Rapports HijackThis
Résolu/Fermé
A voir également:
- Rapports HijackThis
- Hijackthis windows 10 - Télécharger - Antivirus & Antimalwares
- Aidez-moi svp!voila mon rapport hijackthis. ✓ - Forum Virus
- [Winlogon.exe] voici mon rapport HijackThis ✓ - Forum Virus
- Aide pour analyser rapport Hijackthis ✓ - Forum Virus
46 réponses
eZula
Messages postés
3391
Date d'inscription
samedi 26 avril 2008
Statut
Contributeur
Dernière intervention
8 mai 2021
392
3 mars 2009 à 19:45
3 mars 2009 à 19:45
C:\Windows ou C:\Windows\system32 ?
Utilisateur anonyme
3 mars 2009 à 19:48
3 mars 2009 à 19:48
ah desoler , oui oui , bien dans C:\WINDOWS\System32 , j'ai u une erreur de frappe
eZula
Messages postés
3391
Date d'inscription
samedi 26 avril 2008
Statut
Contributeur
Dernière intervention
8 mai 2021
392
3 mars 2009 à 20:28
3 mars 2009 à 20:28
bien, donc regarde ce que ça donne sur virustotal
Utilisateur anonyme
4 mars 2009 à 23:58
4 mars 2009 à 23:58
voici se que VirusTotal me dit :
Fichier sopidkc.exe reçu le 2009.03.03 06:02:14 (CET)
Situation actuelle: terminé
Résultat: 12/39 (30.77%)
Formaté Formaté
Impression des résultats Impression des résultats
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.03.03 Virus.Win32.Refpron!IK
AhnLab-V3 5.0.0.2 2009.02.27 -
AntiVir 7.9.0.98 2009.03.02 -
Authentium 5.1.0.4 2009.03.03 -
Avast 4.8.1335.0 2009.03.02 Win32:Refpron-M
AVG 8.0.0.237 2009.03.03 -
BitDefender 7.2 2009.03.03 -
CAT-QuickHeal 10.00 2009.03.02 -
ClamAV 0.94.1 2009.03.03 -
Comodo 986 2009.02.20 -
DrWeb 4.44.0.09170 2009.03.03 -
eSafe 7.0.17.0 2009.03.02 Win32.TrojanRefpron
eTrust-Vet 31.6.6380 2009.03.02 -
F-Prot 4.4.4.56 2009.03.02 -
F-Secure 8.0.14470.0 2009.03.03 Trojan.Win32.Agent2.enf
Fortinet 3.117.0.0 2009.03.03 -
GData 19 2009.03.03 Win32:Refpron-M
Ikarus T3.1.1.45.0 2009.03.03 Virus.Win32.Refpron
K7AntiVirus 7.10.654 2009.03.02 -
Kaspersky 7.0.0.125 2009.03.03 Trojan.Win32.Agent2.enz
McAfee 5541 2009.03.02 -
McAfee+Artemis 5541 2009.03.02 -
Microsoft 1.4306 2009.03.02 Trojan:Win32/Refpron.gen!C
NOD32 3902 2009.03.02 a variant of Win32/Adware.Coolezweb
Norman 6.00.06 2009.03.02 -
nProtect 2009.1.8.0 2009.03.03 -
Panda 10.0.0.10 2009.03.02 Generic Trojan
PCTools 4.4.2.0 2009.03.02 -
Prevx1 V2 2009.03.03 High Risk Cloaked Malware
Rising 21.19.10.00 2009.03.03 -
SecureWeb-Gateway 6.7.6 2009.03.03 Trojan.LooksLike.Delf
Sophos 4.39.0 2009.03.03 -
Sunbelt 3.2.1858.2 2009.03.02 -
Symantec 10 2009.03.03 -
TheHacker 6.3.2.6.269 2009.03.02 -
TrendMicro 8.700.0.1004 2009.03.03 -
VBA32 3.12.10.1 2009.03.03 -
ViRobot 2009.3.2.1630 2009.03.02 -
VirusBuster 4.5.11.0 2009.03.02 -
Information additionnelle
File size: 48128 bytes
MD5...: bfcdf59fed2e4efd2daf4e0f8a9b5640
SHA1..: d1c8604e4521182d85e9390019a7aa646c07ec8c
SHA256: ea298b1903dec2f2cccf6f70fffd7a7366763e11df7ee1d169e4b1f73da687a8
SHA512: ddec79524a71e87c5a57505e24a2d521c079a698252a2929ed77953e7849d20a
4dc3fba43e9c597baa18f0ecd3adb1f54090a15d7535c639e8ea02bde4577ebc
ssdeep: 768:UCWoBBcXdVVJoxVETxhcmmlZ0QeFLeUc4aMdpqX6/ovfLoF76jXWBaO7MFKL
:UwcXdVVJoxVETxeHeVLc4alX8oXLM76o
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x716c
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)
( 6 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0x7dd4 0x7e00 6.16 17098a04f06f17b84644dd99b0d24e31
DATA 0x9000 0x408 0x600 3.08 d90810b065a30024ee7cbfa31aa79aad
BSS 0xa000 0x50d 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0xb000 0x1820 0x1a00 4.78 a2428d2308ea20fd6ffb4e1f7c4a1265
.reloc 0xd000 0xd78 0xe00 6.62 bc0ab0700fcadf890521762a9ba25e14
.rsrc 0xe000 0xc00 0xc00 5.19 d93f8fc76becb051043a3b2afaf55232
( 18 imports )
> rtl60.bpl: @System@initialization$qqrv, @System@Finalization$qqrv, @System@FreeMemory$qpv, @System@RegisterModule$qqrp17System@TLibModule, @System@StringToWideChar$qqrx17System@AnsiStringpbi, @System@@FinalizeArray$qqrpvt1ui, @System@@FinalizeRecord$qqrpvt1, @System@@InitializeArray$qqrpvt1ui, @System@@InitializeRecord$qqrpvt1, @System@@WStrClr$qqrpv, @System@@LStrSetLength$qqrv, @System@@LStrPos$qqrv, @System@@LStrDelete$qqrv, @System@@LStrCopy$qqrv, @System@@UniqueStringA$qqrr17System@AnsiString, @System@@LStrToPChar$qqrx17System@AnsiString, @System@@LStrAddRef$qqrpv, @System@@LStrCmp$qqrv, @System@@LStrCatN$qqrv, @System@@LStrCat3$qqrv, @System@@LStrCat$qqrv, @System@@LStrLen$qqrx17System@AnsiString, @System@@LStrFromArray$qqrr17System@AnsiStringpci, @System@@LStrFromString$qqrr17System@AnsiStringrx28System@_SmallString$iuc$255_, @System@@LStrFromPChar$qqrr17System@AnsiStringpc, @System@@LStrFromPCharLen$qqrr17System@AnsiStringpci, @System@@LStrLAsg$qqrpvpxv, @System@@LStrAsg$qqrpvpxv, @System@@LStrArrayClr$qqrpvi, @System@@LStrClr$qqrpv, @System@@Halt0$qqrv, @System@@StartExe$qqrp23System@PackageInfoTablep17System@TLibModule, @System@@TryFinallyExit$qqrv, @System@@DoneExcept$qqrv, @System@@RaiseExcept$qqrv, @System@@HandleFinally$qqrv, @System@@HandleOnException$qqrv, @System@@HandleAnyException$qqrv, @System@@BeforeDestruction$qqrp14System@TObjectzc, @System@@AfterConstruction$qqrp14System@TObject, @System@@ClassDestroy$qqrp14System@TObject, @System@@ClassCreate$qqrp17System@TMetaClasso, @System@TObject@Dispatch$qqrpv, @System@TObject@BeforeDestruction$qqrv, @System@TObject@AfterConstruction$qqrv, @System@TObject@DefaultHandler$qqrpv, @System@TObject@SafeCallException$qqrp14System@TObjectpv, @System@TObject@Free$qqrv, @System@TObject@$bdtr$qqrv, @System@TObject@$bctr$qqrv, @System@TObject@FreeInstance$qqrv, @System@TObject@NewInstance$qqrp17System@TMetaClass, @System@@RandInt$qqrv, @System@@FillChar$qqrpvic, @System@@PStrCpy$qqrp28System@_SmallString$iuc$255_t1, @System@@PStrNCat$qqrv, @System@@ROUND$qqrv, @System@UpCase$qqrc, @System@Randomize$qqrv, @System@ParamStr$qqri, @System@ParamCount$qqrv, @System@Move$qqrpxvpvi, @System@IsMultiThread, @System@TObject@, @$xp$13System@String
> kernel32.dll: GetModuleHandleA
> kernel32.dll: SystemTimeToFileTime, SetFileTime, LocalFree, LocalFileTimeToFileTime, LoadLibraryA, GetProcAddress, GetLastError, FreeLibrary, FileTimeToSystemTime, FileTimeToLocalFileTime
> rtl60.bpl: @Types@initialization$qqrv, @Types@Finalization$qqrv
> rtl60.bpl: @Sysutils@initialization$qqrv, @Sysutils@Finalization$qqrv, @Sysutils@Exception@$bctr$qqrx17System@AnsiString, @Sysutils@FormatDateTime$qqrx17System@AnsiString16System@TDateTime, @Sysutils@Now$qqrv, @Sysutils@SystemTimeToDateTime$qqrrx11_SYSTEMTIME, @Sysutils@DateTimeToSystemTime$qqrx16System@TDateTimer11_SYSTEMTIME, @Sysutils@Format$qqrx17System@AnsiStringpx14System@TVarRecxi, @Sysutils@StrLen$qqrpxc, @Sysutils@FindClose$qqrr19Sysutils@TSearchRec, @Sysutils@FindFirst$qqrx17System@AnsiStringir19Sysutils@TSearchRec, @Sysutils@FileExists$qqrx17System@AnsiString, @Sysutils@FileClose$qqri, @Sysutils@FileOpen$qqrx17System@AnsiStringui, @Sysutils@StrToInt$qqrx17System@AnsiString, @Sysutils@IntToStr$qqri, @Sysutils@Trim$qqrx17System@AnsiString, @Sysutils@LowerCase$qqrx17System@AnsiString, @Sysutils@UpperCase$qqrx17System@AnsiString, @Sysutils@AllocMem$qqrui, @Sysutils@Exception@, @$xp$19Sysutils@TSearchRec
> rtl60.bpl: @Sysconst@initialization$qqrv, @Sysconst@Finalization$qqrv
> rtl60.bpl: @Classes@initialization$qqrv, @Classes@Finalization$qqrv, @Classes@TStringList@SetSorted$qqro, @Classes@TStringList@
> rtl60.bpl: @Activex@initialization$qqrv, @Activex@Finalization$qqrv
> rtl60.bpl: @Typinfo@initialization$qqrv, @Typinfo@Finalization$qqrv
> rtl60.bpl: @Variants@initialization$qqrv, @Variants@Finalization$qqrv
> rtl60.bpl: @Varutils@initialization$qqrv, @Varutils@Finalization$qqrv
> rtl60.bpl: @Rtlconsts@initialization$qqrv, @Rtlconsts@Finalization$qqrv
> rtl60.bpl: @Registry@initialization$qqrv, @Registry@Finalization$qqrv, @Registry@TRegistry@WriteInteger$qqrx17System@AnsiStringi, @Registry@TRegistry@WriteString$qqrx17System@AnsiStringt1, @Registry@TRegistry@DeleteValue$qqrx17System@AnsiString, @Registry@TRegistry@OpenKey$qqrx17System@AnsiStringo, @Registry@TRegistry@SetRootKey$qqrui, @Registry@TRegistry@CloseKey$qqrv, @Registry@TRegistry@$bctr$qqrv, @Registry@TRegistry@
> rtl60.bpl: @Inifiles@initialization$qqrv, @Inifiles@Finalization$qqrv
> rtl60.bpl: @Dateutils@initialization$qqrv, @Dateutils@Finalization$qqrv, @Dateutils@IncDay$qqrx16System@TDateTimexi, @Dateutils@HourSpan$qqrx16System@TDateTimet1, @Dateutils@DayOf$qqrx16System@TDateTime
> rtl60.bpl: @Math@initialization$qqrv, @Math@Finalization$qqrv
> rtl60.bpl: @Syncobjs@initialization$qqrv, @Syncobjs@Finalization$qqrv, @Syncobjs@TCriticalSection@$bctr$qqrv, @Syncobjs@TCriticalSection@
> rtl60.bpl: @Strutils@initialization$qqrv, @Strutils@Finalization$qqrv
( 0 exports )
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=05CED2AD00D35284BC29001EDB64CD00500371D7
ThreatExpert info: https://www.symantec.com?md5=bfcdf59fed2e4efd2daf4e0f8a9b5640
Fichier sopidkc.exe reçu le 2009.03.03 06:02:14 (CET)
Situation actuelle: terminé
Résultat: 12/39 (30.77%)
Formaté Formaté
Impression des résultats Impression des résultats
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.03.03 Virus.Win32.Refpron!IK
AhnLab-V3 5.0.0.2 2009.02.27 -
AntiVir 7.9.0.98 2009.03.02 -
Authentium 5.1.0.4 2009.03.03 -
Avast 4.8.1335.0 2009.03.02 Win32:Refpron-M
AVG 8.0.0.237 2009.03.03 -
BitDefender 7.2 2009.03.03 -
CAT-QuickHeal 10.00 2009.03.02 -
ClamAV 0.94.1 2009.03.03 -
Comodo 986 2009.02.20 -
DrWeb 4.44.0.09170 2009.03.03 -
eSafe 7.0.17.0 2009.03.02 Win32.TrojanRefpron
eTrust-Vet 31.6.6380 2009.03.02 -
F-Prot 4.4.4.56 2009.03.02 -
F-Secure 8.0.14470.0 2009.03.03 Trojan.Win32.Agent2.enf
Fortinet 3.117.0.0 2009.03.03 -
GData 19 2009.03.03 Win32:Refpron-M
Ikarus T3.1.1.45.0 2009.03.03 Virus.Win32.Refpron
K7AntiVirus 7.10.654 2009.03.02 -
Kaspersky 7.0.0.125 2009.03.03 Trojan.Win32.Agent2.enz
McAfee 5541 2009.03.02 -
McAfee+Artemis 5541 2009.03.02 -
Microsoft 1.4306 2009.03.02 Trojan:Win32/Refpron.gen!C
NOD32 3902 2009.03.02 a variant of Win32/Adware.Coolezweb
Norman 6.00.06 2009.03.02 -
nProtect 2009.1.8.0 2009.03.03 -
Panda 10.0.0.10 2009.03.02 Generic Trojan
PCTools 4.4.2.0 2009.03.02 -
Prevx1 V2 2009.03.03 High Risk Cloaked Malware
Rising 21.19.10.00 2009.03.03 -
SecureWeb-Gateway 6.7.6 2009.03.03 Trojan.LooksLike.Delf
Sophos 4.39.0 2009.03.03 -
Sunbelt 3.2.1858.2 2009.03.02 -
Symantec 10 2009.03.03 -
TheHacker 6.3.2.6.269 2009.03.02 -
TrendMicro 8.700.0.1004 2009.03.03 -
VBA32 3.12.10.1 2009.03.03 -
ViRobot 2009.3.2.1630 2009.03.02 -
VirusBuster 4.5.11.0 2009.03.02 -
Information additionnelle
File size: 48128 bytes
MD5...: bfcdf59fed2e4efd2daf4e0f8a9b5640
SHA1..: d1c8604e4521182d85e9390019a7aa646c07ec8c
SHA256: ea298b1903dec2f2cccf6f70fffd7a7366763e11df7ee1d169e4b1f73da687a8
SHA512: ddec79524a71e87c5a57505e24a2d521c079a698252a2929ed77953e7849d20a
4dc3fba43e9c597baa18f0ecd3adb1f54090a15d7535c639e8ea02bde4577ebc
ssdeep: 768:UCWoBBcXdVVJoxVETxhcmmlZ0QeFLeUc4aMdpqX6/ovfLoF76jXWBaO7MFKL
:UwcXdVVJoxVETxeHeVLc4alX8oXLM76o
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x716c
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)
( 6 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0x7dd4 0x7e00 6.16 17098a04f06f17b84644dd99b0d24e31
DATA 0x9000 0x408 0x600 3.08 d90810b065a30024ee7cbfa31aa79aad
BSS 0xa000 0x50d 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0xb000 0x1820 0x1a00 4.78 a2428d2308ea20fd6ffb4e1f7c4a1265
.reloc 0xd000 0xd78 0xe00 6.62 bc0ab0700fcadf890521762a9ba25e14
.rsrc 0xe000 0xc00 0xc00 5.19 d93f8fc76becb051043a3b2afaf55232
( 18 imports )
> rtl60.bpl: @System@initialization$qqrv, @System@Finalization$qqrv, @System@FreeMemory$qpv, @System@RegisterModule$qqrp17System@TLibModule, @System@StringToWideChar$qqrx17System@AnsiStringpbi, @System@@FinalizeArray$qqrpvt1ui, @System@@FinalizeRecord$qqrpvt1, @System@@InitializeArray$qqrpvt1ui, @System@@InitializeRecord$qqrpvt1, @System@@WStrClr$qqrpv, @System@@LStrSetLength$qqrv, @System@@LStrPos$qqrv, @System@@LStrDelete$qqrv, @System@@LStrCopy$qqrv, @System@@UniqueStringA$qqrr17System@AnsiString, @System@@LStrToPChar$qqrx17System@AnsiString, @System@@LStrAddRef$qqrpv, @System@@LStrCmp$qqrv, @System@@LStrCatN$qqrv, @System@@LStrCat3$qqrv, @System@@LStrCat$qqrv, @System@@LStrLen$qqrx17System@AnsiString, @System@@LStrFromArray$qqrr17System@AnsiStringpci, @System@@LStrFromString$qqrr17System@AnsiStringrx28System@_SmallString$iuc$255_, @System@@LStrFromPChar$qqrr17System@AnsiStringpc, @System@@LStrFromPCharLen$qqrr17System@AnsiStringpci, @System@@LStrLAsg$qqrpvpxv, @System@@LStrAsg$qqrpvpxv, @System@@LStrArrayClr$qqrpvi, @System@@LStrClr$qqrpv, @System@@Halt0$qqrv, @System@@StartExe$qqrp23System@PackageInfoTablep17System@TLibModule, @System@@TryFinallyExit$qqrv, @System@@DoneExcept$qqrv, @System@@RaiseExcept$qqrv, @System@@HandleFinally$qqrv, @System@@HandleOnException$qqrv, @System@@HandleAnyException$qqrv, @System@@BeforeDestruction$qqrp14System@TObjectzc, @System@@AfterConstruction$qqrp14System@TObject, @System@@ClassDestroy$qqrp14System@TObject, @System@@ClassCreate$qqrp17System@TMetaClasso, @System@TObject@Dispatch$qqrpv, @System@TObject@BeforeDestruction$qqrv, @System@TObject@AfterConstruction$qqrv, @System@TObject@DefaultHandler$qqrpv, @System@TObject@SafeCallException$qqrp14System@TObjectpv, @System@TObject@Free$qqrv, @System@TObject@$bdtr$qqrv, @System@TObject@$bctr$qqrv, @System@TObject@FreeInstance$qqrv, @System@TObject@NewInstance$qqrp17System@TMetaClass, @System@@RandInt$qqrv, @System@@FillChar$qqrpvic, @System@@PStrCpy$qqrp28System@_SmallString$iuc$255_t1, @System@@PStrNCat$qqrv, @System@@ROUND$qqrv, @System@UpCase$qqrc, @System@Randomize$qqrv, @System@ParamStr$qqri, @System@ParamCount$qqrv, @System@Move$qqrpxvpvi, @System@IsMultiThread, @System@TObject@, @$xp$13System@String
> kernel32.dll: GetModuleHandleA
> kernel32.dll: SystemTimeToFileTime, SetFileTime, LocalFree, LocalFileTimeToFileTime, LoadLibraryA, GetProcAddress, GetLastError, FreeLibrary, FileTimeToSystemTime, FileTimeToLocalFileTime
> rtl60.bpl: @Types@initialization$qqrv, @Types@Finalization$qqrv
> rtl60.bpl: @Sysutils@initialization$qqrv, @Sysutils@Finalization$qqrv, @Sysutils@Exception@$bctr$qqrx17System@AnsiString, @Sysutils@FormatDateTime$qqrx17System@AnsiString16System@TDateTime, @Sysutils@Now$qqrv, @Sysutils@SystemTimeToDateTime$qqrrx11_SYSTEMTIME, @Sysutils@DateTimeToSystemTime$qqrx16System@TDateTimer11_SYSTEMTIME, @Sysutils@Format$qqrx17System@AnsiStringpx14System@TVarRecxi, @Sysutils@StrLen$qqrpxc, @Sysutils@FindClose$qqrr19Sysutils@TSearchRec, @Sysutils@FindFirst$qqrx17System@AnsiStringir19Sysutils@TSearchRec, @Sysutils@FileExists$qqrx17System@AnsiString, @Sysutils@FileClose$qqri, @Sysutils@FileOpen$qqrx17System@AnsiStringui, @Sysutils@StrToInt$qqrx17System@AnsiString, @Sysutils@IntToStr$qqri, @Sysutils@Trim$qqrx17System@AnsiString, @Sysutils@LowerCase$qqrx17System@AnsiString, @Sysutils@UpperCase$qqrx17System@AnsiString, @Sysutils@AllocMem$qqrui, @Sysutils@Exception@, @$xp$19Sysutils@TSearchRec
> rtl60.bpl: @Sysconst@initialization$qqrv, @Sysconst@Finalization$qqrv
> rtl60.bpl: @Classes@initialization$qqrv, @Classes@Finalization$qqrv, @Classes@TStringList@SetSorted$qqro, @Classes@TStringList@
> rtl60.bpl: @Activex@initialization$qqrv, @Activex@Finalization$qqrv
> rtl60.bpl: @Typinfo@initialization$qqrv, @Typinfo@Finalization$qqrv
> rtl60.bpl: @Variants@initialization$qqrv, @Variants@Finalization$qqrv
> rtl60.bpl: @Varutils@initialization$qqrv, @Varutils@Finalization$qqrv
> rtl60.bpl: @Rtlconsts@initialization$qqrv, @Rtlconsts@Finalization$qqrv
> rtl60.bpl: @Registry@initialization$qqrv, @Registry@Finalization$qqrv, @Registry@TRegistry@WriteInteger$qqrx17System@AnsiStringi, @Registry@TRegistry@WriteString$qqrx17System@AnsiStringt1, @Registry@TRegistry@DeleteValue$qqrx17System@AnsiString, @Registry@TRegistry@OpenKey$qqrx17System@AnsiStringo, @Registry@TRegistry@SetRootKey$qqrui, @Registry@TRegistry@CloseKey$qqrv, @Registry@TRegistry@$bctr$qqrv, @Registry@TRegistry@
> rtl60.bpl: @Inifiles@initialization$qqrv, @Inifiles@Finalization$qqrv
> rtl60.bpl: @Dateutils@initialization$qqrv, @Dateutils@Finalization$qqrv, @Dateutils@IncDay$qqrx16System@TDateTimexi, @Dateutils@HourSpan$qqrx16System@TDateTimet1, @Dateutils@DayOf$qqrx16System@TDateTime
> rtl60.bpl: @Math@initialization$qqrv, @Math@Finalization$qqrv
> rtl60.bpl: @Syncobjs@initialization$qqrv, @Syncobjs@Finalization$qqrv, @Syncobjs@TCriticalSection@$bctr$qqrv, @Syncobjs@TCriticalSection@
> rtl60.bpl: @Strutils@initialization$qqrv, @Strutils@Finalization$qqrv
( 0 exports )
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=05CED2AD00D35284BC29001EDB64CD00500371D7
ThreatExpert info: https://www.symantec.com?md5=bfcdf59fed2e4efd2daf4e0f8a9b5640
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
eZula
Messages postés
3391
Date d'inscription
samedi 26 avril 2008
Statut
Contributeur
Dernière intervention
8 mai 2021
392
5 mars 2009 à 13:31
5 mars 2009 à 13:31
Passe ce nouveau script combofix
File::
c:\windows\System32\sopidkc.exe
et poste le rapport
File::
c:\windows\System32\sopidkc.exe
et poste le rapport
Utilisateur anonyme
6 mars 2009 à 01:28
6 mars 2009 à 01:28
comment ca " passez ce script sous combo fix " ??
je refait un scan avec ComboFix ?
je refait un scan avec ComboFix ?
eZula
Messages postés
3391
Date d'inscription
samedi 26 avril 2008
Statut
Contributeur
Dernière intervention
8 mai 2021
392
6 mars 2009 à 07:31
6 mars 2009 à 07:31
Tu ne te rappelles pas http://www.commentcamarche.net/forum/affich 11345826 rapports hijackthis#10 ?
==> Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes en italique :
File::
c:\windows\System32\sopidkc.exe
Enregistre ce fichier sous le nom CFScript
[*]Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture [img]http://apu.mabul.org/up/apu/2008/08/12/img-191202xzrpd.gif/img
[*]Une fenêtre bleue va apparaître : au message "Type 1 to continue, or 2 to abort", tape 1 puis valide.
[*]Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal.
Ne touche à rien tant que le scan n'est pas terminé.
[*]Une fois le scan achevé, un rapport va s'afficher : poste son contenu.
[*]Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
==> Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes en italique :
File::
c:\windows\System32\sopidkc.exe
Enregistre ce fichier sous le nom CFScript
[*]Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture [img]http://apu.mabul.org/up/apu/2008/08/12/img-191202xzrpd.gif/img
[*]Une fenêtre bleue va apparaître : au message "Type 1 to continue, or 2 to abort", tape 1 puis valide.
[*]Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal.
Ne touche à rien tant que le scan n'est pas terminé.
[*]Une fois le scan achevé, un rapport va s'afficher : poste son contenu.
[*]Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
Utilisateur anonyme
6 mars 2009 à 21:11
6 mars 2009 à 21:11
hum , le probleme , c'est que un foix que j'ai mis File::
c:\windows\System32\sopidkc.exe , je mets en italique , au moment d'enregister , j'ai un message suivant :
"Vous etes sur le point d'enregistrer le document sous un format texte , ce qui supprimera tout le formatage , Voulez-vous vraiment faire cela ? "
si je clic sur "oui" , et que je reouvre le fichier , l'italique a disparu
si je mets non , il supprime l'italique
que faire ?
c:\windows\System32\sopidkc.exe , je mets en italique , au moment d'enregister , j'ai un message suivant :
"Vous etes sur le point d'enregistrer le document sous un format texte , ce qui supprimera tout le formatage , Voulez-vous vraiment faire cela ? "
si je clic sur "oui" , et que je reouvre le fichier , l'italique a disparu
si je mets non , il supprime l'italique
que faire ?
eZula
Messages postés
3391
Date d'inscription
samedi 26 avril 2008
Statut
Contributeur
Dernière intervention
8 mai 2021
392
6 mars 2009 à 21:37
6 mars 2009 à 21:37
On s'en fout de l'italique ;)
ce qui compte c'est que ton fichier texte contienne bien ces deux lignes
ce qui compte c'est que ton fichier texte contienne bien ces deux lignes
Utilisateur anonyme
6 mars 2009 à 21:50
6 mars 2009 à 21:50
voila :
ComboFix 09-03-04.01 - Halo-Roro 2009-03-06 21:41:24.3 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.3582.2216 [GMT 1:00]
Lancé depuis: c:\users\Halo-Roro\Desktop\Nouveau dossier\ComboFix.exe
Commutateurs utilisés :: c:\users\Halo-Roro\Desktop\CFScript.txt
* Un nouveau point de restauration a été créé
FILE ::
c:\windows\System32\sopidkc.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\System32\sopidkc.exe
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-02-06 au 2009-03-06 ))))))))))))))))))))))))))))))))))))
.
2009-03-06 21:17 . 2009-03-06 21:17 <REP> d-------- c:\users\Halo-Roro\AppData\Roaming\SystemRequirementsLab
2009-03-05 19:23 . 2009-03-05 19:23 669,184 --a------ c:\windows\System32\pbsvc.exe
2009-03-05 19:23 . 2009-03-05 19:23 103,736 --a------ c:\windows\System32\PnkBstrB.exe
2009-03-05 19:23 . 2009-03-05 19:23 66,872 --a------ c:\windows\System32\PnkBstrA.exe
2009-03-05 19:23 . 2009-03-05 19:23 22,328 --a------ c:\windows\System32\drivers\PnkBstrK.sys
2009-03-05 19:23 . 2009-03-05 19:23 22,328 --a------ c:\users\Halo-Roro\AppData\Roaming\PnkBstrK.sys
2009-03-05 19:22 . 2009-03-05 19:22 <REP> d-------- c:\users\All Users\Media Center Programs
2009-03-05 19:22 . 2009-03-05 19:22 <REP> d-------- c:\programdata\Media Center Programs
2009-03-05 19:13 . 2009-03-05 19:13 <REP> d-------- c:\program files\Electronic Arts
2009-03-04 18:28 . 2009-03-04 18:28 <REP> d-------- c:\users\All Users\Codemasters
2009-03-04 18:28 . 2009-03-04 18:28 <REP> d-------- c:\programdata\Codemasters
2009-03-04 18:06 . 2009-03-04 18:06 <REP> d-------- c:\program files\OpenAL
2009-03-04 18:06 . 2008-04-28 15:53 805,400 -ra------ c:\windows\System32\tmp705A.tmp
2009-03-04 18:06 . 2009-03-04 18:06 444,952 --a------ c:\windows\System32\wrap_oal.dll
2009-03-04 18:06 . 2009-03-04 18:06 109,080 --a------ c:\windows\System32\OpenAL32.dll
2009-03-04 18:04 . 2008-04-28 15:53 805,400 -ra------ c:\windows\System32\tmp7049.tmp
2009-03-04 17:45 . 2009-03-04 17:45 <REP> d-------- c:\program files\Codemasters
2009-03-04 15:19 . 2009-03-04 15:20 <REP> d-------- c:\program files\Microsoft Games for Windows - LIVE
2009-03-04 01:19 . 2009-03-04 01:19 <REP> d-------- c:\users\Halo-Roro\AppData\Roaming\Realtime Soft
2009-03-04 01:19 . 2009-03-04 01:19 <REP> d-------- c:\users\All Users\Realtime Soft
2009-03-04 01:19 . 2009-03-04 01:19 <REP> d-------- c:\programdata\Realtime Soft
2009-03-04 01:19 . 2009-03-04 01:19 <REP> d-------- c:\program files\UltraMon
2009-03-03 20:26 . 2009-03-03 20:28 <REP> d-------- c:\program files\Eurobarre
2009-03-03 20:26 . 2009-03-03 20:26 119,568 --------- c:\windows\System32\vb6fr.dll
2009-03-03 20:26 . 2009-03-03 20:26 15,872 --------- c:\windows\System32\winskfr.dll
2009-03-03 20:25 . 2009-03-03 20:26 <REP> d-------- c:\program files\Aegisub
2009-03-03 16:32 . 2009-03-03 16:33 <REP> d-------- C:\GenProc
2009-03-03 16:15 . 2009-03-03 16:15 <REP> d-------- c:\program files\Trend Micro
2009-03-03 15:34 . 2009-03-03 15:34 <REP> d-------- c:\users\Halo-Roro\.kyuubibarrec
2009-03-03 15:33 . 2009-03-03 15:33 <REP> d-------- c:\windows\Sun
2009-03-03 15:33 . 2009-03-03 15:31 410,984 --a------ c:\windows\System32\deploytk.dll
2009-03-03 15:27 . 2009-03-03 15:27 <REP> d-------- c:\users\Halo-Roro\AppData\Roaming\KyuubiBarre
2009-03-03 15:27 . 2009-03-03 15:27 <REP> d-------- c:\users\Halo-Roro\AppData\Roaming\Kyuubi-Barre
2009-03-03 15:27 . 2006-12-29 04:51 45,056 --a------ c:\windows\System32\jniwrap.dll
2009-03-03 15:27 . 2008-04-04 10:19 293 --a------ c:\windows\System32\jniwrap.lic
2009-03-03 15:27 . 2008-04-04 10:19 292 --a------ c:\windows\System32\jexplorer.lic
2009-03-03 15:27 . 2008-04-04 10:19 289 --a------ c:\windows\System32\comfyj.lic
2009-03-03 14:45 . 2009-03-03 14:45 <REP> d-------- c:\program files\Alwil Software
2009-03-03 14:45 . 2009-02-05 22:06 51,792 --a------ c:\windows\System32\drivers\aswMonFlt.sys
2009-03-03 12:52 . 2009-03-03 18:23 <REP> d--hs---- c:\windows\$ntunistalls
2009-03-03 04:26 . 2009-03-05 19:22 <REP> d-------- c:\users\Halo-Roro\Tracing
2009-03-02 23:21 . 2009-03-02 23:21 <REP> d-------- c:\users\Halo-Roro\AppData\Roaming\FlashGet
2009-03-02 23:19 . 2009-03-02 23:21 <REP> d-------- c:\program files\FlashGet
2009-03-02 05:27 . 2009-03-05 04:30 107,888 --a------ c:\windows\System32\CmdLineExt.dll
2009-03-02 05:11 . 2009-03-02 05:11 <REP> d-------- c:\program files\CAPCOM
2009-03-02 05:10 . 2009-03-02 05:10 <REP> d-------- c:\windows\System32\xlive
2009-03-02 03:45 . 2009-03-05 04:27 <REP> d-------- c:\users\Halo-Roro\Incomplete
2009-03-02 03:31 . 2009-03-05 04:34 <REP> d-------- c:\users\Halo-Roro\AppData\Roaming\FrostWire
2009-03-02 03:30 . 2009-03-03 15:31 <REP> d-------- c:\program files\Java
2009-03-02 03:30 . 2009-03-02 03:30 <REP> d-------- c:\program files\Common Files\Java
2009-03-02 03:17 . 2009-03-05 04:23 <REP> d-------- c:\program files\FrostWire
2009-03-01 21:30 . 2009-03-01 21:30 <REP> d-------- c:\program files\CCleaner
2009-03-01 17:44 . 2009-03-01 17:44 313,654 --a------ c:\windows\System32\hguest.exe
2009-03-01 17:44 . 2009-03-01 17:44 107,756 --a------ c:\windows\System32\hgcheck.exe
2009-03-01 17:44 . 2009-03-01 17:44 227 --a------ c:\windows\System32\hgset.ini
2009-03-01 17:44 . 2009-03-01 17:44 77 --a------ c:\windows\System32\work.ini
2009-03-01 03:05 . 2009-03-01 03:05 <REP> d-------- c:\windows\report
2009-03-01 03:05 . 2009-03-01 03:04 22,310,977 --a------ c:\windows\LPT$VPN.873
2009-03-01 03:04 . 2009-03-01 03:04 <REP> d-------- c:\windows\AU_Backup
2009-03-01 03:04 . 2009-03-01 03:04 22,310,977 --a------ c:\windows\VPTNFILE.873
2009-03-01 03:04 . 2009-03-01 03:04 1,980,182 --a------ c:\windows\tsc.ptn
2009-03-01 03:04 . 2009-03-01 03:04 1,213,784 --a------ c:\windows\vsapi32.dll
2009-03-01 03:04 . 2009-03-01 03:04 345,157 --a------ c:\windows\tsc.exe
2009-03-01 03:04 . 2009-03-01 03:04 91,744 --a------ c:\windows\BPMNT.dll
2009-03-01 03:04 . 2009-03-01 03:04 71,749 --a------ c:\windows\hcextoutput.dll
2009-03-01 03:04 . 2009-03-01 17:15 823 --a------ c:\windows\tsc.ini
2009-03-01 03:03 . 2009-03-01 03:04 <REP> d-------- c:\windows\AU_Temp
2009-03-01 03:03 . 2009-03-01 03:03 <REP> d-------- c:\windows\AU_Log
2009-03-01 03:03 . 2009-03-01 03:03 507,904 --a------ c:\windows\TMUPDATE.DLL
2009-03-01 03:03 . 2009-03-01 03:03 69,689 --a------ c:\windows\UNZIP.DLL
2009-03-01 03:03 . 2009-03-01 03:03 170 --a------ c:\windows\GetServer.ini
2009-03-01 01:49 . 2009-03-01 21:09 <REP> d-a------ c:\users\All Users\TEMP
2009-03-01 01:49 . 2009-03-01 21:09 <REP> d-------- c:\users\All Users\SpeedBit
2009-03-01 01:49 . 2009-03-01 21:09 <REP> d-a------ c:\programdata\TEMP
2009-03-01 01:49 . 2009-03-01 21:09 <REP> d-------- c:\programdata\SpeedBit
2009-03-01 01:49 . 2009-03-01 21:10 <REP> d-------- c:\program files\DAP
2009-02-28 19:10 . 2009-03-03 00:49 1,377 --a------ c:\windows\wininit.ini
2009-02-28 18:36 . 2009-02-28 22:48 <REP> d-------- c:\windows\System32\3361
2009-02-28 18:36 . 2009-02-28 18:36 108,336 --a------ c:\windows\System32\MSWINSCK.OCX
2009-02-28 18:35 . 2002-02-15 14:02 676,352 --a------ c:\windows\System32\rtl60.bpl
2009-02-28 18:34 . 2009-03-03 16:53 <REP> d-------- c:\windows\System32\inf
2009-02-28 18:34 . 2009-02-28 18:34 155,175 --a------ c:\windows\System32\icv.exe
2009-02-28 18:34 . 2009-02-28 18:34 155,175 --a------ c:\windows\system\xccef090131.exe
2009-02-28 00:02 . 2009-02-28 00:02 <REP> d-------- c:\program files\RivaTuner v2.23
2009-02-27 23:44 . 2009-02-27 23:44 <REP> d-------- c:\users\Halo-Roro\AppData\Roaming\DivX
2009-02-27 19:00 . 2009-02-27 19:00 <REP> d-------- c:\program files\Lionhead Studios
2009-02-27 04:34 . 2009-02-27 04:34 <REP> d-------- c:\users\All Users\NortonInstaller
2009-02-27 04:34 . 2009-02-27 04:34 <REP> d-------- c:\programdata\NortonInstaller
2009-02-26 21:39 . 2009-03-01 21:10 <REP> d-------- c:\program files\Common Files\PX Storage Engine
2009-02-26 21:38 . 2009-03-01 21:11 <REP> d-------- c:\program files\DivX
2009-02-26 21:35 . 2009-02-26 21:35 <REP> d-------- c:\program files\SystemRequirementsLab
2009-02-26 20:40 . 2009-02-26 20:40 <REP> d-------- c:\windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP
2009-02-26 19:46 . 2009-02-26 19:46 42,320 --a------ c:\windows\System32\xfcodec.dll
2009-02-26 04:58 . 2009-02-26 04:58 <REP> dr------- c:\windows\System32\config\systemprofile\Videos
2009-02-26 04:58 . 2009-02-26 04:58 <REP> dr------- c:\windows\System32\config\systemprofile\Searches
2009-02-26 04:58 . 2009-02-26 04:58 <REP> dr------- c:\windows\System32\config\systemprofile\Saved Games
2009-02-26 04:58 . 2009-02-26 04:58 <REP> dr------- c:\windows\System32\config\systemprofile\Pictures
2009-02-26 04:58 . 2009-02-26 04:58 <REP> dr------- c:\windows\System32\config\systemprofile\Links
2009-02-26 04:58 . 2009-02-26 04:58 <REP> dr------- c:\windows\System32\config\systemprofile\Downloads
2009-02-26 04:58 . 2009-02-26 04:58 <REP> dr------- c:\windows\System32\config\systemprofile\Documents
2009-02-26 04:58 . 2009-02-26 04:58 1,540 --a------ c:\windows\System32\ealregsnapshot1.reg
2009-02-26 04:44 . 2008-03-05 15:56 3,786,760 --a------ c:\windows\System32\D3DX9_37.dll
2009-02-25 23:12 . 2009-02-25 23:12 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-02-25 20:19 . 2009-02-25 20:19 <REP> d-------- c:\program files\AIDA32 - Personal System Information
2009-02-25 19:38 . 2009-02-25 19:38 <REP> d-------- c:\program files\Microsoft Silverlight
2009-02-25 19:35 . 2008-12-16 04:29 8,147,456 --a------ c:\windows\System32\wmploc.DLL
2009-02-25 19:35 . 2008-12-16 06:31 7,680 --a------ c:\windows\System32\spwmp.dll
2009-02-25 19:35 . 2008-12-16 06:31 4,096 --a------ c:\windows\System32\msdxm.ocx
2009-02-25 19:35 . 2008-12-16 06:31 4,096 --a------ c:\windows\System32\dxmasf.dll
2009-02-25 18:12 . 2009-02-26 04:58 <REP> dr------- c:\windows\System32\config\systemprofile\Music
2009-02-24 22:45 . 2006-11-02 11:23 <REP> dr------- c:\users\Mcx1\Videos
2009-02-24 22:45 . 2006-11-02 11:23 <REP> d-------- c:\users\Mcx1\Saved Games
2009-02-24 22:45 . 2006-11-02 11:23 <REP> dr------- c:\users\Mcx1\Pictures
2009-02-24 22:45 . 2009-02-27 04:56 <REP> dr------- c:\users\Mcx1\Music
2009-02-24 22:45 . 2006-11-02 11:23 <REP> dr------- c:\users\Mcx1\Links
2009-02-24 22:45 . 2006-11-02 11:23 <REP> dr------- c:\users\Mcx1\Downloads
2009-02-24 22:45 . 2009-02-24 22:45 <REP> dr------- c:\users\Mcx1\Documents
2009-02-24 22:45 . 2009-02-24 22:45 <REP> d--h----- c:\users\Mcx1\AppData
2009-02-24 22:45 . 2009-02-24 22:45 <REP> d-------- c:\users\Mcx1
2009-02-24 19:11 . 2009-02-24 19:11 <REP> d-------- C:\PerfLogs
2009-02-24 00:08 . 2009-02-24 00:08 9,728 --a------ c:\program files\setup_bs.exe
2009-02-23 05:21 . 2009-02-26 20:42 <REP> d-------- c:\program files\EA GAMES
2009-02-23 05:21 . 2004-08-18 09:34 442,368 -ra------ c:\windows\System32\vp6vfw.dll
2009-02-23 05:20 . 2009-02-23 05:20 <REP> d-------- c:\users\Halo-Roro\AppData\Roaming\DAEMON Tools Pro
2009-02-23 05:20 . 2009-02-23 05:20 <REP> d-------- c:\users\Halo-Roro\AppData\Roaming\DAEMON Tools
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-04 18:39 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-04 18:33 --------- d-----w c:\program files\Microsoft Games
2009-03-01 20:10 --------- d-----w c:\program files\Google
2009-02-27 03:34 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-02-24 18:31 174 --sha-w c:\program files\desktop.ini
2009-02-24 18:12 --------- d-----w c:\program files\Windows Sidebar
2009-02-24 18:12 --------- d-----w c:\program files\Windows Photo Gallery
2009-02-24 18:12 --------- d-----w c:\program files\Windows Mail
2009-02-24 18:12 --------- d-----w c:\program files\Windows Journal
2009-02-24 18:12 --------- d-----w c:\program files\Windows Defender
2009-02-24 18:12 --------- d-----w c:\program files\Windows Collaboration
2009-02-24 18:12 --------- d-----w c:\program files\Windows Calendar
2009-02-24 17:51 82,432 ----a-w c:\windows\System32\axaltocm.dll
2009-02-24 17:51 101,888 ----a-w c:\windows\System32\ifxcardm.dll
2009-02-23 00:32 --------- d-----w c:\program files\Microsoft Works
2009-02-21 23:35 --------- d-----w c:\program files\HP
2009-02-21 23:33 --------- d-----w c:\program files\Intel
2009-02-21 23:28 319,456 ----a-w c:\windows\DIFxAPI.dll
2009-02-21 23:28 --------- d-----w c:\program files\Realtek
2009-02-21 00:40 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2009-02-21 00:40 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2009-02-21 00:40 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2009-02-21 00:40 2,560 ----a-w c:\windows\AppPatch\AcRes.dll
2009-02-21 00:40 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2009-02-21 00:40 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2009-02-21 00:32 --------- d-----w c:\program files\Common Files\Roxio Shared
2009-02-20 22:46 --------- d-----w c:\program files\Common Files\InstallShield
2009-02-20 22:24 --------- d-sh--w c:\programdata\Modèles
2009-02-20 22:24 --------- d-sh--w c:\programdata\Menu Démarrer
2009-02-20 22:24 --------- d-sh--w c:\programdata\Favoris
2009-02-20 22:24 --------- d-sh--w c:\programdata\Documents
2009-02-20 22:24 --------- d-sh--w c:\programdata\Bureau
2009-02-20 22:24 --------- d-sh--w c:\programdata\Application Data
2009-02-20 22:24 --------- d-sh--w c:\program files\Fichiers communs
2009-02-05 09:54 453,152 ----a-w c:\windows\System32\nvuninst.exe
2009-01-16 17:24 70,936 ----a-w c:\windows\System32\PhysXLoader.dll
2008-12-11 00:33 86,016 ----a-w c:\windows\System32\dpl100.dll
2008-12-11 00:33 200,704 ----a-w c:\windows\System32\dtu100.dll
2008-12-09 02:28 593,920 ----a-w c:\windows\System32\dpuGUI11.dll
2008-12-09 02:28 57,344 ----a-w c:\windows\System32\dpv11.dll
2008-12-09 02:28 344,064 ----a-w c:\windows\System32\dpus11.dll
2008-12-09 02:28 294,912 ----a-w c:\windows\System32\dpu11.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-03-03_17.02.18.57 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-03-02 04:16:39 53,248 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2009-03-04 18:39:16 53,248 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2009-03-02 04:16:42 12,800 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2009-03-04 18:39:16 12,800 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2009-03-02 04:16:45 473,600 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2009-03-04 18:39:16 473,600 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2009-03-02 04:16:10 2,676,224 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-04 17:05:25 2,676,224 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-02 04:16:14 2,846,720 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-04 17:05:28 2,846,720 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-02 04:16:16 563,712 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-04 17:05:30 563,712 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-02 04:16:19 567,296 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-04 18:39:14 567,296 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-02 04:16:23 576,000 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-04 18:39:16 576,000 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-02 04:16:27 577,024 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-04 17:05:33 577,024 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-02 04:16:29 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-04 17:05:34 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-02 04:16:32 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-04 17:05:35 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-02 04:16:36 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-04 17:05:37 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-02 04:16:49 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-04 17:05:41 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-02 04:16:52 145,920 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2009-03-04 18:39:17 145,920 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2009-03-02 04:16:55 159,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2009-03-04 18:39:17 159,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2009-03-02 04:16:59 364,544 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2009-03-04 18:39:17 364,544 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2009-03-02 04:17:00 178,176 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2009-03-04 18:39:18 178,176 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2009-03-02 04:16:38 223,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2009-03-04 18:39:16 223,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2009-03-06 20:40:34 6,230,016 ----a-w c:\windows\ERDNT\Hiv-backup\SCHEMA.DAT
+ 2007-10-24 20:13:02 1,778,912 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\cry3dengine.dll
+ 2007-10-24 20:13:04 2,942,176 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\cryaction.dll
+ 2007-10-24 20:13:06 1,942,752 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\cryaisystem.dll
+ 2007-10-24 20:13:06 1,574,112 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\cryanimation.dll
+ 2007-10-24 20:13:08 840,928 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\cryentitysystem.dll
+ 2007-10-24 20:13:10 394,464 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\cryfont.dll
+ 2007-10-24 20:13:12 2,823,392 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\crygame.dll
+ 2007-10-24 20:13:16 197,856 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\cryinput.dll
+ 2007-10-24 20:13:18 386,272 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\crymovie.dll
+ 2007-10-24 20:13:18 943,328 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\crynetwork.dll
+ 2007-10-24 20:13:20 1,991,904 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\cryphysics.dll
+ 2007-10-24 20:13:22 3,036,384 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\cryrenderd3d10.dll
+ 2007-10-24 20:13:24 3,024,096 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\cryrenderd3d9.dll
+ 2007-10-24 20:13:26 885,984 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\cryrendernull.dll
+ 2007-10-24 20:13:26 660,704 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\cryscriptsystem.dll
+ 2007-11-11 06:55:08 9,556,801 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\crysis.exe
+ 2007-10-24 23:11:28 17,120 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\crysisdedicatedserver.exe
+ 2007-10-24 20:13:28 644,320 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\crysoundsystem.dll
+ 2007-10-24 20:13:30 2,098,400 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\crysystem.dll
+ 2007-09-19 15:29:40 294,912 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\pbsv.dll
+ 2007-10-24 20:13:44 13,024 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\shallocator.dll
+ 2009-03-05 20:52:18 9,662 ----a-r c:\windows\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\ARPPRODUCTICON.exe
+ 2009-03-05 20:52:18 10,134 ----a-r c:\windows\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\checkForUpdatesSC_000E79B7E7254F01870AC12942B7F8E4.exe
+ 2009-03-05 20:52:18 10,134 ----a-r c:\windows\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\visitWebsite_000E79B7E7254F01870AC12942B7F8E4.exe
+ 2009-03-04 18:39:08 61,440 ----a-r c:\windows\Installer\{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}\ARPPRODUCTICON.exe
- 2009-03-03 15:57:22 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-03-03 17:26:35 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-03-03 15:57:22 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-03-03 17:26:35 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-03-03 15:57:39 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-03-06 11:06:54 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-03-06 11:06:54 262,144 ---ha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2009-03-03 15:57:39 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-03-06 20:45:22 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-03-06 20:45:22 262,144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2009-03-03 15:57:48 49,152 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-03-06 17:57:58 49,152 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-03-03 15:57:48 409,600 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-03-06 17:57:58 425,984 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-03-03 16:51:16 91,136 ----a-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XYSLXSV3\w[1].bin
- 2009-03-03 15:57:48 49,152 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-03-06 17:57:58 49,152 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-03-03 15:47:40 262,144 ----a-w c:\windows\System32\config\systemprofile\ntuser.dat
+ 2009-03-06 20:40:50 262,144 ----a-w c:\windows\System32\config\systemprofile\ntuser.dat
+ 2009-03-06 20:40:50 262,144 ---ha-w c:\windows\System32\config\systemprofile\ntuser.dat.LOG1
- 2007-04-30 15:50:50 903,072 ----a-w c:\windows\System32\msidcrl40.dll
+ 2007-08-27 14:41:22 1,089,440 ----a-w c:\windows\System32\msidcrl40.dll
- 2009-02-26 19:41:15 6,291,456 ----a-w c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-03-03 19:26:35 6,291,456 ----a-w c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2007-12-14 02:27:14 296,960 ----a-w c:\windows\System32\UltraMon.dll
+ 2007-12-14 02:27:12 82,944 ----a-w c:\windows\System32\UltraMonHook.dll
+ 2007-12-13 23:22:56 159,744 ----a-w c:\windows\System32\UltraMonIndDisp.exe
+ 2007-12-07 18:24:46 98,304 ----a-w c:\windows\System32\UltraMonIndDispHook.dll
- 2009-03-03 15:52:06 7,892 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1743233917-621825338-3690092286-1001_UserData.bin
+ 2009-03-03 17:29:04 8,492 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1743233917-621825338-3690092286-1001_UserData.bin
- 2009-03-03 15:52:06 53,316 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-03-03 17:29:04 53,630 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2009-03-03 15:51:59 42,338 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-03-03 16:46:56 44,398 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2007-11-26 20:56:20 10,155,840 ----a-w c:\windows\System32\xlive.dll
+ 2008-10-28 16:41:22 14,303,392 ----a-w c:\windows\System32\xlive.dll
- 2007-11-26 20:56:20 13,653,824 ----a-w c:\windows\System32\xlivefnt.dll
+ 2008-10-28 16:41:20 13,643,936 ----a-w c:\windows\System32\xlivefnt.dll
+ 2008-01-14 18:24:04 196,096 ----a-w c:\windows\UltraMon.scr
- 2009-03-03 15:11:51 157,882,682 ----a-w c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2009-03-03 19:26:34 157,905,284 ----a-w c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2009-03-03 19:26:25 161,784 ----a-w c:\windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_e29d1181971ae11e\ATL90.dll
+ 2009-03-03 19:26:27 225,280 ----a-w c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada\msvcm90.dll
+ 2009-03-03 19:26:27 572,928 ----a-w c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada\msvcp90.dll
+ 2009-03-03 19:26:27 655,872 ----a-w c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada\msvcr90.dll
+ 2009-03-03 19:26:30 3,768,312 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf\mfc90.dll
+ 2009-03-03 19:26:30 3,783,672 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf\mfc90u.dll
+ 2009-03-03 19:26:30 59,904 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf\mfcm90.dll
+ 2009-03-03 19:26:30 59,904 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf\mfcm90u.dll
+ 2009-03-03 19:26:32 38,912 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90CHS.DLL
+ 2009-03-03 19:26:32 39,936 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90CHT.DLL
+ 2009-03-03 19:26:32 66,560 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90DEU.DLL
+ 2009-03-03 19:26:32 56,832 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90ENU.DLL
+ 2009-03-03 19:26:32 65,024 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90ESN.DLL
+ 2009-03-03 19:26:32 65,024 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90ESP.DLL
+ 2009-03-03 19:26:32 66,048 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90FRA.DLL
+ 2009-03-03 19:26:32 64,512 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90ITA.DLL
+ 2009-03-03 19:26:32 46,592 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90JPN.DLL
+ 2009-03-03 19:26:32 46,080 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90KOR.DLL
+ 2009-03-03 19:26:32 62,976 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90RUS.DLL
+ 2009-03-03 19:26:33 54,272 ----a-w c:\windows\winsxs\x86_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.8_none_ecdf8c290e547f39\vcomp90.dll
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-02-21 342848]
"Steam"="c:\program files\steam\steam.exe" [2009-02-21 1410296]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCUTRAYICON"="FactoryMode" [X]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-09 13683232]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-09 92704]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2008-06-02 178712]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 c:\windows\RtHDVCpl.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-24 44136]
c:\users\Halo-Roro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Eurobarre.lnk - c:\program files\Eurobarre\eb.exe [2009-03-03 113664]
Kyuubi-Barre.lnk - c:\users\Halo-Roro\AppData\Roaming\KyuubiBarre\PF\KyuubiBarre.exe [2009-03-03 61952]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
UltraMon.lnk - c:\windows\Installer\{AF0FA6D7-96F3-468A-ABB7-28BE006EA8E9}\IcoUltraMon.ico [2009-03-04 29310]
ZDWLan Utility.lnk - c:\program files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe [2009-02-20 495616]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.XFR1"= xfcodec.dll
"msacm.divxa32"= divxa32.acm
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Antivirus-ashDisp.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Antivirus-ashserv.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Antivirus-ashSimpl.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avesvc.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdmcon.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdnagent.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdss.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdswitch.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\DefWatch.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\xcommsvr.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{E77CF33D-6C07-4636-827B-E4A2A139A82D}"= UDP:c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM
"{0CA4CCB7-952B-4723-B7B4-C7B9853E7EEB}"= TCP:c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM
"{BEA96267-04DD-44FA-BAD3-B069F3F7243B}"= UDP:c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server
"{82183388-A487-4BCB-BAF2-CE5133326DAA}"= TCP:c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server
"{F22D71E8-C211-4975-8F5D-3C9DE1676D53}"= UDP:c:\program files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service
"{F3AD6A74-9AE2-47DF-BFAA-D54272845B0F}"= TCP:c:\program files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service
"{8551BBB6-387A-41FD-B396-D4A9396BB088}"= TCP:9442:127.0.0.1:Intel(R) Viiv(TM) Media Server Discovery
"{5A4E1C30-017A-4EC2-84A2-FEA429A44A63}"= TCP:1900:LocalSubnet:LocalSubnet:Intel(R) Viiv(TM) Media Server UPnP Discovery
"{6AEB06E6-E66C-45FE-8284-12F189B10DBC}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp
"{43397F41-E95F-494D-9D8C-95A33B28DBED}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp
"{4C5EEA69-FD81-4F9A-8247-9C090972ED57}"= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{4933A42D-7E59-41A9-95DF-2A19F9151518}"= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{23C650A1-D3D6-4DBA-8116-35D49E601782}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)
"{9C4D81D5-BC13-4B39-8030-B2E9FA666149}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)
"{B6525A6C-5584-4798-876D-9811B11EE0AD}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (TCP-In)
"{E4D55A75-9F72-45AA-8898-8C2FE8DCF038}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (UDP-In)
"TCP Query User{B7E9F68C-B1A6-4BD5-9105-C6B487EC4D54}c:\\program files\\xfire\\xfire.exe"= UDP:c:\program files\xfire\xfire.exe:Xfire
"UDP Query User{9E01EFBD-0424-4B52-9671-05C51F0D9AED}c:\\program files\\xfire\\xfire.exe"= TCP:c:\program files\xfire\xfire.exe:Xfire
"TCP Query User{B8D1ECA2-0DFE-489E-92DD-A647C31F4E89}c:\\program files\\dna\\btdna.exe"= UDP:c:\program files\dna\btdna.exe:DNA
"UDP Query User{57A46E9B-B875-400E-8D43-FE2B5E0E0712}c:\\program files\\dna\\btdna.exe"= TCP:c:\program files\dna\btdna.exe:DNA
"TCP Query User{BC29744A-21B3-4899-B874-5F36A1F24D95}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"UDP Query User{9DC0EC7A-6145-4D0C-86F3-00FE6F8E372A}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"TCP Query User{FA611B4B-35C9-4EE0-9DCB-C6E81DD38F9D}c:\\program files\\xfire\\xfire.exe"= UDP:c:\program files\xfire\xfire.exe:Xfire
"UDP Query User{B635EA4A-498F-4F5F-B2E8-0F8F0A869300}c:\\program files\\xfire\\xfire.exe"= TCP:c:\program files\xfire\xfire.exe:Xfire
"{48103C77-73AC-4B49-BCA9-D4083DD35270}"= UDP:c:\program files\EA GAMES\Mirror's Edge\Binaries\MirrorsEdge.exe:Mirror's Edge™
"{DBC5F29C-2463-4551-9DE8-A4E94D043354}"= TCP:c:\program files\EA GAMES\Mirror's Edge\Binaries\MirrorsEdge.exe:Mirror's Edge™
"TCP Query User{64EF6523-2D47-4B55-86D4-31E9FF1E42F1}c:\\program files\\saints row 2\\sr2_pc.exe"= UDP:c:\program files\saints row 2\sr2_pc.exe:SR2_pc
"UDP Query User{1B8F0107-211F-47C7-A03A-15AC251CBC79}c:\\program files\\saints row 2\\sr2_pc.exe"= TCP:c:\program files\saints row 2\sr2_pc.exe:SR2_pc
"{CFFF8149-51DD-4AC5-966D-37FBCF31E8AB}"= UDP:c:\program files\CAPCOM\LOSTPLANETCOLONIES\LostPlanetColoniesDX9.exe:LOSTPLANETCOLONIES_DX9
"{CD1A23EE-8AFC-4A27-981E-09B84471A434}"= TCP:c:\program files\CAPCOM\LOSTPLANETCOLONIES\LostPlanetColoniesDX9.exe:LOSTPLANETCOLONIES_DX9
"{636A8E8A-4575-4F64-B8E8-230C5155E4CD}"= UDP:c:\program files\CAPCOM\LOSTPLANETCOLONIES\LostPlanetColoniesDX10.exe:LOSTPLANETCOLONIES_DX10
"{5E3C3E9C-D7B0-4EFB-A203-F223C1FC9FF7}"= TCP:c:\program files\CAPCOM\LOSTPLANETCOLONIES\LostPlanetColoniesDX10.exe:LOSTPLANETCOLONIES_DX10
"TCP Query User{730BAF62-55E6-46B3-AA2A-C67F38640AAD}c:\\program files\\flashget\\flashget.exe"= UDP:c:\program files\flashget\flashget.exe:FlashGet
"UDP Query User{4F6451AD-3923-4987-ADB6-ACC9777C0B29}c:\\program files\\flashget\\flashget.exe"= TCP:c:\program files\flashget\flashget.exe:FlashGet
"TCP Query User{3818922F-72CF-4B84-9C7E-60937A367C53}c:\\program files\\flashget\\flashget.exe"= UDP:c:\program files\flashget\flashget.exe:FlashGet
"UDP Query User{0B47C5D2-EA19-4F5A-BA58-04E89439363A}c:\\program files\\flashget\\flashget.exe"= TCP:c:\program files\flashget\flashget.exe:FlashGet
"{74049708-75E7-4529-9630-280C4CD6BE00}"= UDP:c:\program files\Codemasters\GRID\GRID.exe:GRID
"{F07D43A8-0215-40C1-952C-1DF1B1EC01EA}"= TCP:c:\program files\Codemasters\GRID\GRID.exe:GRID
"{45ABA1DF-EF3B-495E-982F-2327E74F7B7A}"= UDP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{2569A463-8270-4E87-97CF-2B83B5F6B2BF}"= TCP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{AFC2233B-6A6E-47A7-823B-06D4CF19A13F}"= UDP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{C541C871-51C8-4EA3-A0FA-F250400B2C36}"= TCP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{4A6BC55F-E518-4B15-8813-4105D454B81E}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{0FB40AA0-ED96-4D1D-BA73-361B2D31648D}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{F1A5378C-71C4-42F3-BF17-CBFE348EAFD4}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{AC39B15C-C126-412D-B4BC-1E484E186457}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
"c:\\Windows\\system32\\3361\\svchost.exe"= c:\windows\system32\3361\svchost.exe:*:Enabled:SVCHOST.EXE
"c:\\Users\\HALO-R~1\\DOCUME~1\\smss.exe"= c:\users\HALO-R~1\DOCUME~1\smss.exe:*:Enabled:SMS Services
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [2009-03-03 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [2009-03-03 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2009-03-03 51792]
R2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 208896]
S2 IntelDHSvcConf;Intel DH Service;c:\program files\Intel\IntelDH\Intel Media Server\tools\IntelDHSvcConf.exe [2006-05-10 29696]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-02-21 1153368]
S2 sopidkc;sopidkc Service;c:\windows\system32\sopidkc.exe --> c:\windows\system32\sopidkc.exe [?]
S2 Tcpipsrv;Tcp ipx Service;c:\windows\$ntunistalls\svchost.exe --> c:\windows\$ntunistalls\svchost.exe [?]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2009-01-24 216232]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://google.fr/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=71&bd=Pavilion&pf=desktop
IE: &Tout télécharger avec FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Télécharger avec FlashGet - c:\program files\FlashGet\jc_link.htm
TCP: {0348833B-C3C3-4D81-BD64-CE2B08842F17} = 212.30.96.108,213.203.124.146
TCP: {CE8812A8-9D6F-4939-A1B7-4D123C2B6B3A} = 212.30.96.108,213.203.124.146
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
FF - ProfilePath - c:\users\Halo-Roro\AppData\Roaming\Mozilla\Firefox\Profiles\cj7m7hph.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://google.fr/
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-06 21:45:26
Windows 6.0.6001 Service Pack 1 NTFS
Recherche de processus cachés ...
? [1544]
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
Heure de fin: 2009-03-06 21:48:09
ComboFix-quarantined-files.txt 2009-03-06 20:48:06
ComboFix2.txt 2009-03-03 17:33:31
ComboFix3.txt 2009-03-03 16:04:21
Avant-CF: 44,680,089,600 octets libres
Après-CF: 45,112,340,480 octets libres
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
476 --- E O F --- 2009-02-25 18:38:55
ComboFix 09-03-04.01 - Halo-Roro 2009-03-06 21:41:24.3 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.3582.2216 [GMT 1:00]
Lancé depuis: c:\users\Halo-Roro\Desktop\Nouveau dossier\ComboFix.exe
Commutateurs utilisés :: c:\users\Halo-Roro\Desktop\CFScript.txt
* Un nouveau point de restauration a été créé
FILE ::
c:\windows\System32\sopidkc.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\System32\sopidkc.exe
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-02-06 au 2009-03-06 ))))))))))))))))))))))))))))))))))))
.
2009-03-06 21:17 . 2009-03-06 21:17 <REP> d-------- c:\users\Halo-Roro\AppData\Roaming\SystemRequirementsLab
2009-03-05 19:23 . 2009-03-05 19:23 669,184 --a------ c:\windows\System32\pbsvc.exe
2009-03-05 19:23 . 2009-03-05 19:23 103,736 --a------ c:\windows\System32\PnkBstrB.exe
2009-03-05 19:23 . 2009-03-05 19:23 66,872 --a------ c:\windows\System32\PnkBstrA.exe
2009-03-05 19:23 . 2009-03-05 19:23 22,328 --a------ c:\windows\System32\drivers\PnkBstrK.sys
2009-03-05 19:23 . 2009-03-05 19:23 22,328 --a------ c:\users\Halo-Roro\AppData\Roaming\PnkBstrK.sys
2009-03-05 19:22 . 2009-03-05 19:22 <REP> d-------- c:\users\All Users\Media Center Programs
2009-03-05 19:22 . 2009-03-05 19:22 <REP> d-------- c:\programdata\Media Center Programs
2009-03-05 19:13 . 2009-03-05 19:13 <REP> d-------- c:\program files\Electronic Arts
2009-03-04 18:28 . 2009-03-04 18:28 <REP> d-------- c:\users\All Users\Codemasters
2009-03-04 18:28 . 2009-03-04 18:28 <REP> d-------- c:\programdata\Codemasters
2009-03-04 18:06 . 2009-03-04 18:06 <REP> d-------- c:\program files\OpenAL
2009-03-04 18:06 . 2008-04-28 15:53 805,400 -ra------ c:\windows\System32\tmp705A.tmp
2009-03-04 18:06 . 2009-03-04 18:06 444,952 --a------ c:\windows\System32\wrap_oal.dll
2009-03-04 18:06 . 2009-03-04 18:06 109,080 --a------ c:\windows\System32\OpenAL32.dll
2009-03-04 18:04 . 2008-04-28 15:53 805,400 -ra------ c:\windows\System32\tmp7049.tmp
2009-03-04 17:45 . 2009-03-04 17:45 <REP> d-------- c:\program files\Codemasters
2009-03-04 15:19 . 2009-03-04 15:20 <REP> d-------- c:\program files\Microsoft Games for Windows - LIVE
2009-03-04 01:19 . 2009-03-04 01:19 <REP> d-------- c:\users\Halo-Roro\AppData\Roaming\Realtime Soft
2009-03-04 01:19 . 2009-03-04 01:19 <REP> d-------- c:\users\All Users\Realtime Soft
2009-03-04 01:19 . 2009-03-04 01:19 <REP> d-------- c:\programdata\Realtime Soft
2009-03-04 01:19 . 2009-03-04 01:19 <REP> d-------- c:\program files\UltraMon
2009-03-03 20:26 . 2009-03-03 20:28 <REP> d-------- c:\program files\Eurobarre
2009-03-03 20:26 . 2009-03-03 20:26 119,568 --------- c:\windows\System32\vb6fr.dll
2009-03-03 20:26 . 2009-03-03 20:26 15,872 --------- c:\windows\System32\winskfr.dll
2009-03-03 20:25 . 2009-03-03 20:26 <REP> d-------- c:\program files\Aegisub
2009-03-03 16:32 . 2009-03-03 16:33 <REP> d-------- C:\GenProc
2009-03-03 16:15 . 2009-03-03 16:15 <REP> d-------- c:\program files\Trend Micro
2009-03-03 15:34 . 2009-03-03 15:34 <REP> d-------- c:\users\Halo-Roro\.kyuubibarrec
2009-03-03 15:33 . 2009-03-03 15:33 <REP> d-------- c:\windows\Sun
2009-03-03 15:33 . 2009-03-03 15:31 410,984 --a------ c:\windows\System32\deploytk.dll
2009-03-03 15:27 . 2009-03-03 15:27 <REP> d-------- c:\users\Halo-Roro\AppData\Roaming\KyuubiBarre
2009-03-03 15:27 . 2009-03-03 15:27 <REP> d-------- c:\users\Halo-Roro\AppData\Roaming\Kyuubi-Barre
2009-03-03 15:27 . 2006-12-29 04:51 45,056 --a------ c:\windows\System32\jniwrap.dll
2009-03-03 15:27 . 2008-04-04 10:19 293 --a------ c:\windows\System32\jniwrap.lic
2009-03-03 15:27 . 2008-04-04 10:19 292 --a------ c:\windows\System32\jexplorer.lic
2009-03-03 15:27 . 2008-04-04 10:19 289 --a------ c:\windows\System32\comfyj.lic
2009-03-03 14:45 . 2009-03-03 14:45 <REP> d-------- c:\program files\Alwil Software
2009-03-03 14:45 . 2009-02-05 22:06 51,792 --a------ c:\windows\System32\drivers\aswMonFlt.sys
2009-03-03 12:52 . 2009-03-03 18:23 <REP> d--hs---- c:\windows\$ntunistalls
2009-03-03 04:26 . 2009-03-05 19:22 <REP> d-------- c:\users\Halo-Roro\Tracing
2009-03-02 23:21 . 2009-03-02 23:21 <REP> d-------- c:\users\Halo-Roro\AppData\Roaming\FlashGet
2009-03-02 23:19 . 2009-03-02 23:21 <REP> d-------- c:\program files\FlashGet
2009-03-02 05:27 . 2009-03-05 04:30 107,888 --a------ c:\windows\System32\CmdLineExt.dll
2009-03-02 05:11 . 2009-03-02 05:11 <REP> d-------- c:\program files\CAPCOM
2009-03-02 05:10 . 2009-03-02 05:10 <REP> d-------- c:\windows\System32\xlive
2009-03-02 03:45 . 2009-03-05 04:27 <REP> d-------- c:\users\Halo-Roro\Incomplete
2009-03-02 03:31 . 2009-03-05 04:34 <REP> d-------- c:\users\Halo-Roro\AppData\Roaming\FrostWire
2009-03-02 03:30 . 2009-03-03 15:31 <REP> d-------- c:\program files\Java
2009-03-02 03:30 . 2009-03-02 03:30 <REP> d-------- c:\program files\Common Files\Java
2009-03-02 03:17 . 2009-03-05 04:23 <REP> d-------- c:\program files\FrostWire
2009-03-01 21:30 . 2009-03-01 21:30 <REP> d-------- c:\program files\CCleaner
2009-03-01 17:44 . 2009-03-01 17:44 313,654 --a------ c:\windows\System32\hguest.exe
2009-03-01 17:44 . 2009-03-01 17:44 107,756 --a------ c:\windows\System32\hgcheck.exe
2009-03-01 17:44 . 2009-03-01 17:44 227 --a------ c:\windows\System32\hgset.ini
2009-03-01 17:44 . 2009-03-01 17:44 77 --a------ c:\windows\System32\work.ini
2009-03-01 03:05 . 2009-03-01 03:05 <REP> d-------- c:\windows\report
2009-03-01 03:05 . 2009-03-01 03:04 22,310,977 --a------ c:\windows\LPT$VPN.873
2009-03-01 03:04 . 2009-03-01 03:04 <REP> d-------- c:\windows\AU_Backup
2009-03-01 03:04 . 2009-03-01 03:04 22,310,977 --a------ c:\windows\VPTNFILE.873
2009-03-01 03:04 . 2009-03-01 03:04 1,980,182 --a------ c:\windows\tsc.ptn
2009-03-01 03:04 . 2009-03-01 03:04 1,213,784 --a------ c:\windows\vsapi32.dll
2009-03-01 03:04 . 2009-03-01 03:04 345,157 --a------ c:\windows\tsc.exe
2009-03-01 03:04 . 2009-03-01 03:04 91,744 --a------ c:\windows\BPMNT.dll
2009-03-01 03:04 . 2009-03-01 03:04 71,749 --a------ c:\windows\hcextoutput.dll
2009-03-01 03:04 . 2009-03-01 17:15 823 --a------ c:\windows\tsc.ini
2009-03-01 03:03 . 2009-03-01 03:04 <REP> d-------- c:\windows\AU_Temp
2009-03-01 03:03 . 2009-03-01 03:03 <REP> d-------- c:\windows\AU_Log
2009-03-01 03:03 . 2009-03-01 03:03 507,904 --a------ c:\windows\TMUPDATE.DLL
2009-03-01 03:03 . 2009-03-01 03:03 69,689 --a------ c:\windows\UNZIP.DLL
2009-03-01 03:03 . 2009-03-01 03:03 170 --a------ c:\windows\GetServer.ini
2009-03-01 01:49 . 2009-03-01 21:09 <REP> d-a------ c:\users\All Users\TEMP
2009-03-01 01:49 . 2009-03-01 21:09 <REP> d-------- c:\users\All Users\SpeedBit
2009-03-01 01:49 . 2009-03-01 21:09 <REP> d-a------ c:\programdata\TEMP
2009-03-01 01:49 . 2009-03-01 21:09 <REP> d-------- c:\programdata\SpeedBit
2009-03-01 01:49 . 2009-03-01 21:10 <REP> d-------- c:\program files\DAP
2009-02-28 19:10 . 2009-03-03 00:49 1,377 --a------ c:\windows\wininit.ini
2009-02-28 18:36 . 2009-02-28 22:48 <REP> d-------- c:\windows\System32\3361
2009-02-28 18:36 . 2009-02-28 18:36 108,336 --a------ c:\windows\System32\MSWINSCK.OCX
2009-02-28 18:35 . 2002-02-15 14:02 676,352 --a------ c:\windows\System32\rtl60.bpl
2009-02-28 18:34 . 2009-03-03 16:53 <REP> d-------- c:\windows\System32\inf
2009-02-28 18:34 . 2009-02-28 18:34 155,175 --a------ c:\windows\System32\icv.exe
2009-02-28 18:34 . 2009-02-28 18:34 155,175 --a------ c:\windows\system\xccef090131.exe
2009-02-28 00:02 . 2009-02-28 00:02 <REP> d-------- c:\program files\RivaTuner v2.23
2009-02-27 23:44 . 2009-02-27 23:44 <REP> d-------- c:\users\Halo-Roro\AppData\Roaming\DivX
2009-02-27 19:00 . 2009-02-27 19:00 <REP> d-------- c:\program files\Lionhead Studios
2009-02-27 04:34 . 2009-02-27 04:34 <REP> d-------- c:\users\All Users\NortonInstaller
2009-02-27 04:34 . 2009-02-27 04:34 <REP> d-------- c:\programdata\NortonInstaller
2009-02-26 21:39 . 2009-03-01 21:10 <REP> d-------- c:\program files\Common Files\PX Storage Engine
2009-02-26 21:38 . 2009-03-01 21:11 <REP> d-------- c:\program files\DivX
2009-02-26 21:35 . 2009-02-26 21:35 <REP> d-------- c:\program files\SystemRequirementsLab
2009-02-26 20:40 . 2009-02-26 20:40 <REP> d-------- c:\windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP
2009-02-26 19:46 . 2009-02-26 19:46 42,320 --a------ c:\windows\System32\xfcodec.dll
2009-02-26 04:58 . 2009-02-26 04:58 <REP> dr------- c:\windows\System32\config\systemprofile\Videos
2009-02-26 04:58 . 2009-02-26 04:58 <REP> dr------- c:\windows\System32\config\systemprofile\Searches
2009-02-26 04:58 . 2009-02-26 04:58 <REP> dr------- c:\windows\System32\config\systemprofile\Saved Games
2009-02-26 04:58 . 2009-02-26 04:58 <REP> dr------- c:\windows\System32\config\systemprofile\Pictures
2009-02-26 04:58 . 2009-02-26 04:58 <REP> dr------- c:\windows\System32\config\systemprofile\Links
2009-02-26 04:58 . 2009-02-26 04:58 <REP> dr------- c:\windows\System32\config\systemprofile\Downloads
2009-02-26 04:58 . 2009-02-26 04:58 <REP> dr------- c:\windows\System32\config\systemprofile\Documents
2009-02-26 04:58 . 2009-02-26 04:58 1,540 --a------ c:\windows\System32\ealregsnapshot1.reg
2009-02-26 04:44 . 2008-03-05 15:56 3,786,760 --a------ c:\windows\System32\D3DX9_37.dll
2009-02-25 23:12 . 2009-02-25 23:12 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-02-25 20:19 . 2009-02-25 20:19 <REP> d-------- c:\program files\AIDA32 - Personal System Information
2009-02-25 19:38 . 2009-02-25 19:38 <REP> d-------- c:\program files\Microsoft Silverlight
2009-02-25 19:35 . 2008-12-16 04:29 8,147,456 --a------ c:\windows\System32\wmploc.DLL
2009-02-25 19:35 . 2008-12-16 06:31 7,680 --a------ c:\windows\System32\spwmp.dll
2009-02-25 19:35 . 2008-12-16 06:31 4,096 --a------ c:\windows\System32\msdxm.ocx
2009-02-25 19:35 . 2008-12-16 06:31 4,096 --a------ c:\windows\System32\dxmasf.dll
2009-02-25 18:12 . 2009-02-26 04:58 <REP> dr------- c:\windows\System32\config\systemprofile\Music
2009-02-24 22:45 . 2006-11-02 11:23 <REP> dr------- c:\users\Mcx1\Videos
2009-02-24 22:45 . 2006-11-02 11:23 <REP> d-------- c:\users\Mcx1\Saved Games
2009-02-24 22:45 . 2006-11-02 11:23 <REP> dr------- c:\users\Mcx1\Pictures
2009-02-24 22:45 . 2009-02-27 04:56 <REP> dr------- c:\users\Mcx1\Music
2009-02-24 22:45 . 2006-11-02 11:23 <REP> dr------- c:\users\Mcx1\Links
2009-02-24 22:45 . 2006-11-02 11:23 <REP> dr------- c:\users\Mcx1\Downloads
2009-02-24 22:45 . 2009-02-24 22:45 <REP> dr------- c:\users\Mcx1\Documents
2009-02-24 22:45 . 2009-02-24 22:45 <REP> d--h----- c:\users\Mcx1\AppData
2009-02-24 22:45 . 2009-02-24 22:45 <REP> d-------- c:\users\Mcx1
2009-02-24 19:11 . 2009-02-24 19:11 <REP> d-------- C:\PerfLogs
2009-02-24 00:08 . 2009-02-24 00:08 9,728 --a------ c:\program files\setup_bs.exe
2009-02-23 05:21 . 2009-02-26 20:42 <REP> d-------- c:\program files\EA GAMES
2009-02-23 05:21 . 2004-08-18 09:34 442,368 -ra------ c:\windows\System32\vp6vfw.dll
2009-02-23 05:20 . 2009-02-23 05:20 <REP> d-------- c:\users\Halo-Roro\AppData\Roaming\DAEMON Tools Pro
2009-02-23 05:20 . 2009-02-23 05:20 <REP> d-------- c:\users\Halo-Roro\AppData\Roaming\DAEMON Tools
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-04 18:39 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-04 18:33 --------- d-----w c:\program files\Microsoft Games
2009-03-01 20:10 --------- d-----w c:\program files\Google
2009-02-27 03:34 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-02-24 18:31 174 --sha-w c:\program files\desktop.ini
2009-02-24 18:12 --------- d-----w c:\program files\Windows Sidebar
2009-02-24 18:12 --------- d-----w c:\program files\Windows Photo Gallery
2009-02-24 18:12 --------- d-----w c:\program files\Windows Mail
2009-02-24 18:12 --------- d-----w c:\program files\Windows Journal
2009-02-24 18:12 --------- d-----w c:\program files\Windows Defender
2009-02-24 18:12 --------- d-----w c:\program files\Windows Collaboration
2009-02-24 18:12 --------- d-----w c:\program files\Windows Calendar
2009-02-24 17:51 82,432 ----a-w c:\windows\System32\axaltocm.dll
2009-02-24 17:51 101,888 ----a-w c:\windows\System32\ifxcardm.dll
2009-02-23 00:32 --------- d-----w c:\program files\Microsoft Works
2009-02-21 23:35 --------- d-----w c:\program files\HP
2009-02-21 23:33 --------- d-----w c:\program files\Intel
2009-02-21 23:28 319,456 ----a-w c:\windows\DIFxAPI.dll
2009-02-21 23:28 --------- d-----w c:\program files\Realtek
2009-02-21 00:40 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2009-02-21 00:40 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2009-02-21 00:40 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2009-02-21 00:40 2,560 ----a-w c:\windows\AppPatch\AcRes.dll
2009-02-21 00:40 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2009-02-21 00:40 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2009-02-21 00:32 --------- d-----w c:\program files\Common Files\Roxio Shared
2009-02-20 22:46 --------- d-----w c:\program files\Common Files\InstallShield
2009-02-20 22:24 --------- d-sh--w c:\programdata\Modèles
2009-02-20 22:24 --------- d-sh--w c:\programdata\Menu Démarrer
2009-02-20 22:24 --------- d-sh--w c:\programdata\Favoris
2009-02-20 22:24 --------- d-sh--w c:\programdata\Documents
2009-02-20 22:24 --------- d-sh--w c:\programdata\Bureau
2009-02-20 22:24 --------- d-sh--w c:\programdata\Application Data
2009-02-20 22:24 --------- d-sh--w c:\program files\Fichiers communs
2009-02-05 09:54 453,152 ----a-w c:\windows\System32\nvuninst.exe
2009-01-16 17:24 70,936 ----a-w c:\windows\System32\PhysXLoader.dll
2008-12-11 00:33 86,016 ----a-w c:\windows\System32\dpl100.dll
2008-12-11 00:33 200,704 ----a-w c:\windows\System32\dtu100.dll
2008-12-09 02:28 593,920 ----a-w c:\windows\System32\dpuGUI11.dll
2008-12-09 02:28 57,344 ----a-w c:\windows\System32\dpv11.dll
2008-12-09 02:28 344,064 ----a-w c:\windows\System32\dpus11.dll
2008-12-09 02:28 294,912 ----a-w c:\windows\System32\dpu11.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-03-03_17.02.18.57 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-03-02 04:16:39 53,248 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2009-03-04 18:39:16 53,248 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2009-03-02 04:16:42 12,800 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2009-03-04 18:39:16 12,800 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2009-03-02 04:16:45 473,600 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2009-03-04 18:39:16 473,600 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2009-03-02 04:16:10 2,676,224 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-04 17:05:25 2,676,224 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-02 04:16:14 2,846,720 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-04 17:05:28 2,846,720 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-02 04:16:16 563,712 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-04 17:05:30 563,712 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-02 04:16:19 567,296 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-04 18:39:14 567,296 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-02 04:16:23 576,000 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-04 18:39:16 576,000 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-02 04:16:27 577,024 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-04 17:05:33 577,024 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-02 04:16:29 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-04 17:05:34 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-02 04:16:32 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-04 17:05:35 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-02 04:16:36 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-04 17:05:37 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-02 04:16:49 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-04 17:05:41 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-02 04:16:52 145,920 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2009-03-04 18:39:17 145,920 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2009-03-02 04:16:55 159,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2009-03-04 18:39:17 159,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2009-03-02 04:16:59 364,544 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2009-03-04 18:39:17 364,544 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2009-03-02 04:17:00 178,176 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2009-03-04 18:39:18 178,176 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2009-03-02 04:16:38 223,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2009-03-04 18:39:16 223,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2009-03-06 20:40:34 6,230,016 ----a-w c:\windows\ERDNT\Hiv-backup\SCHEMA.DAT
+ 2007-10-24 20:13:02 1,778,912 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\cry3dengine.dll
+ 2007-10-24 20:13:04 2,942,176 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\cryaction.dll
+ 2007-10-24 20:13:06 1,942,752 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\cryaisystem.dll
+ 2007-10-24 20:13:06 1,574,112 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\cryanimation.dll
+ 2007-10-24 20:13:08 840,928 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\cryentitysystem.dll
+ 2007-10-24 20:13:10 394,464 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\cryfont.dll
+ 2007-10-24 20:13:12 2,823,392 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\crygame.dll
+ 2007-10-24 20:13:16 197,856 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\cryinput.dll
+ 2007-10-24 20:13:18 386,272 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\crymovie.dll
+ 2007-10-24 20:13:18 943,328 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\crynetwork.dll
+ 2007-10-24 20:13:20 1,991,904 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\cryphysics.dll
+ 2007-10-24 20:13:22 3,036,384 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\cryrenderd3d10.dll
+ 2007-10-24 20:13:24 3,024,096 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\cryrenderd3d9.dll
+ 2007-10-24 20:13:26 885,984 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\cryrendernull.dll
+ 2007-10-24 20:13:26 660,704 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\cryscriptsystem.dll
+ 2007-11-11 06:55:08 9,556,801 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\crysis.exe
+ 2007-10-24 23:11:28 17,120 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\crysisdedicatedserver.exe
+ 2007-10-24 20:13:28 644,320 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\crysoundsystem.dll
+ 2007-10-24 20:13:30 2,098,400 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\crysystem.dll
+ 2007-09-19 15:29:40 294,912 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\pbsv.dll
+ 2007-10-24 20:13:44 13,024 ----a-r c:\windows\Installer\$PatchCache$\Managed\7B97E000527E10F478A01C92247B8F4E\1.0.0\shallocator.dll
+ 2009-03-05 20:52:18 9,662 ----a-r c:\windows\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\ARPPRODUCTICON.exe
+ 2009-03-05 20:52:18 10,134 ----a-r c:\windows\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\checkForUpdatesSC_000E79B7E7254F01870AC12942B7F8E4.exe
+ 2009-03-05 20:52:18 10,134 ----a-r c:\windows\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\visitWebsite_000E79B7E7254F01870AC12942B7F8E4.exe
+ 2009-03-04 18:39:08 61,440 ----a-r c:\windows\Installer\{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}\ARPPRODUCTICON.exe
- 2009-03-03 15:57:22 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-03-03 17:26:35 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-03-03 15:57:22 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-03-03 17:26:35 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-03-03 15:57:39 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-03-06 11:06:54 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-03-06 11:06:54 262,144 ---ha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2009-03-03 15:57:39 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-03-06 20:45:22 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-03-06 20:45:22 262,144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2009-03-03 15:57:48 49,152 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-03-06 17:57:58 49,152 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-03-03 15:57:48 409,600 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-03-06 17:57:58 425,984 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-03-03 16:51:16 91,136 ----a-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XYSLXSV3\w[1].bin
- 2009-03-03 15:57:48 49,152 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-03-06 17:57:58 49,152 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-03-03 15:47:40 262,144 ----a-w c:\windows\System32\config\systemprofile\ntuser.dat
+ 2009-03-06 20:40:50 262,144 ----a-w c:\windows\System32\config\systemprofile\ntuser.dat
+ 2009-03-06 20:40:50 262,144 ---ha-w c:\windows\System32\config\systemprofile\ntuser.dat.LOG1
- 2007-04-30 15:50:50 903,072 ----a-w c:\windows\System32\msidcrl40.dll
+ 2007-08-27 14:41:22 1,089,440 ----a-w c:\windows\System32\msidcrl40.dll
- 2009-02-26 19:41:15 6,291,456 ----a-w c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-03-03 19:26:35 6,291,456 ----a-w c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2007-12-14 02:27:14 296,960 ----a-w c:\windows\System32\UltraMon.dll
+ 2007-12-14 02:27:12 82,944 ----a-w c:\windows\System32\UltraMonHook.dll
+ 2007-12-13 23:22:56 159,744 ----a-w c:\windows\System32\UltraMonIndDisp.exe
+ 2007-12-07 18:24:46 98,304 ----a-w c:\windows\System32\UltraMonIndDispHook.dll
- 2009-03-03 15:52:06 7,892 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1743233917-621825338-3690092286-1001_UserData.bin
+ 2009-03-03 17:29:04 8,492 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1743233917-621825338-3690092286-1001_UserData.bin
- 2009-03-03 15:52:06 53,316 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-03-03 17:29:04 53,630 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2009-03-03 15:51:59 42,338 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-03-03 16:46:56 44,398 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2007-11-26 20:56:20 10,155,840 ----a-w c:\windows\System32\xlive.dll
+ 2008-10-28 16:41:22 14,303,392 ----a-w c:\windows\System32\xlive.dll
- 2007-11-26 20:56:20 13,653,824 ----a-w c:\windows\System32\xlivefnt.dll
+ 2008-10-28 16:41:20 13,643,936 ----a-w c:\windows\System32\xlivefnt.dll
+ 2008-01-14 18:24:04 196,096 ----a-w c:\windows\UltraMon.scr
- 2009-03-03 15:11:51 157,882,682 ----a-w c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2009-03-03 19:26:34 157,905,284 ----a-w c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2009-03-03 19:26:25 161,784 ----a-w c:\windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_e29d1181971ae11e\ATL90.dll
+ 2009-03-03 19:26:27 225,280 ----a-w c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada\msvcm90.dll
+ 2009-03-03 19:26:27 572,928 ----a-w c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada\msvcp90.dll
+ 2009-03-03 19:26:27 655,872 ----a-w c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada\msvcr90.dll
+ 2009-03-03 19:26:30 3,768,312 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf\mfc90.dll
+ 2009-03-03 19:26:30 3,783,672 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf\mfc90u.dll
+ 2009-03-03 19:26:30 59,904 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf\mfcm90.dll
+ 2009-03-03 19:26:30 59,904 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf\mfcm90u.dll
+ 2009-03-03 19:26:32 38,912 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90CHS.DLL
+ 2009-03-03 19:26:32 39,936 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90CHT.DLL
+ 2009-03-03 19:26:32 66,560 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90DEU.DLL
+ 2009-03-03 19:26:32 56,832 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90ENU.DLL
+ 2009-03-03 19:26:32 65,024 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90ESN.DLL
+ 2009-03-03 19:26:32 65,024 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90ESP.DLL
+ 2009-03-03 19:26:32 66,048 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90FRA.DLL
+ 2009-03-03 19:26:32 64,512 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90ITA.DLL
+ 2009-03-03 19:26:32 46,592 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90JPN.DLL
+ 2009-03-03 19:26:32 46,080 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90KOR.DLL
+ 2009-03-03 19:26:32 62,976 ----a-w c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90RUS.DLL
+ 2009-03-03 19:26:33 54,272 ----a-w c:\windows\winsxs\x86_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.8_none_ecdf8c290e547f39\vcomp90.dll
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-02-21 342848]
"Steam"="c:\program files\steam\steam.exe" [2009-02-21 1410296]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCUTRAYICON"="FactoryMode" [X]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-09 13683232]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-09 92704]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2008-06-02 178712]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 c:\windows\RtHDVCpl.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-24 44136]
c:\users\Halo-Roro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Eurobarre.lnk - c:\program files\Eurobarre\eb.exe [2009-03-03 113664]
Kyuubi-Barre.lnk - c:\users\Halo-Roro\AppData\Roaming\KyuubiBarre\PF\KyuubiBarre.exe [2009-03-03 61952]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
UltraMon.lnk - c:\windows\Installer\{AF0FA6D7-96F3-468A-ABB7-28BE006EA8E9}\IcoUltraMon.ico [2009-03-04 29310]
ZDWLan Utility.lnk - c:\program files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe [2009-02-20 495616]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.XFR1"= xfcodec.dll
"msacm.divxa32"= divxa32.acm
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Antivirus-ashDisp.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Antivirus-ashserv.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Antivirus-ashSimpl.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avesvc.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdmcon.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdnagent.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdss.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdswitch.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\DefWatch.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\xcommsvr.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{E77CF33D-6C07-4636-827B-E4A2A139A82D}"= UDP:c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM
"{0CA4CCB7-952B-4723-B7B4-C7B9853E7EEB}"= TCP:c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM
"{BEA96267-04DD-44FA-BAD3-B069F3F7243B}"= UDP:c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server
"{82183388-A487-4BCB-BAF2-CE5133326DAA}"= TCP:c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server
"{F22D71E8-C211-4975-8F5D-3C9DE1676D53}"= UDP:c:\program files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service
"{F3AD6A74-9AE2-47DF-BFAA-D54272845B0F}"= TCP:c:\program files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service
"{8551BBB6-387A-41FD-B396-D4A9396BB088}"= TCP:9442:127.0.0.1:Intel(R) Viiv(TM) Media Server Discovery
"{5A4E1C30-017A-4EC2-84A2-FEA429A44A63}"= TCP:1900:LocalSubnet:LocalSubnet:Intel(R) Viiv(TM) Media Server UPnP Discovery
"{6AEB06E6-E66C-45FE-8284-12F189B10DBC}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp
"{43397F41-E95F-494D-9D8C-95A33B28DBED}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp
"{4C5EEA69-FD81-4F9A-8247-9C090972ED57}"= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{4933A42D-7E59-41A9-95DF-2A19F9151518}"= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{23C650A1-D3D6-4DBA-8116-35D49E601782}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)
"{9C4D81D5-BC13-4B39-8030-B2E9FA666149}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)
"{B6525A6C-5584-4798-876D-9811B11EE0AD}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (TCP-In)
"{E4D55A75-9F72-45AA-8898-8C2FE8DCF038}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (UDP-In)
"TCP Query User{B7E9F68C-B1A6-4BD5-9105-C6B487EC4D54}c:\\program files\\xfire\\xfire.exe"= UDP:c:\program files\xfire\xfire.exe:Xfire
"UDP Query User{9E01EFBD-0424-4B52-9671-05C51F0D9AED}c:\\program files\\xfire\\xfire.exe"= TCP:c:\program files\xfire\xfire.exe:Xfire
"TCP Query User{B8D1ECA2-0DFE-489E-92DD-A647C31F4E89}c:\\program files\\dna\\btdna.exe"= UDP:c:\program files\dna\btdna.exe:DNA
"UDP Query User{57A46E9B-B875-400E-8D43-FE2B5E0E0712}c:\\program files\\dna\\btdna.exe"= TCP:c:\program files\dna\btdna.exe:DNA
"TCP Query User{BC29744A-21B3-4899-B874-5F36A1F24D95}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"UDP Query User{9DC0EC7A-6145-4D0C-86F3-00FE6F8E372A}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"TCP Query User{FA611B4B-35C9-4EE0-9DCB-C6E81DD38F9D}c:\\program files\\xfire\\xfire.exe"= UDP:c:\program files\xfire\xfire.exe:Xfire
"UDP Query User{B635EA4A-498F-4F5F-B2E8-0F8F0A869300}c:\\program files\\xfire\\xfire.exe"= TCP:c:\program files\xfire\xfire.exe:Xfire
"{48103C77-73AC-4B49-BCA9-D4083DD35270}"= UDP:c:\program files\EA GAMES\Mirror's Edge\Binaries\MirrorsEdge.exe:Mirror's Edge™
"{DBC5F29C-2463-4551-9DE8-A4E94D043354}"= TCP:c:\program files\EA GAMES\Mirror's Edge\Binaries\MirrorsEdge.exe:Mirror's Edge™
"TCP Query User{64EF6523-2D47-4B55-86D4-31E9FF1E42F1}c:\\program files\\saints row 2\\sr2_pc.exe"= UDP:c:\program files\saints row 2\sr2_pc.exe:SR2_pc
"UDP Query User{1B8F0107-211F-47C7-A03A-15AC251CBC79}c:\\program files\\saints row 2\\sr2_pc.exe"= TCP:c:\program files\saints row 2\sr2_pc.exe:SR2_pc
"{CFFF8149-51DD-4AC5-966D-37FBCF31E8AB}"= UDP:c:\program files\CAPCOM\LOSTPLANETCOLONIES\LostPlanetColoniesDX9.exe:LOSTPLANETCOLONIES_DX9
"{CD1A23EE-8AFC-4A27-981E-09B84471A434}"= TCP:c:\program files\CAPCOM\LOSTPLANETCOLONIES\LostPlanetColoniesDX9.exe:LOSTPLANETCOLONIES_DX9
"{636A8E8A-4575-4F64-B8E8-230C5155E4CD}"= UDP:c:\program files\CAPCOM\LOSTPLANETCOLONIES\LostPlanetColoniesDX10.exe:LOSTPLANETCOLONIES_DX10
"{5E3C3E9C-D7B0-4EFB-A203-F223C1FC9FF7}"= TCP:c:\program files\CAPCOM\LOSTPLANETCOLONIES\LostPlanetColoniesDX10.exe:LOSTPLANETCOLONIES_DX10
"TCP Query User{730BAF62-55E6-46B3-AA2A-C67F38640AAD}c:\\program files\\flashget\\flashget.exe"= UDP:c:\program files\flashget\flashget.exe:FlashGet
"UDP Query User{4F6451AD-3923-4987-ADB6-ACC9777C0B29}c:\\program files\\flashget\\flashget.exe"= TCP:c:\program files\flashget\flashget.exe:FlashGet
"TCP Query User{3818922F-72CF-4B84-9C7E-60937A367C53}c:\\program files\\flashget\\flashget.exe"= UDP:c:\program files\flashget\flashget.exe:FlashGet
"UDP Query User{0B47C5D2-EA19-4F5A-BA58-04E89439363A}c:\\program files\\flashget\\flashget.exe"= TCP:c:\program files\flashget\flashget.exe:FlashGet
"{74049708-75E7-4529-9630-280C4CD6BE00}"= UDP:c:\program files\Codemasters\GRID\GRID.exe:GRID
"{F07D43A8-0215-40C1-952C-1DF1B1EC01EA}"= TCP:c:\program files\Codemasters\GRID\GRID.exe:GRID
"{45ABA1DF-EF3B-495E-982F-2327E74F7B7A}"= UDP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{2569A463-8270-4E87-97CF-2B83B5F6B2BF}"= TCP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{AFC2233B-6A6E-47A7-823B-06D4CF19A13F}"= UDP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{C541C871-51C8-4EA3-A0FA-F250400B2C36}"= TCP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{4A6BC55F-E518-4B15-8813-4105D454B81E}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{0FB40AA0-ED96-4D1D-BA73-361B2D31648D}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{F1A5378C-71C4-42F3-BF17-CBFE348EAFD4}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{AC39B15C-C126-412D-B4BC-1E484E186457}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
"c:\\Windows\\system32\\3361\\svchost.exe"= c:\windows\system32\3361\svchost.exe:*:Enabled:SVCHOST.EXE
"c:\\Users\\HALO-R~1\\DOCUME~1\\smss.exe"= c:\users\HALO-R~1\DOCUME~1\smss.exe:*:Enabled:SMS Services
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [2009-03-03 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [2009-03-03 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2009-03-03 51792]
R2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 208896]
S2 IntelDHSvcConf;Intel DH Service;c:\program files\Intel\IntelDH\Intel Media Server\tools\IntelDHSvcConf.exe [2006-05-10 29696]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-02-21 1153368]
S2 sopidkc;sopidkc Service;c:\windows\system32\sopidkc.exe --> c:\windows\system32\sopidkc.exe [?]
S2 Tcpipsrv;Tcp ipx Service;c:\windows\$ntunistalls\svchost.exe --> c:\windows\$ntunistalls\svchost.exe [?]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2009-01-24 216232]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://google.fr/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=71&bd=Pavilion&pf=desktop
IE: &Tout télécharger avec FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Télécharger avec FlashGet - c:\program files\FlashGet\jc_link.htm
TCP: {0348833B-C3C3-4D81-BD64-CE2B08842F17} = 212.30.96.108,213.203.124.146
TCP: {CE8812A8-9D6F-4939-A1B7-4D123C2B6B3A} = 212.30.96.108,213.203.124.146
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
FF - ProfilePath - c:\users\Halo-Roro\AppData\Roaming\Mozilla\Firefox\Profiles\cj7m7hph.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://google.fr/
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-06 21:45:26
Windows 6.0.6001 Service Pack 1 NTFS
Recherche de processus cachés ...
? [1544]
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
Heure de fin: 2009-03-06 21:48:09
ComboFix-quarantined-files.txt 2009-03-06 20:48:06
ComboFix2.txt 2009-03-03 17:33:31
ComboFix3.txt 2009-03-03 16:04:21
Avant-CF: 44,680,089,600 octets libres
Après-CF: 45,112,340,480 octets libres
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
476 --- E O F --- 2009-02-25 18:38:55
eZula
Messages postés
3391
Date d'inscription
samedi 26 avril 2008
Statut
Contributeur
Dernière intervention
8 mai 2021
392
7 mars 2009 à 10:26
7 mars 2009 à 10:26
Crée un fichier texte avec le bloc-note
copie/colle ceci dans le fichier :
@ECHO OFF
sc config sopidkc start= disabled
sc stop sopidkc
sc delete sopidkc
sc config Tcpipsrv start= disabled
sc stop Tcpipsrv
sc delete Tcpipsrv
exit
Enregistre le fichier sur le bureau en prenant soin de mettre "tous fichiers" dans "Type" et nomme-le remove.bat
Double-clic sur remove.bat.
redémarre l'ordinateur. Poste un rapport HijackThis
copie/colle ceci dans le fichier :
@ECHO OFF
sc config sopidkc start= disabled
sc stop sopidkc
sc delete sopidkc
sc config Tcpipsrv start= disabled
sc stop Tcpipsrv
sc delete Tcpipsrv
exit
Enregistre le fichier sur le bureau en prenant soin de mettre "tous fichiers" dans "Type" et nomme-le remove.bat
Double-clic sur remove.bat.
redémarre l'ordinateur. Poste un rapport HijackThis
Utilisateur anonyme
7 mars 2009 à 23:10
7 mars 2009 à 23:10
j'ai fait se que tu ma demander de faire , voici le rapport HijackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:09:30, on 07/03/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\hp\support\hpsysdrv.exe
C:\hp\KBD\kbd.exe
C:\WINDOWS\RtHDVCpl.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\UltraMon\UltraMon.exe
C:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Startup: Kyuubi-Barre.lnk = Halo-Roro\AppData\Roaming\KyuubiBarre\PF\KyuubiBarre.exe
O4 - Startup: SMS Services.lnk = Halo-Roro\Documents\smss.exe
O4 - Global Startup: UltraMon.lnk = ?
O4 - Global Startup: ZDWLan Utility.lnk = C:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://cache.systemrequirementslab.com/htdocs/srl_bin/sysreqlab_srl.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD7/JSCDL/jdk/6u12-b04/jinstall-6u12-windows-i586-jc.cab?e=1236090623564&h=96e15b781d3538908dbb3b94f84632df/&filename=jinstall-6u12-windows-i586-jc.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.6.0_03) -
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} (Java Plug-in 1.6.0_12) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0348833B-C3C3-4D81-BD64-CE2B08842F17}: NameServer = 212.30.96.108,213.203.124.146
O17 - HKLM\System\CCS\Services\Tcpip\..\{CE8812A8-9D6F-4939-A1B7-4D123C2B6B3A}: NameServer = 212.30.96.108,213.203.124.146
O17 - HKLM\System\CS1\Services\Tcpip\..\{0348833B-C3C3-4D81-BD64-CE2B08842F17}: NameServer = 212.30.96.108,213.203.124.146
O17 - HKLM\System\CS4\Services\Tcpip\..\{0348833B-C3C3-4D81-BD64-CE2B08842F17}: NameServer = 212.30.96.108,213.203.124.146
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: sopidkc Service (sopidkc) - Unknown owner - C:\Windows\system32\sopidkc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - Unknown owner - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: Tcp ipx Service (Tcpipsrv) - Unknown owner - c:\windows\$ntunistalls\svchost.exe (file missing)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:09:30, on 07/03/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\hp\support\hpsysdrv.exe
C:\hp\KBD\kbd.exe
C:\WINDOWS\RtHDVCpl.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\UltraMon\UltraMon.exe
C:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Startup: Kyuubi-Barre.lnk = Halo-Roro\AppData\Roaming\KyuubiBarre\PF\KyuubiBarre.exe
O4 - Startup: SMS Services.lnk = Halo-Roro\Documents\smss.exe
O4 - Global Startup: UltraMon.lnk = ?
O4 - Global Startup: ZDWLan Utility.lnk = C:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://cache.systemrequirementslab.com/htdocs/srl_bin/sysreqlab_srl.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD7/JSCDL/jdk/6u12-b04/jinstall-6u12-windows-i586-jc.cab?e=1236090623564&h=96e15b781d3538908dbb3b94f84632df/&filename=jinstall-6u12-windows-i586-jc.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.6.0_03) -
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} (Java Plug-in 1.6.0_12) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0348833B-C3C3-4D81-BD64-CE2B08842F17}: NameServer = 212.30.96.108,213.203.124.146
O17 - HKLM\System\CCS\Services\Tcpip\..\{CE8812A8-9D6F-4939-A1B7-4D123C2B6B3A}: NameServer = 212.30.96.108,213.203.124.146
O17 - HKLM\System\CS1\Services\Tcpip\..\{0348833B-C3C3-4D81-BD64-CE2B08842F17}: NameServer = 212.30.96.108,213.203.124.146
O17 - HKLM\System\CS4\Services\Tcpip\..\{0348833B-C3C3-4D81-BD64-CE2B08842F17}: NameServer = 212.30.96.108,213.203.124.146
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: sopidkc Service (sopidkc) - Unknown owner - C:\Windows\system32\sopidkc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - Unknown owner - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: Tcp ipx Service (Tcpipsrv) - Unknown owner - c:\windows\$ntunistalls\svchost.exe (file missing)
eZula
Messages postés
3391
Date d'inscription
samedi 26 avril 2008
Statut
Contributeur
Dernière intervention
8 mai 2021
392
8 mars 2009 à 11:45
8 mars 2009 à 11:45
Lance HijackThis > Misc Tools > Delete NT service
colle ce nom : sopidkc
valide
recommence avec : Tcpipsrv
redémarre l'ordi & nouveau HijackThis
colle ce nom : sopidkc
valide
recommence avec : Tcpipsrv
redémarre l'ordi & nouveau HijackThis
Utilisateur anonyme
8 mars 2009 à 12:32
8 mars 2009 à 12:32
sa me marque :
" The Service "sopidkc" is enabled and/or running.Disable it first, using hijackthis itself ( from the scan results) or the service.msc windows"
pareil pour Tcpipsrv
si je comprends ( vu mon anglais pathetique ) sois il ne trouve pas le fichier , sois il ne veut pas se supprimer ?
se qui est bizzar , a cotee de "Delete an NT service , c'est ecrit "Delete a windows NT service (023) Use Whith Caution !(WinNT4/2k/XP only)"
aucune trace de Vista
" The Service "sopidkc" is enabled and/or running.Disable it first, using hijackthis itself ( from the scan results) or the service.msc windows"
pareil pour Tcpipsrv
si je comprends ( vu mon anglais pathetique ) sois il ne trouve pas le fichier , sois il ne veut pas se supprimer ?
se qui est bizzar , a cotee de "Delete an NT service , c'est ecrit "Delete a windows NT service (023) Use Whith Caution !(WinNT4/2k/XP only)"
aucune trace de Vista
eZula
Messages postés
3391
Date d'inscription
samedi 26 avril 2008
Statut
Contributeur
Dernière intervention
8 mai 2021
392
8 mars 2009 à 12:47
8 mars 2009 à 12:47
désactive et arrête d'abord ces services dans démarrer > exécuter > services.msc
Utilisateur anonyme
8 mars 2009 à 12:49
8 mars 2009 à 12:49
oui , j'y avais penssez , mais aucun service du nom de "sopidkc" ou "Tcpipsrv" n'ai present dans la liste des services
eZula
Messages postés
3391
Date d'inscription
samedi 26 avril 2008
Statut
Contributeur
Dernière intervention
8 mai 2021
392
8 mars 2009 à 12:50
8 mars 2009 à 12:50
Même pas ça :
sopidkc Service
Tcp ipx Service
?
sopidkc Service
Tcp ipx Service
?
Utilisateur anonyme
8 mars 2009 à 12:53
8 mars 2009 à 12:53
....... Va me prendre pour un foux , il vienne d'apparaitre , j'ai bien supprimer avec Hijackthis , je redemarre
Utilisateur anonyme
8 mars 2009 à 13:18
8 mars 2009 à 13:18
je te reposte un rapport hijackthis pour voir si les fichier sont bien partis ?
eZula
Messages postés
3391
Date d'inscription
samedi 26 avril 2008
Statut
Contributeur
Dernière intervention
8 mai 2021
392
8 mars 2009 à 14:29
8 mars 2009 à 14:29
oui c'est les deux O23 à contrôler
