Aide pour rapport HijackThis
Résolu/Fermé
A voir également:
- Aide pour rapport HijackThis
- Hijackthis windows 10 - Télécharger - Antivirus & Antimalwares
- Plan rapport de stage - Guide
- On vous a donné accès à un fichier rapport. il est partagé avec plusieurs personnes sur cet espace pix cloud. répondez aux questions - Forum Cloud
- Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport existant ✓ - Forum Excel
- Problém affichage du tableau croisé dynamique - Forum Excel
55 réponses
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
23 mars 2008 à 22:21
23 mars 2008 à 22:21
Hi le sioux ;-)
Oui je veux bien que tu continu... j´aimerais bien comprendre la commande renv:: de combofix...
Merci`
Bonne soirée ;-)
@+
Oui je veux bien que tu continu... j´aimerais bien comprendre la commande renv:: de combofix...
Merci`
Bonne soirée ;-)
@+
nicobarj
Messages postés
22
Date d'inscription
jeudi 20 mars 2008
Statut
Membre
Dernière intervention
8 avril 2008
24 mars 2008 à 20:13
24 mars 2008 à 20:13
bonsoir
me revoici sur mon ordinateur
j'ai une petite question. j'ai installé antivir mais il n'apparait pas dans la barre en bas a droite!? est-ce normal? car je ne peut pas l'arrêter si il n'y apparait pas! je comprend pas...
me revoici sur mon ordinateur
j'ai une petite question. j'ai installé antivir mais il n'apparait pas dans la barre en bas a droite!? est-ce normal? car je ne peut pas l'arrêter si il n'y apparait pas! je comprend pas...
nicobarj
Messages postés
22
Date d'inscription
jeudi 20 mars 2008
Statut
Membre
Dernière intervention
8 avril 2008
24 mars 2008 à 21:22
24 mars 2008 à 21:22
Alors voici le rapport combofix avec cfscript
ComboFix 08-03-18.1 - Mily&Nico 2008-03-24 21:17:11.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1422 [GMT 1:00]
Endroit: C:\Documents and Settings\Mily&Nico\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Mily&Nico\Bureau\CFScript.txt
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
FILE ::
C:\WINDOWS\system32\winsys2.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\winsys2.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2008-02-24 to 2008-03-24 ))))))))))))))))))))))))))))))))))))
.
2008-03-24 20:53 . 2008-03-24 20:53 <REP> d-------- C:\Program Files\Avira
2008-03-24 20:49 . 2008-03-24 20:52 <REP> d-------- C:\Documents and Settings\Mily&Nico\quarantaine
2008-03-20 23:04 . 2008-03-20 23:15 <REP> d-------- C:\Downloads
2008-03-20 23:04 . 2008-03-20 23:12 <REP> d-------- C:\Documents and Settings\Mily&Nico\Application Data\Orbit
2008-03-20 18:19 . 2008-03-24 20:53 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-03-20 17:59 . 2008-03-20 17:59 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-03-20 17:55 . 2007-12-07 03:08 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-03-20 17:55 . 2007-07-01 04:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-03-20 17:55 . 2007-07-01 04:36 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-03-20 17:55 . 2007-12-07 03:08 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-03-20 17:55 . 2007-12-07 03:08 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-03-20 17:55 . 2007-12-07 03:08 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-03-20 17:55 . 2007-12-07 03:08 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-03-20 17:55 . 2007-12-07 03:08 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-03-20 17:55 . 2007-12-06 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-03-20 16:57 . 2008-03-20 16:57 268 --ah----- C:\sqmdata03.sqm
2008-03-20 16:57 . 2008-03-20 16:57 244 --ah----- C:\sqmnoopt03.sqm
2008-03-14 22:44 . 2008-03-15 00:40 <REP> d-------- C:\Program Files\Alice
2008-03-14 20:43 . 2006-08-18 10:30 446,464 --a------ C:\WINDOWS\system32\CapabilityTable.exe
2008-03-14 19:01 . 2008-03-14 19:01 <REP> d-------- C:\Program Files\GordianKnot
2008-03-14 19:01 . 2008-03-14 19:01 <REP> d-------- C:\Program Files\DivXCodec
2008-03-14 19:01 . 2008-03-14 19:01 414,272 --a------ C:\WINDOWS\system32\DivXc32f.dll
2008-03-14 19:01 . 2008-03-14 19:01 414,272 --a------ C:\WINDOWS\system32\DivXc32.dll
2008-03-14 19:01 . 2008-03-14 19:01 291,408 --a------ C:\WINDOWS\system32\DivXa32.acm
2008-03-14 19:01 . 2008-03-14 19:01 240,400 --a------ C:\WINDOWS\system32\DivX_c32.ax
2008-03-14 19:01 . 2008-03-14 19:01 196,608 --a------ C:\WINDOWS\system32\avisynth.dll
2008-03-14 19:01 . 2008-03-14 19:01 33,280 --a------ C:\WINDOWS\system32\HUFFYUV.DLL
2008-03-14 16:05 . 2008-03-14 17:12 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb
2008-03-14 16:05 . 2008-03-14 17:12 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb
2008-03-09 20:05 . 2008-03-09 21:29 <REP> d-------- C:\Documents and Settings\Mily&Nico\Application Data\Uniblue
2008-03-09 18:54 . 2008-03-09 18:54 <REP> d--h----- C:\WINDOWS\PIF
2008-03-08 23:16 . 2008-03-20 16:09 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-08 23:16 . 2008-03-08 23:16 37,888 --a------ C:\WINDOWS\system32\rar.exe
2008-03-08 22:40 . 2008-03-08 22:40 <REP> d-------- C:\Program Files\Total Uninstall 4
2008-03-08 22:40 . 2008-03-08 22:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Martau
2008-03-08 15:32 . 2008-03-08 15:32 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
2008-03-08 15:32 . 2008-03-08 15:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-03-08 14:04 . 2008-03-08 14:05 244,224 --a------ C:\facture sfr.doc
2008-03-08 14:03 . 2008-03-08 14:03 <REP> d-------- C:\Documents and Settings\All Users\Application Data\GIRDAC
2008-02-27 18:40 . 2008-03-09 18:54 <REP> d-------- C:\Documents and Settings\Mily&Nico\Application Data\SoundSpectrum
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-24 19:38 --------- d-----w C:\Documents and Settings\Mily&Nico\Application Data\OpenOffice.org2
2008-03-24 19:11 --------- d-----w C:\Program Files\eChanblard
2008-03-20 17:29 --------- d-----w C:\Documents and Settings\Mily&Nico\Application Data\Command & Conquer 3 Les guerres du Tiberium
2008-03-14 21:47 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-14 19:43 --------- d-----w C:\Program Files\NVIDIA Corporation
2008-03-09 20:32 --------- d-----w C:\Program Files\Micro Application
2008-03-09 14:56 --------- d-----w C:\Documents and Settings\Mily&Nico\Application Data\Hamachi
2008-03-08 19:18 --------- d-----w C:\Program Files\Java
2008-03-08 14:33 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-18 20:24 --------- d-----w C:\Program Files\Electronic Arts
2008-02-18 18:51 --------- d-----w C:\Program Files\VideoLAN
2008-02-18 18:51 --------- d-----w C:\Documents and Settings\Mily&Nico\Application Data\vlc
2008-02-16 14:46 --------- d-----w C:\Program Files\DivX
2008-02-12 19:07 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-02-10 23:16 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-02-10 14:05 --------- d-----w C:\Program Files\Kylotonn Entertainment
2008-02-05 16:18 669,184 ----a-w C:\WINDOWS\system32\pbsvc.exe
2008-02-05 16:18 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-02-05 16:18 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-02-05 16:18 22,328 ----a-w C:\Documents and Settings\Mily&Nico\Application Data\PnkBstrK.sys
2008-02-05 16:18 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-02-04 10:44 --------- d-----w C:\Program Files\Windows Live
2008-02-04 10:43 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-02-04 10:42 --------- d-----w C:\Program Files\MSN Messenger
2008-02-04 10:41 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-02-04 10:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-04 10:38 2,402,832 ----a-w C:\Program Files\WLinstaller.exe
2008-02-03 15:06 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-02-02 22:39 --------- d-----w C:\Documents and Settings\Mily&Nico\Application Data\Software4u
2008-02-02 22:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\Software4u
2008-02-02 22:24 --------- d-----w C:\Program Files\Bethesda Softworks
2008-02-02 22:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-31 20:34 --------- d-----w C:\Program Files\PFConfig
2008-01-30 15:41 25,280 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2008-01-30 15:39 --------- d-----w C:\Program Files\Hamachi
2008-01-29 18:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony
2008-01-04 21:59 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-01-04 21:58 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-01-04 21:58 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-01-04 21:58 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2008-01-04 21:58 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2008-01-04 21:58 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2008-01-04 21:58 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-01-04 21:57 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-01-04 21:57 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-01-04 21:57 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-01-04 21:57 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-01-04 21:57 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-01-04 21:57 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2008-01-04 21:57 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-01-04 21:57 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2008-01-04 21:57 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2008-01-04 21:57 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2008-01-04 21:57 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2008-01-04 21:56 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-01-04 21:56 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2007-11-01 13:55 76 ---ha-w C:\Program Files\Desktop.ini
2002-03-11 09:06 1,822,520 ----a-w C:\Program Files\instmsiw.exe
2002-03-11 08:45 1,708,856 ----a-w C:\Program Files\instmsia.exe
.
------- Sigcheck -------
2007-06-13 14:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\explorer.exe
2007-06-13 14:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2004-08-19 16:09 1036288 2a7bd330924252a2fd80344fc949bb72 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 14:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((( snapshot@2008-03-20_16.03.06,67 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-06-14 18:10:02 1,024,000 -c----w C:\WINDOWS\$NtUninstallKB939653$\browseui.dll
- 2007-06-14 18:10:02 152,064 -c----w C:\WINDOWS\$NtUninstallKB939653$\cdfview.dll
- 2007-06-14 18:10:02 1,056,768 -c----w C:\WINDOWS\$NtUninstallKB939653$\danim.dll
- 2007-06-14 18:10:02 357,888 -c----w C:\WINDOWS\$NtUninstallKB939653$\dxtmsft.dll
- 2007-06-14 18:10:02 205,312 -c----w C:\WINDOWS\$NtUninstallKB939653$\dxtrans.dll
- 2007-06-14 18:10:02 55,808 -c----w C:\WINDOWS\$NtUninstallKB939653$\extmgr.dll
- 2007-06-14 14:07:24 18,432 -c----w C:\WINDOWS\$NtUninstallKB939653$\iedw.exe
- 2007-06-14 18:10:02 251,392 -c----w C:\WINDOWS\$NtUninstallKB939653$\iepeers.dll
- 2007-06-14 18:10:02 96,768 -c----w C:\WINDOWS\$NtUninstallKB939653$\inseng.dll
- 2007-06-14 18:10:02 16,384 -c----w C:\WINDOWS\$NtUninstallKB939653$\jsproxy.dll
- 2007-06-14 09:10:04 3,079,680 -c----w C:\WINDOWS\$NtUninstallKB939653$\mshtml.dll
- 2007-06-14 18:10:03 449,024 -c----w C:\WINDOWS\$NtUninstallKB939653$\mshtmled.dll
- 2007-06-14 18:10:03 146,432 -c----w C:\WINDOWS\$NtUninstallKB939653$\msrating.dll
- 2007-06-14 18:10:04 532,480 -c----w C:\WINDOWS\$NtUninstallKB939653$\mstime.dll
- 2007-06-14 18:10:04 39,424 -c----w C:\WINDOWS\$NtUninstallKB939653$\pngfilt.dll
- 2007-06-14 18:10:04 1,495,040 -c----w C:\WINDOWS\$NtUninstallKB939653$\shdocvw.dll
- 2007-06-14 18:10:04 474,624 -c----w C:\WINDOWS\$NtUninstallKB939653$\shlwapi.dll
- 2007-06-14 18:10:05 617,472 -c----w C:\WINDOWS\$NtUninstallKB939653$\urlmon.dll
- 2007-06-26 14:12:55 663,040 -c----w C:\WINDOWS\$NtUninstallKB939653$\wininet.dll
- 2007-06-14 05:24:34 121,856 -c----w C:\WINDOWS\$NtUninstallKB939653$\xpsp3res.dll
+ 2007-06-14 18:10:02 1,024,000 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\browseui.dll
+ 2007-06-14 18:10:02 152,064 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\cdfview.dll
+ 2007-06-14 18:10:02 1,056,768 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\danim.dll
+ 2007-06-14 18:10:02 357,888 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\dxtmsft.dll
+ 2007-06-14 18:10:02 205,312 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\dxtrans.dll
+ 2007-06-14 18:10:02 55,808 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\extmgr.dll
+ 2007-06-14 14:07:24 18,432 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\iedw.exe
+ 2007-06-14 18:10:02 251,392 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\iepeers.dll
+ 2007-06-14 18:10:02 96,768 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\inseng.dll
+ 2007-06-14 18:10:02 16,384 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\jsproxy.dll
+ 2007-06-14 09:10:04 3,079,680 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\mshtml.dll
+ 2007-06-14 18:10:03 449,024 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\mshtmled.dll
+ 2007-06-14 18:10:03 146,432 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\msrating.dll
+ 2007-06-14 18:10:04 532,480 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\mstime.dll
+ 2007-06-14 18:10:04 39,424 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\pngfilt.dll
+ 2007-06-14 18:10:04 1,495,040 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\shdocvw.dll
+ 2007-06-14 18:10:04 474,624 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\shlwapi.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\spuninst\spuninst.exe
+ 2007-06-30 20:24:42 394,976 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\spuninst\updspapi.dll
+ 2007-06-14 18:10:05 617,472 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\urlmon.dll
+ 2007-06-26 14:12:55 663,040 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\wininet.dll
+ 2007-06-14 05:24:34 121,856 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\xpsp3res.dll
+ 2000-08-31 07:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2004-08-19 15:09:20 61,440 -c----w C:\WINDOWS\ie7\admparse.dll
+ 2004-08-19 15:09:20 101,888 -c----w C:\WINDOWS\ie7\advpack.dll
+ 2004-08-19 15:09:22 35,328 -c----w C:\WINDOWS\ie7\corpol.dll
+ 2006-06-02 19:32:20 33,792 -c----w C:\WINDOWS\ie7\custsat.dll
+ 2007-08-22 12:57:26 357,888 -c----w C:\WINDOWS\ie7\dxtmsft.dll
+ 2007-08-22 12:57:26 205,824 -c----w C:\WINDOWS\ie7\dxtrans.dll
+ 2007-08-22 12:57:26 55,808 -c----w C:\WINDOWS\ie7\extmgr.dll
+ 2004-08-19 15:09:28 38,912 -c----w C:\WINDOWS\ie7\hmmapi.dll
+ 2004-08-19 15:09:56 34,304 -c----w C:\WINDOWS\ie7\ie4uinit.exe
+ 2004-08-19 15:09:28 139,264 -c----w C:\WINDOWS\ie7\ieakeng.dll
+ 2004-08-19 15:09:28 221,696 -c----w C:\WINDOWS\ie7\ieaksie.dll
+ 2001-08-24 12:00:00 245,760 -c----w C:\WINDOWS\ie7\ieakui.dll
+ 2004-08-19 15:09:28 323,584 -c----w C:\WINDOWS\ie7\iedkcs32.dll
+ 2007-08-21 10:19:39 18,432 -c----w C:\WINDOWS\ie7\iedw.exe
+ 2004-08-19 15:09:28 81,920 -c----w C:\WINDOWS\ie7\ieencode.dll
+ 2007-08-22 12:57:26 251,904 -c----w C:\WINDOWS\ie7\iepeers.dll
+ 2004-08-19 15:09:28 49,152 -c----w C:\WINDOWS\ie7\iernonce.dll
+ 2004-08-19 15:09:28 63,488 -c----w C:\WINDOWS\ie7\iesetup.dll
+ 2004-08-19 15:09:56 832,512 -c----w C:\WINDOWS\ie7\iexplore.exe
+ 2004-08-19 15:09:30 35,840 -c----w C:\WINDOWS\ie7\imgutil.dll
+ 2007-08-22 12:57:26 96,768 -c----w C:\WINDOWS\ie7\inseng.dll
+ 2006-05-18 05:31:21 450,560 -c----w C:\WINDOWS\ie7\jscript.dll
+ 2007-08-22 12:57:26 16,384 -c----w C:\WINDOWS\ie7\jsproxy.dll
+ 2004-08-19 15:09:32 22,528 -c----w C:\WINDOWS\ie7\licmgr10.dll
+ 2004-08-19 15:10:00 29,184 -c----w C:\WINDOWS\ie7\mshta.exe
+ 2007-08-22 16:27:30 3,085,824 -c----w C:\WINDOWS\ie7\mshtml.dll
+ 2007-08-22 16:27:30 3,085,824 -c----w C:\WINDOWS\ie7\mshtml.dll.000
+ 2007-08-22 12:57:28 449,024 -c----w C:\WINDOWS\ie7\mshtmled.dll
+ 2004-08-19 15:08:28 57,344 -c----w C:\WINDOWS\ie7\mshtmler.dll
+ 2001-08-24 12:00:00 146,432 -c----w C:\WINDOWS\ie7\msls31.dll
+ 2007-08-22 12:57:28 146,432 -c----w C:\WINDOWS\ie7\msrating.dll
+ 2007-08-22 12:57:28 532,480 -c----w C:\WINDOWS\ie7\mstime.dll
+ 2004-08-19 15:09:38 147,968 -c----w C:\WINDOWS\ie7\occache.dll
+ 2007-08-22 12:57:28 39,424 -c----w C:\WINDOWS\ie7\pngfilt.dll
+ 2007-09-26 17:34:42 33,472 -c----w C:\WINDOWS\ie7\spuninst\iecustom.dll
+ 2007-09-26 17:32:30 66,048 -c--a-w C:\WINDOWS\ie7\spuninst\ieResetIcons.exe
+ 2006-09-06 16:43:28 216,800 -c----w C:\WINDOWS\ie7\spuninst\spuninst.exe
+ 2006-09-06 16:43:30 394,976 -c----w C:\WINDOWS\ie7\spuninst\updspapi.dll
+ 2004-08-19 15:09:48 59,392 -c----w C:\WINDOWS\ie7\url.dll
+ 2007-08-22 12:57:30 620,032 -c----w C:\WINDOWS\ie7\urlmon.dll
+ 2007-08-22 12:57:30 620,032 -c----w C:\WINDOWS\ie7\urlmon.dll.000
+ 2004-08-19 15:09:48 417,792 -c----w C:\WINDOWS\ie7\vbscript.dll
+ 2007-06-26 13:56:54 851,968 -c----w C:\WINDOWS\ie7\vgx.dll
+ 2004-08-19 15:09:48 442,880 -c----w C:\WINDOWS\ie7\webcheck.dll
+ 2007-08-22 12:57:30 669,696 -c----w C:\WINDOWS\ie7\wininet.dll
+ 2007-08-22 12:57:30 669,696 -c----w C:\WINDOWS\ie7\wininet.dll.000
+ 2007-08-13 17:39:00 123,904 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\advpack.dll
+ 2007-08-13 17:35:38 214,528 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\dxtrans.dll
+ 2007-08-13 17:54:10 131,584 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\extmgr.dll
+ 2007-08-13 17:36:26 61,952 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\icardie.dll
+ 2007-08-13 17:39:06 54,784 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ie4uinit.exe
+ 2007-08-13 17:39:26 152,064 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakeng.dll
+ 2007-08-13 17:39:54 229,376 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieaksie.dll
+ 2007-08-13 16:56:54 161,792 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakui.dll
+ 2007-02-12 15:10:12 2,451,312 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dat
+ 2007-07-11 11:27:48 383,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dll
+ 2007-08-13 17:39:50 382,976 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iedkcs32.dll
+ 2007-08-13 17:54:10 6,049,280 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieframe.dll
+ 2007-08-13 17:39:10 43,008 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iernonce.dll
+ 2007-08-13 17:34:04 266,752 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iertutil.dll
+ 2007-08-13 17:39:10 13,312 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieudinit.exe
+ 2007-08-13 17:43:56 622,080 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe
+ 2007-08-13 17:54:10 27,136 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\jsproxy.dll
+ 2007-08-13 17:54:10 458,752 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeeds.dll
+ 2007-08-13 17:54:10 50,688 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeedsbs.dll
+ 2007-08-13 17:54:12 3,578,368 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtml.dll
+ 2007-08-13 17:54:12 3,578,368 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtml.dll.000
+ 2007-08-13 17:54:10 475,648 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtmled.dll
+ 2007-08-13 17:44:26 192,000 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msrating.dll
+ 2007-08-13 17:54:10 670,720 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mstime.dll
+ 2007-08-13 17:44:06 101,376 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\occache.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe
+ 2007-06-30 20:24:42 394,976 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\updspapi.dll
+ 2007-08-13 17:44:30 105,984 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\url.dll
+ 2007-08-13 17:54:10 1,162,240 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\urlmon.dll
+ 2007-08-13 17:54:10 1,162,240 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\urlmon.dll.000
+ 2007-08-13 17:54:10 231,424 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\webcheck.dll
+ 2007-08-13 17:54:10 818,688 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
+ 2007-08-13 17:54:10 818,688 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll.000
+ 2007-10-10 23:49:42 124,928 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\advpack.dll
+ 2007-10-10 23:49:42 124,928 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\advpack.dll.000
+ 2007-08-13 17:35:46 346,624 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\dxtmsft.dll
+ 2007-10-10 23:49:42 214,528 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\dxtrans.dll
+ 2007-10-10 23:49:42 132,608 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\extmgr.dll
+ 2007-10-10 23:49:42 63,488 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\icardie.dll
+ 2007-10-10 23:49:42 63,488 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\icardie.dll.000
+ 2007-10-10 11:00:41 70,656 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ie4uinit.exe
+ 2007-10-10 23:49:42 153,088 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieakeng.dll
+ 2007-10-10 23:49:42 230,400 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieaksie.dll
+ 2007-10-10 05:46:55 161,792 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieakui.dll
+ 2007-07-01 03:31:33 2,455,488 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieapfltr.dat
+ 2007-10-10 23:49:42 383,488 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieapfltr.dll
+ 2007-10-10 23:49:42 383,488 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieapfltr.dll.000
+ 2007-10-10 23:49:42 384,512 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iedkcs32.dll
+ 2007-10-10 23:49:43 6,065,664 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieframe.dll
+ 2007-10-10 23:49:43 6,065,664 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieframe.dll.000
+ 2007-10-10 23:49:43 44,544 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iernonce.dll
+ 2007-10-10 23:49:43 267,776 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iertutil.dll
+ 2007-10-10 23:49:43 267,776 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iertutil.dll.000
+ 2007-10-10 10:59:40 13,824 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieudinit.exe
+ 2007-10-10 11:00:59 625,152 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iexplore.exe
+ 2007-10-10 23:49:44 27,648 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\jsproxy.dll
+ 2007-10-10 23:49:44 459,264 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msfeeds.dll
+ 2007-10-10 23:49:44 459,264 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msfeeds.dll.000
+ 2007-10-10 23:49:44 52,224 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msfeedsbs.dll
+ 2007-10-10 23:49:44 52,224 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msfeedsbs.dll.000
+ 2007-10-31 03:53:50 3,590,656 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mshtml.dll
+ 2007-10-31 03:53:50 3,590,656 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mshtml.dll.000
+ 2007-10-10 23:49:44 478,208 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mshtmled.dll
+ 2007-10-10 23:49:44 193,024 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msrating.dll
+ 2007-10-10 23:49:45 671,232 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mstime.dll
+ 2007-10-10 23:49:45 102,400 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\occache.dll
+ 2007-08-13 17:36:12 44,544 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\updspapi.dll
+ 2007-10-10 23:49:45 105,984 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\url.dll
+ 2007-10-10 23:49:45 105,984 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\url.dll.000
+ 2007-10-10 23:49:45 1,159,680 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\urlmon.dll
+ 2007-10-10 23:49:45 1,159,680 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\urlmon.dll.000
+ 2007-10-10 23:49:45 232,960 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\webcheck.dll
+ 2007-10-10 23:49:45 232,960 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\webcheck.dll.000
+ 2007-10-10 23:49:45 824,832 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\wininet.dll
+ 2007-10-10 23:49:45 824,832 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\wininet.dll.000
+ 2006-06-02 19:32:20 33,792 ------w C:\WINDOWS\network diagnostic\custsat.dll
+ 2006-10-10 12:44:50 557,568 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe
- 2004-08-19 15:09:20 61,440 ----a-w C:\WINDOWS\system32\admparse.dll
+ 2007-08-13 17:39:20 71,680 ----a-w C:\WINDOWS\system32\admparse.dll
- 2004-08-19 15:09:20 101,888 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2007-12-07 02:08:32 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2007-08-22 13:13:05 1,021,440 ----a-w C:\WINDOWS\system32\browseui.dll
+ 2007-08-22 12:57:25 1,023,488 ----a-w C:\WINDOWS\system32\browseui.dll
- 2007-08-22 13:13:05 152,064 ----a-w C:\WINDOWS\system32\cdfview.dll
+ 2007-08-22 12:57:25 152,064 ----a-w C:\WINDOWS\system32\cdfview.dll
+ 2008-03-20 16:56:18 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\NtUser.dat
- 2007-08-22 13:13:05 1,056,768 ----a-w C:\WINDOWS\system32\danim.dll
+ 2007-08-22 12:57:26 1,056,768 ----a-w C:\WINDOWS\system32\danim.dll
- 2004-08-19 15:09:20 61,440 -c--a-w C:\WINDOWS\system32\dllcache\admparse.dll
+ 2007-08-13 17:39:20 71,680 -c--a-w C:\WINDOWS\system32\dllcache\admparse.dll
- 2004-08-19 15:09:20 101,888 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2007-12-07 02:08:32 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
- 2007-08-22 13:13:05 1,021,440 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
+ 2007-08-22 12:57:25 1,023,488 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
- 2007-08-22 13:13:05 152,064 -c----w C:\WINDOWS\system32\dllcache\cdfview.dll
+ 2007-08-22 12:57:25 152,064 -c----w C:\WINDOWS\system32\dllcache\cdfview.dll
- 2006-03-09 11:48:56 28,672 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll
+ 2007-08-13 17:54:10 33,792 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll
- 2007-08-22 13:13:05 1,056,768 -c----w C:\WINDOWS\system32\dllcache\danim.dll
+ 2007-08-22 12:57:26 1,056,768 -c----w C:\WINDOWS\system32\dllcache\danim.dll
- 2007-08-22 13:13:05 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2007-12-19 22:53:23 347,136 -c----w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2007-08-22 13:13:05 205,312 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2007-12-07 02:08:32 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2007-08-22 13:13:05 55,808 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2007-12-07 02:08:32 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2004-08-19 15:09:28 38,912 -c--a-w C:\WINDOWS\system32\dllcache\hmmapi.dll
+ 2007-08-13 17:18:02 60,416 -c--a-w C:\WINDOWS\system32\dllcache\hmmapi.dll
- 2004-08-19 15:09:56 34,304 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2007-12-06 11:02:31 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2004-08-19 15:09:28 139,264 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2007-12-07 02:08:32 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2004-08-19 15:09:28 221,696 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2007-12-07 02:08:32 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2001-08-24 12:00:00 245,760 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2007-12-06 04:59:51 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2004-08-19 15:09:28 323,584 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2007-12-07 02:08:32 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2007-08-21 10:30:45 18,432 -c----w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2007-08-13 17:44:02 69,120 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
- 2004-08-19 15:09:28 81,920 -c--a-w C:\WINDOWS\system32\dllcache\ieencode.dll
+ 2007-08-13 17:45:18 78,336 -c--a-w C:\WINDOWS\system32\dllcache\ieencode.dll
- 2007-08-22 13:13:05 251,392 -c----w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2007-08-13 17:54:10 191,488 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
- 2004-08-19 15:09:28 49,152 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2007-12-07 02:08:33 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2004-08-19 15:09:28 63,488 -c--a-w C:\WINDOWS\system32\dllcache\iesetup.dll
+ 2007-08-13 17:39:12 55,296 -c--a-w C:\WINDOWS\system32\dllcache\iesetup.dll
- 2004-08-19 15:09:56 832,512 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2007-12-06 11:03:16 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2004-08-19 15:09:30 35,840 -c--a-w C:\WINDOWS\system32\dllcache\imgutil.dll
+ 2007-08-13 17:36:06 36,352 -c--a-w C:\WINDOWS\system32\dllcache\imgutil.dll
- 2007-08-22 13:13:06 96,768 -c----w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2007-08-13 17:39:02 92,672 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
- 2006-05-18 05:31:21 450,560 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2007-08-13 17:38:04 491,520 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
- 2007-08-22 13:13:06 16,384 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2007-12-07 02:08:33 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2004-08-19 15:09:32 22,528 -c--a-w C:\WINDOWS\system32\dllcache\licmgr10.dll
+ 2007-08-13 17:44:18 40,960 -c--a-w C:\WINDOWS\system32\dllcache\licmgr10.dll
- 2004-08-19 15:10:00 29,184 -c--a-w C:\WINDOWS\system32\dllcache\mshta.exe
+ 2007-08-13 17:32:30 45,568 -c--a-w C:\WINDOWS\system32\dllcache\mshta.exe
- 2007-08-22 13:13:07 3,520,512 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2007-12-08 09:38:36 3,592,192 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-08-22 13:13:07 449,024 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2007-12-07 02:08:34 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2004-08-19 15:08:28 57,344 -c--a-w C:\WINDOWS\system32\dllcache\mshtmler.dll
+ 2007-08-13 17:01:12 48,128 -c--a-w C:\WINDOWS\system32\dllcache\mshtmler.dll
- 2001-08-24 12:00:00 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll
+ 2007-08-13 17:54:10 156,160 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll
- 2007-08-22 13:13:07 146,432 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2007-12-07 02:08:34 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
- 2007-08-22 13:13:07 532,480 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2007-12-07 02:08:34 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
- 2004-08-19 15:09:38 147,968 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
+ 2007-12-07 02:08:34 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
- 2007-08-22 13:13:07 39,424 -c----w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-01-11 05:36:55 44,544 -c----w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2007-08-22 13:13:08 1,774,080 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
+ 2007-08-22 12:57:29 1,498,624 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
- 2007-08-22 13:13:08 499,200 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
+ 2007-08-22 12:57:30 474,624 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
- 2004-08-19 15:09:48 59,392 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
+ 2007-12-07 02:08:34 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
- 2007-08-22 13:13:08 691,200 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2007-12-07 02:08:34 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2004-08-19 15:09:48 417,792 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2007-08-13 17:54:10 413,696 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
- 2007-06-26 13:56:54 851,968 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll
+ 2007-08-13 17:54:10 765,952 -c--a-w C:\WINDOWS\system32\dllcache\VGX.dll
- 2004-08-19 15:09:48 442,880 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2007-12-07 02:08:34 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2007-08-22 13:13:08 697,344 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2007-12-07 02:08:34 824,832 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2007-08-09 12:04:11 40,768 ----a-w C:\WINDOWS\system32\drivers\avgntdd.sys
+ 2007-07-18 13:22:19 21,312 ----a-w C:\WINDOWS\system32\drivers\avgntmgr.sys
+ 2008-03-24 19:54:55 61,632 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys
+ 2007-03-01 09:34:36 28,352 ----a-w C:\WINDOWS\system32\drivers\ssmdrv.sys
- 2007-08-22 13:13:05 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2007-12-19 22:53:23 347,136 ------w C:\WINDOWS\system32\dxtmsft.dll
- 2007-08-22 13:13:05 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2007-12-07 02:08:32 214,528 ------w C:\WINDOWS\system32\dxtrans.dll
- 2007-08-22 13:13:05 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2007-12-07 02:08:32 133,120 ------w C:\WINDOWS\system32\extmgr.dll
+ 2007-12-07 02:08:32 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2006-06-29 07:05:44 26,112 ------w C:\WINDOWS\system32\idndl.dll
- 2004-08-19 15:09:56 34,304 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2007-12-06 11:02:31 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
- 2004-08-19 15:09:28 139,264 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2007-12-07 02:08:32 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
- 2004-08-19 15:09:28 221,696 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2007-12-07 02:08:32 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
- 2001-08-24 12:00:00 245,760 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2007-12-06 04:59:51 161,792 ------w C:\WINDOWS\system32\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\system32\ieapfltr.dat
+ 2007-12-07 02:08:32 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2004-08-19 15:09:28 323,584 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2007-12-07 02:08:32 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
- 2004-08-19 15:09:28 81,920 ----a-w C:\WINDOWS\system32\ieencode.dll
+ 2007-08-13 17:45:18 78,336 ----a-w C:\WINDOWS\system32\ieencode.dll
+ 2007-12-07 02:08:33 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2007-08-22 13:13:05 251,392 ----a-w C:\WINDOWS\system32\iepeers.dll
+ 2007-08-13 17:54:10 191,488 ----a-w C:\WINDOWS\system32\iepeers.dll
- 2004-08-19 15:09:28 49,152 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2007-12-07 02:08:33 44,544 ------w C:\WINDOWS\system32\iernonce.dll
+ 2007-12-07 02:08:33 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2004-08-19 15:09:28 63,488 ----a-w C:\WINDOWS\system32\iesetup.dll
+ 2007-08-13 17:39:12 55,296 ----a-w C:\WINDOWS\system32\iesetup.dll
+ 2007-12-06 11:00:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2007-08-13 17:54:10 180,736 ------w C:\WINDOWS\system32\ieui.dll
- 2004-08-19 15:09:30 35,840 ----a-w C:\WINDOWS\system32\imgutil.dll
+ 2007-08-13 17:36:06 36,352 ----a-w C:\WINDOWS\system32\imgutil.dll
- 2007-08-22 13:13:06 96,768 ----a-w C:\WINDOWS\system32\inseng.dll
+ 2007-08-13 17:39:02 92,672 ----a-w C:\WINDOWS\system32\inseng.dll
- 2006-05-18 05:31:21 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2007-08-13 17:38:04 491,520 ----a-w C:\WINDOWS\system32\jscript.dll
- 2007-08-22 13:13:06 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2007-12-07 02:08:33 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
- 2004-08-19 15:09:32 22,528 ----a-w C:\WINDOWS\system32\licmgr10.dll
+ 2007-08-13 17:44:18 40,960 ----a-w C:\WINDOWS\system32\licmgr10.dll
+ 2007-12-07 02:08:33 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2007-12-07 02:08:33 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2007-08-13 17:36:40 12,288 ------w C:\WINDOWS\system32\msfeedssync.exe
- 2004-08-19 15:10:00 29,184 ----a-w C:\WINDOWS\system32\mshta.exe
+ 2007-08-13 17:32:30 45,568 ----a-w C:\WINDOWS\system32\mshta.exe
- 2007-08-22 13:13:07 3,520,512 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2007-12-08 09:38:36 3,592,192 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2007-08-22 13:13:07 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2007-12-07 02:08:34 478,208 ------w C:\WINDOWS\system32\mshtmled.dll
- 2004-08-19 15:08:28 57,344 ----a-w C:\WINDOWS\system32\mshtmler.dll
+ 2007-08-13 17:01:12 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll
- 2001-08-24 12:00:00 146,432 ----a-w C:\WINDOWS\system32\msls31.dll
+ 2007-08-13 17:54:10 156,160 ----a-w C:\WINDOWS\system32\msls31.dll
- 2007-08-22 13:13:07 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2007-12-07 02:08:34 193,024 ------w C:\WINDOWS\system32\msrating.dll
- 2007-08-22 13:13:07 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2007-12-07 02:08:34 671,232 ------w C:\WINDOWS\system32\mstime.dll
+ 2006-06-28 16:59:26 24,576 ------w C:\WINDOWS\system32\nlsdl.dll
+ 2006-06-29 07:05:44 23,552 ------w C:\WINDOWS\system32\normaliz.dll
- 2004-08-19 15:09:38 147,968 ----a-w C:\WINDOWS\system32\occache.dll
+ 2007-12-07 02:08:34 102,912 ------w C:\WINDOWS\system32\occache.dll
- 2007-08-22 13:13:07 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-01-11 05:36:55 44,544 ------w C:\WINDOWS\system32\pngfilt.dll
- 2007-08-22 13:13:08 1,774,080 ----a-w C:\WINDOWS\system32\shdocvw.dll
+ 2007-08-22 12:57:29 1,498,624 ----a-w C:\WINDOWS\system32\shdocvw.dll
- 2007-08-22 13:13:08 499,200 ----a-w C:\WINDOWS\system32\shlwapi.dll
+ 2007-08-22 12:57:30 474,624 ----a-w C:\WINDOWS\system32\shlwapi.dll
- 2004-08-19 15:09:48 59,392 ----a-w C:\WINDOWS\system32\url.dll
+ 2007-12-07 02:08:34 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2007-08-22 13:13:08 691,200 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2007-12-07 02:08:34 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2004-08-19 15:09:48 417,792 ----a-w C:\WINDOWS\system32\vbscript.dll
+ 2007-08-13 17:54:10 413,696 ----a-w C:\WINDOWS\system32\vbscript.dll
- 2004-08-19 15:09:48 442,880 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2007-12-07 02:08:34 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2007-08-13 17:45:16 206,336 ------w C:\WINDOWS\system32\WinFXDocObj.exe
- 2007-08-22 13:13:08 697,344 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2007-12-07 02:08:34 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2006-07-14 15:51:51 121,856 ------w C:\WINDOWS\system32\xmllite.dll
- 2007-08-21 14:23:26 121,856 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2007-08-21 14:20:52 369,152 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2008-03-24 19:39:09 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_670.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-13 15:13 68856]
"NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-04-04 13:20 81920]
"TopDesk"="C:\Program Files\TopDesk\topdesk.exe" [2007-06-20 09:21 1912832]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [ ]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59 204288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 14:34 868352]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\smax4.exe" [2006-07-13 06:12 729088]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"DAEMON Tools-1033"="C:\Program Files\D-Tools\daemon.exe" [2003-10-02 01:20 81920]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-27 16:43 185632]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-13 14:49 49152]
"AsusStartupHelp"="C:\Program Files\ASUS\AASP\1.00.24\AsRunHelp.exe" [2006-12-29 02:54 363008]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-12 16:44 8429568]
"nwiz"="nwiz.exe" [2007-04-12 16:44 1626112 C:\WINDOWS\system32\nwiz.exe]
"SW20"="C:\WINDOWS\system32\sw20.exe" [2006-12-15 03:58 208896]
"SW24"="C:\WINDOWS\system32\sw24.exe" [2006-12-15 03:58 69632]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-04-12 16:44 81920]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-12-11 10:56 286720]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 23:24 620152]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-03-24 20:54 249896]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nlsf"="cmd.exe" [2004-08-19 16:09 428032 C:\WINDOWS\system32\cmd.exe]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-19 15:52 44544]
C:\Documents and Settings\Mily&Nico\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 21:57:56 393216]
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 23:05:02 630784]
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 20:41:18 65536]
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 08:43:08 180224]
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-05-21 08:43:14 155648]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe [2008-03-08 15:32:14 295606]
Adobe Acrobat Synchronizer.lnk - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 00:01:50 734872]
DualCoreCenter.lnk - C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe [2007-09-11 15:59:45 192512]
D‚marrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2004-11-04 18:50:52 53248]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-04 18:28:24 258048]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 20:05:26 29696]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
"NoStrCmpLogical"= 0 (0x0)
"NoInstrumentation"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="LogonUI.EXE"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"DisablePagingExecutive"=dword:00000001
"SecondLevelDataCache"=dword:00000200
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8874:TCP"= 8874:TCP:LimeWire
"8874:UDP"= 8874:UDP:LimeWire
"6346:TCP"= 6346:TCP:LimeWire
"6346:UDP"= 6346:UDP:LimeWire
R0 pnpshark;pnpshark;C:\WINDOWS\system32\DRIVERS\pnpshark.sys [2003-10-02 02:16]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys [2005-10-13 14:46]
R0 st3shark;st3shark;C:\WINDOWS\system32\DRIVERS\st3shark.sys [2003-09-27 13:37]
R3 DigiCellDriver;DigiCellDriver;C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys [2006-10-05 14:32]
S3 FT8591;FT8591 Filter;C:\WINDOWS\system32\DRIVERS\FT8591.sys []
S3 rtl8180;Belkin 11Mbps Wireless Desktop Network Card Driver;C:\WINDOWS\system32\DRIVERS\Bel6001.sys []
S3 SetupNTGLM7X;SetupNTGLM7X;E:\NTGLM7X.sys []
S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-03 23:04]
*Newly Created Service* - ANTIVIRSCHEDULER
*Newly Created Service* - ANTIVIRSERVICE
*Newly Created Service* - AVGIO
*Newly Created Service* - AVGNTFLT
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe"
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-04 07:36:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-03-24 19:00:00 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
- C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
"2008-03-19 19:07:00 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
"2008-03-09 19:07:08 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-24 21:18:43
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-03-24 21:18:58
ComboFix-quarantined-files.txt 2008-03-24 20:18:56
ComboFix2.txt 2008-03-20 16:01:11
ComboFix3.txt 2008-03-20 15:03:14
ComboFix 08-03-18.1 - Mily&Nico 2008-03-24 21:17:11.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1422 [GMT 1:00]
Endroit: C:\Documents and Settings\Mily&Nico\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Mily&Nico\Bureau\CFScript.txt
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
FILE ::
C:\WINDOWS\system32\winsys2.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\winsys2.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2008-02-24 to 2008-03-24 ))))))))))))))))))))))))))))))))))))
.
2008-03-24 20:53 . 2008-03-24 20:53 <REP> d-------- C:\Program Files\Avira
2008-03-24 20:49 . 2008-03-24 20:52 <REP> d-------- C:\Documents and Settings\Mily&Nico\quarantaine
2008-03-20 23:04 . 2008-03-20 23:15 <REP> d-------- C:\Downloads
2008-03-20 23:04 . 2008-03-20 23:12 <REP> d-------- C:\Documents and Settings\Mily&Nico\Application Data\Orbit
2008-03-20 18:19 . 2008-03-24 20:53 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-03-20 17:59 . 2008-03-20 17:59 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-03-20 17:55 . 2007-12-07 03:08 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-03-20 17:55 . 2007-07-01 04:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-03-20 17:55 . 2007-07-01 04:36 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-03-20 17:55 . 2007-12-07 03:08 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-03-20 17:55 . 2007-12-07 03:08 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-03-20 17:55 . 2007-12-07 03:08 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-03-20 17:55 . 2007-12-07 03:08 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-03-20 17:55 . 2007-12-07 03:08 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-03-20 17:55 . 2007-12-06 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-03-20 16:57 . 2008-03-20 16:57 268 --ah----- C:\sqmdata03.sqm
2008-03-20 16:57 . 2008-03-20 16:57 244 --ah----- C:\sqmnoopt03.sqm
2008-03-14 22:44 . 2008-03-15 00:40 <REP> d-------- C:\Program Files\Alice
2008-03-14 20:43 . 2006-08-18 10:30 446,464 --a------ C:\WINDOWS\system32\CapabilityTable.exe
2008-03-14 19:01 . 2008-03-14 19:01 <REP> d-------- C:\Program Files\GordianKnot
2008-03-14 19:01 . 2008-03-14 19:01 <REP> d-------- C:\Program Files\DivXCodec
2008-03-14 19:01 . 2008-03-14 19:01 414,272 --a------ C:\WINDOWS\system32\DivXc32f.dll
2008-03-14 19:01 . 2008-03-14 19:01 414,272 --a------ C:\WINDOWS\system32\DivXc32.dll
2008-03-14 19:01 . 2008-03-14 19:01 291,408 --a------ C:\WINDOWS\system32\DivXa32.acm
2008-03-14 19:01 . 2008-03-14 19:01 240,400 --a------ C:\WINDOWS\system32\DivX_c32.ax
2008-03-14 19:01 . 2008-03-14 19:01 196,608 --a------ C:\WINDOWS\system32\avisynth.dll
2008-03-14 19:01 . 2008-03-14 19:01 33,280 --a------ C:\WINDOWS\system32\HUFFYUV.DLL
2008-03-14 16:05 . 2008-03-14 17:12 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb
2008-03-14 16:05 . 2008-03-14 17:12 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb
2008-03-09 20:05 . 2008-03-09 21:29 <REP> d-------- C:\Documents and Settings\Mily&Nico\Application Data\Uniblue
2008-03-09 18:54 . 2008-03-09 18:54 <REP> d--h----- C:\WINDOWS\PIF
2008-03-08 23:16 . 2008-03-20 16:09 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-08 23:16 . 2008-03-08 23:16 37,888 --a------ C:\WINDOWS\system32\rar.exe
2008-03-08 22:40 . 2008-03-08 22:40 <REP> d-------- C:\Program Files\Total Uninstall 4
2008-03-08 22:40 . 2008-03-08 22:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Martau
2008-03-08 15:32 . 2008-03-08 15:32 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
2008-03-08 15:32 . 2008-03-08 15:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-03-08 14:04 . 2008-03-08 14:05 244,224 --a------ C:\facture sfr.doc
2008-03-08 14:03 . 2008-03-08 14:03 <REP> d-------- C:\Documents and Settings\All Users\Application Data\GIRDAC
2008-02-27 18:40 . 2008-03-09 18:54 <REP> d-------- C:\Documents and Settings\Mily&Nico\Application Data\SoundSpectrum
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-24 19:38 --------- d-----w C:\Documents and Settings\Mily&Nico\Application Data\OpenOffice.org2
2008-03-24 19:11 --------- d-----w C:\Program Files\eChanblard
2008-03-20 17:29 --------- d-----w C:\Documents and Settings\Mily&Nico\Application Data\Command & Conquer 3 Les guerres du Tiberium
2008-03-14 21:47 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-14 19:43 --------- d-----w C:\Program Files\NVIDIA Corporation
2008-03-09 20:32 --------- d-----w C:\Program Files\Micro Application
2008-03-09 14:56 --------- d-----w C:\Documents and Settings\Mily&Nico\Application Data\Hamachi
2008-03-08 19:18 --------- d-----w C:\Program Files\Java
2008-03-08 14:33 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-18 20:24 --------- d-----w C:\Program Files\Electronic Arts
2008-02-18 18:51 --------- d-----w C:\Program Files\VideoLAN
2008-02-18 18:51 --------- d-----w C:\Documents and Settings\Mily&Nico\Application Data\vlc
2008-02-16 14:46 --------- d-----w C:\Program Files\DivX
2008-02-12 19:07 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-02-10 23:16 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-02-10 14:05 --------- d-----w C:\Program Files\Kylotonn Entertainment
2008-02-05 16:18 669,184 ----a-w C:\WINDOWS\system32\pbsvc.exe
2008-02-05 16:18 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-02-05 16:18 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-02-05 16:18 22,328 ----a-w C:\Documents and Settings\Mily&Nico\Application Data\PnkBstrK.sys
2008-02-05 16:18 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-02-04 10:44 --------- d-----w C:\Program Files\Windows Live
2008-02-04 10:43 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-02-04 10:42 --------- d-----w C:\Program Files\MSN Messenger
2008-02-04 10:41 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-02-04 10:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-04 10:38 2,402,832 ----a-w C:\Program Files\WLinstaller.exe
2008-02-03 15:06 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-02-02 22:39 --------- d-----w C:\Documents and Settings\Mily&Nico\Application Data\Software4u
2008-02-02 22:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\Software4u
2008-02-02 22:24 --------- d-----w C:\Program Files\Bethesda Softworks
2008-02-02 22:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-31 20:34 --------- d-----w C:\Program Files\PFConfig
2008-01-30 15:41 25,280 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2008-01-30 15:39 --------- d-----w C:\Program Files\Hamachi
2008-01-29 18:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony
2008-01-04 21:59 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-01-04 21:58 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-01-04 21:58 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-01-04 21:58 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2008-01-04 21:58 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2008-01-04 21:58 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2008-01-04 21:58 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-01-04 21:57 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-01-04 21:57 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-01-04 21:57 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-01-04 21:57 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-01-04 21:57 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-01-04 21:57 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2008-01-04 21:57 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-01-04 21:57 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2008-01-04 21:57 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2008-01-04 21:57 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2008-01-04 21:57 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2008-01-04 21:56 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-01-04 21:56 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2007-11-01 13:55 76 ---ha-w C:\Program Files\Desktop.ini
2002-03-11 09:06 1,822,520 ----a-w C:\Program Files\instmsiw.exe
2002-03-11 08:45 1,708,856 ----a-w C:\Program Files\instmsia.exe
.
------- Sigcheck -------
2007-06-13 14:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\explorer.exe
2007-06-13 14:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2004-08-19 16:09 1036288 2a7bd330924252a2fd80344fc949bb72 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 14:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((( snapshot@2008-03-20_16.03.06,67 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-06-14 18:10:02 1,024,000 -c----w C:\WINDOWS\$NtUninstallKB939653$\browseui.dll
- 2007-06-14 18:10:02 152,064 -c----w C:\WINDOWS\$NtUninstallKB939653$\cdfview.dll
- 2007-06-14 18:10:02 1,056,768 -c----w C:\WINDOWS\$NtUninstallKB939653$\danim.dll
- 2007-06-14 18:10:02 357,888 -c----w C:\WINDOWS\$NtUninstallKB939653$\dxtmsft.dll
- 2007-06-14 18:10:02 205,312 -c----w C:\WINDOWS\$NtUninstallKB939653$\dxtrans.dll
- 2007-06-14 18:10:02 55,808 -c----w C:\WINDOWS\$NtUninstallKB939653$\extmgr.dll
- 2007-06-14 14:07:24 18,432 -c----w C:\WINDOWS\$NtUninstallKB939653$\iedw.exe
- 2007-06-14 18:10:02 251,392 -c----w C:\WINDOWS\$NtUninstallKB939653$\iepeers.dll
- 2007-06-14 18:10:02 96,768 -c----w C:\WINDOWS\$NtUninstallKB939653$\inseng.dll
- 2007-06-14 18:10:02 16,384 -c----w C:\WINDOWS\$NtUninstallKB939653$\jsproxy.dll
- 2007-06-14 09:10:04 3,079,680 -c----w C:\WINDOWS\$NtUninstallKB939653$\mshtml.dll
- 2007-06-14 18:10:03 449,024 -c----w C:\WINDOWS\$NtUninstallKB939653$\mshtmled.dll
- 2007-06-14 18:10:03 146,432 -c----w C:\WINDOWS\$NtUninstallKB939653$\msrating.dll
- 2007-06-14 18:10:04 532,480 -c----w C:\WINDOWS\$NtUninstallKB939653$\mstime.dll
- 2007-06-14 18:10:04 39,424 -c----w C:\WINDOWS\$NtUninstallKB939653$\pngfilt.dll
- 2007-06-14 18:10:04 1,495,040 -c----w C:\WINDOWS\$NtUninstallKB939653$\shdocvw.dll
- 2007-06-14 18:10:04 474,624 -c----w C:\WINDOWS\$NtUninstallKB939653$\shlwapi.dll
- 2007-06-14 18:10:05 617,472 -c----w C:\WINDOWS\$NtUninstallKB939653$\urlmon.dll
- 2007-06-26 14:12:55 663,040 -c----w C:\WINDOWS\$NtUninstallKB939653$\wininet.dll
- 2007-06-14 05:24:34 121,856 -c----w C:\WINDOWS\$NtUninstallKB939653$\xpsp3res.dll
+ 2007-06-14 18:10:02 1,024,000 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\browseui.dll
+ 2007-06-14 18:10:02 152,064 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\cdfview.dll
+ 2007-06-14 18:10:02 1,056,768 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\danim.dll
+ 2007-06-14 18:10:02 357,888 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\dxtmsft.dll
+ 2007-06-14 18:10:02 205,312 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\dxtrans.dll
+ 2007-06-14 18:10:02 55,808 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\extmgr.dll
+ 2007-06-14 14:07:24 18,432 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\iedw.exe
+ 2007-06-14 18:10:02 251,392 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\iepeers.dll
+ 2007-06-14 18:10:02 96,768 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\inseng.dll
+ 2007-06-14 18:10:02 16,384 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\jsproxy.dll
+ 2007-06-14 09:10:04 3,079,680 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\mshtml.dll
+ 2007-06-14 18:10:03 449,024 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\mshtmled.dll
+ 2007-06-14 18:10:03 146,432 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\msrating.dll
+ 2007-06-14 18:10:04 532,480 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\mstime.dll
+ 2007-06-14 18:10:04 39,424 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\pngfilt.dll
+ 2007-06-14 18:10:04 1,495,040 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\shdocvw.dll
+ 2007-06-14 18:10:04 474,624 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\shlwapi.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\spuninst\spuninst.exe
+ 2007-06-30 20:24:42 394,976 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\spuninst\updspapi.dll
+ 2007-06-14 18:10:05 617,472 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\urlmon.dll
+ 2007-06-26 14:12:55 663,040 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\wininet.dll
+ 2007-06-14 05:24:34 121,856 -c----w C:\WINDOWS\$NtUninstallKB939653_0$\xpsp3res.dll
+ 2000-08-31 07:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2004-08-19 15:09:20 61,440 -c----w C:\WINDOWS\ie7\admparse.dll
+ 2004-08-19 15:09:20 101,888 -c----w C:\WINDOWS\ie7\advpack.dll
+ 2004-08-19 15:09:22 35,328 -c----w C:\WINDOWS\ie7\corpol.dll
+ 2006-06-02 19:32:20 33,792 -c----w C:\WINDOWS\ie7\custsat.dll
+ 2007-08-22 12:57:26 357,888 -c----w C:\WINDOWS\ie7\dxtmsft.dll
+ 2007-08-22 12:57:26 205,824 -c----w C:\WINDOWS\ie7\dxtrans.dll
+ 2007-08-22 12:57:26 55,808 -c----w C:\WINDOWS\ie7\extmgr.dll
+ 2004-08-19 15:09:28 38,912 -c----w C:\WINDOWS\ie7\hmmapi.dll
+ 2004-08-19 15:09:56 34,304 -c----w C:\WINDOWS\ie7\ie4uinit.exe
+ 2004-08-19 15:09:28 139,264 -c----w C:\WINDOWS\ie7\ieakeng.dll
+ 2004-08-19 15:09:28 221,696 -c----w C:\WINDOWS\ie7\ieaksie.dll
+ 2001-08-24 12:00:00 245,760 -c----w C:\WINDOWS\ie7\ieakui.dll
+ 2004-08-19 15:09:28 323,584 -c----w C:\WINDOWS\ie7\iedkcs32.dll
+ 2007-08-21 10:19:39 18,432 -c----w C:\WINDOWS\ie7\iedw.exe
+ 2004-08-19 15:09:28 81,920 -c----w C:\WINDOWS\ie7\ieencode.dll
+ 2007-08-22 12:57:26 251,904 -c----w C:\WINDOWS\ie7\iepeers.dll
+ 2004-08-19 15:09:28 49,152 -c----w C:\WINDOWS\ie7\iernonce.dll
+ 2004-08-19 15:09:28 63,488 -c----w C:\WINDOWS\ie7\iesetup.dll
+ 2004-08-19 15:09:56 832,512 -c----w C:\WINDOWS\ie7\iexplore.exe
+ 2004-08-19 15:09:30 35,840 -c----w C:\WINDOWS\ie7\imgutil.dll
+ 2007-08-22 12:57:26 96,768 -c----w C:\WINDOWS\ie7\inseng.dll
+ 2006-05-18 05:31:21 450,560 -c----w C:\WINDOWS\ie7\jscript.dll
+ 2007-08-22 12:57:26 16,384 -c----w C:\WINDOWS\ie7\jsproxy.dll
+ 2004-08-19 15:09:32 22,528 -c----w C:\WINDOWS\ie7\licmgr10.dll
+ 2004-08-19 15:10:00 29,184 -c----w C:\WINDOWS\ie7\mshta.exe
+ 2007-08-22 16:27:30 3,085,824 -c----w C:\WINDOWS\ie7\mshtml.dll
+ 2007-08-22 16:27:30 3,085,824 -c----w C:\WINDOWS\ie7\mshtml.dll.000
+ 2007-08-22 12:57:28 449,024 -c----w C:\WINDOWS\ie7\mshtmled.dll
+ 2004-08-19 15:08:28 57,344 -c----w C:\WINDOWS\ie7\mshtmler.dll
+ 2001-08-24 12:00:00 146,432 -c----w C:\WINDOWS\ie7\msls31.dll
+ 2007-08-22 12:57:28 146,432 -c----w C:\WINDOWS\ie7\msrating.dll
+ 2007-08-22 12:57:28 532,480 -c----w C:\WINDOWS\ie7\mstime.dll
+ 2004-08-19 15:09:38 147,968 -c----w C:\WINDOWS\ie7\occache.dll
+ 2007-08-22 12:57:28 39,424 -c----w C:\WINDOWS\ie7\pngfilt.dll
+ 2007-09-26 17:34:42 33,472 -c----w C:\WINDOWS\ie7\spuninst\iecustom.dll
+ 2007-09-26 17:32:30 66,048 -c--a-w C:\WINDOWS\ie7\spuninst\ieResetIcons.exe
+ 2006-09-06 16:43:28 216,800 -c----w C:\WINDOWS\ie7\spuninst\spuninst.exe
+ 2006-09-06 16:43:30 394,976 -c----w C:\WINDOWS\ie7\spuninst\updspapi.dll
+ 2004-08-19 15:09:48 59,392 -c----w C:\WINDOWS\ie7\url.dll
+ 2007-08-22 12:57:30 620,032 -c----w C:\WINDOWS\ie7\urlmon.dll
+ 2007-08-22 12:57:30 620,032 -c----w C:\WINDOWS\ie7\urlmon.dll.000
+ 2004-08-19 15:09:48 417,792 -c----w C:\WINDOWS\ie7\vbscript.dll
+ 2007-06-26 13:56:54 851,968 -c----w C:\WINDOWS\ie7\vgx.dll
+ 2004-08-19 15:09:48 442,880 -c----w C:\WINDOWS\ie7\webcheck.dll
+ 2007-08-22 12:57:30 669,696 -c----w C:\WINDOWS\ie7\wininet.dll
+ 2007-08-22 12:57:30 669,696 -c----w C:\WINDOWS\ie7\wininet.dll.000
+ 2007-08-13 17:39:00 123,904 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\advpack.dll
+ 2007-08-13 17:35:38 214,528 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\dxtrans.dll
+ 2007-08-13 17:54:10 131,584 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\extmgr.dll
+ 2007-08-13 17:36:26 61,952 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\icardie.dll
+ 2007-08-13 17:39:06 54,784 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ie4uinit.exe
+ 2007-08-13 17:39:26 152,064 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakeng.dll
+ 2007-08-13 17:39:54 229,376 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieaksie.dll
+ 2007-08-13 16:56:54 161,792 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakui.dll
+ 2007-02-12 15:10:12 2,451,312 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dat
+ 2007-07-11 11:27:48 383,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dll
+ 2007-08-13 17:39:50 382,976 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iedkcs32.dll
+ 2007-08-13 17:54:10 6,049,280 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieframe.dll
+ 2007-08-13 17:39:10 43,008 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iernonce.dll
+ 2007-08-13 17:34:04 266,752 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iertutil.dll
+ 2007-08-13 17:39:10 13,312 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieudinit.exe
+ 2007-08-13 17:43:56 622,080 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe
+ 2007-08-13 17:54:10 27,136 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\jsproxy.dll
+ 2007-08-13 17:54:10 458,752 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeeds.dll
+ 2007-08-13 17:54:10 50,688 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeedsbs.dll
+ 2007-08-13 17:54:12 3,578,368 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtml.dll
+ 2007-08-13 17:54:12 3,578,368 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtml.dll.000
+ 2007-08-13 17:54:10 475,648 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtmled.dll
+ 2007-08-13 17:44:26 192,000 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msrating.dll
+ 2007-08-13 17:54:10 670,720 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mstime.dll
+ 2007-08-13 17:44:06 101,376 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\occache.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe
+ 2007-06-30 20:24:42 394,976 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\updspapi.dll
+ 2007-08-13 17:44:30 105,984 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\url.dll
+ 2007-08-13 17:54:10 1,162,240 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\urlmon.dll
+ 2007-08-13 17:54:10 1,162,240 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\urlmon.dll.000
+ 2007-08-13 17:54:10 231,424 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\webcheck.dll
+ 2007-08-13 17:54:10 818,688 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
+ 2007-08-13 17:54:10 818,688 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll.000
+ 2007-10-10 23:49:42 124,928 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\advpack.dll
+ 2007-10-10 23:49:42 124,928 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\advpack.dll.000
+ 2007-08-13 17:35:46 346,624 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\dxtmsft.dll
+ 2007-10-10 23:49:42 214,528 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\dxtrans.dll
+ 2007-10-10 23:49:42 132,608 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\extmgr.dll
+ 2007-10-10 23:49:42 63,488 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\icardie.dll
+ 2007-10-10 23:49:42 63,488 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\icardie.dll.000
+ 2007-10-10 11:00:41 70,656 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ie4uinit.exe
+ 2007-10-10 23:49:42 153,088 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieakeng.dll
+ 2007-10-10 23:49:42 230,400 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieaksie.dll
+ 2007-10-10 05:46:55 161,792 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieakui.dll
+ 2007-07-01 03:31:33 2,455,488 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieapfltr.dat
+ 2007-10-10 23:49:42 383,488 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieapfltr.dll
+ 2007-10-10 23:49:42 383,488 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieapfltr.dll.000
+ 2007-10-10 23:49:42 384,512 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iedkcs32.dll
+ 2007-10-10 23:49:43 6,065,664 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieframe.dll
+ 2007-10-10 23:49:43 6,065,664 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieframe.dll.000
+ 2007-10-10 23:49:43 44,544 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iernonce.dll
+ 2007-10-10 23:49:43 267,776 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iertutil.dll
+ 2007-10-10 23:49:43 267,776 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iertutil.dll.000
+ 2007-10-10 10:59:40 13,824 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieudinit.exe
+ 2007-10-10 11:00:59 625,152 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iexplore.exe
+ 2007-10-10 23:49:44 27,648 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\jsproxy.dll
+ 2007-10-10 23:49:44 459,264 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msfeeds.dll
+ 2007-10-10 23:49:44 459,264 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msfeeds.dll.000
+ 2007-10-10 23:49:44 52,224 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msfeedsbs.dll
+ 2007-10-10 23:49:44 52,224 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msfeedsbs.dll.000
+ 2007-10-31 03:53:50 3,590,656 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mshtml.dll
+ 2007-10-31 03:53:50 3,590,656 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mshtml.dll.000
+ 2007-10-10 23:49:44 478,208 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mshtmled.dll
+ 2007-10-10 23:49:44 193,024 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msrating.dll
+ 2007-10-10 23:49:45 671,232 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mstime.dll
+ 2007-10-10 23:49:45 102,400 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\occache.dll
+ 2007-08-13 17:36:12 44,544 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\updspapi.dll
+ 2007-10-10 23:49:45 105,984 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\url.dll
+ 2007-10-10 23:49:45 105,984 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\url.dll.000
+ 2007-10-10 23:49:45 1,159,680 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\urlmon.dll
+ 2007-10-10 23:49:45 1,159,680 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\urlmon.dll.000
+ 2007-10-10 23:49:45 232,960 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\webcheck.dll
+ 2007-10-10 23:49:45 232,960 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\webcheck.dll.000
+ 2007-10-10 23:49:45 824,832 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\wininet.dll
+ 2007-10-10 23:49:45 824,832 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\wininet.dll.000
+ 2006-06-02 19:32:20 33,792 ------w C:\WINDOWS\network diagnostic\custsat.dll
+ 2006-10-10 12:44:50 557,568 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe
- 2004-08-19 15:09:20 61,440 ----a-w C:\WINDOWS\system32\admparse.dll
+ 2007-08-13 17:39:20 71,680 ----a-w C:\WINDOWS\system32\admparse.dll
- 2004-08-19 15:09:20 101,888 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2007-12-07 02:08:32 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2007-08-22 13:13:05 1,021,440 ----a-w C:\WINDOWS\system32\browseui.dll
+ 2007-08-22 12:57:25 1,023,488 ----a-w C:\WINDOWS\system32\browseui.dll
- 2007-08-22 13:13:05 152,064 ----a-w C:\WINDOWS\system32\cdfview.dll
+ 2007-08-22 12:57:25 152,064 ----a-w C:\WINDOWS\system32\cdfview.dll
+ 2008-03-20 16:56:18 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\NtUser.dat
- 2007-08-22 13:13:05 1,056,768 ----a-w C:\WINDOWS\system32\danim.dll
+ 2007-08-22 12:57:26 1,056,768 ----a-w C:\WINDOWS\system32\danim.dll
- 2004-08-19 15:09:20 61,440 -c--a-w C:\WINDOWS\system32\dllcache\admparse.dll
+ 2007-08-13 17:39:20 71,680 -c--a-w C:\WINDOWS\system32\dllcache\admparse.dll
- 2004-08-19 15:09:20 101,888 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2007-12-07 02:08:32 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
- 2007-08-22 13:13:05 1,021,440 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
+ 2007-08-22 12:57:25 1,023,488 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
- 2007-08-22 13:13:05 152,064 -c----w C:\WINDOWS\system32\dllcache\cdfview.dll
+ 2007-08-22 12:57:25 152,064 -c----w C:\WINDOWS\system32\dllcache\cdfview.dll
- 2006-03-09 11:48:56 28,672 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll
+ 2007-08-13 17:54:10 33,792 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll
- 2007-08-22 13:13:05 1,056,768 -c----w C:\WINDOWS\system32\dllcache\danim.dll
+ 2007-08-22 12:57:26 1,056,768 -c----w C:\WINDOWS\system32\dllcache\danim.dll
- 2007-08-22 13:13:05 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2007-12-19 22:53:23 347,136 -c----w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2007-08-22 13:13:05 205,312 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2007-12-07 02:08:32 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2007-08-22 13:13:05 55,808 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2007-12-07 02:08:32 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2004-08-19 15:09:28 38,912 -c--a-w C:\WINDOWS\system32\dllcache\hmmapi.dll
+ 2007-08-13 17:18:02 60,416 -c--a-w C:\WINDOWS\system32\dllcache\hmmapi.dll
- 2004-08-19 15:09:56 34,304 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2007-12-06 11:02:31 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2004-08-19 15:09:28 139,264 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2007-12-07 02:08:32 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2004-08-19 15:09:28 221,696 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2007-12-07 02:08:32 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2001-08-24 12:00:00 245,760 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2007-12-06 04:59:51 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2004-08-19 15:09:28 323,584 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2007-12-07 02:08:32 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2007-08-21 10:30:45 18,432 -c----w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2007-08-13 17:44:02 69,120 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
- 2004-08-19 15:09:28 81,920 -c--a-w C:\WINDOWS\system32\dllcache\ieencode.dll
+ 2007-08-13 17:45:18 78,336 -c--a-w C:\WINDOWS\system32\dllcache\ieencode.dll
- 2007-08-22 13:13:05 251,392 -c----w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2007-08-13 17:54:10 191,488 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
- 2004-08-19 15:09:28 49,152 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2007-12-07 02:08:33 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2004-08-19 15:09:28 63,488 -c--a-w C:\WINDOWS\system32\dllcache\iesetup.dll
+ 2007-08-13 17:39:12 55,296 -c--a-w C:\WINDOWS\system32\dllcache\iesetup.dll
- 2004-08-19 15:09:56 832,512 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2007-12-06 11:03:16 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2004-08-19 15:09:30 35,840 -c--a-w C:\WINDOWS\system32\dllcache\imgutil.dll
+ 2007-08-13 17:36:06 36,352 -c--a-w C:\WINDOWS\system32\dllcache\imgutil.dll
- 2007-08-22 13:13:06 96,768 -c----w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2007-08-13 17:39:02 92,672 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
- 2006-05-18 05:31:21 450,560 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2007-08-13 17:38:04 491,520 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
- 2007-08-22 13:13:06 16,384 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2007-12-07 02:08:33 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2004-08-19 15:09:32 22,528 -c--a-w C:\WINDOWS\system32\dllcache\licmgr10.dll
+ 2007-08-13 17:44:18 40,960 -c--a-w C:\WINDOWS\system32\dllcache\licmgr10.dll
- 2004-08-19 15:10:00 29,184 -c--a-w C:\WINDOWS\system32\dllcache\mshta.exe
+ 2007-08-13 17:32:30 45,568 -c--a-w C:\WINDOWS\system32\dllcache\mshta.exe
- 2007-08-22 13:13:07 3,520,512 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2007-12-08 09:38:36 3,592,192 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-08-22 13:13:07 449,024 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2007-12-07 02:08:34 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2004-08-19 15:08:28 57,344 -c--a-w C:\WINDOWS\system32\dllcache\mshtmler.dll
+ 2007-08-13 17:01:12 48,128 -c--a-w C:\WINDOWS\system32\dllcache\mshtmler.dll
- 2001-08-24 12:00:00 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll
+ 2007-08-13 17:54:10 156,160 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll
- 2007-08-22 13:13:07 146,432 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2007-12-07 02:08:34 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
- 2007-08-22 13:13:07 532,480 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2007-12-07 02:08:34 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
- 2004-08-19 15:09:38 147,968 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
+ 2007-12-07 02:08:34 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
- 2007-08-22 13:13:07 39,424 -c----w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-01-11 05:36:55 44,544 -c----w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2007-08-22 13:13:08 1,774,080 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
+ 2007-08-22 12:57:29 1,498,624 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
- 2007-08-22 13:13:08 499,200 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
+ 2007-08-22 12:57:30 474,624 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
- 2004-08-19 15:09:48 59,392 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
+ 2007-12-07 02:08:34 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
- 2007-08-22 13:13:08 691,200 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2007-12-07 02:08:34 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2004-08-19 15:09:48 417,792 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2007-08-13 17:54:10 413,696 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
- 2007-06-26 13:56:54 851,968 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll
+ 2007-08-13 17:54:10 765,952 -c--a-w C:\WINDOWS\system32\dllcache\VGX.dll
- 2004-08-19 15:09:48 442,880 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2007-12-07 02:08:34 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2007-08-22 13:13:08 697,344 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2007-12-07 02:08:34 824,832 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2007-08-09 12:04:11 40,768 ----a-w C:\WINDOWS\system32\drivers\avgntdd.sys
+ 2007-07-18 13:22:19 21,312 ----a-w C:\WINDOWS\system32\drivers\avgntmgr.sys
+ 2008-03-24 19:54:55 61,632 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys
+ 2007-03-01 09:34:36 28,352 ----a-w C:\WINDOWS\system32\drivers\ssmdrv.sys
- 2007-08-22 13:13:05 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2007-12-19 22:53:23 347,136 ------w C:\WINDOWS\system32\dxtmsft.dll
- 2007-08-22 13:13:05 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2007-12-07 02:08:32 214,528 ------w C:\WINDOWS\system32\dxtrans.dll
- 2007-08-22 13:13:05 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2007-12-07 02:08:32 133,120 ------w C:\WINDOWS\system32\extmgr.dll
+ 2007-12-07 02:08:32 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2006-06-29 07:05:44 26,112 ------w C:\WINDOWS\system32\idndl.dll
- 2004-08-19 15:09:56 34,304 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2007-12-06 11:02:31 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
- 2004-08-19 15:09:28 139,264 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2007-12-07 02:08:32 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
- 2004-08-19 15:09:28 221,696 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2007-12-07 02:08:32 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
- 2001-08-24 12:00:00 245,760 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2007-12-06 04:59:51 161,792 ------w C:\WINDOWS\system32\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\system32\ieapfltr.dat
+ 2007-12-07 02:08:32 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2004-08-19 15:09:28 323,584 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2007-12-07 02:08:32 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
- 2004-08-19 15:09:28 81,920 ----a-w C:\WINDOWS\system32\ieencode.dll
+ 2007-08-13 17:45:18 78,336 ----a-w C:\WINDOWS\system32\ieencode.dll
+ 2007-12-07 02:08:33 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2007-08-22 13:13:05 251,392 ----a-w C:\WINDOWS\system32\iepeers.dll
+ 2007-08-13 17:54:10 191,488 ----a-w C:\WINDOWS\system32\iepeers.dll
- 2004-08-19 15:09:28 49,152 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2007-12-07 02:08:33 44,544 ------w C:\WINDOWS\system32\iernonce.dll
+ 2007-12-07 02:08:33 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2004-08-19 15:09:28 63,488 ----a-w C:\WINDOWS\system32\iesetup.dll
+ 2007-08-13 17:39:12 55,296 ----a-w C:\WINDOWS\system32\iesetup.dll
+ 2007-12-06 11:00:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2007-08-13 17:54:10 180,736 ------w C:\WINDOWS\system32\ieui.dll
- 2004-08-19 15:09:30 35,840 ----a-w C:\WINDOWS\system32\imgutil.dll
+ 2007-08-13 17:36:06 36,352 ----a-w C:\WINDOWS\system32\imgutil.dll
- 2007-08-22 13:13:06 96,768 ----a-w C:\WINDOWS\system32\inseng.dll
+ 2007-08-13 17:39:02 92,672 ----a-w C:\WINDOWS\system32\inseng.dll
- 2006-05-18 05:31:21 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2007-08-13 17:38:04 491,520 ----a-w C:\WINDOWS\system32\jscript.dll
- 2007-08-22 13:13:06 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2007-12-07 02:08:33 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
- 2004-08-19 15:09:32 22,528 ----a-w C:\WINDOWS\system32\licmgr10.dll
+ 2007-08-13 17:44:18 40,960 ----a-w C:\WINDOWS\system32\licmgr10.dll
+ 2007-12-07 02:08:33 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2007-12-07 02:08:33 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2007-08-13 17:36:40 12,288 ------w C:\WINDOWS\system32\msfeedssync.exe
- 2004-08-19 15:10:00 29,184 ----a-w C:\WINDOWS\system32\mshta.exe
+ 2007-08-13 17:32:30 45,568 ----a-w C:\WINDOWS\system32\mshta.exe
- 2007-08-22 13:13:07 3,520,512 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2007-12-08 09:38:36 3,592,192 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2007-08-22 13:13:07 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2007-12-07 02:08:34 478,208 ------w C:\WINDOWS\system32\mshtmled.dll
- 2004-08-19 15:08:28 57,344 ----a-w C:\WINDOWS\system32\mshtmler.dll
+ 2007-08-13 17:01:12 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll
- 2001-08-24 12:00:00 146,432 ----a-w C:\WINDOWS\system32\msls31.dll
+ 2007-08-13 17:54:10 156,160 ----a-w C:\WINDOWS\system32\msls31.dll
- 2007-08-22 13:13:07 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2007-12-07 02:08:34 193,024 ------w C:\WINDOWS\system32\msrating.dll
- 2007-08-22 13:13:07 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2007-12-07 02:08:34 671,232 ------w C:\WINDOWS\system32\mstime.dll
+ 2006-06-28 16:59:26 24,576 ------w C:\WINDOWS\system32\nlsdl.dll
+ 2006-06-29 07:05:44 23,552 ------w C:\WINDOWS\system32\normaliz.dll
- 2004-08-19 15:09:38 147,968 ----a-w C:\WINDOWS\system32\occache.dll
+ 2007-12-07 02:08:34 102,912 ------w C:\WINDOWS\system32\occache.dll
- 2007-08-22 13:13:07 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-01-11 05:36:55 44,544 ------w C:\WINDOWS\system32\pngfilt.dll
- 2007-08-22 13:13:08 1,774,080 ----a-w C:\WINDOWS\system32\shdocvw.dll
+ 2007-08-22 12:57:29 1,498,624 ----a-w C:\WINDOWS\system32\shdocvw.dll
- 2007-08-22 13:13:08 499,200 ----a-w C:\WINDOWS\system32\shlwapi.dll
+ 2007-08-22 12:57:30 474,624 ----a-w C:\WINDOWS\system32\shlwapi.dll
- 2004-08-19 15:09:48 59,392 ----a-w C:\WINDOWS\system32\url.dll
+ 2007-12-07 02:08:34 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2007-08-22 13:13:08 691,200 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2007-12-07 02:08:34 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2004-08-19 15:09:48 417,792 ----a-w C:\WINDOWS\system32\vbscript.dll
+ 2007-08-13 17:54:10 413,696 ----a-w C:\WINDOWS\system32\vbscript.dll
- 2004-08-19 15:09:48 442,880 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2007-12-07 02:08:34 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2007-08-13 17:45:16 206,336 ------w C:\WINDOWS\system32\WinFXDocObj.exe
- 2007-08-22 13:13:08 697,344 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2007-12-07 02:08:34 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2006-07-14 15:51:51 121,856 ------w C:\WINDOWS\system32\xmllite.dll
- 2007-08-21 14:23:26 121,856 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2007-08-21 14:20:52 369,152 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2008-03-24 19:39:09 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_670.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-13 15:13 68856]
"NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-04-04 13:20 81920]
"TopDesk"="C:\Program Files\TopDesk\topdesk.exe" [2007-06-20 09:21 1912832]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [ ]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59 204288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 14:34 868352]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\smax4.exe" [2006-07-13 06:12 729088]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"DAEMON Tools-1033"="C:\Program Files\D-Tools\daemon.exe" [2003-10-02 01:20 81920]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-27 16:43 185632]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-13 14:49 49152]
"AsusStartupHelp"="C:\Program Files\ASUS\AASP\1.00.24\AsRunHelp.exe" [2006-12-29 02:54 363008]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-12 16:44 8429568]
"nwiz"="nwiz.exe" [2007-04-12 16:44 1626112 C:\WINDOWS\system32\nwiz.exe]
"SW20"="C:\WINDOWS\system32\sw20.exe" [2006-12-15 03:58 208896]
"SW24"="C:\WINDOWS\system32\sw24.exe" [2006-12-15 03:58 69632]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-04-12 16:44 81920]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-12-11 10:56 286720]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 23:24 620152]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-03-24 20:54 249896]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nlsf"="cmd.exe" [2004-08-19 16:09 428032 C:\WINDOWS\system32\cmd.exe]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-19 15:52 44544]
C:\Documents and Settings\Mily&Nico\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 21:57:56 393216]
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 23:05:02 630784]
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 20:41:18 65536]
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 08:43:08 180224]
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-05-21 08:43:14 155648]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe [2008-03-08 15:32:14 295606]
Adobe Acrobat Synchronizer.lnk - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 00:01:50 734872]
DualCoreCenter.lnk - C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe [2007-09-11 15:59:45 192512]
D‚marrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2004-11-04 18:50:52 53248]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-04 18:28:24 258048]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 20:05:26 29696]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
"NoStrCmpLogical"= 0 (0x0)
"NoInstrumentation"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="LogonUI.EXE"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"DisablePagingExecutive"=dword:00000001
"SecondLevelDataCache"=dword:00000200
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8874:TCP"= 8874:TCP:LimeWire
"8874:UDP"= 8874:UDP:LimeWire
"6346:TCP"= 6346:TCP:LimeWire
"6346:UDP"= 6346:UDP:LimeWire
R0 pnpshark;pnpshark;C:\WINDOWS\system32\DRIVERS\pnpshark.sys [2003-10-02 02:16]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys [2005-10-13 14:46]
R0 st3shark;st3shark;C:\WINDOWS\system32\DRIVERS\st3shark.sys [2003-09-27 13:37]
R3 DigiCellDriver;DigiCellDriver;C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys [2006-10-05 14:32]
S3 FT8591;FT8591 Filter;C:\WINDOWS\system32\DRIVERS\FT8591.sys []
S3 rtl8180;Belkin 11Mbps Wireless Desktop Network Card Driver;C:\WINDOWS\system32\DRIVERS\Bel6001.sys []
S3 SetupNTGLM7X;SetupNTGLM7X;E:\NTGLM7X.sys []
S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-03 23:04]
*Newly Created Service* - ANTIVIRSCHEDULER
*Newly Created Service* - ANTIVIRSERVICE
*Newly Created Service* - AVGIO
*Newly Created Service* - AVGNTFLT
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe"
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-04 07:36:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-03-24 19:00:00 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
- C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
"2008-03-19 19:07:00 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
"2008-03-09 19:07:08 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-24 21:18:43
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-03-24 21:18:58
ComboFix-quarantined-files.txt 2008-03-24 20:18:56
ComboFix2.txt 2008-03-20 16:01:11
ComboFix3.txt 2008-03-20 15:03:14
nicobarj
Messages postés
22
Date d'inscription
jeudi 20 mars 2008
Statut
Membre
Dernière intervention
8 avril 2008
24 mars 2008 à 21:25
24 mars 2008 à 21:25
et celui de HijackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:27:11, on 24/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\smax4.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\TopDesk\topdesk.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\MSI\DualCoreCenter\DualCoreCenter.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1036
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.24\AsRunHelp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [TopDesk] C:\Program Files\TopDesk\topdesk.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: DualCoreCenter.lnk = C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://eu-housecall.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase370.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2BB0B831-19A3-44A2-A422-0D743194392A}: NameServer = 213.36.80.1,192.168.1.1
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:27:11, on 24/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\smax4.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\TopDesk\topdesk.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\MSI\DualCoreCenter\DualCoreCenter.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1036
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.24\AsRunHelp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [TopDesk] C:\Program Files\TopDesk\topdesk.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: DualCoreCenter.lnk = C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://eu-housecall.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase370.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2BB0B831-19A3-44A2-A422-0D743194392A}: NameServer = 213.36.80.1,192.168.1.1
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Le sioux
Messages postés
4894
Date d'inscription
dimanche 27 mai 2007
Statut
Contributeur sécurité
Dernière intervention
6 mars 2023
496
26 mars 2008 à 00:12
26 mars 2008 à 00:12
Hello Nico
Tout ceci m'a l'air pas trop mal...
Je suis au boulot, je regarderai cela de plus pret néanmoins par la suite.
Qu'en est il du probleme initial ?
@ suivre.
Tout ceci m'a l'air pas trop mal...
Je suis au boulot, je regarderai cela de plus pret néanmoins par la suite.
Qu'en est il du probleme initial ?
@ suivre.
nicobarj
Messages postés
22
Date d'inscription
jeudi 20 mars 2008
Statut
Membre
Dernière intervention
8 avril 2008
26 mars 2008 à 14:27
26 mars 2008 à 14:27
salut Le sioux
Merci d'avoir repondu. Perso je trouve que le pc est toujours lent mais c'est peut etre parce qu'il y a beaucoup de choses dessus. Et ça ne se voit peut etre pas sur tout ce que je t'ai envoyé mais par moment j'ai un message du type "error l'adresse ne peut etre read ou written" suivant les cas. J'ai pensé qu'il y avait un gros souci car il y a un tuto sur ce site expliquant comment faire et je voulais voir si j'avais des infections. Si pour toi il n'y a plus rien alors c'est cool et merci du coup de main.
Tient moi au courant si tu vois d'autres choses. Merci @+
Merci d'avoir repondu. Perso je trouve que le pc est toujours lent mais c'est peut etre parce qu'il y a beaucoup de choses dessus. Et ça ne se voit peut etre pas sur tout ce que je t'ai envoyé mais par moment j'ai un message du type "error l'adresse ne peut etre read ou written" suivant les cas. J'ai pensé qu'il y avait un gros souci car il y a un tuto sur ce site expliquant comment faire et je voulais voir si j'avais des infections. Si pour toi il n'y a plus rien alors c'est cool et merci du coup de main.
Tient moi au courant si tu vois d'autres choses. Merci @+
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
27 mars 2008 à 00:40
27 mars 2008 à 00:40
salut nicobarj,
Je reprends la suite, le sioux a a faire...
C´est ce tutoriel que tu avais vu ?
http://www.commentcamarche.net/faq/sujet 2444 l adresse memoire ne peut pas etre read ou written
@+
Je reprends la suite, le sioux a a faire...
C´est ce tutoriel que tu avais vu ?
http://www.commentcamarche.net/faq/sujet 2444 l adresse memoire ne peut pas etre read ou written
@+
nicobarj
Messages postés
22
Date d'inscription
jeudi 20 mars 2008
Statut
Membre
Dernière intervention
8 avril 2008
27 mars 2008 à 17:39
27 mars 2008 à 17:39
hello g!rly
oui c'était bien celui ci. j'ai essayé de suivre tout ce qu'il y avait mais j'avais toujours le problème. j'ai donc decidé de faire un post avec hijack this pour voir si il y avait un probleme. et il y en avait on dirait.
que pense tu des derniers rapports que j'ai posté?
@+
oui c'était bien celui ci. j'ai essayé de suivre tout ce qu'il y avait mais j'avais toujours le problème. j'ai donc decidé de faire un post avec hijack this pour voir si il y avait un probleme. et il y en avait on dirait.
que pense tu des derniers rapports que j'ai posté?
@+
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
27 mars 2008 à 19:06
27 mars 2008 à 19:06
salut,
tu a testé ta ram ? tu a combien de memoire ?
les rapports me paraissent ok... mais on va affiner :
a l´aide de hijack this coche et fix les lignes suivantes :
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://eu-housecall.trendmicro-europe.com/...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase370.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
comment fixer :
Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)
-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
puis
ne voudrais tu pas remplacer acrobat reader par foxit plus léger: car il est connu pour foutre le chantier...
https://www.clubic.com/telecharger-fiche13808-foxit-reader.html
dis moi quoi
@+
tu a testé ta ram ? tu a combien de memoire ?
les rapports me paraissent ok... mais on va affiner :
a l´aide de hijack this coche et fix les lignes suivantes :
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://eu-housecall.trendmicro-europe.com/...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase370.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
comment fixer :
Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)
-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
puis
ne voudrais tu pas remplacer acrobat reader par foxit plus léger: car il est connu pour foutre le chantier...
https://www.clubic.com/telecharger-fiche13808-foxit-reader.html
dis moi quoi
@+
Le sioux
Messages postés
4894
Date d'inscription
dimanche 27 mai 2007
Statut
Contributeur sécurité
Dernière intervention
6 mars 2023
496
27 mars 2008 à 20:43
27 mars 2008 à 20:43
Bonsoir G!rly, Nicobarj
Merci G!rly pour la relève.
Bonne continuation a vous 2.
Merci G!rly pour la relève.
Bonne continuation a vous 2.
nicobarj
Messages postés
22
Date d'inscription
jeudi 20 mars 2008
Statut
Membre
Dernière intervention
8 avril 2008
27 mars 2008 à 21:16
27 mars 2008 à 21:16
re
oui j'ai testé la ram avec memtest et il n'y a pas de problème. c'est 2 barettes G.Skill (memoire_DDR2 G.Skill Extreme Series PK 2*1024 PC6400 Dual Channel CAS4 F2-6400CL4D-2GBPK )
par contre pour acrobat
je n'ai pas que le reader j'ai aussi le adobe acrobat 8 pro et je m'en sert donc pour changer avec foxit je sais pas trop...
veux-tu un nouveau rapport hijack this ou ce n'est pas la peine?
merci de ton aide. ;-) @+
oui j'ai testé la ram avec memtest et il n'y a pas de problème. c'est 2 barettes G.Skill (memoire_DDR2 G.Skill Extreme Series PK 2*1024 PC6400 Dual Channel CAS4 F2-6400CL4D-2GBPK )
par contre pour acrobat
je n'ai pas que le reader j'ai aussi le adobe acrobat 8 pro et je m'en sert donc pour changer avec foxit je sais pas trop...
veux-tu un nouveau rapport hijack this ou ce n'est pas la peine?
merci de ton aide. ;-) @+
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
28 mars 2008 à 05:53
28 mars 2008 à 05:53
nicobarj,
Garde acrobat resder pro.
Passe ce scan en ligne et post le rapport ici stp :
Fais un scan en ligne Kaspersky avec Internet Explorer :
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
-> Click sur Démarrer Online-Scanner
-> Click maintenant sur J'accepte.
-> Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
-> Patiente pendant l'installation des Mises à jour.
-> Choisis par la suite l'analyse du Poste de travail.
-> Sauvegarde puis colle le rapport généré en fin d'analyse.
@+
Garde acrobat resder pro.
Passe ce scan en ligne et post le rapport ici stp :
Fais un scan en ligne Kaspersky avec Internet Explorer :
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
-> Click sur Démarrer Online-Scanner
-> Click maintenant sur J'accepte.
-> Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
-> Patiente pendant l'installation des Mises à jour.
-> Choisis par la suite l'analyse du Poste de travail.
-> Sauvegarde puis colle le rapport généré en fin d'analyse.
@+
nicobarj
Messages postés
22
Date d'inscription
jeudi 20 mars 2008
Statut
Membre
Dernière intervention
8 avril 2008
28 mars 2008 à 16:44
28 mars 2008 à 16:44
voila le rapport:
KASPERSKY ON-LINE SCANNER REPORT
Friday, March 28, 2008 4:39:07 PM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 28/03/2008
Enregistrements dans la base antivirus Kaspersky : 600419
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
A:\
C:\
D:\
E:\
G:\
Statistiques de l'analyse
Total d'objets analysés 103952
Nombre de virus trouvés 1
Nombre d'objets infectés 2 / 0
Nombre d'objets suspects 0
Durée de l'analyse 02:37:13
Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\DRM\drmstore.hds L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\ApplicationHistory\hpqgalry.exe.cf8dd223.ini.inuse L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_360.wmdb L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Messenger\emiliev5@hotmail.fr\SharingMetadata\Logs\Dfsr00005.log L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Messenger\emiliev5@hotmail.fr\SharingMetadata\pending.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Messenger\emiliev5@hotmail.fr\SharingMetadata\Working\database_4000_F703_F6_FF2A\dfsr.db L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Messenger\emiliev5@hotmail.fr\SharingMetadata\Working\database_4000_F703_F6_FF2A\fsr.log L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Messenger\emiliev5@hotmail.fr\SharingMetadata\Working\database_4000_F703_F6_FF2A\fsrtmp.log L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Messenger\emiliev5@hotmail.fr\SharingMetadata\Working\database_4000_F703_F6_FF2A\tmp.edb L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Messenger\nicobarj@hotmail.fr\SharingMetadata\Logs\Dfsr00005.log L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Messenger\nicobarj@hotmail.fr\SharingMetadata\pending.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Messenger\nicobarj@hotmail.fr\SharingMetadata\Working\database_4000_F703_F6_FF2A\dfsr.db L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Messenger\nicobarj@hotmail.fr\SharingMetadata\Working\database_4000_F703_F6_FF2A\fsr.log L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Messenger\nicobarj@hotmail.fr\SharingMetadata\Working\database_4000_F703_F6_FF2A\fsrtmp.log L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Messenger\nicobarj@hotmail.fr\SharingMetadata\Working\database_4000_F703_F6_FF2A\tmp.edb L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Windows Live Contacts\emiliev5@hotmail.fr\real\members.stg L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Windows Live Contacts\emiliev5@hotmail.fr\shadow\members.stg L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Windows Live Contacts\nicobarj@hotmail.fr\real\members.stg L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Windows Live Contacts\nicobarj@hotmail.fr\shadow\members.stg L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Historique\History.IE5\MSHist012008032820080329\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Temp\hpodvd09.log L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Temp\~DF1B1D.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Temp\~DF1CD5.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Temp\~DF1D56.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Temp\~DFAAD3.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Temp\~DFAAF3.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Temp\~DFD38B.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Temp\~DFD773.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Temp\~DFEA0E.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Temp\~DFEAFA.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{8AFBEAEC-5DA9-49B9-A07C-9E5CC026522F}\RP23\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\EventCache\{1661A939-BBDB-4515-8487-96038B8C73B8}.bin L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\ODiag.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\OSession.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_830.dat L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
D:\Incoming\Jeux\Warhammer.40k.Dawn.Of.War.&.Winter.Assault.DVD{autorun.patchs.cracks.SN}.FR.iso/Dawn Of War/B666/keygen.exe;1 Infecté : Trojan-PSW.Win32.Steam.a ignoré
D:\Incoming\Jeux\Warhammer.40k.Dawn.Of.War.&.Winter.Assault.DVD{autorun.patchs.cracks.SN}.FR.iso ISOimage: infecté - 1 ignoré
D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
Analyse terminée.
merci @+
KASPERSKY ON-LINE SCANNER REPORT
Friday, March 28, 2008 4:39:07 PM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 28/03/2008
Enregistrements dans la base antivirus Kaspersky : 600419
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
A:\
C:\
D:\
E:\
G:\
Statistiques de l'analyse
Total d'objets analysés 103952
Nombre de virus trouvés 1
Nombre d'objets infectés 2 / 0
Nombre d'objets suspects 0
Durée de l'analyse 02:37:13
Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\DRM\drmstore.hds L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\ApplicationHistory\hpqgalry.exe.cf8dd223.ini.inuse L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_360.wmdb L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Messenger\emiliev5@hotmail.fr\SharingMetadata\Logs\Dfsr00005.log L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Messenger\emiliev5@hotmail.fr\SharingMetadata\pending.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Messenger\emiliev5@hotmail.fr\SharingMetadata\Working\database_4000_F703_F6_FF2A\dfsr.db L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Messenger\emiliev5@hotmail.fr\SharingMetadata\Working\database_4000_F703_F6_FF2A\fsr.log L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Messenger\emiliev5@hotmail.fr\SharingMetadata\Working\database_4000_F703_F6_FF2A\fsrtmp.log L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Messenger\emiliev5@hotmail.fr\SharingMetadata\Working\database_4000_F703_F6_FF2A\tmp.edb L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Messenger\nicobarj@hotmail.fr\SharingMetadata\Logs\Dfsr00005.log L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Messenger\nicobarj@hotmail.fr\SharingMetadata\pending.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Messenger\nicobarj@hotmail.fr\SharingMetadata\Working\database_4000_F703_F6_FF2A\dfsr.db L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Messenger\nicobarj@hotmail.fr\SharingMetadata\Working\database_4000_F703_F6_FF2A\fsr.log L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Messenger\nicobarj@hotmail.fr\SharingMetadata\Working\database_4000_F703_F6_FF2A\fsrtmp.log L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Messenger\nicobarj@hotmail.fr\SharingMetadata\Working\database_4000_F703_F6_FF2A\tmp.edb L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Windows Live Contacts\emiliev5@hotmail.fr\real\members.stg L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Windows Live Contacts\emiliev5@hotmail.fr\shadow\members.stg L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Windows Live Contacts\nicobarj@hotmail.fr\real\members.stg L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Application Data\Microsoft\Windows Live Contacts\nicobarj@hotmail.fr\shadow\members.stg L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Historique\History.IE5\MSHist012008032820080329\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Temp\hpodvd09.log L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Temp\~DF1B1D.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Temp\~DF1CD5.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Temp\~DF1D56.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Temp\~DFAAD3.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Temp\~DFAAF3.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Temp\~DFD38B.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Temp\~DFD773.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Temp\~DFEA0E.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Temp\~DFEAFA.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\Mily&Nico\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{8AFBEAEC-5DA9-49B9-A07C-9E5CC026522F}\RP23\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\EventCache\{1661A939-BBDB-4515-8487-96038B8C73B8}.bin L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\ODiag.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\OSession.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_830.dat L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
D:\Incoming\Jeux\Warhammer.40k.Dawn.Of.War.&.Winter.Assault.DVD{autorun.patchs.cracks.SN}.FR.iso/Dawn Of War/B666/keygen.exe;1 Infecté : Trojan-PSW.Win32.Steam.a ignoré
D:\Incoming\Jeux\Warhammer.40k.Dawn.Of.War.&.Winter.Assault.DVD{autorun.patchs.cracks.SN}.FR.iso ISOimage: infecté - 1 ignoré
D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
Analyse terminée.
merci @+
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
28 mars 2008 à 17:15
28 mars 2008 à 17:15
salut,
supprime :
D:\Incoming\Jeux\Warhammer.40k.Dawn.Of.War.&.Winter.Assault.DVD{autorun.patchs.cracks.SN}.FR.iso
D:\Incoming\Jeux\Warhammer.40k.Dawn.Of.War.&.Winter.Assault.DVD{autorun.patchs.cracks.SN}.FR.iso/Dawn Of War/B666/keygen.exe
@+
supprime :
D:\Incoming\Jeux\Warhammer.40k.Dawn.Of.War.&.Winter.Assault.DVD{autorun.patchs.cracks.SN}.FR.iso
D:\Incoming\Jeux\Warhammer.40k.Dawn.Of.War.&.Winter.Assault.DVD{autorun.patchs.cracks.SN}.FR.iso/Dawn Of War/B666/keygen.exe
@+
nicobarj
Messages postés
22
Date d'inscription
jeudi 20 mars 2008
Statut
Membre
Dernière intervention
8 avril 2008
28 mars 2008 à 18:00
28 mars 2008 à 18:00
re
voila les 2 sont supprimés. veut tu que je refasse un hijack this ou ce n'est pas nécessaire?
encore une fois je te remercie de ton aide.
voila les 2 sont supprimés. veut tu que je refasse un hijack this ou ce n'est pas nécessaire?
encore une fois je te remercie de ton aide.
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
29 mars 2008 à 06:16
29 mars 2008 à 06:16
bonjour nico,
oui post un nouveau hijack this stp
tu as d´autres cracks sur ton pc ?
@+
oui post un nouveau hijack this stp
tu as d´autres cracks sur ton pc ?
@+
nicobarj
Messages postés
22
Date d'inscription
jeudi 20 mars 2008
Statut
Membre
Dernière intervention
8 avril 2008
29 mars 2008 à 10:23
29 mars 2008 à 10:23
salut g!rly
voici le hijack this
j'ai bien d'autre crack car avant d'acheter quelque chose j'aime bien pouvoir essayé. donc je télécharge avec des crack et ensuite si ça me plait j'achète
.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:20:05, on 29/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\smax4.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\TopDesk\topdesk.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\MSI\DualCoreCenter\DualCoreCenter.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Catcher Class - {ADECBED6-0366-4377-A739-E69DFBA04663} - C:\Program Files\Moyea\FLV Downloader\MoyeaCth.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1036
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.24\AsRunHelp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [TopDesk] C:\Program Files\TopDesk\topdesk.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: DualCoreCenter.lnk = C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O17 - HKLM\System\CCS\Services\Tcpip\..\{2BB0B831-19A3-44A2-A422-0D743194392A}: NameServer = 213.36.80.1,192.168.1.1
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
voici le hijack this
j'ai bien d'autre crack car avant d'acheter quelque chose j'aime bien pouvoir essayé. donc je télécharge avec des crack et ensuite si ça me plait j'achète
.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:20:05, on 29/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\smax4.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\TopDesk\topdesk.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\MSI\DualCoreCenter\DualCoreCenter.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Catcher Class - {ADECBED6-0366-4377-A739-E69DFBA04663} - C:\Program Files\Moyea\FLV Downloader\MoyeaCth.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1036
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.24\AsRunHelp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [TopDesk] C:\Program Files\TopDesk\topdesk.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: DualCoreCenter.lnk = C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O17 - HKLM\System\CCS\Services\Tcpip\..\{2BB0B831-19A3-44A2-A422-0D743194392A}: NameServer = 213.36.80.1,192.168.1.1
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
30 mars 2008 à 18:24
30 mars 2008 à 18:24
salut nico,
Les cracks comme tu voies peuvent etre et son le plus souvent infféctés, alors fais attention !
Peux tu performer un scan a l´aide d´antivir avec les reglages ci dessous ;
Une fois antivir ouvert click surconfiguration et coche la case "expert mode" puis sur l´onglet scanner dans la fenetre du dessous tu va voir : rootkit search click sur le petit + pour deployer et coche la case a coté de ton disk dur
puis click sur configuration en haut a droite; dans la nouvelle fenetre a gauche >scanner > coche "scan all files" et en dessous >scanner priority = High
coche : allow stopping the scanner, comme cela tu peux faire une pause pendant le scan si tu le desir.
puis sur la droite coche les case suivantes :
scan boot sectors of selected drives
scan master boot sectors
scan memory
search foe rootkit before scan
decoche :
ignore off line files
toujours a gauche > scan > deploie > heuristique > macrovirus heuristic = coché et en dessous > win32 heuristic la case coché et high detection level
Post le reultat du scan stp
@+
Les cracks comme tu voies peuvent etre et son le plus souvent infféctés, alors fais attention !
Peux tu performer un scan a l´aide d´antivir avec les reglages ci dessous ;
Une fois antivir ouvert click surconfiguration et coche la case "expert mode" puis sur l´onglet scanner dans la fenetre du dessous tu va voir : rootkit search click sur le petit + pour deployer et coche la case a coté de ton disk dur
puis click sur configuration en haut a droite; dans la nouvelle fenetre a gauche >scanner > coche "scan all files" et en dessous >scanner priority = High
coche : allow stopping the scanner, comme cela tu peux faire une pause pendant le scan si tu le desir.
puis sur la droite coche les case suivantes :
scan boot sectors of selected drives
scan master boot sectors
scan memory
search foe rootkit before scan
decoche :
ignore off line files
toujours a gauche > scan > deploie > heuristique > macrovirus heuristic = coché et en dessous > win32 heuristic la case coché et high detection level
Post le reultat du scan stp
@+
nicobarj
Messages postés
22
Date d'inscription
jeudi 20 mars 2008
Statut
Membre
Dernière intervention
8 avril 2008
30 mars 2008 à 23:54
30 mars 2008 à 23:54
salut g!rly
j'étais déjà au courant pour les crack mais merci de me le rappeler.
voila le rapport d'antivir avec les réglages que tu voulais.
AntiVir PersonalEdition Classic
Report file date: dimanche 30 mars 2008 21:53
Scanning for 1169688 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: NICO
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 19:54:55
ANTIVIR2.VDF : 7.0.3.85 434176 Bytes 27/03/2008 19:54:26
ANTIVIR3.VDF : 7.0.3.92 20480 Bytes 28/03/2008 19:55:00
AVEWIN32.DLL : 7.6.0.78 3408384 Bytes 28/03/2008 19:55:01
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 24/03/2008 19:54:55
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: dimanche 30 mars 2008 21:53
Starting search for hidden objects.
'53016' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'emule.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'FNPLicensingService.exe' - '1' Module(s) have been scanned
Scan process 'DualCoreCenter.exe' - '1' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
Scan process 'nSvcIp.exe' - '1' Module(s) have been scanned
Scan process 'hpqgalry.exe' - '1' Module(s) have been scanned
Scan process 'nSvcAppFlt.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'nTuneService.exe' - '1' Module(s) have been scanned
Scan process 'mdm.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'RocketDock.exe' - '1' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'acrotray.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'smax4pnp.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
49 processes with 49 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[NOTE] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '50' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Mily&Nico\Bureau\ComboFix.exe
[0] Archive type: RAR SFX (self extracting)
--> 327882R2FWJFW\psexec.cfexe
[DETECTION] Contains detection pattern of the application APPL/Rmadmin.131072
--> 327882R2FWJFW\pv.cfexe
[DETECTION] Contains detection pattern of the SPR/Tool.PV program
[INFO] The file was moved to '485cf111.qua'!
C:\Program Files\eChanblard\config\last.zip
[0] Archive type: ZIP
--> EvID4226Patch.exe
[DETECTION] Contains detection pattern of the application APPL/Tool.EvID4226.A
[INFO] The file was moved to '4862f9c8.qua'!
C:\System Volume Information\_restore{8AFBEAEC-5DA9-49B9-A07C-9E5CC026522F}\RP25\A0002059.exe
[0] Archive type: RAR SFX (self extracting)
--> 327882R2FWJFW\psexec.cfexe
[DETECTION] Contains detection pattern of the application APPL/Rmadmin.131072
--> 327882R2FWJFW\pv.cfexe
[DETECTION] Contains detection pattern of the SPR/Tool.PV program
[INFO] The file was moved to '481ffcaf.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <DD Interne>
D:\pagefile.sys
[WARNING] The file could not be opened!
D:\logiciel\StyleXP3.02.exe
[DETECTION] File has been compressed with an unusual runtime compression tool (PCK/PESpin). Please verify the origin of the file
[INFO] The file was moved to '48690404.qua'!
D:\System Volume Information\_restore{8AFBEAEC-5DA9-49B9-A07C-9E5CC026522F}\RP25\A0002060.exe
[DETECTION] File has been compressed with an unusual runtime compression tool (PCK/PESpin). Please verify the origin of the file
[INFO] The file was moved to '48200719.qua'!
End of the scan: dimanche 30 mars 2008 23:32
Used time: 1:39:05 min
The scan has been done completely.
8237 Scanning directories
508643 Files were scanned
7 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
5 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
508636 Files not concerned
5315 Archives were scanned
3 Warnings
135 Notes
53016 Objects were scanned with rootkit scan
0 Hidden objects were found
j'étais déjà au courant pour les crack mais merci de me le rappeler.
voila le rapport d'antivir avec les réglages que tu voulais.
AntiVir PersonalEdition Classic
Report file date: dimanche 30 mars 2008 21:53
Scanning for 1169688 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: NICO
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 19:54:55
ANTIVIR2.VDF : 7.0.3.85 434176 Bytes 27/03/2008 19:54:26
ANTIVIR3.VDF : 7.0.3.92 20480 Bytes 28/03/2008 19:55:00
AVEWIN32.DLL : 7.6.0.78 3408384 Bytes 28/03/2008 19:55:01
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 24/03/2008 19:54:55
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: dimanche 30 mars 2008 21:53
Starting search for hidden objects.
'53016' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'emule.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'FNPLicensingService.exe' - '1' Module(s) have been scanned
Scan process 'DualCoreCenter.exe' - '1' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
Scan process 'nSvcIp.exe' - '1' Module(s) have been scanned
Scan process 'hpqgalry.exe' - '1' Module(s) have been scanned
Scan process 'nSvcAppFlt.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'nTuneService.exe' - '1' Module(s) have been scanned
Scan process 'mdm.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'RocketDock.exe' - '1' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'acrotray.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'smax4pnp.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
49 processes with 49 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[NOTE] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '50' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Mily&Nico\Bureau\ComboFix.exe
[0] Archive type: RAR SFX (self extracting)
--> 327882R2FWJFW\psexec.cfexe
[DETECTION] Contains detection pattern of the application APPL/Rmadmin.131072
--> 327882R2FWJFW\pv.cfexe
[DETECTION] Contains detection pattern of the SPR/Tool.PV program
[INFO] The file was moved to '485cf111.qua'!
C:\Program Files\eChanblard\config\last.zip
[0] Archive type: ZIP
--> EvID4226Patch.exe
[DETECTION] Contains detection pattern of the application APPL/Tool.EvID4226.A
[INFO] The file was moved to '4862f9c8.qua'!
C:\System Volume Information\_restore{8AFBEAEC-5DA9-49B9-A07C-9E5CC026522F}\RP25\A0002059.exe
[0] Archive type: RAR SFX (self extracting)
--> 327882R2FWJFW\psexec.cfexe
[DETECTION] Contains detection pattern of the application APPL/Rmadmin.131072
--> 327882R2FWJFW\pv.cfexe
[DETECTION] Contains detection pattern of the SPR/Tool.PV program
[INFO] The file was moved to '481ffcaf.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <DD Interne>
D:\pagefile.sys
[WARNING] The file could not be opened!
D:\logiciel\StyleXP3.02.exe
[DETECTION] File has been compressed with an unusual runtime compression tool (PCK/PESpin). Please verify the origin of the file
[INFO] The file was moved to '48690404.qua'!
D:\System Volume Information\_restore{8AFBEAEC-5DA9-49B9-A07C-9E5CC026522F}\RP25\A0002060.exe
[DETECTION] File has been compressed with an unusual runtime compression tool (PCK/PESpin). Please verify the origin of the file
[INFO] The file was moved to '48200719.qua'!
End of the scan: dimanche 30 mars 2008 23:32
Used time: 1:39:05 min
The scan has been done completely.
8237 Scanning directories
508643 Files were scanned
7 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
5 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
508636 Files not concerned
5315 Archives were scanned
3 Warnings
135 Notes
53016 Objects were scanned with rootkit scan
0 Hidden objects were found
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
31 mars 2008 à 06:58
31 mars 2008 à 06:58
salut nico,
ou en sont tes soucis ?
@+
ou en sont tes soucis ?
@+