ini
c:\windows\system32\janifedu.dll
c:\windows\system32\mohafilu.dll
c:\windows\system32\ogomigiw.ini
c:\windows\system32\parakodo.dll
c:\windows\system32\pewekasi.dll.tmp
c:\windows\system32\rogahefa.dll.tmp
c:\windows\system32\tmp.reg
c:\windows\system32\tuduriro.dll.tmp
c:\windows\system32\uninstall.exe
c:\windows\system32\vuzejofu.dll
----- BITS: Il y a peut-être des sites infectés -----
hxxp://77.74.48.105
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_MSDISK
-------\Legacy_MSWINDOWS
-------\Service_MSDisk
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-24 au 2009-01-24 ))))))))))))))))))))))))))))))))))))
.
2009-01-24 00:37 . 2009-01-24 00:37 <REP> d-------- C:\rsit
2009-01-23 22:04 . 2009-01-23 22:04 <REP> d-------- c:\documents and settings\Scarecrow\Application Data\Malwarebytes
2009-01-23 22:04 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-23 22:03 . 2009-01-24 00:48 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-23 22:03 . 2009-01-23 22:03 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-23 22:03 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-14 12:12 . 2009-01-14 12:12 2,730 ---hs---- c:\windows\system32\gajulebi.dll
2009-01-13 09:43 . 2009-01-13 09:43 2,732 ---hs---- c:\windows\system32\badarizo.dll
2009-01-13 09:43 . 2009-01-13 09:43 2,730 ---hs---- c:\windows\system32\sifajade.dll
2009-01-12 09:44 . 2009-01-12 09:44 2,731 ---hs---- c:\windows\system32\fohajifu.dll
2009-01-12 09:44 . 2009-01-12 09:44 2,731 ---hs---- c:\windows\system32\fitozeba.dll
2009-01-12 09:44 . 2009-01-12 09:44 2,729 ---hs---- c:\windows\system32\rejipupo.dll
2009-01-11 11:00 . 2009-01-11 11:00 2,730 ---hs---- c:\windows\system32\bohemuko.dll
2009-01-11 11:00 . 2009-01-11 11:00 2,729 ---hs---- c:\windows\system32\vodarowo.dll
2009-01-10 17:48 . 2009-01-10 17:48 2,731 ---hs---- c:\windows\system32\kafawagi.dll
2009-01-10 17:48 . 2009-01-10 17:48 2,729 ---hs---- c:\windows\system32\zeyoheko.dll
2009-01-09 09:31 . 2009-01-09 09:31 2,731 ---hs---- c:\windows\system32\hatasefa.dll
2009-01-09 09:31 . 2009-01-09 09:31 2,731 ---hs---- c:\windows\system32\geligehu.dll
2009-01-09 09:31 . 2009-01-09 09:31 2,730 ---hs---- c:\windows\system32\visujowo.dll
2009-01-07 10:14 . 2009-01-07 10:14 2,731 ---hs---- c:\windows\system32\tuhipulo.dll
2009-01-07 10:14 . 2009-01-07 10:14 2,731 ---hs---- c:\windows\system32\depohowi.dll
2009-01-07 10:14 . 2009-01-07 10:14 2,730 ---hs---- c:\windows\system32\zoweduda.dll
2009-01-05 13:54 . 2009-01-05 13:54 2,731 ---hs---- c:\windows\system32\rizepato.dll
2009-01-05 13:54 . 2009-01-05 13:54 2,729 ---hs---- c:\windows\system32\jiwewena.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-24 09:41 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-01-24 09:22 745,504 --sha-w c:\windows\system32\drivers\fidbox2.dat
2009-01-24 09:22 5,724 --sha-w c:\windows\system32\drivers\fidbox2.idx
2009-01-24 09:22 31,736 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-01-24 09:22 3,655,712 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-01-18 17:16 --------- d-----w c:\program files\Full Tilt Poker
2008-12-28 16:38 --------- d-----w c:\program files\MSN Messenger
2008-12-07 17:17 --------- d-----w c:\program files\SystemRequirementsLab
2008-12-06 14:57 --------- d-----w c:\program files\DAEMON Tools
2008-11-30 17:10 359,040 ----a-w c:\windows\system32\drivers\tcpip.sys
2008-06-04 19:13 8,192 --sha-w c:\program files\Thumbs.db
2008-03-09 06:25 236 ---ha-w c:\program files\Fichiers communs\dx.reg
2006-10-02 17:35 15,960 --sha-w c:\windows\system32\KGyGaAvL.sys
.
------- Sigcheck -------
2001-09-28 13:00 327168 e7774698bb0d14b0710a9a31e209f9b6 c:\windows\$NtServicePackUninstall$\tcpip.sys
2004-08-03 23:14 359040 9f4b36614a0fc234525ba224957de55c c:\windows\ServicePackFiles\i386\tcpip.sys
2004-08-04 07:14 359040 9f4b36614a0fc234525ba224957de55c c:\windows\SoftwareDistribution\Download\dfd63227c75f2f41fff1e2c80885381e\tcpip.sys
2008-11-30 18:10 359040 3bb4b08619c111c7be8bda07aa0de6a2 c:\windows\system32\dllcache\tcpip.sys
2008-11-30 18:10 359040 3bb4b08619c111c7be8bda07aa0de6a2 c:\windows\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"PcSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 1449984]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-09-18 171464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13529088]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-02-16 180269]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Anti-Blaxx Manager"="c:\program files\Anti-Blaxx\Anti-Blaxx.exe" [2005-11-08 212992]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-07-25 155648]
"PCSuiteTrayApplication"="c:\progra~1\Nokia\NOKIAP~1\LAUNCH~1.EXE" [2006-06-15 229376]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"UVS10 Preload"="c:\program files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe" [2006-03-06 36864]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2008-04-25 201992]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-03 86016]
"nwiz"="nwiz.exe" [2008-05-03 c:\windows\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-19 15360]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-01-21 65588]
Privoxy.lnk - c:\program files\Vidalia Bundle\Privoxy\privoxy.exe [2006-11-20 250368]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= DivXa32.acm
"vidc.3IV2"= 3ivxVfWCodec.dll
"msacm.dvacm"= c:\progra~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.MPEGacm"= c:\progra~1\FICHIE~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"= c:\progra~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\twpR64.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Games\\Sports Interactive\\Football Manager 2009\\fm.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Ulead Systems\\Ulead VideoStudio 10\\uvPL.exe"=
"c:\\Program Files\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe"=
"c:\\Program Files\\Anti-Blaxx\\Anti-Blaxx.exe"=
"c:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 2009\\avp.exe"=
"c:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AcroRd32.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"55697:TCP"= 55697:TCP:BitComet 55697 TCP
"55697:UDP"= 55697:UDP:BitComet 55697 UDP
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 32784]
R1 ewido security suite driver;ewido security suite driver;c:\program files\ewido anti-malware\guard.sys [2005-12-30 3072]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-03-25 24592]
R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [2008-12-23 476416]
R4 acedrv10;acedrv10;c:\windows\system32\drivers\ACEDRV10.sys [2007-07-24 328824]
R4 acehlp10;acehlp10;c:\windows\system32\drivers\acehlp10.sys [2007-07-11 201848]
S1 twpR64;UDP netbios mapping;\??\c:\windows\System32\twpR64.sys --> c:\windows\System32\twpR64.sys [?]
S3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?]
S3 ids0004C;ids0004C;\??\c:\documents and settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0004C.sys --> c:\documents and settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0004C.sys [?]
S3 ids0005c;ids0005c;\??\c:\documents and settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0005c.sys --> c:\documents and settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0005c.sys [?]
S3 SaiNtSub;SaiNtSub;c:\windows\system32\drivers\saintsub.sys [2005-03-06 19200]
S4 twpR32;UDP32 netbios mapping;\??\c:\windows\System32\twpR64.sys --> c:\windows\System32\twpR64.sys [?]
S4 vxockmjj;StarForce Protection Environment (version 1.x)Monitor;c:\windows\System32\svchost.exe -k netsvcs [2001-09-28 14336]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
vxockmjj
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-Skype - c:\program files\Skype\Phone\Skype.exe
SafeBoot-twpR32.sys
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.pyrodeathsquad.com
mStart Page = about:blank
Trusted Zone: xxx.be\directnet
DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.extrafilm.be/ImageUploader5.cab
DPF: {66D845A0-C3BB-45AD-807C-9BFEAF20EF2C} - hxxps://www.sle-eur.com
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-24 10:40:18
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(1364)
c:\windows\system32\klogon.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\program files\ewido anti-malware\ewidoctrl.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
c:\program files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
c:\program files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
c:\windows\system32\rundll32.exe
c:\progra~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
.
**************************************************************************
.
Heure de fin: 2009-01-24 10:44:24 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-01-24 09:44:21
ComboFix2.txt 2008-09-11 18:28:54
Avant-CF: 2.154.070.016 octets libres
Après-CF: 6,783,938,560 octets libres
199 --- E O F --- 2008-06-18 05:47:52
Logfile of random's system information tool 1.05 (written by random/random)
Run by Scarecrow at 2009-01-24 11:23:55
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 7 GB (22%) free of 30 GB
Total RAM: 1535 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:23:58, on 24/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Scarecrow\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Scarecrow.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pyrodeathsquad.com/mofo/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Anti-Blaxx Manager] C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [UVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader5.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {66D845A0-C3BB-45AD-807C-9BFEAF20EF2C} (InPEditor Class) - https://www.sle-eur.com/content/static/ecm/activex/Enable_Edit_In_Place.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader4.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
J'ai eu des soucis avec java, apres l'installation via le site (Jvara ne fonctionnait pas pour la ;ise a jour), j'ai utilise javara pour supprimer les anciennes versions et ca a plante en plein milieu de la suppression....
ComboFix 09-01-21.04 - Scarecrow 2009-01-24 10:17:17.6 - NTFSx86
Lancé depuis: c:\documents and settings\Scarecrow\Bureau\ComboFix.exe
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\windows\system32\bafuvisi.dll
c:\windows\system32\egojolah.ini
c:\windows\system32\ewegiduw.ini
c:\windows\system32\janifedu.dll
c:\windows\system32\mohafilu.dll
c:\windows\system32\ogomigiw.ini
c:\windows\system32\parakodo.dll
c:\windows\system32\pewekasi.dll.tmp
c:\windows\system32\rogahefa.dll.tmp
c:\windows\system32\tmp.reg
c:\windows\system32\tuduriro.dll.tmp
c:\windows\system32\uninstall.exe
c:\windows\system32\vuzejofu.dll
----- BITS: Il y a peut-être des sites infectés -----
hxxp://77.74.48.105
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_MSDISK
-------\Legacy_MSWINDOWS
-------\Service_MSDisk
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-24 au 2009-01-24 ))))))))))))))))))))))))))))))))))))
.
2009-01-24 00:37 . 2009-01-24 00:37 <REP> d-------- C:\rsit
2009-01-23 22:04 . 2009-01-23 22:04 <REP> d-------- c:\documents and settings\Scarecrow\Application Data\Malwarebytes
2009-01-23 22:04 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-23 22:03 . 2009-01-24 00:48 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-23 22:03 . 2009-01-23 22:03 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-23 22:03 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-14 12:12 . 2009-01-14 12:12 2,730 ---hs---- c:\windows\system32\gajulebi.dll
2009-01-13 09:43 . 2009-01-13 09:43 2,732 ---hs---- c:\windows\system32\badarizo.dll
2009-01-13 09:43 . 2009-01-13 09:43 2,730 ---hs---- c:\windows\system32\sifajade.dll
2009-01-12 09:44 . 2009-01-12 09:44 2,731 ---hs---- c:\windows\system32\fohajifu.dll
2009-01-12 09:44 . 2009-01-12 09:44 2,731 ---hs---- c:\windows\system32\fitozeba.dll
2009-01-12 09:44 . 2009-01-12 09:44 2,729 ---hs---- c:\windows\system32\rejipupo.dll
2009-01-11 11:00 . 2009-01-11 11:00 2,730 ---hs---- c:\windows\system32\bohemuko.dll
2009-01-11 11:00 . 2009-01-11 11:00 2,729 ---hs---- c:\windows\system32\vodarowo.dll
2009-01-10 17:48 . 2009-01-10 17:48 2,731 ---hs---- c:\windows\system32\kafawagi.dll
2009-01-10 17:48 . 2009-01-10 17:48 2,729 ---hs---- c:\windows\system32\zeyoheko.dll
2009-01-09 09:31 . 2009-01-09 09:31 2,731 ---hs---- c:\windows\system32\hatasefa.dll
2009-01-09 09:31 . 2009-01-09 09:31 2,731 ---hs---- c:\windows\system32\geligehu.dll
2009-01-09 09:31 . 2009-01-09 09:31 2,730 ---hs---- c:\windows\system32\visujowo.dll
2009-01-07 10:14 . 2009-01-07 10:14 2,731 ---hs---- c:\windows\system32\tuhipulo.dll
2009-01-07 10:14 . 2009-01-07 10:14 2,731 ---hs---- c:\windows\system32\depohowi.dll
2009-01-07 10:14 . 2009-01-07 10:14 2,730 ---hs---- c:\windows\system32\zoweduda.dll
2009-01-05 13:54 . 2009-01-05 13:54 2,731 ---hs---- c:\windows\system32\rizepato.dll
2009-01-05 13:54 . 2009-01-05 13:54 2,729 ---hs---- c:\windows\system32\jiwewena.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-24 09:41 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-01-24 09:22 745,504 --sha-w c:\windows\system32\drivers\fidbox2.dat
2009-01-24 09:22 5,724 --sha-w c:\windows\system32\drivers\fidbox2.idx
2009-01-24 09:22 31,736 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-01-24 09:22 3,655,712 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-01-18 17:16 --------- d-----w c:\program files\Full Tilt Poker
2008-12-28 16:38 --------- d-----w c:\program files\MSN Messenger
2008-12-07 17:17 --------- d-----w c:\program files\SystemRequirementsLab
2008-12-06 14:57 --------- d-----w c:\program files\DAEMON Tools
2008-11-30 17:10 359,040 ----a-w c:\windows\system32\drivers\tcpip.sys
2008-06-04 19:13 8,192 --sha-w c:\program files\Thumbs.db
2008-03-09 06:25 236 ---ha-w c:\program files\Fichiers communs\dx.reg
2006-10-02 17:35 15,960 --sha-w c:\windows\system32\KGyGaAvL.sys
.
------- Sigcheck -------
2001-09-28 13:00 327168 e7774698bb0d14b0710a9a31e209f9b6 c:\windows\$NtServicePackUninstall$\tcpip.sys
2004-08-03 23:14 359040 9f4b36614a0fc234525ba224957de55c c:\windows\ServicePackFiles\i386\tcpip.sys
2004-08-04 07:14 359040 9f4b36614a0fc234525ba224957de55c c:\windows\SoftwareDistribution\Download\dfd63227c75f2f41fff1e2c80885381e\tcpip.sys
2008-11-30 18:10 359040 3bb4b08619c111c7be8bda07aa0de6a2 c:\windows\system32\dllcache\tcpip.sys
2008-11-30 18:10 359040 3bb4b08619c111c7be8bda07aa0de6a2 c:\windows\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"PcSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 1449984]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-09-18 171464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13529088]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-02-16 180269]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Anti-Blaxx Manager"="c:\program files\Anti-Blaxx\Anti-Blaxx.exe" [2005-11-08 212992]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-07-25 155648]
"PCSuiteTrayApplication"="c:\progra~1\Nokia\NOKIAP~1\LAUNCH~1.EXE" [2006-06-15 229376]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"UVS10 Preload"="c:\program files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe" [2006-03-06 36864]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2008-04-25 201992]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-03 86016]
"nwiz"="nwiz.exe" [2008-05-03 c:\windows\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-19 15360]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-01-21 65588]
Privoxy.lnk - c:\program files\Vidalia Bundle\Privoxy\privoxy.exe [2006-11-20 250368]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= DivXa32.acm
"vidc.3IV2"= 3ivxVfWCodec.dll
"msacm.dvacm"= c:\progra~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.MPEGacm"= c:\progra~1\FICHIE~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"= c:\progra~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\twpR64.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Games\\Sports Interactive\\Football Manager 2009\\fm.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Ulead Systems\\Ulead VideoStudio 10\\uvPL.exe"=
"c:\\Program Files\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe"=
"c:\\Program Files\\Anti-Blaxx\\Anti-Blaxx.exe"=
"c:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 2009\\avp.exe"=
"c:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AcroRd32.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"55697:TCP"= 55697:TCP:BitComet 55697 TCP
"55697:UDP"= 55697:UDP:BitComet 55697 UDP
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 32784]
R1 ewido security suite driver;ewido security suite driver;c:\program files\ewido anti-malware\guard.sys [2005-12-30 3072]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-03-25 24592]
R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [2008-12-23 476416]
R4 acedrv10;acedrv10;c:\windows\system32\drivers\ACEDRV10.sys [2007-07-24 328824]
R4 acehlp10;acehlp10;c:\windows\system32\drivers\acehlp10.sys [2007-07-11 201848]
S1 twpR64;UDP netbios mapping;\??\c:\windows\System32\twpR64.sys --> c:\windows\System32\twpR64.sys [?]
S3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?]
S3 ids0004C;ids0004C;\??\c:\documents and settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0004C.sys --> c:\documents and settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0004C.sys [?]
S3 ids0005c;ids0005c;\??\c:\documents and settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0005c.sys --> c:\documents and settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0005c.sys [?]
S3 SaiNtSub;SaiNtSub;c:\windows\system32\drivers\saintsub.sys [2005-03-06 19200]
S4 twpR32;UDP32 netbios mapping;\??\c:\windows\System32\twpR64.sys --> c:\windows\System32\twpR64.sys [?]
S4 vxockmjj;StarForce Protection Environment (version 1.x)Monitor;c:\windows\System32\svchost.exe -k netsvcs [2001-09-28 14336]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
vxockmjj
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-Skype - c:\program files\Skype\Phone\Skype.exe
SafeBoot-twpR32.sys
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.pyrodeathsquad.com
mStart Page = about:blank
Trusted Zone: xxx.be\directnet
DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.extrafilm.be/ImageUploader5.cab
DPF: {66D845A0-C3BB-45AD-807C-9BFEAF20EF2C} - hxxps://www.sle-eur.com
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-24 10:40:18
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(1364)
c:\windows\system32\klogon.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\program files\ewido anti-malware\ewidoctrl.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
c:\program files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
c:\program files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
c:\windows\system32\rundll32.exe
c:\progra~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
.
**************************************************************************
.
Heure de fin: 2009-01-24 10:44:24 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-01-24 09:44:21
ComboFix2.txt 2008-09-11 18:28:54
Avant-CF: 2.154.070.016 octets libres
Après-CF: 6,783,938,560 octets libres
199 --- E O F --- 2008-06-18 05:47:52
Logfile of random's system information tool 1.05 (written by random/random)
Run by Scarecrow at 2009-01-24 11:23:55
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 7 GB (22%) free of 30 GB
Total RAM: 1535 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:23:58, on 24/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Scarecrow\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Scarecrow.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pyrodeathsquad.com/mofo/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Anti-Blaxx Manager] C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [UVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader5.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {66D845A0-C3BB-45AD-807C-9BFEAF20EF2C} (InPEditor Class) - https://www.sle-eur.com/content/static/ecm/activex/Enable_Edit_In_Place.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader4.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
analyse ces fichiers sur virus total etr si infectés tu les vire: https://www.virustotal.com/gui/
c:\windows\system32\gajulebi.dll
c:\windows\system32\badarizo.dll
c:\windows\system32\sifajade.dll
c:\windows\system32\fohajifu.dll
c:\windows\system32\fitozeba.dll
c:\windows\system32\rejipupo.dll
c:\windows\system32\bohemuko.dll
c:\windows\system32\vodarowo.dll
c:\windows\system32\kafawagi.dll
c:\windows\system32\zeyoheko.dll
c:\windows\system32\hatasefa.dll
c:\windows\system32\geligehu.dll
c:\windows\system32\visujowo.dll
c:\windows\system32\tuhipulo.dll
c:\windows\system32\depohowi.dll
c:\windows\system32\zoweduda.dll
c:\windows\system32\rizepato.dll
c:\windows\system32\jiwewena.dll
______________________
vire ce qui est ne quarantaine dans malwarebyte, et kaspersky
puis dis tes soucis et colle un rapport avec kaspersky que tu as ou
avec
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
c:\windows\system32\gajulebi.dll
c:\windows\system32\badarizo.dll
c:\windows\system32\sifajade.dll
c:\windows\system32\fohajifu.dll
c:\windows\system32\fitozeba.dll
c:\windows\system32\rejipupo.dll
c:\windows\system32\bohemuko.dll
c:\windows\system32\vodarowo.dll
c:\windows\system32\kafawagi.dll
c:\windows\system32\zeyoheko.dll
c:\windows\system32\hatasefa.dll
c:\windows\system32\geligehu.dll
c:\windows\system32\visujowo.dll
c:\windows\system32\tuhipulo.dll
c:\windows\system32\depohowi.dll
c:\windows\system32\zoweduda.dll
c:\windows\system32\rizepato.dll
c:\windows\system32\jiwewena.dll
______________________
vire ce qui est ne quarantaine dans malwarebyte, et kaspersky
puis dis tes soucis et colle un rapport avec kaspersky que tu as ou
avec
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
Bonsoir,
Les fichiers dll sont introuvables...
J'effectue actuellement le scan pas Kaspersky, je poste le log quand ce sera fini.
Bonne soiree.
Les fichiers dll sont introuvables...
J'effectue actuellement le scan pas Kaspersky, je poste le log quand ce sera fini.
Bonne soiree.
même en affichant les dossiers cachés:?
https://astwinds.pagesperso-orange.fr/astuces/fichiers_caches.html
https://astwinds.pagesperso-orange.fr/astuces/fichiers_caches.html
Oui, comme je ne les voyais pas, j'ai directement affiche les dossiers caches et effectue la recherche (recherche visuelle + recherche "windows")
Analyse complète: terminée le 24/01/2009 22:10:18 (événements : 1804, objets : , durée : 00:00:00)
Résultat : Absent (événements : 1804)
24/01/2009 22:10:18
Résultat : Absent (événements : 1804)
24/01/2009 20:20:30
Résultat : Absent (événements : 1804)
24/01/2009 22:08:57 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029374.dll
24/01/2009 22:06:39 c:\QooBox\Quarantine\C\WINDOWS\system32\bafuvisi.dll.vir
Résultat : Absent (événements : 1804)
24/01/2009 21:26:07 c:\WINDOWS\system32\wogiregu.dll.tmp Reporté
24/01/2009 21:26:06 c:\WINDOWS\system32\wehokepu.dll.tmp Reporté
24/01/2009 21:24:57 c:\WINDOWS\system32\rugobiho.dll.tmp Reporté
24/01/2009 21:24:48 c:\WINDOWS\system32\pakiyavo.dll.tmp Reporté
24/01/2009 21:23:34 c:\WINDOWS\system32\fakuriyo.dll.tmp Reporté
24/01/2009 21:23:25 c:\WINDOWS\system32\dahovibo.dll.tmp Reporté
24/01/2009 21:10:31 c:\QooBox\Quarantine\C\WINDOWS\system32\vuzejofu.dll.vir Reporté
24/01/2009 21:10:28 c:\QooBox\Quarantine\C\WINDOWS\system32\tuduriro.dll.tmp.vir Reporté
24/01/2009 21:10:28 c:\QooBox\Quarantine\C\WINDOWS\system32\rogahefa.dll.tmp.vir Reporté
24/01/2009 21:10:22 c:\QooBox\Quarantine\C\WINDOWS\system32\pewekasi.dll.tmp.vir Reporté
24/01/2009 21:10:18 c:\QooBox\Quarantine\C\WINDOWS\system32\mohafilu.dll.vir Reporté
24/01/2009 21:10:17 c:\QooBox\Quarantine\C\WINDOWS\system32\janifedu.dll.vir Reporté
24/01/2009 21:09:44 c:\QooBox\Quarantine\C\WINDOWS\system32\bafuvisi.dll.vir Reporté
24/01/2009 21:06:40 c:\program files\Trend Micro\HijackThis\backups\backup-20090121-185643-578.dll Reporté
24/01/2009 20:24:55 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029380.dll Reporté
24/01/2009 20:24:50 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029377.dll Reporté
24/01/2009 20:24:50 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029378.dll Reporté
24/01/2009 20:24:26 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029374.dll Reporté
24/01/2009 20:23:46 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029170.dll Reporté
24/01/2009 20:23:46 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029172.dll Reporté
24/01/2009 20:23:46 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029171.dll Reporté
24/01/2009 20:23:33 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029100.dll Reporté
24/01/2009 20:23:28 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029098.dll Reporté
24/01/2009 20:23:23 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029096.dll Reporté
24/01/2009 20:23:19 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029093.dll Reporté
24/01/2009 20:23:19 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029097.dll Reporté
Résultat : Absent (événements : 1804)
24/01/2009 22:10:18 c:\WINDOWS\system32\wogiregu.dll.tmp
24/01/2009 22:10:10 c:\WINDOWS\system32\wehokepu.dll.tmp
24/01/2009 22:10:01 c:\WINDOWS\system32\rugobiho.dll.tmp
24/01/2009 22:09:53 c:\WINDOWS\system32\pakiyavo.dll.tmp
24/01/2009 22:09:45 c:\WINDOWS\system32\fakuriyo.dll.tmp
24/01/2009 22:09:36 c:\WINDOWS\system32\dahovibo.dll.tmp
24/01/2009 22:09:28 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029380.dll
24/01/2009 22:09:18 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029378.dll
24/01/2009 22:09:06 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029377.dll
24/01/2009 22:08:57 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029374.dll
24/01/2009 22:08:56 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029172.dll
24/01/2009 22:08:47 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029171.dll
24/01/2009 22:08:38 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029170.dll
24/01/2009 22:08:29 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029100.dll
24/01/2009 22:08:18 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029098.dll
24/01/2009 22:08:09 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029097.dll
24/01/2009 22:07:57 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029096.dll
24/01/2009 22:07:48 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029093.dll
24/01/2009 22:07:38 c:\QooBox\Quarantine\C\WINDOWS\system32\vuzejofu.dll.vir
24/01/2009 22:07:28 c:\QooBox\Quarantine\C\WINDOWS\system32\tuduriro.dll.tmp.vir
24/01/2009 22:07:19 c:\QooBox\Quarantine\C\WINDOWS\system32\rogahefa.dll.tmp.vir
24/01/2009 22:07:10 c:\QooBox\Quarantine\C\WINDOWS\system32\pewekasi.dll.tmp.vir
24/01/2009 22:07:00 c:\QooBox\Quarantine\C\WINDOWS\system32\mohafilu.dll.vir
24/01/2009 22:06:49 c:\QooBox\Quarantine\C\WINDOWS\system32\janifedu.dll.vir
24/01/2009 22:06:39 c:\QooBox\Quarantine\C\WINDOWS\system32\bafuvisi.dll.vir
24/01/2009 22:06:32 c:\program files\Trend Micro\HijackThis\backups\backup-20090121-185643-578.dll
24/01/2009 22:04:05 E:\Games\Sports Interactive\Football Manager 2007\_jvm\bin\java.exe
24/01/2009 21:58:34 E:\Games\Football Manager 2008\jre\bin\javaws.exe
24/01/2009 21:58:34 E:\Games\Football Manager 2008\jre\bin\java.exe
24/01/2009 21:33:59 D:\Games\Sports Interactive\Football Manager 2009\jre\bin\javaws.exe
24/01/2009 21:33:59 D:\Games\Sports Interactive\Football Manager 2009\jre\bin\java.exe
24/01/2009 21:30:07 c:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d\msxml4.dll
24/01/2009 21:30:07 c:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.0.2.0_x-ww_702998db\msxml4.dll
24/01/2009 21:26:07 c:\WINDOWS\system32\wogiregu.dll.tmp
24/01/2009 21:26:06 c:\WINDOWS\system32\wehokepu.dll.tmp
24/01/2009 21:24:57 c:\WINDOWS\system32\rugobiho.dll.tmp
24/01/2009 21:24:48 c:\WINDOWS\system32\pakiyavo.dll.tmp
24/01/2009 21:24:41 c:\WINDOWS\system32\QuickTime.qts
24/01/2009 21:23:43 c:\WINDOWS\system32\msxml4.dll
24/01/2009 21:23:34 c:\WINDOWS\system32\fakuriyo.dll.tmp
24/01/2009 21:23:25 c:\WINDOWS\system32\dahovibo.dll.tmp
24/01/2009 21:10:31 c:\QooBox\Quarantine\C\WINDOWS\system32\vuzejofu.dll.vir
24/01/2009 21:10:28 c:\QooBox\Quarantine\C\WINDOWS\system32\tuduriro.dll.tmp.vir
24/01/2009 21:10:28 c:\QooBox\Quarantine\C\WINDOWS\system32\rogahefa.dll.tmp.vir
24/01/2009 21:10:22 c:\QooBox\Quarantine\C\WINDOWS\system32\pewekasi.dll.tmp.vir
24/01/2009 21:10:18 c:\QooBox\Quarantine\C\WINDOWS\system32\mohafilu.dll.vir
24/01/2009 21:10:17 c:\QooBox\Quarantine\C\WINDOWS\system32\janifedu.dll.vir
24/01/2009 21:09:43 c:\QooBox\Quarantine\C\WINDOWS\system32\bafuvisi.dll.vir
24/01/2009 21:09:21 c:\program files\winamp\winamp.exe
24/01/2009 21:06:40 c:\program files\Trend Micro\HijackThis\backups\backup-20090121-185643-578.dll
24/01/2009 21:06:30 c:\program files\symantec\liveupdate\luall.exe
24/01/2009 21:06:07 c:\program files\real\realplayer\realplay.exe
24/01/2009 21:06:06 c:\program files\quicktime\QuickTimePlayer.Resources\QuickTimePlayer.qtr
24/01/2009 21:06:06 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\zh_TW.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\zh_CN.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\no.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\sv.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\nl.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\ko.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\ja.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\it.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\es.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\fr.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\fi.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\en.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\QuickTimeWebHelper.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\de.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\da.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\zh_TW.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\zh_CN.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\sv.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\no.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\nl.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\ko.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\ja.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\it.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\fr.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\fi.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\es.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\en.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\de.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\da.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:03 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\zh_TW.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:03 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\QuickTimeVRAuthoring.qtr
24/01/2009 21:06:03 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\zh_CN.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:03 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\sv.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:03 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\nl.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:03 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\no.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:03 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\ko.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:03 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\ja.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:03 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\it.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:03 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\fr.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:03 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\fi.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:02 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\en.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:02 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\es.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:01 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\de.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:01 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\da.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:01 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\QuickTimeVR.qtr
24/01/2009 21:06:01 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\zh_TW.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:01 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\zh_CN.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:01 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\sv.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:01 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\no.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:01 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\nl.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\ja.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\ko.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\it.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\fr.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\fi.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\es.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\en.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\QuickTimeStreamingExtras.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\de.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\da.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\zh_TW.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\zh_CN.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\sv.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\no.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\nl.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\ko.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\ja.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\it.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\fr.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\es.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\fi.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\en.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\de.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\da.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\QuickTimeStreamingAuthoring.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\zh_CN.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\zh_TW.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:58 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\sv.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:58 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\no.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:58 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\nl.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:58 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\it.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:58 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\ko.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:58 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\ja.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:57 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\fr.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:57 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\fi.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:57 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\es.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:57 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\en.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:57 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\de.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:57 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\da.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:57 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\QuickTimeStreaming.qtr
24/01/2009 21:05:57 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\zh_TW.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:40 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\zh_CN.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:40 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\sv.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:37 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\no.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:15 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\nl.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:14 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\ko.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:13 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\ja.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:13 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\it.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:13 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\fr.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\fi.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\es.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\en.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\de.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\da.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\QuickTimeQD3D.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\zh_CN.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\zh_TW.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\sv.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\no.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\nl.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\ja.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\it.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\ko.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\fr.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\fi.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\es.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\en.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\da.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\de.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\QuickTimeMusic.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\zh_TW.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\zh_CN.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\sv.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\no.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\nl.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\ko.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\ja.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\it.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\fr.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\fi.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\es.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\en.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\da.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\de.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\QuickTimeMPEG4Authoring.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\zh_CN.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\zh_TW.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\sv.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\no.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:09 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\nl.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:09 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\ko.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:09 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\ja.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:09 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\it.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:09 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\fr.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:09 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\fi.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:09 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\es.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:09 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\en.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:09 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\da.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:09 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\de.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:09 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\QuickTimeMPEG4.qtr
24/01/2009 21:05:08 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\zh_TW.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:08 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\sv.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:08 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\zh_CN.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:07 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\no.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:07 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\nl.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:07 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\ja.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:07 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\ko.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:06 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\it.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:06 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\fi.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:06 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\fr.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:06 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\es.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:06 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\en.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:06 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\de.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:06 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\da.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:06 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\QuickTimeMPEG.qtr
24/01/2009 21:05:06 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\zh_TW.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:06 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\zh_CN.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:05 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\sv.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:05 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\nl.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:05 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\no.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:05 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\ko.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:04 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\fi.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:04 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\ja.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:04 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\it.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:04 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\fr.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:04 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\es.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:04 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\en.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:04 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\de.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:03 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\da.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:03 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\QuickTimeInternetExtras.qtr
24/01/2009 21:05:03 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\zh_TW.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:03 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\zh_CN.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:03 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\sv.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:03 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\no.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:03 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\nl.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:03 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\ko.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:03 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\it.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:03 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\ja.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:03 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\fr.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:03 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\fi.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\es.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\de.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\en.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\da.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\zh_TW.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\QuickTimeImage.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\zh_CN.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\sv.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\no.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\nl.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\ja.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\ko.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\it.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\fr.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\es.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\fi.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\en.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\de.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:01 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\da.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:04:59 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\QuickTimeH264.qtr
24/01/2009 21:04:59 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\zh_TW.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:59 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\zh_CN.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:59 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\sv.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:59 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\no.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:59 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\nl.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:59 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\ko.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:59 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\ja.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:59 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\it.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:59 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\fr.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:59 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\fi.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:58 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\es.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:58 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\en.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:58 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\de.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:58 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\QuickTimeEssentials.qtr
24/01/2009 21:04:58 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\da.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:58 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\zh_TW.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:58 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\sv.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:58 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\zh_CN.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:58 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\no.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:58 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\ko.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:58 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\ja.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:58 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\nl.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:57 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\it.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:57 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\fr.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:57 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\fi.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:57 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\es.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:57 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\de.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:57 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\en.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:57 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\da.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\QuickTimeEffects.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\zh_CN.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\zh_TW.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\sv.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\no.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\nl.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\ko.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\it.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\ja.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\fr.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\fi.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\en.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\es.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\de.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\da.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\QuickTimeCapture.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\zh_CN.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\sv.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\zh_TW.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:50 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\no.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:49 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\nl.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:47 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\ko.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:47 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\ja.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:47 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\it.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:46 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\fr.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:46 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\fi.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:46 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\es.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:46 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\en.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:46 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\de.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:46 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\da.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:46 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\QuickTimeAuthoring.qtr
24/01/2009 21:04:46 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\zh_TW.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\zh_CN.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\sv.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\no.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\nl.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\ko.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\ja.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\it.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\fi.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\fr.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\es.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\de.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\en.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\da.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:44 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\QuickTimeAudioSupport.qtr
24/01/2009 21:04:44 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\zh_TW.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:44 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\zh_CN.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:44 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\sv.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:44 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\no.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\nl.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\ko.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\ja.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\it.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\fr.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\fi.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\es.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\en.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\de.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\da.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\QuickTime3GPPAuthoring.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\zh_TW.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\zh_CN.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\sv.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\nl.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\no.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\ko.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\ja.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\fr.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\it.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\es.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\en.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:42 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\fi.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:42 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\de.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:42 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\da.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:42 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\QuickTime3GPP.qtr
24/01/2009 21:05:42 c:\program files\quicktime\QTSystem\QuickTime.Resources\zh_TW.lproj\QuickTimeLocalized.qtr
24/01/2009 21:05:42 c:\program files\quicktime\QTSystem\QuickTime.Resources\zh_CN.lproj\QuickTimeLocalized.qtr
24/01/2009 21:05:39 c:\program files\quicktime\QTSystem\QuickTime.Resources\sv.lproj\QuickTimeLocalized.qtr
24/01/2009 21:05:13 c:\program files\quicktime\QTSystem\QuickTime.Resources\no.lproj\QuickTimeLocalized.qtr
24/01/2009 21:05:13 c:\program files\quicktime\QTSystem\QuickTime.Resources\nl.lproj\QuickTimeLocalized.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTime.Resources\ko.lproj\QuickTimeLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTime.Resources\ja.lproj\QuickTimeLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTime.Resources\it.lproj\QuickTimeLocalized.qtr
24/01/2009 21:04:42 c:\program files\quicktime\QTSystem\QuickTime.Resources\fr.lproj\QuickTimeLocalized.qtr
24/01/2009 21:04:18 c:\program files\quicktime\QTSystem\QuickTime.Resources\fi.lproj\QuickTimeLocalized.qtr
24/01/2009 21:04:17 c:\program files\quicktime\QTSystem\QuickTime.Resources\es.lproj\QuickTimeLocalized.qtr
24/01/2009 21:04:15 c:\program files\quicktime\QTSystem\QuickTime.Resources\en.lproj\QuickTimeLocalized.qtr
24/01/2009 21:03:54 c:\program files\quicktime\QTSystem\QuickTime.Resources\de.lproj\QuickTimeLocalized.qtr
24/01/2009 21:03:54 c:\program files\quicktime\QTSystem\QuickTime.Resources\da.lproj\QuickTimeLocalized.qtr
24/01/2009 21:03:52 c:\program files\quicktime\QTSystem\QuickTime.Resources\QuickTime.qtr
24/01/2009 21:03:52 c:\program files\quicktime\QTSystem\CoreVideo.Resources\zh_TW.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:51 c:\program files\quicktime\QTSystem\CoreVideo.Resources\sv.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:51 c:\program files\quicktime\QTSystem\CoreVideo.Resources\no.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:51 c:\program files\quicktime\QTSystem\CoreVideo.Resources\zh_CN.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:50 c:\program files\quicktime\QTSystem\CoreVideo.Resources\nl.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:50 c:\program files\quicktime\QTSystem\CoreVideo.Resources\ja.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:50 c:\program files\quicktime\QTSystem\CoreVideo.Resources\ko.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:50 c:\program files\quicktime\QTSystem\CoreVideo.Resources\it.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:50 c:\program files\quicktime\QTSystem\CoreVideo.Resources\fr.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:50 c:\program files\quicktime\QTSystem\CoreVideo.Resources\fi.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:50 c:\program files\quicktime\QTSystem\CoreVideo.Resources\en.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:50 c:\program files\quicktime\QTSystem\CoreVideo.Resources\de.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:50 c:\program files\quicktime\QTSystem\CoreVideo.Resources\es.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:50 c:\program files\quicktime\QTSystem\CoreVideo.Resources\da.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:50 c:\program files\quicktime\QTSystem\CoreVideo.Resources\CoreVideo.qtr
24/01/2009 21:03:50 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\zh_TW.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\zh_CN.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\sv.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\no.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\nl.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\ko.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\ja.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\it.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\fi.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\fr.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\es.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\da.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\de.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\en.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\PropPanelHelpers.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\zh_TW.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\zh_CN.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\sv.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\no.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\nl.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\ko.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\ja.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\it.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\fr.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\fi.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\en.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\es.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:47 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\de.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:47 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\da.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:47 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\PanelHelperBase.qtr
24/01/2009 21:03:33 c:\program files\quicktime\PictureViewer.Resources\zh_TW.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:31 c:\program files\quicktime\PictureViewer.Resources\zh_CN.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:12 c:\program files\quicktime\PictureViewer.Resources\sv.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:11 c:\program files\quicktime\PictureViewer.Resources\no.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:10 c:\program files\quicktime\PictureViewer.Resources\nl.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:09 c:\program files\quicktime\PictureViewer.Resources\ko.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:09 c:\program files\quicktime\PictureViewer.Resources\ja.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:09 c:\program files\quicktime\PictureViewer.Resources\it.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:09 c:\program files\quicktime\PictureViewer.Resources\fr.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:08 c:\program files\quicktime\PictureViewer.Resources\fi.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:08 c:\program files\quicktime\PictureViewer.Resources\es.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:08 c:\program files\quicktime\quicktimeplayer.exe
24/01/2009 21:03:08 c:\program files\quicktime\PictureViewer.Resources\en.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:07 c:\program files\quicktime\PictureViewer.Resources\de.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:07 c:\program files\quicktime\PictureViewer.Resources\da.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:07 c:\program files\quicktime\PictureViewer.Resources\PictureViewer.qtr
24/01/2009 21:02:43 c:\program files\microsoft office\office\winword.exe
24/01/2009 21:02:43 c:\program files\microsoft office\office\powerpnt.exe
24/01/2009 21:02:42 c:\program files\microsoft office\office\OUTLLIB.DLL
24/01/2009 21:02:42 c:\program files\microsoft office\office\MSO9.DLL
24/01/2009 21:02:41 c:\program files\microsoft office\office\excel.exe
24/01/2009 20:24:55 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029380.dll
24/01/2009 20:24:50 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029377.dll
24/01/2009 20:24:50 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029378.dll
24/01/2009 20:24:26 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029374.dll
24/01/2009 20:23:46 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029170.dll
24/01/2009 20:23:46 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029172.dll
24/01/2009 20:23:46 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029171.dll
24/01/2009 20:23:32 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029100.dll
24/01/2009 20:23:28 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029098.dll
24/01/2009 20:23:23 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029096.dll
24/01/2009 20:23:19 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029093.dll
24/01/2009 20:23:19 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029097.dll
24/01/2009 20:23:03 c:\program files\quicktime\quicktimeplayer.exe
24/01/2009 20:22:59 c:\program files\real\realplayer\realplay.exe
24/01/2009 20:22:59 c:\program files\symantec\liveupdate\luall.exe
24/01/2009 20:22:03 c:\program files\microsoft office\office\winword.exe
24/01/2009 20:22:03 c:\program files\winamp\winamp.exe
24/01/2009 20:22:00 c:\program files\microsoft office\office\excel.exe
24/01/2009 20:22:00 c:\program files\microsoft office\office\powerpnt.exe
Analyse complète: terminée le 24/01/2009 22:10:18 (événements : 1804, objets : , durée : 00:00:00)
Analyse complète: terminée le 24/01/2009 22:10:18 (événements : 1804, objets : , durée : 00:00:00)
Résultat : Absent (événements : 1804)
24/01/2009 22:10:18
Résultat : Absent (événements : 1804)
24/01/2009 20:20:30
Résultat : Absent (événements : 1804)
24/01/2009 22:08:57 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029374.dll
24/01/2009 22:06:39 c:\QooBox\Quarantine\C\WINDOWS\system32\bafuvisi.dll.vir
Résultat : Absent (événements : 1804)
24/01/2009 21:26:07 c:\WINDOWS\system32\wogiregu.dll.tmp Reporté
24/01/2009 21:26:06 c:\WINDOWS\system32\wehokepu.dll.tmp Reporté
24/01/2009 21:24:57 c:\WINDOWS\system32\rugobiho.dll.tmp Reporté
24/01/2009 21:24:48 c:\WINDOWS\system32\pakiyavo.dll.tmp Reporté
24/01/2009 21:23:34 c:\WINDOWS\system32\fakuriyo.dll.tmp Reporté
24/01/2009 21:23:25 c:\WINDOWS\system32\dahovibo.dll.tmp Reporté
24/01/2009 21:10:31 c:\QooBox\Quarantine\C\WINDOWS\system32\vuzejofu.dll.vir Reporté
24/01/2009 21:10:28 c:\QooBox\Quarantine\C\WINDOWS\system32\tuduriro.dll.tmp.vir Reporté
24/01/2009 21:10:28 c:\QooBox\Quarantine\C\WINDOWS\system32\rogahefa.dll.tmp.vir Reporté
24/01/2009 21:10:22 c:\QooBox\Quarantine\C\WINDOWS\system32\pewekasi.dll.tmp.vir Reporté
24/01/2009 21:10:18 c:\QooBox\Quarantine\C\WINDOWS\system32\mohafilu.dll.vir Reporté
24/01/2009 21:10:17 c:\QooBox\Quarantine\C\WINDOWS\system32\janifedu.dll.vir Reporté
24/01/2009 21:09:44 c:\QooBox\Quarantine\C\WINDOWS\system32\bafuvisi.dll.vir Reporté
24/01/2009 21:06:40 c:\program files\Trend Micro\HijackThis\backups\backup-20090121-185643-578.dll Reporté
24/01/2009 20:24:55 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029380.dll Reporté
24/01/2009 20:24:50 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029377.dll Reporté
24/01/2009 20:24:50 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029378.dll Reporté
24/01/2009 20:24:26 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029374.dll Reporté
24/01/2009 20:23:46 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029170.dll Reporté
24/01/2009 20:23:46 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029172.dll Reporté
24/01/2009 20:23:46 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029171.dll Reporté
24/01/2009 20:23:33 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029100.dll Reporté
24/01/2009 20:23:28 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029098.dll Reporté
24/01/2009 20:23:23 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029096.dll Reporté
24/01/2009 20:23:19 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029093.dll Reporté
24/01/2009 20:23:19 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029097.dll Reporté
Résultat : Absent (événements : 1804)
24/01/2009 22:10:18 c:\WINDOWS\system32\wogiregu.dll.tmp
24/01/2009 22:10:10 c:\WINDOWS\system32\wehokepu.dll.tmp
24/01/2009 22:10:01 c:\WINDOWS\system32\rugobiho.dll.tmp
24/01/2009 22:09:53 c:\WINDOWS\system32\pakiyavo.dll.tmp
24/01/2009 22:09:45 c:\WINDOWS\system32\fakuriyo.dll.tmp
24/01/2009 22:09:36 c:\WINDOWS\system32\dahovibo.dll.tmp
24/01/2009 22:09:28 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029380.dll
24/01/2009 22:09:18 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029378.dll
24/01/2009 22:09:06 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029377.dll
24/01/2009 22:08:57 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029374.dll
24/01/2009 22:08:56 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029172.dll
24/01/2009 22:08:47 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029171.dll
24/01/2009 22:08:38 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029170.dll
24/01/2009 22:08:29 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029100.dll
24/01/2009 22:08:18 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029098.dll
24/01/2009 22:08:09 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029097.dll
24/01/2009 22:07:57 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029096.dll
24/01/2009 22:07:48 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029093.dll
24/01/2009 22:07:38 c:\QooBox\Quarantine\C\WINDOWS\system32\vuzejofu.dll.vir
24/01/2009 22:07:28 c:\QooBox\Quarantine\C\WINDOWS\system32\tuduriro.dll.tmp.vir
24/01/2009 22:07:19 c:\QooBox\Quarantine\C\WINDOWS\system32\rogahefa.dll.tmp.vir
24/01/2009 22:07:10 c:\QooBox\Quarantine\C\WINDOWS\system32\pewekasi.dll.tmp.vir
24/01/2009 22:07:00 c:\QooBox\Quarantine\C\WINDOWS\system32\mohafilu.dll.vir
24/01/2009 22:06:49 c:\QooBox\Quarantine\C\WINDOWS\system32\janifedu.dll.vir
24/01/2009 22:06:39 c:\QooBox\Quarantine\C\WINDOWS\system32\bafuvisi.dll.vir
24/01/2009 22:06:32 c:\program files\Trend Micro\HijackThis\backups\backup-20090121-185643-578.dll
24/01/2009 22:04:05 E:\Games\Sports Interactive\Football Manager 2007\_jvm\bin\java.exe
24/01/2009 21:58:34 E:\Games\Football Manager 2008\jre\bin\javaws.exe
24/01/2009 21:58:34 E:\Games\Football Manager 2008\jre\bin\java.exe
24/01/2009 21:33:59 D:\Games\Sports Interactive\Football Manager 2009\jre\bin\javaws.exe
24/01/2009 21:33:59 D:\Games\Sports Interactive\Football Manager 2009\jre\bin\java.exe
24/01/2009 21:30:07 c:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d\msxml4.dll
24/01/2009 21:30:07 c:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.0.2.0_x-ww_702998db\msxml4.dll
24/01/2009 21:26:07 c:\WINDOWS\system32\wogiregu.dll.tmp
24/01/2009 21:26:06 c:\WINDOWS\system32\wehokepu.dll.tmp
24/01/2009 21:24:57 c:\WINDOWS\system32\rugobiho.dll.tmp
24/01/2009 21:24:48 c:\WINDOWS\system32\pakiyavo.dll.tmp
24/01/2009 21:24:41 c:\WINDOWS\system32\QuickTime.qts
24/01/2009 21:23:43 c:\WINDOWS\system32\msxml4.dll
24/01/2009 21:23:34 c:\WINDOWS\system32\fakuriyo.dll.tmp
24/01/2009 21:23:25 c:\WINDOWS\system32\dahovibo.dll.tmp
24/01/2009 21:10:31 c:\QooBox\Quarantine\C\WINDOWS\system32\vuzejofu.dll.vir
24/01/2009 21:10:28 c:\QooBox\Quarantine\C\WINDOWS\system32\tuduriro.dll.tmp.vir
24/01/2009 21:10:28 c:\QooBox\Quarantine\C\WINDOWS\system32\rogahefa.dll.tmp.vir
24/01/2009 21:10:22 c:\QooBox\Quarantine\C\WINDOWS\system32\pewekasi.dll.tmp.vir
24/01/2009 21:10:18 c:\QooBox\Quarantine\C\WINDOWS\system32\mohafilu.dll.vir
24/01/2009 21:10:17 c:\QooBox\Quarantine\C\WINDOWS\system32\janifedu.dll.vir
24/01/2009 21:09:43 c:\QooBox\Quarantine\C\WINDOWS\system32\bafuvisi.dll.vir
24/01/2009 21:09:21 c:\program files\winamp\winamp.exe
24/01/2009 21:06:40 c:\program files\Trend Micro\HijackThis\backups\backup-20090121-185643-578.dll
24/01/2009 21:06:30 c:\program files\symantec\liveupdate\luall.exe
24/01/2009 21:06:07 c:\program files\real\realplayer\realplay.exe
24/01/2009 21:06:06 c:\program files\quicktime\QuickTimePlayer.Resources\QuickTimePlayer.qtr
24/01/2009 21:06:06 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\zh_TW.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\zh_CN.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\no.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\sv.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\nl.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\ko.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\ja.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\it.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\es.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\fr.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\fi.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\en.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\QuickTimeWebHelper.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\de.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeWebHelper.Resources\da.lproj\QuickTimeWebHelperLocalized.qtr
24/01/2009 21:06:05 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\zh_TW.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\zh_CN.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\sv.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\no.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\nl.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\ko.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\ja.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\it.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\fr.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\fi.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\es.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\en.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\de.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:04 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\da.lproj\QuickTimeVRAuthoringLocalized.qtr
24/01/2009 21:06:03 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\zh_TW.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:03 c:\program files\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\QuickTimeVRAuthoring.qtr
24/01/2009 21:06:03 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\zh_CN.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:03 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\sv.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:03 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\nl.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:03 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\no.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:03 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\ko.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:03 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\ja.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:03 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\it.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:03 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\fr.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:03 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\fi.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:02 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\en.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:02 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\es.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:01 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\de.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:01 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\da.lproj\QuickTimeVRLocalized.qtr
24/01/2009 21:06:01 c:\program files\quicktime\QTSystem\QuickTimeVR.Resources\QuickTimeVR.qtr
24/01/2009 21:06:01 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\zh_TW.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:01 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\zh_CN.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:01 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\sv.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:01 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\no.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:01 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\nl.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\ja.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\ko.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\it.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\fr.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\fi.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\es.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\en.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\QuickTimeStreamingExtras.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\de.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\da.lproj\QuickTimeStreamingExtrasLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\zh_TW.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\zh_CN.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\sv.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:06:00 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\no.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\nl.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\ko.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\ja.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\it.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\fr.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\es.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\fi.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\en.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\de.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\da.lproj\QuickTimeStreamingAuthoringLocalized.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\QuickTimeStreamingAuthoring.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\zh_CN.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:59 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\zh_TW.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:58 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\sv.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:58 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\no.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:58 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\nl.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:58 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\it.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:58 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\ko.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:58 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\ja.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:57 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\fr.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:57 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\fi.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:57 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\es.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:57 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\en.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:57 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\de.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:57 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\da.lproj\QuickTimeStreamingLocalized.qtr
24/01/2009 21:05:57 c:\program files\quicktime\QTSystem\QuickTimeStreaming.Resources\QuickTimeStreaming.qtr
24/01/2009 21:05:57 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\zh_TW.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:40 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\zh_CN.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:40 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\sv.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:37 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\no.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:15 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\nl.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:14 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\ko.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:13 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\ja.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:13 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\it.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:13 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\fr.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\fi.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\es.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\en.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\de.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\da.lproj\QuickTimeQD3DLocalized.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeQD3D.Resources\QuickTimeQD3D.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\zh_CN.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\zh_TW.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\sv.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\no.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\nl.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\ja.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:12 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\it.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\ko.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\fr.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\fi.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\es.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\en.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\da.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\de.lproj\QuickTimeMusicLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMusic.Resources\QuickTimeMusic.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\zh_TW.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\zh_CN.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\sv.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\no.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\nl.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\ko.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:11 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\ja.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\it.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\fr.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\fi.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\es.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\en.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\da.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\de.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\QuickTimeMPEG4Authoring.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\zh_CN.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\zh_TW.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\sv.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\no.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:09 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\nl.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:09 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\ko.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:09 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\ja.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:09 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\it.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:09 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\fr.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:09 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\fi.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:09 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\es.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:09 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\en.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:09 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\da.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:09 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\de.lproj\QuickTimeMPEG4Localized.qtr
24/01/2009 21:05:09 c:\program files\quicktime\QTSystem\QuickTimeMPEG4.Resources\QuickTimeMPEG4.qtr
24/01/2009 21:05:08 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\zh_TW.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:08 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\sv.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:08 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\zh_CN.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:07 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\no.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:07 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\nl.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:07 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\ja.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:07 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\ko.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:06 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\it.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:06 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\fi.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:06 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\fr.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:06 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\es.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:06 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\en.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:06 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\de.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:06 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\da.lproj\QuickTimeMPEGLocalized.qtr
24/01/2009 21:05:06 c:\program files\quicktime\QTSystem\QuickTimeMPEG.Resources\QuickTimeMPEG.qtr
24/01/2009 21:05:06 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\zh_TW.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:06 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\zh_CN.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:05 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\sv.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:05 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\nl.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:05 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\no.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:05 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\ko.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:04 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\fi.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:04 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\ja.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:04 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\it.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:04 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\fr.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:04 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\es.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:04 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\en.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:04 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\de.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:03 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\da.lproj\QuickTimeInternetExtrasLocalized.qtr
24/01/2009 21:05:03 c:\program files\quicktime\QTSystem\QuickTimeInternetExtras.Resources\QuickTimeInternetExtras.qtr
24/01/2009 21:05:03 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\zh_TW.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:03 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\zh_CN.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:03 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\sv.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:03 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\no.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:03 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\nl.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:03 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\ko.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:03 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\it.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:03 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\ja.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:03 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\fr.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:03 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\fi.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\es.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\de.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\en.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\da.lproj\QuickTimeImageLocalized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\zh_TW.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeImage.Resources\QuickTimeImage.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\zh_CN.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\sv.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\no.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\nl.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\ja.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\ko.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\it.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\fr.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\es.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\fi.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\en.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:02 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\de.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:05:01 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\da.lproj\QuickTimeH264Localized.qtr
24/01/2009 21:04:59 c:\program files\quicktime\QTSystem\QuickTimeH264.Resources\QuickTimeH264.qtr
24/01/2009 21:04:59 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\zh_TW.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:59 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\zh_CN.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:59 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\sv.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:59 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\no.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:59 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\nl.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:59 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\ko.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:59 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\ja.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:59 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\it.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:59 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\fr.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:59 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\fi.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:58 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\es.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:58 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\en.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:58 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\de.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:58 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\QuickTimeEssentials.qtr
24/01/2009 21:04:58 c:\program files\quicktime\QTSystem\QuickTimeEssentials.Resources\da.lproj\QuickTimeEssentialsLocalized.qtr
24/01/2009 21:04:58 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\zh_TW.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:58 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\sv.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:58 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\zh_CN.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:58 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\no.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:58 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\ko.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:58 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\ja.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:58 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\nl.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:57 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\it.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:57 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\fr.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:57 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\fi.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:57 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\es.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:57 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\de.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:57 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\en.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:57 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\da.lproj\QuickTimeEffectsLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeEffects.Resources\QuickTimeEffects.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\zh_CN.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\zh_TW.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\sv.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\no.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\nl.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\ko.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\it.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\ja.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\fr.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\fi.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\en.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\es.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\de.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\da.lproj\QuickTimeCaptureLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeCapture.Resources\QuickTimeCapture.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\zh_CN.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\sv.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:56 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\zh_TW.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:50 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\no.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:49 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\nl.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:47 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\ko.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:47 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\ja.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:47 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\it.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:46 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\fr.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:46 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\fi.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:46 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\es.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:46 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\en.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:46 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\de.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:46 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\da.lproj\QuickTimeAuthoringLocalized.qtr
24/01/2009 21:04:46 c:\program files\quicktime\QTSystem\QuickTimeAuthoring.Resources\QuickTimeAuthoring.qtr
24/01/2009 21:04:46 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\zh_TW.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\zh_CN.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\sv.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\no.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\nl.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\ko.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\ja.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\it.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\fi.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\fr.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\es.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\de.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\en.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\da.lproj\QuickTimeAudioSupportLocalized.qtr
24/01/2009 21:04:44 c:\program files\quicktime\QTSystem\QuickTimeAudioSupport.Resources\QuickTimeAudioSupport.qtr
24/01/2009 21:04:44 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\zh_TW.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:44 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\zh_CN.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:44 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\sv.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:44 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\no.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\nl.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\ko.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\ja.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\it.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\fr.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\fi.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\es.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\en.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\de.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\da.lproj\QuickTime3GPPAuthoringLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPPAuthoring.Resources\QuickTime3GPPAuthoring.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\zh_TW.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\zh_CN.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\sv.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\nl.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\no.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\ko.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\ja.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\fr.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\it.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\es.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:43 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\en.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:42 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\fi.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:42 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\de.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:42 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\da.lproj\QuickTime3GPPLocalized.qtr
24/01/2009 21:04:42 c:\program files\quicktime\QTSystem\QuickTime3GPP.Resources\QuickTime3GPP.qtr
24/01/2009 21:05:42 c:\program files\quicktime\QTSystem\QuickTime.Resources\zh_TW.lproj\QuickTimeLocalized.qtr
24/01/2009 21:05:42 c:\program files\quicktime\QTSystem\QuickTime.Resources\zh_CN.lproj\QuickTimeLocalized.qtr
24/01/2009 21:05:39 c:\program files\quicktime\QTSystem\QuickTime.Resources\sv.lproj\QuickTimeLocalized.qtr
24/01/2009 21:05:13 c:\program files\quicktime\QTSystem\QuickTime.Resources\no.lproj\QuickTimeLocalized.qtr
24/01/2009 21:05:13 c:\program files\quicktime\QTSystem\QuickTime.Resources\nl.lproj\QuickTimeLocalized.qtr
24/01/2009 21:05:10 c:\program files\quicktime\QTSystem\QuickTime.Resources\ko.lproj\QuickTimeLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTime.Resources\ja.lproj\QuickTimeLocalized.qtr
24/01/2009 21:04:45 c:\program files\quicktime\QTSystem\QuickTime.Resources\it.lproj\QuickTimeLocalized.qtr
24/01/2009 21:04:42 c:\program files\quicktime\QTSystem\QuickTime.Resources\fr.lproj\QuickTimeLocalized.qtr
24/01/2009 21:04:18 c:\program files\quicktime\QTSystem\QuickTime.Resources\fi.lproj\QuickTimeLocalized.qtr
24/01/2009 21:04:17 c:\program files\quicktime\QTSystem\QuickTime.Resources\es.lproj\QuickTimeLocalized.qtr
24/01/2009 21:04:15 c:\program files\quicktime\QTSystem\QuickTime.Resources\en.lproj\QuickTimeLocalized.qtr
24/01/2009 21:03:54 c:\program files\quicktime\QTSystem\QuickTime.Resources\de.lproj\QuickTimeLocalized.qtr
24/01/2009 21:03:54 c:\program files\quicktime\QTSystem\QuickTime.Resources\da.lproj\QuickTimeLocalized.qtr
24/01/2009 21:03:52 c:\program files\quicktime\QTSystem\QuickTime.Resources\QuickTime.qtr
24/01/2009 21:03:52 c:\program files\quicktime\QTSystem\CoreVideo.Resources\zh_TW.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:51 c:\program files\quicktime\QTSystem\CoreVideo.Resources\sv.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:51 c:\program files\quicktime\QTSystem\CoreVideo.Resources\no.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:51 c:\program files\quicktime\QTSystem\CoreVideo.Resources\zh_CN.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:50 c:\program files\quicktime\QTSystem\CoreVideo.Resources\nl.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:50 c:\program files\quicktime\QTSystem\CoreVideo.Resources\ja.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:50 c:\program files\quicktime\QTSystem\CoreVideo.Resources\ko.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:50 c:\program files\quicktime\QTSystem\CoreVideo.Resources\it.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:50 c:\program files\quicktime\QTSystem\CoreVideo.Resources\fr.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:50 c:\program files\quicktime\QTSystem\CoreVideo.Resources\fi.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:50 c:\program files\quicktime\QTSystem\CoreVideo.Resources\en.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:50 c:\program files\quicktime\QTSystem\CoreVideo.Resources\de.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:50 c:\program files\quicktime\QTSystem\CoreVideo.Resources\es.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:50 c:\program files\quicktime\QTSystem\CoreVideo.Resources\da.lproj\CoreVideoLocalized.qtr
24/01/2009 21:03:50 c:\program files\quicktime\QTSystem\CoreVideo.Resources\CoreVideo.qtr
24/01/2009 21:03:50 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\zh_TW.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\zh_CN.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\sv.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\no.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\nl.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\ko.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\ja.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\it.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\fi.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\fr.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\es.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\da.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\de.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:49 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\en.lproj\PropPanelHelpersLocalized.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PropPanelHelpers.Resources\PropPanelHelpers.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\zh_TW.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\zh_CN.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\sv.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\no.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\nl.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\ko.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\ja.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\it.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\fr.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\fi.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\en.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:48 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\es.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:47 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\de.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:47 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\da.lproj\PanelHelperBaseLocalized.qtr
24/01/2009 21:03:47 c:\program files\quicktime\PropertyPanels\PanelHelperBase.Resources\PanelHelperBase.qtr
24/01/2009 21:03:33 c:\program files\quicktime\PictureViewer.Resources\zh_TW.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:31 c:\program files\quicktime\PictureViewer.Resources\zh_CN.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:12 c:\program files\quicktime\PictureViewer.Resources\sv.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:11 c:\program files\quicktime\PictureViewer.Resources\no.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:10 c:\program files\quicktime\PictureViewer.Resources\nl.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:09 c:\program files\quicktime\PictureViewer.Resources\ko.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:09 c:\program files\quicktime\PictureViewer.Resources\ja.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:09 c:\program files\quicktime\PictureViewer.Resources\it.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:09 c:\program files\quicktime\PictureViewer.Resources\fr.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:08 c:\program files\quicktime\PictureViewer.Resources\fi.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:08 c:\program files\quicktime\PictureViewer.Resources\es.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:08 c:\program files\quicktime\quicktimeplayer.exe
24/01/2009 21:03:08 c:\program files\quicktime\PictureViewer.Resources\en.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:07 c:\program files\quicktime\PictureViewer.Resources\de.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:07 c:\program files\quicktime\PictureViewer.Resources\da.lproj\PictureViewerLocalized.qtr
24/01/2009 21:03:07 c:\program files\quicktime\PictureViewer.Resources\PictureViewer.qtr
24/01/2009 21:02:43 c:\program files\microsoft office\office\winword.exe
24/01/2009 21:02:43 c:\program files\microsoft office\office\powerpnt.exe
24/01/2009 21:02:42 c:\program files\microsoft office\office\OUTLLIB.DLL
24/01/2009 21:02:42 c:\program files\microsoft office\office\MSO9.DLL
24/01/2009 21:02:41 c:\program files\microsoft office\office\excel.exe
24/01/2009 20:24:55 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029380.dll
24/01/2009 20:24:50 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029377.dll
24/01/2009 20:24:50 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029378.dll
24/01/2009 20:24:26 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029374.dll
24/01/2009 20:23:46 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029170.dll
24/01/2009 20:23:46 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029172.dll
24/01/2009 20:23:46 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP174\A0029171.dll
24/01/2009 20:23:32 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029100.dll
24/01/2009 20:23:28 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029098.dll
24/01/2009 20:23:23 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029096.dll
24/01/2009 20:23:19 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029093.dll
24/01/2009 20:23:19 c:\System Volume Information\_restore{EAE57FAC-FE9E-4449-9DB8-0B310B96187B}\RP173\A0029097.dll
24/01/2009 20:23:03 c:\program files\quicktime\quicktimeplayer.exe
24/01/2009 20:22:59 c:\program files\real\realplayer\realplay.exe
24/01/2009 20:22:59 c:\program files\symantec\liveupdate\luall.exe
24/01/2009 20:22:03 c:\program files\microsoft office\office\winword.exe
24/01/2009 20:22:03 c:\program files\winamp\winamp.exe
24/01/2009 20:22:00 c:\program files\microsoft office\office\excel.exe
24/01/2009 20:22:00 c:\program files\microsoft office\office\powerpnt.exe
Analyse complète: terminée le 24/01/2009 22:10:18 (événements : 1804, objets : , durée : 00:00:00)
télécharge OTMoveIt
http://oldtimer.geekstogo.com/OTMoveIt3.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste instruction for items to be moved.
(attention bien mettre :files)
:files
c:\WINDOWS\system32\wogiregu.dll.tmp
c:\WINDOWS\system32\wehokepu.dll.tmp
c:\WINDOWS\system32\rugobiho.dll.tmp
c:\WINDOWS\system32\pakiyavo.dll.tmp
c:\WINDOWS\system32\fakuriyo.dll.tmp
c:\WINDOWS\system32\dahovibo.dll.tmp
c:\WINDOWS\system32\wogiregu.dll.tmp
c:\WINDOWS\system32\wehokepu.dll.tmp
c:\WINDOWS\system32\rugobiho.dll.tmp
c:\WINDOWS\system32\pakiyavo.dll.tmp
c:\WINDOWS\system32\fakuriyo.dll.tmp
c:\WINDOWS\system32\dahovibo.dll.tmp
c:\WINDOWS\system32\wogiregu.dll.tmp
c:\WINDOWS\system32\wehokepu.dll.tmp
c:\WINDOWS\system32\rugobiho.dll.tmp
c:\WINDOWS\system32\pakiyavo.dll.tmp
c:\WINDOWS\system32\fakuriyo.dll.tmp
c:\WINDOWS\system32\dahovibo.dll.tmp
c:\windows\system32\gajulebi.dll
c:\windows\system32\badarizo.dll
c:\windows\system32\sifajade.dll
c:\windows\system32\fohajifu.dll
c:\windows\system32\fitozeba.dll
c:\windows\system32\rejipupo.dll
c:\windows\system32\bohemuko.dll
c:\windows\system32\vodarowo.dll
c:\windows\system32\kafawagi.dll
c:\windows\system32\zeyoheko.dll
c:\windows\system32\hatasefa.dll
c:\windows\system32\geligehu.dll
c:\windows\system32\visujowo.dll
c:\windows\system32\tuhipulo.dll
c:\windows\system32\depohowi.dll
c:\windows\system32\zoweduda.dll
c:\windows\system32\rizepato.dll
c:\windows\system32\jiwewena.dll
:commands
[purity]
[emptytemp]
[start explorer]
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
______________________
vire ce qui est dans le dossier quarantine en allant dans poste de travail puis
c:\QooBox\Quarantine
_________________
vire ce qui est dans le dossier MOVED FILES en allant dans poste de travail puis C puis otmovit
___________________
refais malwarebyte antimalware et vire ce qui est trouvé puis vidange la quarantaine de malwarebyte
_____________________
mettre a jour internet explorer
https://www.01net.com/telecharger/windows/Internet/navigateur/fiches/33081.html
______________________
mettre à jour adobe reader
https://acrobat.adobe.com/fr/fr/acrobat/pdf-reader.html
_________________________
mets la dernière version quicktime
https://www.01net.com/telecharger/windows/Multimedia/lecteurs_video_dvd/fiches/100.html
___________________
Mettre a jour java:
Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries.
Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
Double-clique sur le répertoire JavaRa obtenu.
Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)
Clique sur Search For Updates.
Sélectionne Update Using jucheck.exe puis clique sur Search.
Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log
(c:\JavaRa.log)
Ferme l'application.
si cela ne fonctionne pas
https://www.java.com/fr/download/windows_manual.jsp?locale=fr&host=www.java.com:80
tu peux désinstaller les vieilles versions.
__________________________
Télécharge ToolsCleaner sur ton bureau.
--> http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
__________________________
si tout est ok:
Désactive ta restauration systeme puis redemarre ton ordi puis réactive là comme ceci:
https://www.informatruc.com
_________________________
ensuite colle un rapport avec bitdefender en ligne et remets un rapport RSIT et dis comment se comporte ton pc
voilà j'ai mis beaucoup pour finir ton post car je serai non dispo pendant quelques jours
a plus
http://oldtimer.geekstogo.com/OTMoveIt3.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste instruction for items to be moved.
(attention bien mettre :files)
:files
c:\WINDOWS\system32\wogiregu.dll.tmp
c:\WINDOWS\system32\wehokepu.dll.tmp
c:\WINDOWS\system32\rugobiho.dll.tmp
c:\WINDOWS\system32\pakiyavo.dll.tmp
c:\WINDOWS\system32\fakuriyo.dll.tmp
c:\WINDOWS\system32\dahovibo.dll.tmp
c:\WINDOWS\system32\wogiregu.dll.tmp
c:\WINDOWS\system32\wehokepu.dll.tmp
c:\WINDOWS\system32\rugobiho.dll.tmp
c:\WINDOWS\system32\pakiyavo.dll.tmp
c:\WINDOWS\system32\fakuriyo.dll.tmp
c:\WINDOWS\system32\dahovibo.dll.tmp
c:\WINDOWS\system32\wogiregu.dll.tmp
c:\WINDOWS\system32\wehokepu.dll.tmp
c:\WINDOWS\system32\rugobiho.dll.tmp
c:\WINDOWS\system32\pakiyavo.dll.tmp
c:\WINDOWS\system32\fakuriyo.dll.tmp
c:\WINDOWS\system32\dahovibo.dll.tmp
c:\windows\system32\gajulebi.dll
c:\windows\system32\badarizo.dll
c:\windows\system32\sifajade.dll
c:\windows\system32\fohajifu.dll
c:\windows\system32\fitozeba.dll
c:\windows\system32\rejipupo.dll
c:\windows\system32\bohemuko.dll
c:\windows\system32\vodarowo.dll
c:\windows\system32\kafawagi.dll
c:\windows\system32\zeyoheko.dll
c:\windows\system32\hatasefa.dll
c:\windows\system32\geligehu.dll
c:\windows\system32\visujowo.dll
c:\windows\system32\tuhipulo.dll
c:\windows\system32\depohowi.dll
c:\windows\system32\zoweduda.dll
c:\windows\system32\rizepato.dll
c:\windows\system32\jiwewena.dll
:commands
[purity]
[emptytemp]
[start explorer]
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
______________________
vire ce qui est dans le dossier quarantine en allant dans poste de travail puis
c:\QooBox\Quarantine
_________________
vire ce qui est dans le dossier MOVED FILES en allant dans poste de travail puis C puis otmovit
___________________
refais malwarebyte antimalware et vire ce qui est trouvé puis vidange la quarantaine de malwarebyte
_____________________
mettre a jour internet explorer
https://www.01net.com/telecharger/windows/Internet/navigateur/fiches/33081.html
______________________
mettre à jour adobe reader
https://acrobat.adobe.com/fr/fr/acrobat/pdf-reader.html
_________________________
mets la dernière version quicktime
https://www.01net.com/telecharger/windows/Multimedia/lecteurs_video_dvd/fiches/100.html
___________________
Mettre a jour java:
Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries.
Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
Double-clique sur le répertoire JavaRa obtenu.
Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)
Clique sur Search For Updates.
Sélectionne Update Using jucheck.exe puis clique sur Search.
Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log
(c:\JavaRa.log)
Ferme l'application.
si cela ne fonctionne pas
https://www.java.com/fr/download/windows_manual.jsp?locale=fr&host=www.java.com:80
tu peux désinstaller les vieilles versions.
__________________________
Télécharge ToolsCleaner sur ton bureau.
--> http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
__________________________
si tout est ok:
Désactive ta restauration systeme puis redemarre ton ordi puis réactive là comme ceci:
https://www.informatruc.com
_________________________
ensuite colle un rapport avec bitdefender en ligne et remets un rapport RSIT et dis comment se comporte ton pc
voilà j'ai mis beaucoup pour finir ton post car je serai non dispo pendant quelques jours
a plus
Bonsoir,
Je n'ai pas eu beaucoup de temps pour faire tout ce que tu m'as demande.
Voici deja une partie
========== FILES ==========
c:\WINDOWS\system32\wogiregu.dll.tmp moved successfully.
c:\WINDOWS\system32\wehokepu.dll.tmp moved successfully.
c:\WINDOWS\system32\rugobiho.dll.tmp moved successfully.
c:\WINDOWS\system32\pakiyavo.dll.tmp moved successfully.
c:\WINDOWS\system32\fakuriyo.dll.tmp moved successfully.
c:\WINDOWS\system32\dahovibo.dll.tmp moved successfully.
File/Folder c:\WINDOWS\system32\wogiregu.dll.tmp not found.
File/Folder c:\WINDOWS\system32\wehokepu.dll.tmp not found.
File/Folder c:\WINDOWS\system32\rugobiho.dll.tmp not found.
File/Folder c:\WINDOWS\system32\pakiyavo.dll.tmp not found.
File/Folder c:\WINDOWS\system32\fakuriyo.dll.tmp not found.
File/Folder c:\WINDOWS\system32\dahovibo.dll.tmp not found.
File/Folder c:\WINDOWS\system32\wogiregu.dll.tmp not found.
File/Folder c:\WINDOWS\system32\wehokepu.dll.tmp not found.
File/Folder c:\WINDOWS\system32\rugobiho.dll.tmp not found.
File/Folder c:\WINDOWS\system32\pakiyavo.dll.tmp not found.
File/Folder c:\WINDOWS\system32\fakuriyo.dll.tmp not found.
File/Folder c:\WINDOWS\system32\dahovibo.dll.tmp not found.
LoadLibrary failed for c:\windows\system32\gajulebi.dll
c:\windows\system32\gajulebi.dll NOT unregistered.
c:\windows\system32\gajulebi.dll moved successfully.
LoadLibrary failed for c:\windows\system32\badarizo.dll
c:\windows\system32\badarizo.dll NOT unregistered.
c:\windows\system32\badarizo.dll moved successfully.
LoadLibrary failed for c:\windows\system32\sifajade.dll
c:\windows\system32\sifajade.dll NOT unregistered.
c:\windows\system32\sifajade.dll moved successfully.
LoadLibrary failed for c:\windows\system32\fohajifu.dll
c:\windows\system32\fohajifu.dll NOT unregistered.
c:\windows\system32\fohajifu.dll moved successfully.
LoadLibrary failed for c:\windows\system32\fitozeba.dll
c:\windows\system32\fitozeba.dll NOT unregistered.
c:\windows\system32\fitozeba.dll moved successfully.
LoadLibrary failed for c:\windows\system32\rejipupo.dll
c:\windows\system32\rejipupo.dll NOT unregistered.
c:\windows\system32\rejipupo.dll moved successfully.
LoadLibrary failed for c:\windows\system32\bohemuko.dll
c:\windows\system32\bohemuko.dll NOT unregistered.
c:\windows\system32\bohemuko.dll moved successfully.
LoadLibrary failed for c:\windows\system32\vodarowo.dll
c:\windows\system32\vodarowo.dll NOT unregistered.
c:\windows\system32\vodarowo.dll moved successfully.
LoadLibrary failed for c:\windows\system32\kafawagi.dll
c:\windows\system32\kafawagi.dll NOT unregistered.
c:\windows\system32\kafawagi.dll moved successfully.
LoadLibrary failed for c:\windows\system32\zeyoheko.dll
c:\windows\system32\zeyoheko.dll NOT unregistered.
c:\windows\system32\zeyoheko.dll moved successfully.
LoadLibrary failed for c:\windows\system32\hatasefa.dll
c:\windows\system32\hatasefa.dll NOT unregistered.
c:\windows\system32\hatasefa.dll moved successfully.
LoadLibrary failed for c:\windows\system32\geligehu.dll
c:\windows\system32\geligehu.dll NOT unregistered.
c:\windows\system32\geligehu.dll moved successfully.
LoadLibrary failed for c:\windows\system32\visujowo.dll
c:\windows\system32\visujowo.dll NOT unregistered.
c:\windows\system32\visujowo.dll moved successfully.
LoadLibrary failed for c:\windows\system32\tuhipulo.dll
c:\windows\system32\tuhipulo.dll NOT unregistered.
c:\windows\system32\tuhipulo.dll moved successfully.
LoadLibrary failed for c:\windows\system32\depohowi.dll
c:\windows\system32\depohowi.dll NOT unregistered.
c:\windows\system32\depohowi.dll moved successfully.
LoadLibrary failed for c:\windows\system32\zoweduda.dll
c:\windows\system32\zoweduda.dll NOT unregistered.
c:\windows\system32\zoweduda.dll moved successfully.
LoadLibrary failed for c:\windows\system32\rizepato.dll
c:\windows\system32\rizepato.dll NOT unregistered.
c:\windows\system32\rizepato.dll moved successfully.
LoadLibrary failed for c:\windows\system32\jiwewena.dll
c:\windows\system32\jiwewena.dll NOT unregistered.
c:\windows\system32\jiwewena.dll moved successfully.
========== COMMANDS ==========
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01262009_185232
Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1684
Windows 5.1.2600 Service Pack 2
26/01/2009 20:24:45
mbam-log-2009-01-26 (20-24-45).txt
Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 133658
Temps écoulé: 1 hour(s), 11 minute(s), 45 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Je n'ai pas eu beaucoup de temps pour faire tout ce que tu m'as demande.
Voici deja une partie
========== FILES ==========
c:\WINDOWS\system32\wogiregu.dll.tmp moved successfully.
c:\WINDOWS\system32\wehokepu.dll.tmp moved successfully.
c:\WINDOWS\system32\rugobiho.dll.tmp moved successfully.
c:\WINDOWS\system32\pakiyavo.dll.tmp moved successfully.
c:\WINDOWS\system32\fakuriyo.dll.tmp moved successfully.
c:\WINDOWS\system32\dahovibo.dll.tmp moved successfully.
File/Folder c:\WINDOWS\system32\wogiregu.dll.tmp not found.
File/Folder c:\WINDOWS\system32\wehokepu.dll.tmp not found.
File/Folder c:\WINDOWS\system32\rugobiho.dll.tmp not found.
File/Folder c:\WINDOWS\system32\pakiyavo.dll.tmp not found.
File/Folder c:\WINDOWS\system32\fakuriyo.dll.tmp not found.
File/Folder c:\WINDOWS\system32\dahovibo.dll.tmp not found.
File/Folder c:\WINDOWS\system32\wogiregu.dll.tmp not found.
File/Folder c:\WINDOWS\system32\wehokepu.dll.tmp not found.
File/Folder c:\WINDOWS\system32\rugobiho.dll.tmp not found.
File/Folder c:\WINDOWS\system32\pakiyavo.dll.tmp not found.
File/Folder c:\WINDOWS\system32\fakuriyo.dll.tmp not found.
File/Folder c:\WINDOWS\system32\dahovibo.dll.tmp not found.
LoadLibrary failed for c:\windows\system32\gajulebi.dll
c:\windows\system32\gajulebi.dll NOT unregistered.
c:\windows\system32\gajulebi.dll moved successfully.
LoadLibrary failed for c:\windows\system32\badarizo.dll
c:\windows\system32\badarizo.dll NOT unregistered.
c:\windows\system32\badarizo.dll moved successfully.
LoadLibrary failed for c:\windows\system32\sifajade.dll
c:\windows\system32\sifajade.dll NOT unregistered.
c:\windows\system32\sifajade.dll moved successfully.
LoadLibrary failed for c:\windows\system32\fohajifu.dll
c:\windows\system32\fohajifu.dll NOT unregistered.
c:\windows\system32\fohajifu.dll moved successfully.
LoadLibrary failed for c:\windows\system32\fitozeba.dll
c:\windows\system32\fitozeba.dll NOT unregistered.
c:\windows\system32\fitozeba.dll moved successfully.
LoadLibrary failed for c:\windows\system32\rejipupo.dll
c:\windows\system32\rejipupo.dll NOT unregistered.
c:\windows\system32\rejipupo.dll moved successfully.
LoadLibrary failed for c:\windows\system32\bohemuko.dll
c:\windows\system32\bohemuko.dll NOT unregistered.
c:\windows\system32\bohemuko.dll moved successfully.
LoadLibrary failed for c:\windows\system32\vodarowo.dll
c:\windows\system32\vodarowo.dll NOT unregistered.
c:\windows\system32\vodarowo.dll moved successfully.
LoadLibrary failed for c:\windows\system32\kafawagi.dll
c:\windows\system32\kafawagi.dll NOT unregistered.
c:\windows\system32\kafawagi.dll moved successfully.
LoadLibrary failed for c:\windows\system32\zeyoheko.dll
c:\windows\system32\zeyoheko.dll NOT unregistered.
c:\windows\system32\zeyoheko.dll moved successfully.
LoadLibrary failed for c:\windows\system32\hatasefa.dll
c:\windows\system32\hatasefa.dll NOT unregistered.
c:\windows\system32\hatasefa.dll moved successfully.
LoadLibrary failed for c:\windows\system32\geligehu.dll
c:\windows\system32\geligehu.dll NOT unregistered.
c:\windows\system32\geligehu.dll moved successfully.
LoadLibrary failed for c:\windows\system32\visujowo.dll
c:\windows\system32\visujowo.dll NOT unregistered.
c:\windows\system32\visujowo.dll moved successfully.
LoadLibrary failed for c:\windows\system32\tuhipulo.dll
c:\windows\system32\tuhipulo.dll NOT unregistered.
c:\windows\system32\tuhipulo.dll moved successfully.
LoadLibrary failed for c:\windows\system32\depohowi.dll
c:\windows\system32\depohowi.dll NOT unregistered.
c:\windows\system32\depohowi.dll moved successfully.
LoadLibrary failed for c:\windows\system32\zoweduda.dll
c:\windows\system32\zoweduda.dll NOT unregistered.
c:\windows\system32\zoweduda.dll moved successfully.
LoadLibrary failed for c:\windows\system32\rizepato.dll
c:\windows\system32\rizepato.dll NOT unregistered.
c:\windows\system32\rizepato.dll moved successfully.
LoadLibrary failed for c:\windows\system32\jiwewena.dll
c:\windows\system32\jiwewena.dll NOT unregistered.
c:\windows\system32\jiwewena.dll moved successfully.
========== COMMANDS ==========
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01262009_185232
Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1684
Windows 5.1.2600 Service Pack 2
26/01/2009 20:24:45
mbam-log-2009-01-26 (20-24-45).txt
Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 133658
Temps écoulé: 1 hour(s), 11 minute(s), 45 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
ok
mettre a jour internet explorer
https://www.01net.com/telecharger/windows/Internet/navigateur/fiches/33081.html
______________________
mettre à jour adobe reader
https://acrobat.adobe.com/fr/fr/acrobat/pdf-reader.html
_________________________
mets la dernière version quicktime
https://www.01net.com/
___________________
Mettre a jour java:
Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries.
Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
Double-clique sur le répertoire JavaRa obtenu.
Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)
Clique sur Search For Updates.
Sélectionne Update Using jucheck.exe puis clique sur Search.
Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log
(c:\JavaRa.log)
Ferme l'application.
si cela ne fonctionne pas
https://www.java.com/fr/download/windows_manual.jsp?locale=fr&host=www.java.com:80
tu peux désinstaller les vieilles versions.
__________________________
Télécharge ToolsCleaner sur ton bureau.
--> https://www.commentcamarche.net/telecharger/ 34055291 toolscleaner
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
__________________________
si tout est ok:
Désactive ta restauration systeme puis redemarre ton ordi puis réactive là comme ceci:
https://www.informatruc.com
_________________________
ensuite colle un rapport avec bitdefender en ligne et remets un rapport RSIT et dis comment se comporte ton pc
mettre a jour internet explorer
https://www.01net.com/telecharger/windows/Internet/navigateur/fiches/33081.html
______________________
mettre à jour adobe reader
https://acrobat.adobe.com/fr/fr/acrobat/pdf-reader.html
_________________________
mets la dernière version quicktime
https://www.01net.com/
___________________
Mettre a jour java:
Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries.
Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
Double-clique sur le répertoire JavaRa obtenu.
Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)
Clique sur Search For Updates.
Sélectionne Update Using jucheck.exe puis clique sur Search.
Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log
(c:\JavaRa.log)
Ferme l'application.
si cela ne fonctionne pas
https://www.java.com/fr/download/windows_manual.jsp?locale=fr&host=www.java.com:80
tu peux désinstaller les vieilles versions.
__________________________
Télécharge ToolsCleaner sur ton bureau.
--> https://www.commentcamarche.net/telecharger/ 34055291 toolscleaner
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
__________________________
si tout est ok:
Désactive ta restauration systeme puis redemarre ton ordi puis réactive là comme ceci:
https://www.informatruc.com
_________________________
ensuite colle un rapport avec bitdefender en ligne et remets un rapport RSIT et dis comment se comporte ton pc
Sorry pour la réponse tardive, je fais tout cela ce soir.
Encore merci.