Sujet Précédent Sujet Suivant

Virus mon ordinateur rame

AlexR31 Messages postés 38 Statut Membre -  
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
Cela fait quand meme pas mal de temps que mon ordinateur é infecter de virus que je n'arive pas a supprimer. Aprés tous ce temps a chercher une reponse a mon probleme je m'en remet à vous!

Mon anti virus (avast) ne détecte rien1 ainsi que Ad-Aware SE Personal. A chaque connection a internet mon odrinateur se met a ramé je sui obliger a chaque fois de le redemarer mon PC pour continuer ce que j'etai en trazin de faire. et j'ai de temps en temps les deux meme fenetre plublicitaire qui reviennent.
A L'AIDE !!!!
En vous remerciant et en attente de votre reponce, je vous colle un rapport HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:26:41, on 08/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Outlook Express\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.sapo.pt/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar6.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar6.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [AGRSMMSG] ; AGRSMMSG.exe
O4 - HKLM\..\Run: [AlcxMonitor] ; ALCXMNTR.EXE
O4 - HKLM\..\Run: [HPHUPD06] ; c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [ISUSScheduler] ; "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [KBD] ; C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VTTimer] ; VTTimer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Bibshim] ; C:\DOCUME~1\HP_PRO~1\APPLIC~1\README~1\boobwait.exe
O4 - HKCU\..\Run: [updateMgr] ; C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {49783ED4-258D-4f9f-BE11-137C18D3E543} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {A4069847-C342-48E2-9257-01A24E5C78EA} (F-Secure Online Scanner 3.2) - https://www.f-secure.com/en/home/support
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Window Net Dns (MyDNS) - Unknown owner - C:\Program Files\Outlook Express\svchost.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
A voir également:

8 réponses

Réponse 1 / 8
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
analyse ce fichier sur virus total etdis si infécté: https://www.virustotal.com/gui/

C:\DOCUME~1\HP_PRO~1\APPLIC~1\README~1\boobwait.exe

______________

Fais un clic droit sur ce lien : (IL-MAFIOSO)
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)

Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
0
AlexR31 Messages postés 38 Statut Membre
 
je vous remercie pour votre reponce aussi rapide voici le raport Navilog1:

Search Navipromo version 3.5.2 commencé le 08/04/2008 à 16:08:13,70

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "HP_Propriétaire"

Mise à jour le 29.03.2008 à 22h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS

Executé en mode normal

*** Recherche Programmes installés ***




*** Recherche dossiers dans C:\WINDOWS ***



*** Recherche dossiers dans C:\Program Files ***



*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***




*** Recherche dossiers dans "C:\Documents and Settings\HP_Propriétaire\applic~1" ***



*** Recherche dossiers dans "C:\Documents and Settings\HP_Propriétaire\locals~1\applic~1" ***



*** Recherche dossiers dans "C:\Documents and Settings\HP_Propriétaire\menudm~1\progra~1" ***


*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun Fichier trouvé



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans C:\WINDOWS\system32 *

* Recherche dans "C:\Documents and Settings\HP_Propriétaire\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\SANDRA\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\TIFFAN~1\locals~1\applic~1" *



*** Recherche fichiers ***




*** Recherche clés spécifiques dans le Registre ***


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans C:\WINDOWS\system32 :


* Dans "C:\Documents and Settings\HP_Propriétaire\locals~1\applic~1" :


* Dans "C:\DOCUME~1\SANDRA\locals~1\applic~1" :


* Dans "C:\DOCUME~1\TIFFAN~1\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :



*** Analyse terminée le 08/04/2008 à 16:23:48,98 ***
0
Réponse 2 / 8
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
analyse ce fichier sur virus total etdis si infécté: https://www.virustotal.com/gui/

C:\DOCUME~1\HP_PRO~1\APPLIC~1\README~1\boobwait.exe

____________________

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum

____________________

Télécharge Combofix de sUBs : Renomme le avant toute installation, par exemple, nomme le "KillBagle". aide ici : https://forum.pcastuces.com/sujet.asp?f=25&s=37315

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !

Aide à l’utilisation de combofix ici: https://bibou0007.forumpro.fr/login?redirect=%2Ft121-topic

Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

_____________________

scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport

https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
0
AlexR31 Messages postés 38 Statut Membre
 
re j'ai bien reussi a trouver ce chemin d'accé C:\DOCUME~1\HP_PRO~1\APPLIC~1\README~1\ mais dans le dossier ReadmeLessDeaf je ne trouve que le fichier 1A94B75 et pas boobwait.exe pourtant j'ai bien mit aficher les fichier et dossier cacher.

voici le rapport SDFix:


[b]SDFix: Version 1.167 [/b]
Run by HP_Propriétaire on 08/04/2008 at 17:02

Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\HP_PRO~1\Bureau\SDFix

[b]Checking Services [/b]:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting


[b]Checking Files [/b]:

Trojan Files Found:

C:\Documents and Settings\HP_Propriétaire\services.exe - Deleted





Removing Temp Files

[b]ADS Check [/b]:



[b]Final Check [/b]:

catchme 0.3.1351.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-08 17:14:23
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:931dca08
"s2"=dword:7db863bb
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:7c,4d,05,b8,9e,20,df,0d,25,05,92,12,a4,02,c0,6b,25,10,50,de,c6,..
"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:24,67,ed,d5,48,61,8d,57,92,a2,d0,91,3c,e5,5c,02,dc,ea,64,b5,7b,..
"a0"=hex:20,01,00,00,80,fc,6a,e0,d1,10,6b,74,b8,cb,5d,ba,14,b6,e0,9d,d6,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:e4,8b,1f,e6,0f,df,ff,4c,8c,2f,80,69,fb,cf,5b,60,9b,8c,5b,bd,bc,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:7c,4d,05,b8,9e,20,df,0d,25,05,92,12,a4,02,c0,6b,25,10,50,de,c6,..
"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:24,67,ed,d5,48,61,8d,57,92,a2,d0,91,3c,e5,5c,02,dc,ea,64,b5,7b,..
"a0"=hex:20,01,00,00,80,fc,6a,e0,d1,10,6b,74,b8,cb,5d,ba,14,b6,e0,9d,d6,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:e4,8b,1f,e6,0f,df,ff,4c,8c,2f,80,69,fb,cf,5b,60,9b,8c,5b,bd,bc,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:7c,4d,05,b8,9e,20,df,0d,25,05,92,12,a4,02,c0,6b,25,10,50,de,c6,..
"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:24,67,ed,d5,48,61,8d,57,92,a2,d0,91,3c,e5,5c,02,dc,ea,64,b5,7b,..
"a0"=hex:20,01,00,00,80,fc,6a,e0,d1,10,6b,74,b8,cb,5d,ba,14,b6,e0,9d,d6,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:0a,46,81,f5,2e,c8,bf,15,c5,e1,0d,0d,0f,d1,5e,0c,5f,4c,f7,15,2a,..

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}]
"DisplayName"="Alcohol 120%"

scanning hidden files ...


scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 21


[b]Remaining Services [/b]:



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\PPMate\\PPMate\\ppmate.exe"="C:\\Program Files\\PPMate\\PPMate\\ppmate.exe:*:Enabled:PPMate"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Messenger"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza"
"C:\\steam\\SteamApps\\alexr31\\condition zero\\hl.exe"="C:\\steam\\SteamApps\\alexr31\\condition zero\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"="C:\\Program Files\\Winamp Remote\\bin\\Orb.exe:*:Enabled:Orb"
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe:*:Enabled:OrbTray"
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\\Program Files\\TribalWeb\\tribalweb.exe"="C:\\Program Files\\TribalWeb\\tribalweb.exe:*:Enabled:tribalweb"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Zattoo\\zattood.exe"="C:\\Program Files\\Zattoo\\zattood.exe:*:Enabled:zattood"
"C:\\Program Files\\Zattoo\\Zattoo2.exe"="C:\\Program Files\\Zattoo\\Zattoo2.exe:*:Enabled: "
"C:\\Documents and Settings\\HP_Propriétaire\\Application Data\\SopCast\\adv\\SopAdver.exe"="C:\\Documents and Settings\\HP_Propriétaire\\Application Data\\SopCast\\adv\\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\\Program Files\\SopCast\\SopCast.exe"="C:\\Program Files\\SopCast\\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client"
"C:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"="C:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe:*:Enabled:Football Manager 2008"
"C:\\Program Files\\adslTV\\adsltv.exe"="C:\\Program Files\\adslTV\\adsltv.exe:*:Enabled:adsltv"
"C:\\Program Files\\SopCast\\adv\\SopAdver.exe"="C:\\Program Files\\SopCast\\adv\\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\steam\\Steam.exe"="C:\\steam\\Steam.exe:*:Enabled:Steam"
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"="C:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\Documents and Settings\\HP_Propriétaire\\Bureau\\Rainbowsix.Vegas\\Rainbowsix Vegas by Titof042\\Binaries\\R6Vegas_Game.exe"="C:\\Documents and Settings\\HP_Propriétaire\\Bureau\\Rainbowsix.Vegas\\Rainbowsix Vegas by Titof042\\Binaries\\R6Vegas_Game.exe:*:Enabled:R6Vegas_Game"
"C:\\Program Files\\Activision Value\\Soldier of Fortune Payback\\sof3.exe"="C:\\Program Files\\Activision Value\\Soldier of Fortune Payback\\sof3.exe:*:Enabled:sof3"
"C:\\Documents and Settings\\HP_Propriétaire\\Bureau\\Ghost Recon Advanced Warfighter 2\\graw2.exe"="C:\\Documents and Settings\\HP_Propriétaire\\Bureau\\Ghost Recon Advanced Warfighter 2\\graw2.exe:*:Enabled:Ghost Recon Advanced Warfighter® 2"
"K:\\Ghost Recon\\GhostRecon.exe"="K:\\Ghost Recon\\GhostRecon.exe:*:Enabled:GhostRecon"
"C:\\Documents and Settings\\HP_Propriétaire\\Bureau\\Ghost Recon\\graw2.exe"="C:\\Documents and Settings\\HP_Propriétaire\\Bureau\\Ghost Recon\\graw2.exe:*:Enabled:Ghost Recon Advanced Warfighter® 2"
"C:\\Program Files\\Windows Media Player\\wmplayer.exe"="C:\\Program Files\\Windows Media Player\\wmplayer.exe:*:Enabled:wmplayer.exe"
"C:\\Program Files\\TVAnts\\Tvants.exe"="C:\\Program Files\\TVAnts\\Tvants.exe:*:Enabled:TVAnts"
"K:\\jeu PC\\Ghost Recon\\GhostRecon.exe"="K:\\jeu PC\\Ghost Recon\\GhostRecon.exe:*:Enabled:GhostRecon"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Mozilla Firefox"
"C:\\Program Files\\Zattoo\\Zattoo.exe"="C:\\Program Files\\Zattoo\\Zattoo.exe:*:Enabled: "
"K:\\jeu PC\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"="K:\\jeu PC\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"K:\\jeu PC\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"="K:\\jeu PC\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"
"K:\\jeu PC\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\setup-bp.exe"="K:\\jeu PC\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\setup-bp.exe:*:Enabled:setup-bp.exe"
"K:\\jeu PC\\Pro Evolution Soccer 2008\\PES2008.exe"="K:\\jeu PC\\Pro Evolution Soccer 2008\\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008"
"C:\\Program Files\\Xfire\\ua_lsp_inst.exe"="C:\\Program Files\\Xfire\\ua_lsp_inst.exe:*:Enabled:ua_lsp_inst"
"K:\\jeu PC\\JEU ORLOF\\BF2.exe"="K:\\jeu PC\\JEU ORLOF\\BF2.exe:*:Enabled:Battlefield 2"
"K:\\jeu PC\\EA GAMES\\Medal of Honor Batailles du Pacifique(tm)\\mohpa_server.exe"="K:\\jeu PC\\EA GAMES\\Medal of Honor Batailles du Pacifique(tm)\\mohpa_server.exe:*:Enabled:Medal of Honor Pacific Assault(tm)"
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"="C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"K:\\jeu PC\\EA GAMES\\Medal of Honor Batailles du Pacifique(tm)\\mohpa.exe"="K:\\jeu PC\\EA GAMES\\Medal of Honor Batailles du Pacifique(tm)\\mohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)"
"C:\\Program Files\\Neuf\\Media Center\\httpd\\httpd.exe"="C:\\Program Files\\Neuf\\Media Center\\httpd\\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.2/255.255.255.255:Enabled:Serveur de partage Media Center (Player Neuf Cegetel)"
"M:\\jeux\\Warcraft III\\Warcraft III.exe"="M:\\jeux\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[b]Remaining Files [/b]:


File Backups: - C:\DOCUME~1\HP_PRO~1\Bureau\SDFix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:

Wed 23 Feb 2005 218 A.SHR --- "C:\BOOT.BAK"
Wed 31 Aug 2005 8 ...H. --- "C:\WINDOWS\map.sys"
Mon 10 Mar 2008 493,056 ..SH. --- "C:\Program Files\Outlook Express\svchost.exe"
Sat 22 Oct 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sat 4 Nov 2006 305 A..H. --- "C:\Program Files\InterActual\InterActual Player\itiEC.tmp"
Fri 13 Aug 2004 1,953,792 ...HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\launcher.exe"
Fri 13 Aug 2004 53,760 ...HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\mnyinsta.dll"
Fri 13 Aug 2004 94,208 ...HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\RmvSuite.exe"
Mon 16 Aug 2004 35,328 ...HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\setuplng.dll"
Fri 13 Aug 2004 20,480 ...HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\unregwtr.exe"
Mon 10 Dec 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Thu 3 May 2007 1,424,896 ...H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\raport de mon 1er stage\~WRL2049.tmp"
Wed 23 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\f7db876e78b88fd8276fd7d29cb7e4eb\BIT1.tmp"
Fri 29 Feb 2008 1,332 ...HR --- "C:\Documents and Settings\HP_Propri‚taire\Application Data\SecuROM\UserData\securom_v7_01.bak"

[b]Finished![/b]
0
AlexR31 Messages postés 38 Statut Membre > AlexR31 Messages postés 38 Statut Membre
 
re bonjour voici le rapport combofix:

ComboFix 08-04-07.5 - HP_Propriétaire 2008-04-08 17:38:39.4 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.591 [GMT 2:00]
Endroit: C:\Documents and Settings\HP_Propriétaire\Bureau\Combo-Fix.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\mcrh.tmp

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MYDNS
-------\Service_MyDNS


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-08 to 2008-04-08 ))))))))))))))))))))))))))))))))))))
.

2008-04-08 17:37 . 2008-04-08 17:37 <REP> d-------- C:\ComboFix[1]
2008-04-06 22:23 . 2008-04-06 22:23 1,158 --a------ C:\WINDOWS\mozver.dat
2008-04-03 17:22 . 2008-03-29 19:31 75,856 --a------ C:\WINDOWS\system32\drivers\aswSP.sys
2008-04-03 17:22 . 2008-03-29 19:35 20,560 --a------ C:\WINDOWS\system32\drivers\aswFsBlk.sys
2008-04-02 11:15 . 2008-04-02 11:20 <REP> d-------- C:\WINDOWS\system32\Adobe
2008-03-30 21:37 . 2008-03-30 21:37 <REP> d-------- C:\Program Files\Musitek
2008-03-30 21:37 . 2008-03-30 21:37 56 --a------ C:\WINDOWS\SSB.ini
2008-03-30 21:36 . 2008-03-30 21:36 <REP> d-------- C:\Program Files\T‚l‚chargeur de Piano facile
2008-03-30 17:56 . 2008-03-30 18:02 <REP> d-------- C:\Program Files\T‚l‚chargeur de J'apprends le piano
2008-03-30 17:56 . 2008-03-30 17:56 <REP> d-------- C:\Program Files\Fichiers communs\BOONTY Shared
2008-03-30 17:56 . 2008-03-30 17:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BOONTY
2008-03-30 17:47 . 2008-03-30 17:53 <REP> d-------- C:\Program Files\Solfege
2008-03-27 21:14 . 2008-03-27 21:20 43,520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2008-03-25 23:27 . 2008-03-25 23:27 <REP> d-------- C:\Program Files\HexEdit
2008-03-25 23:27 . 2008-03-25 23:27 <REP> d-------- C:\Program Files\Fichiers communs\BCGSoft
2008-03-25 21:45 . 2008-03-25 21:45 <REP> d---s---- C:\Program Files\Xfire
2008-03-22 12:51 . 2008-03-22 12:51 <REP> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-03-20 22:22 . 2008-03-20 22:23 175 --a------ C:\WINDOWS\w32dasm8.ini
2008-03-17 21:14 . 2008-03-17 21:16 <REP> d-------- C:\WINDOWS\system32\drivers\setup
2008-03-12 16:41 . 2008-03-12 16:41 <REP> d-------- C:\Program Files\Windows Live
2008-03-09 22:02 . 2008-03-09 22:02 <REP> d-------- C:\Program Files\TVAnts
2008-03-09 18:08 . 2008-03-09 18:23 <REP> d-------- C:\WINDOWS\nview
2008-03-09 18:08 . 2006-10-22 13:22 208,896 --a------ C:\WINDOWS\system32\nvudisp.exe
2008-03-09 18:08 . 2008-04-08 17:45 88,566 --a------ C:\WINDOWS\system32\nvapps.xml
2008-03-09 18:08 . 2006-10-22 13:22 17,056 --a------ C:\WINDOWS\system32\nvdisp.nvu
2008-03-09 18:07 . 2006-10-22 16:06 208,896 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2008-03-09 18:02 . 2008-03-30 12:31 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-03-09 18:02 . 2008-03-09 18:02 1,409 --a------ C:\WINDOWS\QTFont.for
2008-03-08 20:10 . 2008-03-08 20:10 <REP> d-------- C:\Program Files\Eidos Interactive
2008-03-08 18:36 . 2008-03-24 18:54 <REP> d-------- C:\Program Files\RivaTuner v2.07

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-08 14:23 --------- d-----w C:\Program Files\Navilog1
2008-04-06 22:45 --------- d-----w C:\Program Files\VirtualDJ
2008-04-06 21:08 --------- d-----w C:\Program Files\Winamp
2008-04-04 19:20 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-04-04 15:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-03-30 19:36 --------- d-----w C:\Program Files\Téléchargeur de Piano facile
2008-03-30 16:02 --------- d-----w C:\Program Files\Téléchargeur de J'apprends le piano
2008-03-29 17:35 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2008-03-29 17:29 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2008-03-29 17:27 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2008-03-29 17:26 26,944 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2008-03-27 01:12 --------- d-----w C:\Program Files\eMule
2008-03-26 13:40 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-25 18:33 --------- d-----w C:\Program Files\Ubisoft
2008-03-23 22:06 --------- d-----w C:\Program Files\Java
2008-03-16 17:20 --------- d-----w C:\Program Files\Zattoo
2008-03-12 14:41 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-03-08 21:44 --------- d-----w C:\Program Files\Azureus
2008-03-08 17:06 --------- d-----w C:\Program Files\ubi.com
2008-03-06 23:10 --------- d-----w C:\Program Files\Fichiers communs\PocketSoft
2008-03-06 19:42 --------- d-----w C:\Program Files\AIDA32 - Personal System Information
2008-03-06 16:19 --------- d-----w C:\Program Files\AGEIA Technologies
2008-03-06 16:18 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-03-06 06:40 --------- d-----w C:\Program Files\Activision Value
2008-03-04 23:27 --------- d-----w C:\Program Files\Player Metaboli
2008-03-04 23:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\Exetender
2008-03-04 22:00 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-03-04 20:36 --------- d-----w C:\Program Files\ma-config.com
2008-03-01 18:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Azureus
2008-02-29 10:46 --------- d-----w C:\Program Files\KONAMI
2008-02-28 23:11 --------- d-----w C:\Program Files\Shareaza
2008-02-19 19:55 --------- d-----w C:\Program Files\SopCast
2008-02-19 19:55 --------- d-----w C:\Program Files\adslTV
2008-02-09 21:46 --------- d-----w C:\Program Files\PhotoScape
2008-01-22 06:57 81,400 ----a-w C:\Documents and Settings\SANDRA\Application Data\GDIPFONTCACHEV1.DAT
2007-11-24 22:20 36,864 ----a-w C:\Documents and Settings\SANDRA\services.exe
2006-05-31 17:29 19,968 ----a-w C:\Program Files\msn blok.doc
2006-03-31 11:40 484,560 ----a-w C:\Program Files\DXSETUP.exe
2006-03-31 11:40 2,248,912 ----a-w C:\Program Files\dsetup32.dll
2006-03-31 11:39 74,448 ----a-w C:\Program Files\DSETUP.dll
2006-01-04 18:29 1,884,336 ----a-w C:\Program Files\ptvector.exe
2006-01-04 11:27 1,210,249 ----a-w C:\Program Files\recolored_recolored_0.6.0_beta_francais_18429.exe
2005-12-19 14:17 35,246,592 ----a-w C:\Program Files\directx_9c_oct05sdk_redist.exe
2004-07-30 12:16 2,805 ----a-w C:\Program Files\history.txt
2004-07-29 18:03 173,056 ----a-w C:\Program Files\chaoscope.EN
2004-07-29 17:57 1,377,280 ----a-w C:\Program Files\chaoscope.exe
2004-04-08 01:43 592,896 ----a-w C:\Program Files\converter.exe
2007-06-24 13:16 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012007062420070625\index.dat
.

((((((((((((((((((((((((((((( snapshot@2007-12-26_21.50.45.64 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB901190\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB901190\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB901190\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB901190\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB901190\update\updspapi.dll
- 2005-10-12 23:12:25 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB915865\spmsg.dll
+ 2005-10-12 23:12:26 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB915865\spmsg.dll
- 2005-10-12 23:12:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB915865\update\spcustom.dll
+ 2005-10-12 23:12:26 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB915865\update\spcustom.dll
- 2005-10-12 23:12:33 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB915865\update\updspapi.dll
+ 2005-10-12 23:12:34 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB915865\update\updspapi.dll
+ 2007-10-30 16:53:32 360,832 ----a-w C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB941644\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB941644\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\updspapi.dll
- 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\update.exe
+ 2007-06-30 18:47:16 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\update.exe
- 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\updspapi.dll
+ 2007-06-30 20:24:42 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\updspapi.dll
+ 2007-12-04 18:30:15 551,936 ----a-w C:\WINDOWS\$hf_mig$\KB943055\SP2QFE\oleaut32.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB943055\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB943055\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\updspapi.dll
+ 2007-11-07 09:50:06 733,696 ----a-w C:\WINDOWS\$hf_mig$\KB943485\SP2QFE\lsasrv.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB943485\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB943485\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\updspapi.dll
+ 2007-12-07 01:42:15 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\advpack.dll
+ 2007-12-19 22:20:28 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\dxtmsft.dll
+ 2007-12-07 01:42:15 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\dxtrans.dll
+ 2007-12-07 01:42:15 133,120 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\extmgr.dll
+ 2007-12-07 01:42:15 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\icardie.dll
+ 2007-12-06 08:34:28 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ie4uinit.exe
+ 2007-12-07 01:42:15 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieakeng.dll
+ 2007-12-07 01:42:16 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieaksie.dll
+ 2007-12-06 05:00:02 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieapfltr.dat
+ 2007-12-07 01:42:16 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieapfltr.dll
+ 2007-12-07 01:42:16 388,096 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iedkcs32.dll
+ 2007-12-07 01:42:19 6,067,200 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieframe.dll
+ 2007-12-07 01:42:19 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iernonce.dll
+ 2007-12-07 01:42:19 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iertutil.dll
+ 2007-12-06 08:34:29 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieudinit.exe
+ 2007-12-06 08:34:45 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iexplore.exe
+ 2007-12-07 01:42:20 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\jsproxy.dll
+ 2007-12-07 01:42:20 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msfeeds.dll
+ 2007-12-07 01:42:20 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msfeedsbs.dll
+ 2007-12-07 01:42:21 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll
+ 2007-12-07 01:42:21 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mshtmled.dll
+ 2007-12-07 01:42:21 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msrating.dll
+ 2007-12-07 01:42:21 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mstime.dll
+ 2007-12-07 01:42:21 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\occache.dll
+ 2008-01-11 05:54:27 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\pngfilt.dll
+ 2007-12-07 01:42:21 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\url.dll
+ 2007-12-07 01:42:22 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\urlmon.dll
+ 2007-12-07 01:42:22 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\webcheck.dll
+ 2007-12-07 01:42:22 825,344 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\updspapi.dll
+ 2007-12-18 09:38:59 179,712 ----a-w C:\WINDOWS\$hf_mig$\KB946026\SP2QFE\mrxdav.sys
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB946026\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB946026\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\updspapi.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\$NtUninstallKB941644$\spuninst\updspapi.dll
+ 2006-04-20 11:51:50 359,808 -c----w C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
+ 2007-05-17 11:29:50 549,376 -c----w C:\WINDOWS\$NtUninstallKB943055$\oleaut32.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\$NtUninstallKB943055$\spuninst\updspapi.dll
+ 2006-08-17 12:29:49 728,576 -c----w C:\WINDOWS\$NtUninstallKB943485$\lsasrv.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\$NtUninstallKB943485$\spuninst\updspapi.dll
+ 2004-08-05 10:00:00 181,248 -c----w C:\WINDOWS\$NtUninstallKB946026$\mrxdav.sys
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\$NtUninstallKB946026$\spuninst\updspapi.dll
- 2007-10-08 22:05:35 53,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2008-03-25 21:01:53 53,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2007-10-08 22:05:36 12,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2008-03-25 21:01:54 12,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2007-10-08 22:05:36 473,600 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2008-03-25 21:01:54 473,600 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2007-06-20 18:48:05 2,676,224 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-03-17 18:32:22 2,676,224 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-06-20 18:48:07 2,846,720 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-03-17 18:32:24 2,846,720 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-06-20 18:48:08 563,712 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-03-17 18:32:25 563,712 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-06-20 18:48:08 567,296 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-03-25 21:01:55 567,296 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-06-20 18:48:09 576,000 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-03-17 18:32:26 576,000 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-06-20 18:48:10 577,024 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-03-17 18:32:27 577,024 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-10-08 22:05:36 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-03-17 18:32:28 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-06-20 18:48:12 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-03-17 18:32:28 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-06-20 18:48:12 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-03-17 18:32:29 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-06-20 18:48:15 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-03-17 18:32:32 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-10-08 22:05:37 145,920 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2008-03-25 21:01:56 145,920 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2007-10-08 22:05:37 159,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2008-03-25 21:01:56 159,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2007-10-08 22:05:38 364,544 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2008-03-25 21:01:56 364,544 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2007-10-08 22:05:38 178,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2008-03-25 21:01:57 178,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2007-10-08 22:05:34 223,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2008-03-25 21:01:52 223,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2006-05-25 00:21:00 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
+ 2008-04-05 19:08:24 77,824 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
+ 2006-06-20 14:44:04 379,704 ----a-w C:\WINDOWS\Downloaded Program Files\CONFLICT.1\MsnPUpld.dll
+ 2006-06-20 14:44:02 117,560 ----a-w C:\WINDOWS\Downloaded Program Files\CONFLICT.1\PURen-us.dll
+ 2007-01-09 07:30:14 110,592 ----a-w C:\WINDOWS\Downloaded Program Files\CONFLICT.1\PURfr-fr.dll
+ 2007-09-28 03:41:28 381,960 ----a-w C:\WINDOWS\Downloaded Program Files\GAME_UNO1.dll
+ 2007-09-21 13:53:44 385,536 ----a-w C:\WINDOWS\Downloaded Program Files\Housecall_ActiveX.dll
+ 2007-02-22 22:41:12 304,544 ----a-w C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll
+ 2007-02-28 13:21:04 131,472 ----a-w C:\WINDOWS\Downloaded Program Files\msgrchkr.dll
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\26-12-2007\ERDNT.EXE
+ 2007-12-26 21:39:25 23,785,472 ----a-w C:\WINDOWS\erdnt\26-12-2007\Users\[u]0/u0000001\NTUSER.DAT
+ 2007-12-26 21:39:25 28,672 ----a-w C:\WINDOWS\erdnt\26-12-2007\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u1-04-2008\ERDNT.EXE
+ 2008-04-01 16:23:32 27,914,240 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u1-04-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-04-01 16:23:32 172,032 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u1-04-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u2-04-2008\ERDNT.EXE
+ 2008-04-02 09:12:42 27,914,240 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u2-04-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-04-02 09:12:42 172,032 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u2-04-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u3-04-2008\ERDNT.EXE
+ 2008-04-03 15:21:00 27,963,392 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u3-04-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-04-03 15:21:01 172,032 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u3-04-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u4-04-2008\ERDNT.EXE
+ 2008-04-04 15:39:26 28,065,792 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u4-04-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-04-04 15:39:26 172,032 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u4-04-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u5-04-2008\ERDNT.EXE
+ 2008-04-05 08:35:10 28,065,792 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u5-04-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-04-05 08:35:10 172,032 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u5-04-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u6-04-2008\ERDNT.EXE
+ 2008-04-06 08:53:16 28,065,792 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u6-04-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-04-06 08:53:16 172,032 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u6-04-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u7-04-2008\ERDNT.EXE
+ 2008-04-07 16:16:56 28,086,272 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u7-04-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-04-07 16:16:56 172,032 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u7-04-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u8-04-2008\ERDNT.EXE
+ 2008-04-08 12:39:44 28,209,152 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u8-04-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-04-08 12:39:44 172,032 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u8-04-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u9-03-2008\ERDNT.EXE
+ 2008-03-09 11:18:28 26,886,144 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u9-03-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-03-09 11:18:28 167,936 ----a-w C:\WINDOWS\erdnt\AutoBackup\[u]0/u9-03-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\10-03-2008\ERDNT.EXE
+ 2008-03-10 10:55:48 26,914,816 ----a-w C:\WINDOWS\erdnt\AutoBackup\10-03-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-03-10 10:55:48 167,936 ----a-w C:\WINDOWS\erdnt\AutoBackup\10-03-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\11-03-2008\ERDNT.EXE
+ 2008-03-11 17:00:25 27,049,984 ----a-w C:\WINDOWS\erdnt\AutoBackup\11-03-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-03-11 17:00:25 167,936 ----a-w C:\WINDOWS\erdnt\AutoBackup\11-03-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\12-03-2008\ERDNT.EXE
+ 2008-03-12 11:37:21 27,119,616 ----a-w C:\WINDOWS\erdnt\AutoBackup\12-03-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-03-12 11:37:22 167,936 ----a-w C:\WINDOWS\erdnt\AutoBackup\12-03-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\13-03-2008\ERDNT.EXE
+ 2008-03-13 14:27:49 27,258,880 ----a-w C:\WINDOWS\erdnt\AutoBackup\13-03-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-03-13 14:27:49 167,936 ----a-w C:\WINDOWS\erdnt\AutoBackup\13-03-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\15-03-2008\ERDNT.EXE
+ 2008-03-15 09:33:03 27,336,704 ----a-w C:\WINDOWS\erdnt\AutoBackup\15-03-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-03-15 09:33:04 167,936 ----a-w C:\WINDOWS\erdnt\AutoBackup\15-03-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\16-03-2008\ERDNT.EXE
+ 2008-03-16 15:19:47 27,549,696 ----a-w C:\WINDOWS\erdnt\AutoBackup\16-03-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-03-16 15:19:47 167,936 ----a-w C:\WINDOWS\erdnt\AutoBackup\16-03-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\17-03-2008\ERDNT.EXE
+ 2008-03-17 07:26:40 27,561,984 ----a-w C:\WINDOWS\erdnt\AutoBackup\17-03-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-03-17 07:26:40 167,936 ----a-w C:\WINDOWS\erdnt\AutoBackup\17-03-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\18-03-2008\ERDNT.EXE
+ 2008-03-18 17:29:27 27,619,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\18-03-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-03-18 17:29:27 167,936 ----a-w C:\WINDOWS\erdnt\AutoBackup\18-03-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\19-03-2008\ERDNT.EXE
+ 2008-03-19 11:58:09 27,619,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\19-03-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-03-19 11:58:09 167,936 ----a-w C:\WINDOWS\erdnt\AutoBackup\19-03-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\20-03-2008\ERDNT.EXE
+ 2008-03-20 15:37:06 27,643,904 ----a-w C:\WINDOWS\erdnt\AutoBackup\20-03-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-03-20 15:37:07 167,936 ----a-w C:\WINDOWS\erdnt\AutoBackup\20-03-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\21-03-2008\ERDNT.EXE
+ 2008-03-21 16:44:11 27,717,632 ----a-w C:\WINDOWS\erdnt\AutoBackup\21-03-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-03-21 16:44:11 167,936 ----a-w C:\WINDOWS\erdnt\AutoBackup\21-03-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\22-03-2008\ERDNT.EXE
+ 2008-03-21 23:33:21 27,746,304 ----a-w C:\WINDOWS\erdnt\AutoBackup\22-03-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-03-21 23:33:21 167,936 ----a-w C:\WINDOWS\erdnt\AutoBackup\22-03-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\23-03-2008\ERDNT.EXE
+ 2008-03-23 12:45:07 27,811,840 ----a-w C:\WINDOWS\erdnt\AutoBackup\23-03-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-03-23 12:45:07 167,936 ----a-w C:\WINDOWS\erdnt\AutoBackup\23-03-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\24-03-2008\ERDNT.EXE
+ 2008-03-24 14:10:37 27,811,840 ----a-w C:\WINDOWS\erdnt\AutoBackup\24-03-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-03-24 14:10:37 172,032 ----a-w C:\WINDOWS\erdnt\AutoBackup\24-03-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\25-03-2008\ERDNT.EXE
+ 2008-03-25 16:57:45 27,828,224 ----a-w C:\WINDOWS\erdnt\AutoBackup\25-03-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-03-25 16:57:46 167,936 ----a-w C:\WINDOWS\erdnt\AutoBackup\25-03-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\26-03-2008\ERDNT.EXE
+ 2008-03-26 12:33:23 27,844,608 ----a-w C:\WINDOWS\erdnt\AutoBackup\26-03-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-03-26 12:33:23 172,032 ----a-w C:\WINDOWS\erdnt\AutoBackup\26-03-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\27-03-2008\ERDNT.EXE
+ 2008-03-27 16:44:38 27,881,472 ----a-w C:\WINDOWS\erdnt\AutoBackup\27-03-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-03-27 16:44:39 172,032 ----a-w C:\WINDOWS\erdnt\AutoBackup\27-03-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\28-03-2008\ERDNT.EXE
+ 2008-03-28 18:32:36 27,881,472 ----a-w C:\WINDOWS\erdnt\AutoBackup\28-03-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-03-28 18:32:36 172,032 ----a-w C:\WINDOWS\erdnt\AutoBackup\28-03-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\29-03-2008\ERDNT.EXE
+ 2008-03-29 01:36:04 27,881,472 ----a-w C:\WINDOWS\erdnt\AutoBackup\29-03-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-03-29 01:36:04 172,032 ----a-w C:\WINDOWS\erdnt\AutoBackup\29-03-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\30-03-2008\ERDNT.EXE
+ 2008-03-30 09:29:02 27,901,952 ----a-w C:\WINDOWS\erdnt\AutoBackup\30-03-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-03-30 09:29:03 172,032 ----a-w C:\WINDOWS\erdnt\AutoBackup\30-03-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 11:02:28 163,328 ----a-w C:\WINDOWS\erdnt\AutoBackup\31-03-2008\ERDNT.EXE
+ 2008-03-31 16:07:07 27,906,048 ----a-w C:\WINDOWS\erdnt\AutoBackup\31-03-2008\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-03-31 16:07:07 172,032 ----a-w C:\WINDOWS\erdnt\AutoBackup\31-03-2008\Users\[u]0/u0000002\UsrClass.dat
+ 2005-10-20 18:02:28 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
- 2007-03-13 09:57:10 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2005-10-20 18:02:28 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2008-04-07 10:18:20 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2008-04-08 14:59:14 28,225,536 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0/u0000001\NTUSER.DAT
+ 2008-04-08 14:59:14 172,032 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0/u0000002\UsrClass.dat
+ 2007-12-23 23:54:58 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2007-12-28 00:34:48 23,969,792 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0/u0000001\NTUSER.DAT
+ 2007-12-28 00:34:48 28,672 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0/u0000002\UsrClass.dat
+ 2007-05-27 11:33:16 53,314 ------w C:\WINDOWS\ExentInfo.exe
+ 2000-08-31 06:00:00 73,728 ----a-w C:\WINDOWS\fdsv.exe
+ 2000-08-31 06:00:00 80,412 ----a-w C:\WINDOWS\grep.exe
- 2006-11-17 18:30:08 32,368 -c----w C:\WINDOWS\ie7\spuninst\iecustom.dll
+ 2006-10-27 18:20:20 32,368 -c----w C:\WINDOWS\ie7\spuninst\iecustom.dll
- 2006-11-17 18:28:20 66,048 -c--a-w C:\WINDOWS\ie7\spuninst\ieResetIcons.exe
+ 2006-10-27 18:18:30 66,048 -c--a-w C:\WINDOWS\ie7\spuninst\ieResetIcons.exe
- 2006-09-06 15:43:28 216,800 -c----w C:\WINDOWS\ie7\spuninst\spuninst.exe
+ 2006-09-06 16:43:28 216,800 -c----w C:\WINDOWS\ie7\spuninst\spuninst.exe
- 2006-09-06 15:43:30 394,976 -c----w C:\WINDOWS\ie7\spuninst\updspapi.dll
+ 2006-09-06 16:43:30 394,976 -c----w C:\WINDOWS\ie7\spuninst\updspapi.dll
- 2007-08-20 09:59:29 124,928 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\advpack.dll
+ 2006-10-27 01:44:06 123,904 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\advpack.dll
- 2007-08-20 09:59:29 214,528 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\dxtrans.dll
+ 2006-10-17 11:57:50 214,528 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\dxtrans.dll
- 2007-08-20 09:59:29 132,608 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\extmgr.dll
+ 2006-10-27 14:09:58 131,584 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\extmgr.dll
- 2007-08-20 09:59:29 63,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\icardie.dll
+ 2006-10-17 11:58:20 61,952 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\icardie.dll
- 2007-08-17 10:22:11 63,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ie4uinit.exe
+ 2006-10-27 01:44:04 54,784 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ie4uinit.exe
- 2007-08-20 09:59:29 153,088 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakeng.dll
+ 2006-10-27 01:44:36 152,064 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakeng.dll
- 2007-08-20 09:59:29 230,400 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieaksie.dll
+ 2006-10-27 01:44:42 229,376 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieaksie.dll
- 2007-08-17 07:34:25 161,792 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakui.dll
+ 2006-10-27 01:42:54 161,792 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakui.dll
+ 2006-09-05 23:01:26 2,451,824 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dat
- 2007-08-20 09:59:29 383,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dll
+ 2006-10-17 11:27:56 380,928 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dll
- 2007-08-20 09:59:29 384,512 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iedkcs32.dll
+ 2006-10-27 01:44:46 382,976 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iedkcs32.dll
- 2007-08-20 09:59:29 6,058,496 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieframe.dll
+ 2006-10-27 14:09:58 6,049,280 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieframe.dll
- 2007-08-20 09:59:29 44,544 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iernonce.dll
+ 2006-10-27 01:44:08 43,008 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iernonce.dll
- 2007-08-20 09:59:30 267,776 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iertutil.dll
+ 2006-10-17 11:57:20 266,752 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iertutil.dll
- 2007-08-17 10:22:11 13,824 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieudinit.exe
+ 2006-10-27 01:44:12 13,312 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieudinit.exe
- 2007-08-17 10:22:32 625,152 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe
+ 2006-10-17 12:04:40 622,080 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe
- 2007-08-20 09:59:30 27,648 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\jsproxy.dll
+ 2006-10-27 14:09:58 27,136 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\jsproxy.dll
- 2007-08-20 09:59:30 459,264 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeeds.dll
+ 2006-10-27 14:09:58 458,752 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeeds.dll
- 2007-08-20 09:59:30 52,224 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeedsbs.dll
+ 2006-10-27 14:09:58 50,688 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeedsbs.dll
- 2007-08-20 09:59:30 3,584,512 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtml.dll
+ 2006-10-27 14:09:58 3,577,856 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtml.dll
- 2007-08-20 09:59:30 477,696 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtmled.dll
+ 2006-10-27 14:09:58 475,648 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtmled.dll
- 2007-08-20 09:59:30 193,024 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msrating.dll
+ 2006-10-17 12:05:10 192,000 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msrating.dll
- 2007-08-20 09:59:30 671,232 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mstime.dll
+ 2006-10-27 14:09:58 670,720 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mstime.dll
- 2007-08-20 09:59:31 102,400 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\occache.dll
+ 2006-10-17 12:04:46 101,376 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\occache.dll
+ 2007-03-06 01:34:31 22,752 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spcustom.dll
+ 2007-03-06 01:34:33 15,072 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst.exe
- 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\updspapi.dll
+ 2007-06-30 20:24:42 394,976 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\updspapi.dll
+ 2007-03-06 01:34:56 727,776 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\update.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\updspapi.dll
- 2007-08-20 09:59:31 105,984 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\url.dll
+ 2006-10-17 12:05:22 105,984 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\url.dll
- 2007-08-20 09:59:31 1,152,000 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\urlmon.dll
+ 2006-10-27 14:09:58 1,162,240 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\urlmon.dll
- 2007-08-20 09:59:31 232,960 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\webcheck.dll
+ 2006-10-27 14:09:58 231,424 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\webcheck.dll
- 2007-08-20 09:59:31 824,832 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
+ 2006-10-27 14:09:58 818,688 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
+ 2007-10-10 23:49:42 124,928 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\advpack.dll
+ 2006-10-17 10:58:06 346,624 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\dxtmsft.dll
+ 2007-10-10 23:49:42 214,528 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\dxtrans.dll
+ 2007-10-10 23:49:42 132,608 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\extmgr.dll
+ 2007-10-10 23:49:42 63,488 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\icardie.dll
+ 2007-10-10 11:00:41 70,656 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ie4uinit.exe
+ 2007-10-10 23:49:42 153,088 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieakeng.dll
+ 2007-10-10 23:49:42 230,400 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieaksie.dll
+ 2007-10-10 05:46:55 161,792 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieakui.dll
+ 2007-10-10 23:49:42 383,488 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieapfltr.dll
+ 2007-10-10 23:49:42 384,512 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iedkcs32.dll
+ 2007-10-10 23:49:43 6,065,664 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieframe.dll
+ 2007-10-10 23:49:43 44,544 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iernonce.dll
+ 2007-10-10 23:49:43 267,776 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iertutil.dll
+ 2007-10-10 10:59:40 13,824 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieudinit.exe
+ 2007-10-10 11:00:59 625,152 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iexplore.exe
+ 2007-10-10 23:49:44 27,648 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\jsproxy.dll
+ 2007-10-10 23:49:44 459,264 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msfeeds.dll
+ 2007-10-10 23:49:44 52,224 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msfeedsbs.dll
+ 2007-10-30 23:23:48 3,590,656 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mshtml.dll
+ 2007-10-10 23:49:44 478,208 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mshtmled.dll
+ 2007-10-10 23:49:44 193,024 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msrating.dll
+ 2007-10-10 23:49:45 671,232 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mstime.dll
+ 2007-10-10 23:49:45 102,400 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\occache.dll
+ 2006-10-17 10:58:08 44,544 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\updspapi.dll
+ 2007-10-10 23:49:45 105,984 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\url.dll
+ 2007-10-10 23:49:45 1,159,680 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\urlmon.dll
+ 2007-10-10 23:49:45 232,960 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\webcheck.dll
+ 2007-10-10 23:49:45 824,832 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\wininet.dll
+ 2004-08-03 20:31:50 175,104 ----a-w C:\WINDOWS\ime\chsime\applets\PINTLCSA.DLL
+ 2004-08-03 20:31:50 53,760 ----a-w C:\WINDOWS\ime\chsime\applets\PINTLCSD.DLL
+ 2004-08-03 20:32:36 426,041 ----a-w C:\WINDOWS\ime\imjp8_1\applets\voicepad.dll
+ 2004-08-03 20:32:36 86,073 ----a-w C:\WINDOWS\ime\imjp8_1\applets\voicesub.dll
+ 2004-08-03 20:31:40 57,399 ----a-w C:\WINDOWS\ime\imjp8_1\cplexe.exe
+ 2004-08-03 20:31:52 368,696 ----a-w C:\WINDOWS\ime\imjp8_1\imjpcic.dll
+ 2004-08-03 20:31:52 716,856 ----a-w C:\WINDOWS\ime\imjp8_1\imjpcus.dll
+ 2004-08-03 20:31:54 81,976 ----a-w C:\WINDOWS\ime\imjp8_1\imjpdct.dll
+ 2004-08-03 20:31:54 307,257 ----a-w C:\WINDOWS\ime\imjp8_1\imjpdct.exe
+ 2004-08-03 20:31:56 155,705 ----a-w C:\WINDOWS\ime\imjp8_1\imjpdsvr.exe
+ 2004-08-03 20:31:58 196,665 ----a-w C:\WINDOWS\ime\imjp8_1\imjpinst.exe
+ 2004-08-03 20:32:00 208,952 ----a-w C:\WINDOWS\ime\imjp8_1\imjpmig.exe
+ 2004-08-03 20:32:12 233,527 ----a-w C:\WINDOWS\ime\imjp8_1\imjprw.exe
+ 2004-08-03 20:32:16 262,200 ----a-w C:\WINDOWS\ime\imjp8_1\imjputy.exe
+ 2004-08-03 20:32:16 274,489 ----a-w C:\WINDOWS\ime\imjp8_1\imjputyc.dll
+ 2004-08-03 21:04:34 86,016 ----a-w C:\WINDOWS\ime\imkr6_1\applets\imekrmbx.dll
+ 2004-08-03 21:04:38 106,496 ----a-w C:\WINDOWS\ime\imkr6_1\imekrcic.dll
+ 2004-08-03 20:32:28 102,456 ----a-w C:\WINDOWS\ime\shared\imlang.dll
+ 2004-08-03 20:31:50 15,360 ----a-w C:\WINDOWS\ime\shared\res\padrs804.dll
+ 2008-03-06 06:51:47 6,144 ----a-r C:\WINDOWS\Installer\{11BFB898-71E5-488A-A8FF-0E462667FB72}\Icon11BFB898.exe
+ 2008-02-29 11:01:29 31,720 ----a-r C:\WINDOWS\Installer\{2FDFD600-7338-4738-90D5-FC4ACA08DC36}\ARPPRODUCTICON.exe
+ 2008-03-04 20:36:22 140,262 ----a-r C:\WINDOWS\Installer\{6F06A42D-525C-49ED-8622-E16790956CD8}\_6FEFF9B68218417F98F549.exe
+ 2008-03-27 19:13:43 7,358 ----a-r C:\WINDOWS\Installer\{8A62C8DA-2DB7-4D94-B5BA-1D38FC36E830}\ARPPRODUCTICON.exe
+ 2008-03-27 19:13:43 49,152 ----a-r C:\WINDOWS\Installer\{8A62C8DA-2DB7-4D94-B5BA-1D38FC36E830}\NewShortcut19_8A62C8DA2DB74D94B5BA1D38FC36E830.exe
+ 2008-03-27 19:13:43 49,152 ----a-r C:\WINDOWS\Installer\{8A62C8DA-2DB7-4D94-B5BA-1D38FC36E830}\NewShortcut3_8A62C8DA2DB74D94B5BA1D38FC36E830_1.exe
+ 2008-03-27 19:13:43 8,854 ----a-r C:\WINDOWS\Installer\{8A62C8DA-2DB7-4D94-B5BA-1D38FC36E830}\Uninstall_Manhunt__8A62C8DA2DB74D94B5BA1D38FC36E830.exe
+ 2008-01-05 15:38:12 135,168 ----a-r C:\WINDOWS\Installer\{9084040C-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-01-05 15:38:12 40,960 ----a-r C:\WINDOWS\Installer\{9084040C-6000-11D3-8CFE-0150048383C9}\xlvicon.exe
+ 2008-03-26 13:40:17 14,366 ----a-r C:\WINDOWS\Installer\{D0A05794-48C2-4424-A15A-9F20FCFDD374}\ARPPRODUCTICON.exe
- 2004-09-29 10:38:58 2,676,224 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll
+ 2004-09-29 11:38:58 2,676,224 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll
- 2004-12-01 13:53:06 2,846,720 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2903.0\Microsoft.DirectX.Direct3DX.dll
+ 2004-12-01 14:53:06 2,846,720 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2903.0\Microsoft.DirectX.Direct3DX.dll
- 2005-02-05 17:32:54 563,712 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2904.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-02-05 18:32:54 563,712 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2904.0\Microsoft.DirectX.Direct3DX.dll
- 2005-05-26 13:15:56 576,000 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-05-26 14:15:56 576,000 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll
- 2005-12-05 15:20:50 577,536 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2909.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-12-05 16:20:50 577,536 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2909.0\Microsoft.DirectX.Direct3DX.dll
- 2006-02-03 05:40:48 578,560 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2910.0\Microsoft.DirectX.Direct3DX.dll
+ 2006-02-03 06:40:48 578,560 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2910.0\Microsoft.DirectX.Direct3DX.dll
- 2006-03-31 09:27:50 578,560 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll
+ 2006-03-31 10:27:50 578,560 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll
+ 2000-08-31 06:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
+ 2001-04-12 17:00:00 182,272 ----a-w C:\WINDOWS\patchw32.dll
+ 2000-08-31 06:00:00 98,816 ----a-w C:\WINDOWS\sed.exe
+ 2004-08-19 14:10:10 188,416 ------w C:\WINDOWS\ServicePackFiles\i386\msh261.drv
+ 2004-08-19 14:10:10 294,912 ------w C:\WINDOWS\ServicePackFiles\i386\msh263.drv
+ 2004-08-19 14:10:10 23,552 ------w C:\WINDOWS\ServicePackFiles\i386\wdmaud.drv
+ 2004-08-19 14:10:10 146,944 ------w C:\WINDOWS\ServicePackFiles\i386\winspool.drv
+ 2000-08-31 06:00:00 161,792 ----a-w C:\WINDOWS\swreg.exe
+ 2000-08-31 06:00:00 136,704 ----a-w C:\WINDOWS\swsc.exe
+ 2000-08-31 06:00:00 212,480 ----a-w C:\WINDOWS\swxcacls.exe
+ 2004-08-05 03:00:00 73,680 ----a-w C:\WINDOWS\system\MCIAVI.DRV
+ 2004-08-05 03:00:00 25,280 ----a-w C:\WINDOWS\system\MCISEQ.DRV
+ 2004-08-05 03:00:00 28,160 ----a-w C:\WINDOWS\system\MCIWAVE.DRV
+ 2004-08-05 03:00:00 3,360 ----a-w C:\WINDOWS\system\SYSTEM.DRV
+ 2004-08-05 03:00:00 4,096 ----a-w C:\WINDOWS\system\TIMER.DRV
+ 2004-08-05 03:00:00 13,600 ----a-w C:\WINDOWS\system\WFWNET.DRV
+ 2004-08-19 14:10:10 146,944 ----a-w C:\WINDOWS\system\winspool.drv
- 2006-11-07 02:26:44 71,680 ----a-w C:\WINDOWS\system32\admparse.dll
+ 2006-10-27 01:44:26 71,680 ----a-w C:\WINDOWS\system32\admparse.dll
+ 2008-03-19 17:23:20 114,688 ----a-w C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
+ 2008-03-19 17:36:22 202,168 ----a-w C:\WINDOWS\system32\Adobe\Director\SwDir.dll
+ 2008-03-19 17:24:02 487,424 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\Control.dll
+ 2008-03-19 16:46:26 1,798,144 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\dirapi.dll
+ 2008-03-19 17:24:04 9,216 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2008-03-19 16:36:14 754,688 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\gi.dll
+ 2008-03-19 16:36:16 1,145,896 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\gt.exe
+ 2008-03-19 16:36:14 52,288 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\gtapi.dll
+ 2008-03-19 16:42:42 892,928 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\iml32.dll
+ 2008-03-19 17:22:34 249,856 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\Plugin.dll
+ 2008-03-19 17:25:36 442,368 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\Proj.dll
+ 2008-03-19 17:36:06 439,736 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1100429.exe
+ 2008-03-19 17:26:20 110,592 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SwInit.exe
+ 2008-03-19 17:22:22 94,208 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SwMenu.dll
+ 2008-03-19 16:36:14 50,808 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SYMCCHECKER.DLL
+ 1999-06-25 08:55:30 149,504 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\UNWISE.EXE
- 2007-10-10 23:49:42 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2007-12-07 02:08:32 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2007-04-14 14:57:04 53,248 ----a-w C:\WINDOWS\system32\AgCPanelFrench.dll
+ 2007-04-14 14:57:04 53,248 ----a-w C:\WINDOWS\system32\AgCPanelGerman.dll
+ 2007-04-14 14:57:04 53,248 ----a-w C:\WINDOWS\system32\AgCPanelJapanese.dll
+ 2007-04-14 14:57:04 53,248 ----a-w C:\WINDOWS\system32\AgCPanelKorean.dll
+ 2007-04-14 14:57:04 53,248 ----a-w C:\WINDOWS\system32\AgCPanelPortugese.dll
+ 2007-04-14 14:57:04 53,248 ----a-w C:\WINDOWS\system32\AgCPanelSimplifiedChinese.dll
+ 2007-04-14 14:57:06 53,248 ----a-w C:\WINDOWS\system32\AgCPanelSpanish.dll
+ 2007-04-14 14:57:06 53,248 ----a-w C:\WINDOWS\system32\AgCPanelSwedish.dll
+ 2007-04-14 14:57:06 53,248 ----a-w C:\WINDOWS\system32\AgCPanelTraditionalChinese.dll
+ 2007-05-15 17:12:24 196,973 ----a-w C:\WINDOWS\system32\AGEIA\AG1011\app.bin
+ 2007-05-15 17:12:24 122,249 ----a-w C:\WINDOWS\system32\AGEIA\AG1011\diag.bin
+ 2007-05-15 17:12:24 203,717 ----a-w C:\WINDOWS\system32\AGEIA\AG1021\app.bin
+ 2007-05-15 17:12:24 105,981 ----a-w C:\WINDOWS\system32\AGEIA\AG1021\diag.bin
- 2007-12-04 13:04:28 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
+ 2008-03-29 17:45:49 1,146,232 ----a-w C:\WINDOWS\system32\aswBoot.exe
- 2007-12-04 12:54:04 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
+ 2008-03-29 17:23:22 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
+ 1998-07-12 22:00:00 32,768 ----a-w C:\WINDOWS\system32\CMDLGFR.DLL
- 2007-12-23 18:42:17 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
+ 2008-01-30 18:54:28 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
+ 2004-08-05 03:00:00 10,544 ----a-w C:\WINDOWS\system32\comm.drv
- 2004-08-19 14:09:22 35,328 ----a-w C:\WINDOWS\system32\corpol.dll
+ 2004-08-05 10:00:00 35,328 ------w C:\WINDOWS\system32\corpol.dll
- 2007-03-12 14:42:30 1,123,696 ----a-w C:\WINDOWS\system32\D3DCompiler_33.dll
+ 2007-03-12 15:42:30 1,123,696 ----a-w C:\WINDOWS\system32\D3DCompiler_33.dll
- 2007-05-16 14:45:16 1,124,720 ----a-w C:\WINDOWS\system32\D3DCompiler_34.dll
+ 2007-05-16 15:45:16 1,124,720 ----a-w C:\WINDOWS\system32\D3DCompiler_34.dll
- 2007-03-15 14:57:58 443,752 ----a-w C:\WINDOWS\system32\d3dx10_33.dll
+ 2007-03-15 15:57:58 443,752 ----a-w C:\WINDOWS\system32\d3dx10_33.dll
- 2007-05-16 14:45:16 443,752 ----a-w C:\WINDOWS\system32\d3dx10_34.dll
+ 2007-05-16 15:45:16 443,752 ----a-w C:\WINDOWS\system32\d3dx10_34.dll
- 2005-02-05 17:45:26 2,222,800 ----a-w C:\WINDOWS\system32\d3dx9_24.dll
+ 2005-02-05 18:45:26 2,222,800 ----a-w C:\WINDOWS\system32\d3dx9_24.dll
- 2005-12-05 16:09:18 2,323,664 ----a-w C:\WINDOWS\system32\d3dx9_28.dll
+ 2005-12-05 17:09:18 2,323,664 ----a-w C:\WINDOWS\system32\d3dx9_28.dll
- 2006-02-03 06:43:16 2,332,368 ----a-w C:\WINDOWS\system32\d3dx9_29.dll
+ 2006-02-03 07:43:16 2,332,368 ----a-w C:\WINDOWS\system32\d3dx9_29.dll
- 2006-03-31 10:40:58 2,388,176 ----a-w C:\WINDOWS\system32\d3dx9_30.dll
+ 2006-03-31 11:40:58 2,388,176 ----a-w C:\WINDOWS\system32\d3dx9_30.dll
- 2006-09-28 14:05:20 2,414,360 ----a-w C:\WINDOWS\system32\d3dx9_31.dll
+ 2006-09-28 15:05:20 2,414,360 ----a-w C:\WINDOWS\system32\d3dx9_31.dll
- 2006-11-29 11:06:18 3,426,072 ----a-w C:\WINDOWS\system32\d3dx9_32.dll
+ 2006-11-29 12:06:18 3,426,072 ----a-w C:\WINDOWS\system32\d3dx9_32.dll
- 2007-03-12 14:42:30 3,495,784 ----a-w C:\WINDOWS\system32\d3dx9_33.dll
+ 2007-03-12 15:42:30 3,495,784 ----a-w C:\WINDOWS\system32\d3dx9_33.dll
- 2007-05-16 14:45:16 3,497,832 ----a-w C:\WINDOWS\system32\d3dx9_34.dll
+ 2007-05-16 15:45:16 3,497,832 ----a-w C:\WINDOWS\system32\d3dx9_34.dll
- 2006-11-07 02:26:44 71,680 -c--a-w C:\WINDOWS\system32\dllcache\admparse.dll
+ 2006-10-27 01:44:26 71,680 -c--a-w C:\WINDOWS\system32\dllcache\admparse.dll
- 2007-10-10 23:49:42 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2007-12-07 02:08:32 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2004-08-05 10:00:00 35,328 ------w C:\WINDOWS\system32\dllcache\corpol.dll
+ 2004-08-03 20:31:40 57,399 -c--a-w C:\WINDOWS\system32\dllcache\cplexe.exe
- 2006-11-07 20:03:36 33,792 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll
+ 2006-10-27 14:09:58 33,792 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll
- 2006-10-17 10:58:06 346,624 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2007-12-19 22:53:23 347,136 -c----w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2007-10-10 23:49:42 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2007-12-07 02:08:32 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2007-10-10 23:49:42 132,608 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2007-12-07 02:08:32 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2006-10-17 10:44:36 60,416 -c--a-w C:\WINDOWS\system32\dllcache\hmmapi.dll
+ 2006-10-17 11:44:36 60,416 -c--a-w C:\WINDOWS\system32\dllcache\hmmapi.dll
- 2007-10-10 23:49:42 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2007-12-07 02:08:32 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2007-10-10 11:00:41 70,656 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2007-12-06 11:02:31 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2007-10-10 23:49:42 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2007-12-07 02:08:32 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2007-10-10 23:49:42 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2007-12-07 02:08:32 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2007-10-10 05:46:55 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2007-12-06 04:59:51 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2007-10-10 23:49:42 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2007-12-07 02:08:32 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2007-10-10 23:49:42 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2007-12-07 02:08:32 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2006-10-17 11:04:50 69,120 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2006-10-17 12:04:50 69,120 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
- 2006-10-17 11:06:00 78,336 -c--a-w C:\WINDOWS\system32\dllcache\ieencode.dll
+ 2006-10-17 12:06:00 78,336 -c--a-w C:\WINDOWS\system32\dllcache\ieencode.dll
- 2007-10-10 23:49:43 6,065,664 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2007-12-07 02:08:33 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2006-11-07 20:03:36 191,488 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2006-10-27 14:09:58 191,488 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
- 2007-10-10 23:49:43 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2007-12-07 02:08:33 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2007-10-10 23:49:43 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2007-12-07 02:08:33 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2006-11-07 02:26:42 55,296 -c--a-w C:\WINDOWS\system32\dllcache\iesetup.dll
+ 2006-10-27 01:44:26 55,296 -c--a-w C:\WINDOWS\system32\dllcache\iesetup.dll
- 2007-10-10 10:59:40 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2007-12-06 11:00:58 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2007-10-10 11:00:59 625,152 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2007-12-06 11:03:16 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2004-08-03 21:04:38 106,496 -c--a-w C:\WINDOWS\system32\dllcache\imekrcic.dll
+ 2004-08-03 21:04:34 86,016 -c--a-w C:\WINDOWS\system32\dllcache\imekrmbx.dll
- 2006-10-17 10:57:58 36,352 -c--a-w C:\WINDOWS\system32\dllcache\imgutil.dll
+ 2006-10-17 11:57:58 36,352 -c--a-w C:\WINDOWS\system32\dllcache\imgutil.dll
+ 2004-08-03 20:31:50 811,064 -c--a-w C:\WINDOWS\system32\dllcache\imjp81k.dll
+ 2004-08-03 20:31:52 368,696 -c--a-w C:\WINDOWS\system32\dllcache\imjpcic.dll
+ 2004-08-03 20:31:52 716,856 -c--a-w C:\WINDOWS\system32\dllcache\imjpcus.dll
+ 2004-08-03 20:31:54 81,976 -c--a-w C:\WINDOWS\system32\dllcache\imjpdct.dll
+ 2004-08-03 20:31:54 307,257 -c--a-w C:\WINDOWS\system32\dllcache\imjpdct.exe
+ 2004-08-03 20:31:56 155,705 -c--a-w C:\WINDOWS\system32\dllcache\imjpdsvr.exe
+ 2004-08-03 20:31:58 196,665 -c--a-w C:\WINDOWS\system32\dllcache\imjpinst.exe
+ 2004-08-03 20:32:00 208,952 -c--a-w C:\WINDOWS\system32\dllcache\imjpmig.exe
+ 2004-08-03 20:32:12 233,527 -c--a-w C:\WINDOWS\system32\dllcache\imjprw.exe
+ 2004-08-03 20:32:16 262,200 -c--a-w C:\WINDOWS\system32\dllcache\imjputy.exe
+ 2004-08-03 20:32:16 274,489 -c--a-w C:\WINDOWS\system32\dllcache\imjputyc.dll
+ 2004-08-03 20:32:28 102,456 -c--a-w C:\WINDOWS\system32\dllcache\imlang.dll
+ 2004-08-03 20:31:50 59,392 -c--a-w C:\WINDOWS\system32\dllcache\imscinst.exe
- 2006-11-07 02:26:24 92,672 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2006-10-27 01:44:08 92,672 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
- 2006-10-17 11:00:00 491,520 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2006-10-17 12:00:00 491,520 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
- 2007-10-10 23:49:44 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2007-12-07 02:08:33 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2001-08-17 21:55:56 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbd101b.dll
+ 2001-08-17 21:55:56 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbd101c.dll
+ 2001-08-17 21:55:56 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbd103.dll
+ 2001-08-17 21:55:56 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbd106.dll
+ 2001-08-23 16:47:06 8,704 -c--a-w C:\WINDOWS\system32\dllcache\kbdjpn.dll
+ 2001-08-23 16:47:06 8,192 -c--a-w C:\WINDOWS\system32\dllcache\kbdkor.dll
- 2006-10-17 11:05:10 40,960 -c--a-w C:\WINDOWS\system32\dllcache\licmgr10.dll
+ 2006-10-17 12:05:10 40,960 -c--a-w C:\WINDOWS\system32\dllcache\licmgr10.dll
- 2006-08-17 12:29:49 728,576 -c--a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
+ 2007-11-07 09:28:31 728,576 -c--a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
+ 2004-08-05 03:00:00 73,680 -c--a-w C:\WINDOWS\system32\dllcache\mciavi.drv
+ 2004-08-05 03:00:00 25,280 -c--a-w C:\WINDOWS\system32\dllcache\mciseq.drv
+ 2004-08-05 03:00:00 28,160 -c--a-w C:\WINDOWS\system32\dllcache\mciwave.drv
- 2004-08-05 10:00:00 181,248 -c--a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
+ 2007-12-18 09:51:35 179,584 -c--a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
- 2007-10-10 23:49:44 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2007-12-07 02:08:33 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2007-10-10 23:49:44 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2007-12-07 02:08:33 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2006-10-17 10:56:10 45,568 -c--a-w C:\WINDOWS\system32\dllcache\mshta.exe
+ 2006-10-17 11:56:10 45,568 -c--a-w C:\WINDOWS\system32\dllcache\mshta.exe
- 2007-10-30 23:23:48 3,590,656 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2007-12-08 09:38:36 3,592,192 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-10-10 23:49:44 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2007-12-07 02:08:34 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2006-10-17 10:28:56 48,128 -c--a-w C:\WINDOWS\system32\dllcache\mshtmler.dll
+ 2006-10-17 11:28:56 48,128 -c--a-w C:\WINDOWS\system32\dllcache\mshtmler.dll
- 2006-11-07 20:03:36 156,160 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll
+ 2006-10-27 14:09:58 156,160 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll
- 2007-10-10 23:49:44 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2007-12-07 02:08:34 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
- 2007-10-10 23:49:45 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2007-12-07 02:08:34 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
- 2006-10-22 10:22:00 4,527,488 -c--a-w C:\WINDOWS\system32\dllcache\nv4_disp.dll
+ 2006-10-22 11:22:00 4,527,488 -c--a-w C:\WINDOWS\system32\d
0
Réponse 3 / 8
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
ok fais la suite et tu me recollera un hijackthis à la fin. À plus
0
Réponse 4 / 8
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport

https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
0
AlexR31 Messages postés 38 Statut Membre
 
bonjour jlpjlp dsl pour le retard, voici le rapport MalwareByte's Anti-Malware:

Malwarebytes' Anti-Malware 1.11
Version de la base de données: 599

Type de recherche: Examen complet (C:\|D:\|K:\|)
Eléments examinés: 262152
Temps écoulé: 7 hour(s), 3 minute(s), 28 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 10
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> No action taken.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> No action taken.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MiniBugTransporter.MiniBugTransporterX (Adware.Minibug) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MiniBugTransporter.MiniBugTransporterX.1 (Adware.Minibug) -> No action taken.
HKEY_CURRENT_USER\Software\Trymedia Systems (Adware.Trymedia) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Program Files\Fichiers communs\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> No action taken.
C:\Documents and Settings\SANDRA\services.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\Program Files\outlook express\svchost.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
0
AlexR31 Messages postés 38 Statut Membre > AlexR31 Messages postés 38 Statut Membre
 
re voici le rapport HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:39:55, on 09/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.sapo.pt/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar6.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar6.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [AGRSMMSG] ; AGRSMMSG.exe
O4 - HKLM\..\Run: [AlcxMonitor] ; ALCXMNTR.EXE
O4 - HKLM\..\Run: [HPHUPD06] ; c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [ISUSScheduler] ; "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [KBD] ; C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VTTimer] ; VTTimer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Bibshim] ; C:\DOCUME~1\HP_PRO~1\APPLIC~1\README~1\boobwait.exe
O4 - HKCU\..\Run: [updateMgr] ; C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {49783ED4-258D-4f9f-BE11-137C18D3E543} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {A4069847-C342-48E2-9257-01A24E5C78EA} (F-Secure Online Scanner 3.2) - https://www.f-secure.com/en/home/support
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 8
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
analyse ce fichier sur virus total et dis si infécté:

C:\Program Files\Xfire

_____________________

colle le rapport d'un scan en ligne
avec un des suivants: (désactiver avast le temps du scan)

bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

Panda en ligne :
http://pandasoftware.fr

__________________________
encore des problèmes?
0
Réponse 6 / 8
AlexR31 Messages postés 38 Statut Membre
 
re je vien danalyser C:\Program Files\Xfire sur virus total est il n'est pas infecter. mon PC rame toujours plus le temps passe plus je m'appercoit que dans le gestionnaire des taches de windows AshWebSv.exe occupe jusqu'a 128150Ko il augmente sans cesse, puis en bas a droite il ya marquer processus: 36 . est-ce normale?? je fini l'annalyse et je te post ensuite le raport. Merci
0
Réponse 7 / 8
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
ok j'attends le scan en ligne

puis nettoie avec ccleaner ton ordi pour virer les traces de surf, le cache....

https://www.malekal.com/tutoriel-ccleaner/
0
AlexR31 Messages postés 38 Statut Membre
 
re apré deux analyse avec bitdefender voici le raport:



Statistiques

Temps
00:53:42

Fichiers
198288

Directoires
15520

Secteurs de boot
5

Archives
3092

Paquets programmes
20160




Résultats

Virus identifiés
0

Fichiers infectés
0

Fichiers suspects
0

Avertissements
0

Désinfectés
0

Fichiers effacés
0




Info sur les moteurs

Définition virus
1034382

Version des moteurs
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Analyse des plugins
14

Archive des plugins
38

Unpack des plugins
7

E-mail plugins
6

Système plugins
1




Paramètres d'analyse

Première action
Désinfecté

Seconde Action
Supprimé

Heuristique
Oui

Acceptez les avertissements
Oui

Extensions analysées
exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

Excludez les extensions


Analyse d'emails
Oui

Analyse des Archives
Oui

Analyser paquets programmes
Oui

Analyse des fichiers
Oui

Analyse de boot
Oui




Fichier analysé
Statut

Aucun virus trouvé.
0
Réponse 8 / 8
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
ok encore des soucis?
0