*.exe n'est pas une application valide
Fermé
tertilus
Messages postés
55
Statut
Membre
-
Destrio5 Messages postés 99820 Statut Modérateur -
Destrio5 Messages postés 99820 Statut Modérateur -
Bonjour,
Quand je lance une appication dont la fonction est de sécuriser mon ordi, j'ai un message d'erreur du genre "Nom de l'application.exe" n'est pas une application Win32 valide. J'ai lancé Hijackthis, ça été la meme chose. Le virus a meme désactivé mon antivirus kaspersky 2009 à jour au point que quand je le lance, j'ai le message C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe n'est pas une application Win32 valide.
Je pense avoir le meme prb que ce dernier
http://www.commentcamarche.net/forum/affich 5064033 exe n est pas une application win32 valide
J'ai déjà vérifer la restauration du systeme, chose etrange il n'y aucun plus de restauration automatique. Tout à disparu. Meme windows defender ne peut pas etre activé. Il ne me reste plus que le firewall de l'OS windows vista.
J'ai exécuté deux utilitaires qui m'ont donné deux rapports mais je pense que descargar Elibagla est le plus proche de la réalité car je pense que mon bourreau doit avoir une extension qui se termine HLDRRR.EXE . A vous de voir c'est pourquoi je poste ce rapport.
J'ai egalement envoyé le rapport de descargar Elibagla à l'adresse suivante virus@satinfo.es
J'ai exécuté descargar Elibagla qui m'a donné ce rapport:
EliBagle v11.80 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 2 de Octubre del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.80
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
C:\USERS\ARISTIDE\APPDATA\ROAMING\M\FLEC006.EXE --> Bagle Acceso Denegado.
C:\USERS\ARISTIDE\APPDATA\ROAMING\M\LIST.OCT --> Eliminado Bagle
Reinicie para Completar la Limpieza.
Fri Oct 03 12:56:49 2008
EliBagle v11.80 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 2 de Octubre del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.80
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
C:\USERS\ARISTIDE\APPDATA\ROAMING\M\FLEC006.EXE --> Bagle Acceso Denegado.
Reinicie para Completar la Limpieza.
Fri Oct 03 12:56:59 2008
EliBagle v11.80 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 2 de Octubre del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
---------------------------------------------------------------------------------------------------------------------------------------------------------
A défaut de Hi jackthis qui ne s'execute pas, j'ai pu executer Smiltfraudfix qui m'a donné ce rapport
SmitFraudFix v2.335
Scan done at 12:44:32,95, 03/10/2008
Run from C:\Users\Aristide\Desktop\SmitfraudFix
OS: Microsoft Windows [version 6.0.6000] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
D:\Winamp 5 53\Winamp\winampa.exe
D:\Unlocker 1 8 7\Unlocker\UnlockerAssistant.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
D:\PowerISO\PWRISOVM.EXE
D:\UTorrent 1 8\uTorrent.exe
D:\Ares Destiny\Ares.exe
D:\Bitcomet\BitComet.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
D:\Emule\emule.exe
C:\Users\Aristide\AppData\Roaming\m\flec006.exe
D:\Logitech 4 60\SetPoint\SetPoint.exe
D:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Winamp Remote\bin\Orb.exe
D:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\drivers\downld\249234.exe
C:\Windows\system32\drivers\downld\407718.exe
C:\Windows\system32\drivers\downld\465062.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\wbem\wmiprvse.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows
»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Aristide
»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Aristide\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Start Menu
»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Aristide\FAVORI~1
»»»»»»»»»»»»»»»»»»»»»»»» Desktop
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys
»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, following keys are not inevitably infected!!!
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, following keys are not inevitably infected!!!
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, following keys are not inevitably infected!!!
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~1\\KASPER~1\\KASPER~1\\mzvkbd.dll,C:\\PROGRA~1\\KASPER~1\\KASPER~1\\mzvkbd3.dll,C:\\PROGRA~1\\KASPER~1\\KASPER~1\\adialhk.dll,C:\\PROGRA~1\\KASPER~1\\KASPER~1\\kloehk.dll"
"LoadAppInit_DLLs"=dword:00000001
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\Windows\\system32\\userinit.exe,"
»»»»»»»»»»»»»»»»»»»»»»»» Rustock
»»»»»»»»»»»»»»»»»»»»»»»» DNS
HKLM\SYSTEM\CCS\Services\Tcpip\..\{E6E82015-7091-451B-8709-53256B0A02F4}: NameServer=213.136.96.2 213.136.96.37
HKLM\SYSTEM\CS1\Services\Tcpip\..\{E6E82015-7091-451B-8709-53256B0A02F4}: NameServer=213.136.96.2 213.136.96.37
»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection
»»»»»»»»»»»»»»»»»»»»»»»» End
Merci pour votre aide
Quand je lance une appication dont la fonction est de sécuriser mon ordi, j'ai un message d'erreur du genre "Nom de l'application.exe" n'est pas une application Win32 valide. J'ai lancé Hijackthis, ça été la meme chose. Le virus a meme désactivé mon antivirus kaspersky 2009 à jour au point que quand je le lance, j'ai le message C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe n'est pas une application Win32 valide.
Je pense avoir le meme prb que ce dernier
http://www.commentcamarche.net/forum/affich 5064033 exe n est pas une application win32 valide
J'ai déjà vérifer la restauration du systeme, chose etrange il n'y aucun plus de restauration automatique. Tout à disparu. Meme windows defender ne peut pas etre activé. Il ne me reste plus que le firewall de l'OS windows vista.
J'ai exécuté deux utilitaires qui m'ont donné deux rapports mais je pense que descargar Elibagla est le plus proche de la réalité car je pense que mon bourreau doit avoir une extension qui se termine HLDRRR.EXE . A vous de voir c'est pourquoi je poste ce rapport.
J'ai egalement envoyé le rapport de descargar Elibagla à l'adresse suivante virus@satinfo.es
J'ai exécuté descargar Elibagla qui m'a donné ce rapport:
EliBagle v11.80 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 2 de Octubre del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.80
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
C:\USERS\ARISTIDE\APPDATA\ROAMING\M\FLEC006.EXE --> Bagle Acceso Denegado.
C:\USERS\ARISTIDE\APPDATA\ROAMING\M\LIST.OCT --> Eliminado Bagle
Reinicie para Completar la Limpieza.
Fri Oct 03 12:56:49 2008
EliBagle v11.80 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 2 de Octubre del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.80
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
C:\USERS\ARISTIDE\APPDATA\ROAMING\M\FLEC006.EXE --> Bagle Acceso Denegado.
Reinicie para Completar la Limpieza.
Fri Oct 03 12:56:59 2008
EliBagle v11.80 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 2 de Octubre del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
---------------------------------------------------------------------------------------------------------------------------------------------------------
A défaut de Hi jackthis qui ne s'execute pas, j'ai pu executer Smiltfraudfix qui m'a donné ce rapport
SmitFraudFix v2.335
Scan done at 12:44:32,95, 03/10/2008
Run from C:\Users\Aristide\Desktop\SmitfraudFix
OS: Microsoft Windows [version 6.0.6000] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
D:\Winamp 5 53\Winamp\winampa.exe
D:\Unlocker 1 8 7\Unlocker\UnlockerAssistant.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
D:\PowerISO\PWRISOVM.EXE
D:\UTorrent 1 8\uTorrent.exe
D:\Ares Destiny\Ares.exe
D:\Bitcomet\BitComet.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
D:\Emule\emule.exe
C:\Users\Aristide\AppData\Roaming\m\flec006.exe
D:\Logitech 4 60\SetPoint\SetPoint.exe
D:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Winamp Remote\bin\Orb.exe
D:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\drivers\downld\249234.exe
C:\Windows\system32\drivers\downld\407718.exe
C:\Windows\system32\drivers\downld\465062.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\wbem\wmiprvse.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows
»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Aristide
»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Aristide\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Start Menu
»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Aristide\FAVORI~1
»»»»»»»»»»»»»»»»»»»»»»»» Desktop
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys
»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, following keys are not inevitably infected!!!
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, following keys are not inevitably infected!!!
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, following keys are not inevitably infected!!!
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~1\\KASPER~1\\KASPER~1\\mzvkbd.dll,C:\\PROGRA~1\\KASPER~1\\KASPER~1\\mzvkbd3.dll,C:\\PROGRA~1\\KASPER~1\\KASPER~1\\adialhk.dll,C:\\PROGRA~1\\KASPER~1\\KASPER~1\\kloehk.dll"
"LoadAppInit_DLLs"=dword:00000001
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\Windows\\system32\\userinit.exe,"
»»»»»»»»»»»»»»»»»»»»»»»» Rustock
»»»»»»»»»»»»»»»»»»»»»»»» DNS
HKLM\SYSTEM\CCS\Services\Tcpip\..\{E6E82015-7091-451B-8709-53256B0A02F4}: NameServer=213.136.96.2 213.136.96.37
HKLM\SYSTEM\CS1\Services\Tcpip\..\{E6E82015-7091-451B-8709-53256B0A02F4}: NameServer=213.136.96.2 213.136.96.37
»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection
»»»»»»»»»»»»»»»»»»»»»»»» End
Merci pour votre aide
A voir également:
- *.exe n'est pas une application valide
- Ethernet n'a pas de configuration ip valide - Guide
- Nommez une application d'appel vidéo ou de visioconférence - Guide
- .Exe - Télécharger - Divers Utilitaires
- Desinstaller une application sur windows - Guide
- Comment supprimer une application préinstallée sur android - Guide
34 réponses
Avant meme d'executer le script j'avais pu initialiser kaspersky. J'arrive à executer les prg et meme que j'arrive à effectuer un scan à partir du bareau avec hijackthis. Voilà le rapport après l'execution du script
ComboFix 08-10-02.04 - Aristide 2008-10-03 19:43:34.1 - NTFSx86
Microsoft® Windows Vista™ Édition Intégrale 6.0.6000.0.1252.1.1036.18.2167 [GMT 0:00]
Lancé depuis: C:\Users\Aristide\Desktop\ComboFix.exe
Commutateurs utilisés :: C:\Users\Aristide\Desktop\CFScript.txt
* Un nouveau point de restauration a été créé
FILE ::
C:\Users\Aristide\AppData\Roaming\svchost.exe
C:\Windows\System32\Sexy Girls.scr
C:\Windows\System32\tmp.reg
O:\boot.exe
O:\TMMDW8LP.exe
P:\TAE7ESLP.exe
U:\mgjpcfdg.cmd
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\FindyKill
C:\Program Files\FindyKill\FindyKill.cmd
C:\Program Files\FindyKill\FixReg\FixSrosa.reg
C:\Program Files\FindyKill\FixReg\Limpia
C:\Program Files\FindyKill\FixReg\Limpia.reg
C:\Program Files\FindyKill\FixReg\Mse.reg
C:\Program Files\FindyKill\FixReg\Repair.reg
C:\Program Files\FindyKill\FixReg\Wvista.reg
C:\Program Files\FindyKill\FixReg\Wxp.reg
C:\Program Files\FindyKill\Tools\Icone.ico
C:\Program Files\FindyKill\Tools\Kill.exe
C:\Program Files\FindyKill\Tools\Process.exe
C:\Program Files\FindyKill\Tools\swreg.exe
C:\Program Files\FindyKill\Uninstal.exe
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb127\SearchSettings.dll
C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll
C:\Program Files\Search Settings\SearchSettings.exe
C:\Users\Aristide\AppData\Roaming\svchost.exe
C:\Windows\System32\Sexy Girls.scr
C:\Windows\System32\tmp.reg
O:\TMMDW8LP.exe . . . . failed to delete
.
((((((((((((((((((((((((( Files Created from 2008-09-03 to 2008-10-03 )))))))))))))))))))))))))))))))
.
2008-10-03 19:48 . 2008-10-03 19:48 304 --ahs---- C:\Windows\klif.spi
2008-10-03 19:41 . 2008-10-03 19:42 <REP> d-------- C:\32788R22FWJFW
2008-10-03 13:49 . 2008-10-03 13:50 <REP> d-------- C:\Program Files\Java
2008-10-02 22:32 . 2008-10-03 01:23 237,259,896 --a------ C:\Windows\MEMORY.DMP
2008-10-02 22:25 . 2008-10-02 22:25 <REP> d--hs---- C:\Windows\ftpcache
2008-10-01 10:16 . 2008-10-01 10:20 <REP> d-------- C:\Users\Aristide\AppData\Roaming\IDM
2008-09-25 17:00 . 2008-09-25 17:50 96,976 --a------ C:\Windows\System32\drivers\klin.dat
2008-09-25 17:00 . 2008-09-25 17:00 87,855 --a------ C:\Windows\System32\drivers\klick.dat
2008-09-25 16:59 . 2008-09-25 16:59 <REP> d-------- C:\Program Files\Kaspersky Lab
2008-09-25 16:59 . 2008-10-03 19:46 7,863,328 --ahs---- C:\Windows\System32\drivers\fidbox.dat
2008-09-25 16:59 . 2008-10-03 19:46 753,696 --ahs---- C:\Windows\System32\drivers\fidbox2.dat
2008-09-25 16:59 . 2008-10-03 19:46 75,088 --ahs---- C:\Windows\System32\drivers\fidbox.idx
2008-09-25 16:59 . 2008-10-03 19:46 10,992 --ahs---- C:\Windows\System32\drivers\fidbox2.idx
2008-09-25 16:46 . 2008-09-25 16:46 <REP> d-------- C:\Users\All Users\NortonInstaller
2008-09-25 16:46 . 2008-09-25 16:46 <REP> d-------- C:\PROGRA~2\NortonInstaller
2008-09-25 12:19 . 2008-09-25 12:20 169 --a------ C:\Windows\adidsl.ini
2008-09-25 12:19 . 2008-09-25 12:19 21 --a------ C:\Windows\Fast800.ini
2008-09-25 12:18 . 2008-09-25 12:18 <REP> d-------- C:\Program Files\SAGEM
2008-09-25 11:39 . 2007-03-21 20:39 1,060,864 --a------ C:\Windows\System32\MFC71.DLL
2008-09-25 11:39 . 2007-03-21 20:33 503,808 --a------ C:\Windows\System32\MSVCP71.DLL
2008-09-25 11:39 . 2007-03-21 20:33 348,160 --a------ C:\Windows\System32\MSVCR71.DLL
2008-09-23 18:43 . 2008-09-23 18:43 <REP> dr-h----- C:\Users\Aristide\AppData\Roaming\SecuROM
2008-09-20 22:50 . 2008-10-03 19:31 13,848 --a------ C:\Windows\System32\%LocalXml%
2008-09-15 19:38 . 2008-09-26 14:19 <REP> d-------- C:\Users\Aristide\AppData\Roaming\dvdcss
2008-09-14 21:33 . 2008-09-14 21:33 <REP> d-------- C:\Users\Aristide\AppData\Roaming\oovooToolbar
2008-09-14 21:33 . 2008-09-14 21:37 <REP> d-------- C:\Users\Aristide\AppData\Roaming\ooVoo Details
2008-09-14 21:33 . 2008-09-14 21:33 <REP> d-------- C:\Program Files\oovooToolbar
2008-09-13 18:24 . 2008-09-13 18:24 <REP> d-------- C:\Users\All Users\Winamp Toolbar
2008-09-13 18:24 . 2008-09-14 20:58 <REP> d-------- C:\Users\All Users\OrbNetworks
2008-09-13 18:24 . 2008-09-13 18:24 <REP> d-------- C:\Program Files\Winamp Toolbar
2008-09-13 18:24 . 2008-09-13 18:24 <REP> d-------- C:\PROGRA~2\Winamp Toolbar
2008-09-13 18:24 . 2008-09-14 20:58 <REP> d-------- C:\PROGRA~2\OrbNetworks
2008-09-13 18:23 . 2008-09-29 14:40 <REP> d-------- C:\Program Files\Winamp Remote
2008-09-13 09:46 . 2008-09-13 09:46 <REP> d-------- C:\Users\All Users\TuneUp Software
2008-09-13 09:46 . 2008-09-13 09:46 <REP> d-------- C:\PROGRA~2\TuneUp Software
2008-09-13 09:46 . 2008-09-13 09:46 307,968 --a------ C:\Windows\System32\TuneUpDefragService.exe
2008-09-13 09:46 . 2008-02-27 13:15 28,416 --a------ C:\Windows\System32\uxtuneup.dll
2008-09-13 09:46 . 2008-02-27 13:15 16,640 --a------ C:\Windows\System32\authuitu.dll
2008-09-12 22:23 . 2008-07-28 17:19 116,736 --a------ C:\Windows\System32\drivers\mcdbus.sys
2008-09-11 18:46 . 2008-09-11 18:46 <REP> d-------- C:\Users\All Users\McAfee
2008-09-11 18:46 . 2008-09-11 18:46 <REP> d-------- C:\PROGRA~2\McAfee
2008-09-09 18:08 . 2008-09-09 18:09 <REP> d-a------ C:\Users\All Users\TEMP
2008-09-09 18:08 . 2008-09-09 18:09 <REP> d-a------ C:\PROGRA~2\TEMP
2008-09-09 18:04 . 2008-09-09 18:05 <REP> d--h----- C:\Users\All Users\{56759C22-EA1E-4BE5-A903-72F67D450F43}
2008-09-09 18:04 . 2008-09-09 18:05 <REP> d--h----- C:\PROGRA~2\{56759C22-EA1E-4BE5-A903-72F67D450F43}
2008-09-09 09:07 . 2008-09-09 09:07 <REP> d-------- C:\Users\Aristide\AppData\Roaming\TotalTrain
2008-09-06 14:44 . 2008-10-02 23:13 69 --a------ C:\Windows\NeroDigital.ini
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-03 19:48 --------- d-----w C:\PROGRA~2\Kaspersky Lab
2008-10-03 19:43 --------- d-----w C:\Users\Aristide\AppData\Roaming\uTorrent
2008-10-03 19:31 --------- d-----w C:\PROGRA~2\eMule
2008-10-03 15:04 --------- d-----w C:\Users\Aristide\AppData\Roaming\TeraCopy
2008-10-02 15:30 --------- d-----w C:\Users\Aristide\AppData\Roaming\DMCache
2008-10-01 10:32 --------- d-----w C:\Users\Aristide\AppData\Roaming\Winamp
2008-10-01 10:32 --------- d-----w C:\PROGRA~2\FLEXnet
2008-09-25 16:53 --------- d-----w C:\PROGRA~2\Spybot - Search & Destroy
2008-09-25 12:19 32 ----a-w C:\Windows\system32\drivers\adidsl.cfg
2008-09-25 12:18 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-23 00:36 --------- d-----w C:\Program Files\Common Files\Adobe
2008-09-19 23:53 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-09-19 23:51 --------- d-----w C:\PROGRA~2\Microsoft Help
2008-09-19 14:46 --------- d-----w C:\Users\Aristide\AppData\Roaming\Ahead
2008-09-19 00:54 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-09-03 01:53 258,048 ----a-w C:\Windows\System32\TubeFinder.exe
2008-09-01 23:27 319,456 ----a-w C:\Windows\DIFxAPI.dll
2008-09-01 23:27 --------- d-----w C:\Program Files\Realtek
2008-09-01 22:45 319,488 ----a-w C:\Windows\HideWin.exe
2008-09-01 16:19 --------- d-----w C:\Users\Aristide\AppData\Roaming\Ubisoft
2008-08-30 05:23 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-08-29 23:43 --------- d-----w C:\Program Files\Business Objects
2008-08-29 23:42 --------- d-----w C:\Program Files\Microsoft Device Emulator
2008-08-29 23:40 --------- d-----w C:\Program Files\Microsoft Synchronization Services
2008-08-29 23:40 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-08-29 23:39 --------- d-----w C:\Program Files\Microsoft.NET
2008-08-29 23:31 --------- d-----w C:\Program Files\Common Files\Merge Modules
2008-08-29 23:31 --------- d-----w C:\PROGRA~2\PreEmptive Solutions
2008-08-29 23:29 --------- d-----w C:\Program Files\HTML Help Workshop
2008-08-29 23:28 --------- d-----w C:\Program Files\MSBuild
2008-08-29 23:26 --------- d-----w C:\Program Files\Microsoft SDKs
2008-08-29 23:26 --------- d-----w C:\Program Files\CE Remote Tools
2008-08-29 23:25 --------- d-----w C:\Program Files\Microsoft Web Designer Tools
2008-08-27 17:09 --------- d-----w C:\Users\Aristide\AppData\Roaming\Orbit
2008-08-27 16:53 --------- d-----w C:\Users\Aristide\AppData\Roaming\GrabPro
2008-08-27 01:25 --------- d-----w C:\PROGRA~2\ConeXware
2008-08-25 16:09 --------- d-----w C:\Program Files\Common Files\Control Panels
2008-08-25 16:07 --------- d-----w C:\PROGRA~2\ALM
2008-08-25 16:01 --------- d-----w C:\Program Files\QuickTime
2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Sidebar
2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Mail
2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Journal
2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Defender
2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Collaboration
2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Calendar
2008-08-17 19:51 --------- d-----w C:\Program Files\uTorrent
2008-08-17 16:06 --------- d-----w C:\PROGRA~2\Lavasoft
2008-08-09 23:23 --------- d-----w C:\Program Files\Bonjour
2008-08-09 12:48 --------- d-----w C:\Program Files\Windows Installer Clean Up
2008-08-09 12:48 --------- d-----w C:\Program Files\MSECACHE
2008-08-07 22:04 --------- d-----w C:\Program Files\Common Files\xing shared
2008-08-07 22:04 --------- d-----w C:\Program Files\Common Files\Real
2008-08-07 22:03 --------- d-----w C:\Program Files\Real
2008-08-05 23:52 --------- d-----w C:\PROGRA~2\Adobe Systems
2008-08-05 23:51 --------- d-----w C:\Program Files\Common Files\Adobe Systems Shared
2008-08-04 00:20 --------- d-----w C:\Users\Aristide\AppData\Roaming\MozillaControl
2008-07-31 10:41 68,616 ----a-w C:\Windows\System32\XAPOFX1_1.dll
2008-07-31 10:41 238,088 ----a-w C:\Windows\System32\xactengine3_2.dll
2008-07-31 10:40 509,448 ----a-w C:\Windows\System32\XAudio2_2.dll
2008-07-29 20:21 218,376 ----a-w C:\Windows\System32\klogon.dll
2008-07-16 09:30 8,704 ----a-w C:\Windows\System32\hcrstco.dll
2008-07-15 09:11 174 --sha-w C:\Program Files\desktop.ini
2008-07-15 09:07 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
2008-07-15 09:07 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
2008-07-15 09:07 542,720 ----a-w C:\Windows\System32\sysmain.dll
2008-07-15 09:07 502,784 ----a-w C:\Windows\System32\wlansvc.dll
2008-07-15 09:07 47,104 ----a-w C:\Windows\System32\wlanapi.dll
2008-07-15 09:07 297,984 ----a-w C:\Windows\System32\wlansec.dll
2008-07-15 09:07 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
2008-07-15 09:07 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
2008-07-15 09:07 2,923,520 ----a-w C:\Windows\explorer.exe
2008-07-15 09:05 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL
2008-07-15 09:05 7,680 ----a-w C:\Windows\System32\spwmp.dll
2008-07-15 09:05 4,096 ----a-w C:\Windows\System32\dxmasf.dll
2008-07-15 09:05 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll
2008-07-14 06:47 49,664 ----a-w C:\Windows\System32\csrsrv.dll
2008-07-14 06:47 376,320 ----a-w C:\Windows\System32\winsrv.dll
2008-07-14 06:47 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-07-14 06:47 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-07-14 06:47 25,600 ----a-w C:\Windows\System32\LangCleanupSysprepAction.dll
2008-07-14 06:47 166,912 ----a-w C:\Windows\System32\lpksetup.exe
2008-07-14 06:47 10,240 ----a-w C:\Windows\System32\MUILanguageCleanup.dll
2008-07-14 06:46 23,552 ----a-w C:\Windows\System32\lpremove.exe
2008-07-14 06:46 14,848 ----a-w C:\Windows\System32\wshrm.dll
2008-07-14 06:46 11,776 ----a-w C:\Windows\System32\sbunattend.exe
2008-07-14 06:45 1,327,104 ----a-w C:\Windows\System32\quartz.dll
2008-07-14 06:43 2,048 ----a-w C:\Windows\System32\tzres.dll
2008-07-13 09:22 87,040 ----a-w C:\Windows\System32\msoert2.dll
2008-07-13 09:22 39,424 ----a-w C:\Windows\System32\ACCTRES.dll
2008-07-13 09:22 205,824 ----a-w C:\Windows\System32\msoeacct.dll
2008-07-13 09:22 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-07-13 09:20 86,016 ----a-w C:\Windows\System32\icfupgd.dll
2008-07-13 09:20 61,952 ----a-w C:\Windows\System32\cmifw.dll
2008-07-13 09:20 414,208 ----a-w C:\Windows\System32\msscp.dll
2008-07-13 09:20 396,800 ----a-w C:\Windows\System32\MPSSVC.dll
2008-07-13 09:20 392,192 ----a-w C:\Windows\System32\FirewallAPI.dll
2008-07-13 09:20 178,688 ----a-w C:\Windows\System32\iphlpsvc.dll
2008-07-13 09:20 16,896 ----a-w C:\Windows\System32\wfapigp.dll
2008-07-13 09:20 104,448 ----a-w C:\Windows\System32\DWWIN.EXE
.
------- Sigcheck -------
2008-09-19 00:54 803328 82c4070707d100febc3d25cf00b77a4c C:\Windows\System32\drivers\tcpip.sys
2006-11-02 08:58 802816 d944522b048a5feb7700b5170d3d9423 C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
2008-09-19 00:54 803328 82c4070707d100febc3d25cf00b77a4c C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
2008-07-13 08:18 806400 52a8bd6294f7d1443c6184c67ae13af4 C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{a6e4a4eb-d169-4e99-8988-250fcbafe767}"= "C:\Program Files\isoHunt\tbisoH.dll" [2008-07-10 1600024]
[HKEY_CLASSES_ROOT\clsid\{a6e4a4eb-d169-4e99-8988-250fcbafe767}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-8087-36EE87E26986}]
2008-07-29 19:56 1987544 --a------ C:\PROGRA~1\OOVOOT~1\OOVOOT~1.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a6e4a4eb-d169-4e99-8988-250fcbafe767}]
2008-07-10 14:04 1600024 --a------ C:\Program Files\isoHunt\tbisoH.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{a6e4a4eb-d169-4e99-8988-250fcbafe767}"= "C:\Program Files\isoHunt\tbisoH.dll" [2008-07-10 1600024]
"{A057A204-BACC-4D26-8087-36EE87E26986}"= "C:\PROGRA~1\OOVOOT~1\OOVOOT~1.DLL" [2008-07-29 1987544]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{A6E4A4EB-D169-4E99-8988-250FCBAFE767}"= "C:\Program Files\isoHunt\tbisoH.dll" [2008-07-10 1600024]
"{A057A204-BACC-4D26-8087-36EE87E26986}"= "C:\PROGRA~1\OOVOOT~1\OOVOOT~1.DLL" [2008-07-29 1987544]
[HKEY_CLASSES_ROOT\clsid\{a6e4a4eb-d169-4e99-8988-250fcbafe767}]
[HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-8087-36ee87e26986}]
[HKEY_CLASSES_ROOT\oovooToolbar.OOVOOTOOLBAR]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="D:\UTorrent 1 8\uTorrent.exe" [2008-08-16 267056]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-10-03 851968]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 153136]
"Yahoo! Pager"="D:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2007-11-06 3810544]
"ares destiny"="D:\Ares Destiny\Ares.exe" [2008-10-03 2973184]
"BitComet"="D:\Bitcomet\BitComet.exe" [2008-08-22 2567992]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 125440]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="D:\Winamp 5 53\Winamp\winampa.exe" [2008-10-03 36352]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-10-03 90112]
"PWRISOVM.EXE"="D:\PowerISO\PWRISOVM.EXE" [2008-10-03 167936]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"Adobe_ID0EYTHM"="C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2008-10-03 1884160]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-07-29 206088]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 C:\Windows\KHALMNPR.Exe]
C:\Users\Aristide\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - D:\Program Files\MagicDisc\MagicDisc.exe [2008-09-12 575488]
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\
Adobe Reader Synchronizer.lnk - D:\Adobe Creative Suite 3\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 734872]
Lancement rapide d'Adobe Acrobat.lnk - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe [2008-08-11 295606]
Logitech SetPoint.lnk - D:\Logitech 4 60\SetPoint\SetPoint.exe [2008-07-09 805392]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\disallowrun]
"1"= cmd.exe
"2"= mmc.exe
"3"= rstrui.exe
"4"= regedit.exe
"5"= regedt32.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= divxa32.acm
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
@="FSFilter System Recovery"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SRService]
@="Service"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1130438823-3524183207-3403761355-1000]
"EnableNotificationsRef"=dword:00000003
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{33A14AF4-8DE1-4DC3-AA8E-73F39A116B22}"= TCP:6004|D:\MS Office 2007\Office12\outlook.exe:Microsoft Office Outlook
"TCP Query User{8B2DF36A-4600-4610-9801-6B27EEE466B2}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{8F6C3A10-4A70-401E-AF77-A40D08046C7B}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
"{C7F2893F-D769-45A3-8E85-9CC81D34B101}"= UDP:D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{1BAE97F6-6AA6-46DA-A209-91CCC4D89AB9}"= TCP:D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{EFB77742-E44F-4E00-BB9E-63693E353F05}"= C:\Program Files\Windows Live\Messenger\wlcsdk.exe:Windows Live Messenger (Phone)
"{DE9938C4-CE1C-4A5B-B4C9-AAB504BC1AFD}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{05E8C7CF-519A-4645-BA3B-FC00B679E1FA}"= UDP:C:1\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
"{2D5186E1-05DB-4934-AEF1-627340BFABB6}"= TCP:C:1\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
"{D84A2C5F-96C8-4F7F-9880-DE0A4156004A}"= UDP:C:1\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
"{AC003FBE-8AEB-40F8-8DBE-48A9B23822F0}"= TCP:C:1\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
"{435A5D7A-C127-4606-BDD6-AADF91DD49EA}"= UDP:C:1\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
"{90103605-6895-4148-9240-52CA89DCA768}"= TCP:C:1\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
"{D502EFDC-20C2-4A33-9BB4-C3F02A4EBA08}"= UDP:D:\UTorrent 1 8\uTorrent.exe:µTorrent (TCP-In)
"{B46B00F3-C0E3-4F5F-AF84-FDF2DA69970F}"= TCP:D:\UTorrent 1 8\uTorrent.exe:µTorrent (UDP-In)
"{FAC18785-F011-4E20-8C11-7BDD6812CA01}"= UDP:3703:Adobe Version Cue CS3 Server
"{C50ADF18-E003-4713-BA80-51AE87B4F1CD}"= UDP:3704:Adobe Version Cue CS3 Server
"{58CF08FE-3D8C-4BAE-97FF-D09C0703F971}"= UDP:50900:Adobe Version Cue CS3 Server
"{D9734941-6BEB-4CB5-B30E-751565BD2B6F}"= UDP:50901:Adobe Version Cue CS3 Server
"{82AD7696-741F-425D-93BF-F44CA0C7C267}"= UDP:C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server
"{5004BE53-B8E6-40EA-9085-E576273E4B0D}"= TCP:C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server
"{5148B32A-3C4C-4A09-B0D1-2C05515C1428}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{C20299BD-6A8E-477D-8D3A-573E6FBE5850}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{F0ECBF53-89DE-4AA3-96A4-49DC28A0864E}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{D6E597D7-10BF-4590-9718-6DC1B43EBD73}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{3247F591-15AF-475D-8136-32324675758C}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{6EB47315-56CA-4871-818A-D92353F87117}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{8CF68E0E-6F84-4D84-8094-8E7DE7E1584C}"= UDP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{429892F2-6818-4457-A7C8-3E8A5F8323BE}"= TCP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{804ADD5D-D460-4513-BF6E-8F31F84177B2}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{5F87594A-6FF6-4CE0-84CD-D91448D3E221}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{5B23FF40-88B2-48DE-8398-E6E1A303E6B7}"= UDP:443:TCP port 443 ooVoo
"{71A36C96-EEA9-4594-81D4-8197D9D90A8E}"= TCP:443:UDP port 443 ooVoo
"{3024E162-5300-423E-BBC2-66A2B364E530}"= UDP:37674:TCP port 37674 ooVoo
"{13A729A8-F2B7-40FC-9326-5EB1B03F59E3}"= TCP:37674:UDP port 37674 ooVoo
"{069FC467-1805-49FA-ABC8-389261600682}"= TCP:37675:UDP port 37675 ooVoo
"TCP Query User{8E5DE5F7-E84C-4C36-9025-B45BA65F7F50}D:\\bitcomet\\bitcomet.exe"= UDP:D:\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{2EC208F2-B6CC-4C8E-A923-B8CED862F08D}D:\\bitcomet\\bitcomet.exe"= TCP:D:\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"TCP Query User{DF96001B-E0AF-4224-9906-ACBF202753CA}D:\\ares destiny\\ares.exe"= UDP:D:\ares destiny\ares.exe:Ares p2p for windows
"UDP Query User{FDDFFB36-0084-4541-BBE9-25EB826A371A}D:\\ares destiny\\ares.exe"= TCP:D:\ares destiny\ares.exe:Ares p2p for windows
"TCP Query User{7A129059-210F-4617-B03E-D91DE2EC0D34}C:\\program files\\winamp remote\\bin\\orbtray.exe"= UDP:C:\program files\winamp remote\bin\orbtray.exe:Orb
"UDP Query User{C6A0EC0D-FB01-40D8-B616-2F5F06AF8388}C:\\program files\\winamp remote\\bin\\orbtray.exe"= TCP:C:\program files\winamp remote\bin\orbtray.exe:Orb
"{74BC0BC5-DA62-4319-BEB1-FC3B5A63562F}"= UDP:C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:SMC Service
"{93CE87FB-C928-4A7D-9A82-BF1B0EEEED8F}"= TCP:C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:SMC Service
"{9001DF20-B39A-4274-A99B-38FA1051B75F}"= UDP:C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE:SNAC Service
"{86B1F8A7-9D31-41AC-8EA4-661D8ADD46A1}"= TCP:C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE:SNAC Service
"{66F8449D-BD0B-4500-8699-22065B359785}"= UDP:C:\Program Files\Common Files\Symantec Shared\ccApp.exe:Symantec Email
"{9E04FDDB-0D48-49E7-AB2F-D0D6CF4CD403}"= TCP:C:\Program Files\Common Files\Symantec Shared\ccApp.exe:Symantec Email
"TCP Query User{CE7030E7-8F4A-41E4-B210-E0FD27029B47}C:\\program files\\winamp remote\\bin\\orbir.exe"= UDP:C:\program files\winamp remote\bin\orbir.exe:OrbIR
"UDP Query User{658D05C2-CF3B-4152-8B1A-7965A6BC763C}C:\\program files\\winamp remote\\bin\\orbir.exe"= TCP:C:\program files\winamp remote\bin\orbir.exe:OrbIR
"TCP Query User{10128BE4-2B8A-48AB-A414-F1BAA8C0D91E}C:\\program files\\winamp remote\\bin\\orb.exe"= UDP:C:\program files\winamp remote\bin\orb.exe:Orb Application
"UDP Query User{2FA471A1-285E-4DA2-A96D-72D4B000611E}C:\\program files\\winamp remote\\bin\\orb.exe"= TCP:C:\program files\winamp remote\bin\orb.exe:Orb Application
"TCP Query User{07CE3D9D-DEE7-4332-996C-0381C082C848}D:\\ares destiny\\ares.exe"= UDP:D:\ares destiny\ares.exe:Ares p2p for windows
"UDP Query User{5E904CE6-E2C3-4292-99DC-E6396514E46A}D:\\ares destiny\\ares.exe"= TCP:D:\ares destiny\ares.exe:Ares p2p for windows
"TCP Query User{85E0D794-5C9C-4E61-B8B1-48D20480F1CB}D:\\utorrent 1 8\\utorrent.exe"= UDP:D:\utorrent 1 8\utorrent.exe:µTorrent
"UDP Query User{825C07D1-3B94-4E00-8578-FB9840608AD5}D:\\utorrent 1 8\\utorrent.exe"= TCP:D:\utorrent 1 8\utorrent.exe:µTorrent
"{608035D9-DD1D-45EB-BB24-1F1DD22F1F55}"= UDP:C:\Users\Aristide\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{309F3D08-4895-41C5-8522-047099195F24}"= TCP:C:\Users\Aristide\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"TCP Query User{B9F11B52-69A6-4F03-B4C3-96D9EA1634B8}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 2009\\english\\setup.exe"= UDP:C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe:Kaspersky Internet Security 2009 Setup
"UDP Query User{F5263E24-6FC4-429E-B40D-7B27C2D6379C}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 2009\\english\\setup.exe"= TCP:C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe:Kaspersky Internet Security 2009 Setup
"{7778CC22-D429-41BC-A46D-7127FCEB3551}"= UDP:26579:BitComet 26579 TCP
"{A6017C98-2F10-4F77-9677-734D3EA2AADE}"= TCP:26579:BitComet 26579 UDP
"{A44123C7-21DB-4F64-9CF6-9946A8E45CED}"= UDP:26579:BitComet 26579 TCP
"{3801B058-1E8C-4323-A859-DB49931583D1}"= TCP:26579:BitComet 26579 UDP
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"DoNotAllowExceptions"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
R0 klbg;Kaspersky Lab Boot Guard Driver;C:\Windows\system32\drivers\klbg.sys [2008-01-29 32784]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys [2008-07-09 20496]
R2 UxTuneUp;TuneUp Extension de thème;C:\Windows\System32\svchost.exe [2006-11-02 22016]
R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-12-21 3478528]
R3 e4usbaw;USB ADSL2 WAN Adapter;C:\Windows\system32\DRIVERS\e4usbaw.sys [2007-01-04 104344]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\Windows\system32\DRIVERS\klfltdev.sys [2008-03-13 26640]
S0 OemBiosDevice;Royalty OEM BIOS Extension;C:\Windows\system32\DRIVERS\royal.sys [2007-03-02 240128]
S2 E4LOADER;General Purpose USB Driver (e4ldr.sys);C:\Windows\system32\Drivers\e4ldr.sys [2007-01-04 69656]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;D:\EVEREST Ultimate Edition\kerneld.wnt [2008-03-17 23152]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.exe [2008-09-13 307968]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
rsmsvcs REG_MULTI_SZ ntmssvc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-eMuleAutoStart - D:\Emule\emule.exe
HKLM-Run-UnlockerAssistant - D:\Unlocker 1 8 7\Unlocker\UnlockerAssistant.exe
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-03 19:48:30
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\System32\Ati2evxx.exe
C:\Windows\System32\audiodg.exe
C:\Windows\System32\Ati2evxx.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\System32\conime.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\System32\wbem\unsecapp.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
D:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
C:\Windows\System32\dllhost.exe
.
**************************************************************************
.
Completion time: 2008-10-03 19:55:43 - machine was rebooted
ComboFix-quarantined-files.txt 2008-10-03 19:55:36
ComboFix2.txt 2008-10-03 15:17:03
Avant-CF: 9ÿ560ÿ309ÿ760 octets libres
Post-Run: 8,996,155,392 octets libres
400 --- E O F --- 2008-08-30 05:25:49
ComboFix 08-10-02.04 - Aristide 2008-10-03 19:43:34.1 - NTFSx86
Microsoft® Windows Vista™ Édition Intégrale 6.0.6000.0.1252.1.1036.18.2167 [GMT 0:00]
Lancé depuis: C:\Users\Aristide\Desktop\ComboFix.exe
Commutateurs utilisés :: C:\Users\Aristide\Desktop\CFScript.txt
* Un nouveau point de restauration a été créé
FILE ::
C:\Users\Aristide\AppData\Roaming\svchost.exe
C:\Windows\System32\Sexy Girls.scr
C:\Windows\System32\tmp.reg
O:\boot.exe
O:\TMMDW8LP.exe
P:\TAE7ESLP.exe
U:\mgjpcfdg.cmd
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\FindyKill
C:\Program Files\FindyKill\FindyKill.cmd
C:\Program Files\FindyKill\FixReg\FixSrosa.reg
C:\Program Files\FindyKill\FixReg\Limpia
C:\Program Files\FindyKill\FixReg\Limpia.reg
C:\Program Files\FindyKill\FixReg\Mse.reg
C:\Program Files\FindyKill\FixReg\Repair.reg
C:\Program Files\FindyKill\FixReg\Wvista.reg
C:\Program Files\FindyKill\FixReg\Wxp.reg
C:\Program Files\FindyKill\Tools\Icone.ico
C:\Program Files\FindyKill\Tools\Kill.exe
C:\Program Files\FindyKill\Tools\Process.exe
C:\Program Files\FindyKill\Tools\swreg.exe
C:\Program Files\FindyKill\Uninstal.exe
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb127\SearchSettings.dll
C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll
C:\Program Files\Search Settings\SearchSettings.exe
C:\Users\Aristide\AppData\Roaming\svchost.exe
C:\Windows\System32\Sexy Girls.scr
C:\Windows\System32\tmp.reg
O:\TMMDW8LP.exe . . . . failed to delete
.
((((((((((((((((((((((((( Files Created from 2008-09-03 to 2008-10-03 )))))))))))))))))))))))))))))))
.
2008-10-03 19:48 . 2008-10-03 19:48 304 --ahs---- C:\Windows\klif.spi
2008-10-03 19:41 . 2008-10-03 19:42 <REP> d-------- C:\32788R22FWJFW
2008-10-03 13:49 . 2008-10-03 13:50 <REP> d-------- C:\Program Files\Java
2008-10-02 22:32 . 2008-10-03 01:23 237,259,896 --a------ C:\Windows\MEMORY.DMP
2008-10-02 22:25 . 2008-10-02 22:25 <REP> d--hs---- C:\Windows\ftpcache
2008-10-01 10:16 . 2008-10-01 10:20 <REP> d-------- C:\Users\Aristide\AppData\Roaming\IDM
2008-09-25 17:00 . 2008-09-25 17:50 96,976 --a------ C:\Windows\System32\drivers\klin.dat
2008-09-25 17:00 . 2008-09-25 17:00 87,855 --a------ C:\Windows\System32\drivers\klick.dat
2008-09-25 16:59 . 2008-09-25 16:59 <REP> d-------- C:\Program Files\Kaspersky Lab
2008-09-25 16:59 . 2008-10-03 19:46 7,863,328 --ahs---- C:\Windows\System32\drivers\fidbox.dat
2008-09-25 16:59 . 2008-10-03 19:46 753,696 --ahs---- C:\Windows\System32\drivers\fidbox2.dat
2008-09-25 16:59 . 2008-10-03 19:46 75,088 --ahs---- C:\Windows\System32\drivers\fidbox.idx
2008-09-25 16:59 . 2008-10-03 19:46 10,992 --ahs---- C:\Windows\System32\drivers\fidbox2.idx
2008-09-25 16:46 . 2008-09-25 16:46 <REP> d-------- C:\Users\All Users\NortonInstaller
2008-09-25 16:46 . 2008-09-25 16:46 <REP> d-------- C:\PROGRA~2\NortonInstaller
2008-09-25 12:19 . 2008-09-25 12:20 169 --a------ C:\Windows\adidsl.ini
2008-09-25 12:19 . 2008-09-25 12:19 21 --a------ C:\Windows\Fast800.ini
2008-09-25 12:18 . 2008-09-25 12:18 <REP> d-------- C:\Program Files\SAGEM
2008-09-25 11:39 . 2007-03-21 20:39 1,060,864 --a------ C:\Windows\System32\MFC71.DLL
2008-09-25 11:39 . 2007-03-21 20:33 503,808 --a------ C:\Windows\System32\MSVCP71.DLL
2008-09-25 11:39 . 2007-03-21 20:33 348,160 --a------ C:\Windows\System32\MSVCR71.DLL
2008-09-23 18:43 . 2008-09-23 18:43 <REP> dr-h----- C:\Users\Aristide\AppData\Roaming\SecuROM
2008-09-20 22:50 . 2008-10-03 19:31 13,848 --a------ C:\Windows\System32\%LocalXml%
2008-09-15 19:38 . 2008-09-26 14:19 <REP> d-------- C:\Users\Aristide\AppData\Roaming\dvdcss
2008-09-14 21:33 . 2008-09-14 21:33 <REP> d-------- C:\Users\Aristide\AppData\Roaming\oovooToolbar
2008-09-14 21:33 . 2008-09-14 21:37 <REP> d-------- C:\Users\Aristide\AppData\Roaming\ooVoo Details
2008-09-14 21:33 . 2008-09-14 21:33 <REP> d-------- C:\Program Files\oovooToolbar
2008-09-13 18:24 . 2008-09-13 18:24 <REP> d-------- C:\Users\All Users\Winamp Toolbar
2008-09-13 18:24 . 2008-09-14 20:58 <REP> d-------- C:\Users\All Users\OrbNetworks
2008-09-13 18:24 . 2008-09-13 18:24 <REP> d-------- C:\Program Files\Winamp Toolbar
2008-09-13 18:24 . 2008-09-13 18:24 <REP> d-------- C:\PROGRA~2\Winamp Toolbar
2008-09-13 18:24 . 2008-09-14 20:58 <REP> d-------- C:\PROGRA~2\OrbNetworks
2008-09-13 18:23 . 2008-09-29 14:40 <REP> d-------- C:\Program Files\Winamp Remote
2008-09-13 09:46 . 2008-09-13 09:46 <REP> d-------- C:\Users\All Users\TuneUp Software
2008-09-13 09:46 . 2008-09-13 09:46 <REP> d-------- C:\PROGRA~2\TuneUp Software
2008-09-13 09:46 . 2008-09-13 09:46 307,968 --a------ C:\Windows\System32\TuneUpDefragService.exe
2008-09-13 09:46 . 2008-02-27 13:15 28,416 --a------ C:\Windows\System32\uxtuneup.dll
2008-09-13 09:46 . 2008-02-27 13:15 16,640 --a------ C:\Windows\System32\authuitu.dll
2008-09-12 22:23 . 2008-07-28 17:19 116,736 --a------ C:\Windows\System32\drivers\mcdbus.sys
2008-09-11 18:46 . 2008-09-11 18:46 <REP> d-------- C:\Users\All Users\McAfee
2008-09-11 18:46 . 2008-09-11 18:46 <REP> d-------- C:\PROGRA~2\McAfee
2008-09-09 18:08 . 2008-09-09 18:09 <REP> d-a------ C:\Users\All Users\TEMP
2008-09-09 18:08 . 2008-09-09 18:09 <REP> d-a------ C:\PROGRA~2\TEMP
2008-09-09 18:04 . 2008-09-09 18:05 <REP> d--h----- C:\Users\All Users\{56759C22-EA1E-4BE5-A903-72F67D450F43}
2008-09-09 18:04 . 2008-09-09 18:05 <REP> d--h----- C:\PROGRA~2\{56759C22-EA1E-4BE5-A903-72F67D450F43}
2008-09-09 09:07 . 2008-09-09 09:07 <REP> d-------- C:\Users\Aristide\AppData\Roaming\TotalTrain
2008-09-06 14:44 . 2008-10-02 23:13 69 --a------ C:\Windows\NeroDigital.ini
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-03 19:48 --------- d-----w C:\PROGRA~2\Kaspersky Lab
2008-10-03 19:43 --------- d-----w C:\Users\Aristide\AppData\Roaming\uTorrent
2008-10-03 19:31 --------- d-----w C:\PROGRA~2\eMule
2008-10-03 15:04 --------- d-----w C:\Users\Aristide\AppData\Roaming\TeraCopy
2008-10-02 15:30 --------- d-----w C:\Users\Aristide\AppData\Roaming\DMCache
2008-10-01 10:32 --------- d-----w C:\Users\Aristide\AppData\Roaming\Winamp
2008-10-01 10:32 --------- d-----w C:\PROGRA~2\FLEXnet
2008-09-25 16:53 --------- d-----w C:\PROGRA~2\Spybot - Search & Destroy
2008-09-25 12:19 32 ----a-w C:\Windows\system32\drivers\adidsl.cfg
2008-09-25 12:18 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-23 00:36 --------- d-----w C:\Program Files\Common Files\Adobe
2008-09-19 23:53 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-09-19 23:51 --------- d-----w C:\PROGRA~2\Microsoft Help
2008-09-19 14:46 --------- d-----w C:\Users\Aristide\AppData\Roaming\Ahead
2008-09-19 00:54 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-09-03 01:53 258,048 ----a-w C:\Windows\System32\TubeFinder.exe
2008-09-01 23:27 319,456 ----a-w C:\Windows\DIFxAPI.dll
2008-09-01 23:27 --------- d-----w C:\Program Files\Realtek
2008-09-01 22:45 319,488 ----a-w C:\Windows\HideWin.exe
2008-09-01 16:19 --------- d-----w C:\Users\Aristide\AppData\Roaming\Ubisoft
2008-08-30 05:23 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-08-29 23:43 --------- d-----w C:\Program Files\Business Objects
2008-08-29 23:42 --------- d-----w C:\Program Files\Microsoft Device Emulator
2008-08-29 23:40 --------- d-----w C:\Program Files\Microsoft Synchronization Services
2008-08-29 23:40 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-08-29 23:39 --------- d-----w C:\Program Files\Microsoft.NET
2008-08-29 23:31 --------- d-----w C:\Program Files\Common Files\Merge Modules
2008-08-29 23:31 --------- d-----w C:\PROGRA~2\PreEmptive Solutions
2008-08-29 23:29 --------- d-----w C:\Program Files\HTML Help Workshop
2008-08-29 23:28 --------- d-----w C:\Program Files\MSBuild
2008-08-29 23:26 --------- d-----w C:\Program Files\Microsoft SDKs
2008-08-29 23:26 --------- d-----w C:\Program Files\CE Remote Tools
2008-08-29 23:25 --------- d-----w C:\Program Files\Microsoft Web Designer Tools
2008-08-27 17:09 --------- d-----w C:\Users\Aristide\AppData\Roaming\Orbit
2008-08-27 16:53 --------- d-----w C:\Users\Aristide\AppData\Roaming\GrabPro
2008-08-27 01:25 --------- d-----w C:\PROGRA~2\ConeXware
2008-08-25 16:09 --------- d-----w C:\Program Files\Common Files\Control Panels
2008-08-25 16:07 --------- d-----w C:\PROGRA~2\ALM
2008-08-25 16:01 --------- d-----w C:\Program Files\QuickTime
2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Sidebar
2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Mail
2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Journal
2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Defender
2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Collaboration
2008-08-25 15:07 --------- d-----w C:\Program Files\Windows Calendar
2008-08-17 19:51 --------- d-----w C:\Program Files\uTorrent
2008-08-17 16:06 --------- d-----w C:\PROGRA~2\Lavasoft
2008-08-09 23:23 --------- d-----w C:\Program Files\Bonjour
2008-08-09 12:48 --------- d-----w C:\Program Files\Windows Installer Clean Up
2008-08-09 12:48 --------- d-----w C:\Program Files\MSECACHE
2008-08-07 22:04 --------- d-----w C:\Program Files\Common Files\xing shared
2008-08-07 22:04 --------- d-----w C:\Program Files\Common Files\Real
2008-08-07 22:03 --------- d-----w C:\Program Files\Real
2008-08-05 23:52 --------- d-----w C:\PROGRA~2\Adobe Systems
2008-08-05 23:51 --------- d-----w C:\Program Files\Common Files\Adobe Systems Shared
2008-08-04 00:20 --------- d-----w C:\Users\Aristide\AppData\Roaming\MozillaControl
2008-07-31 10:41 68,616 ----a-w C:\Windows\System32\XAPOFX1_1.dll
2008-07-31 10:41 238,088 ----a-w C:\Windows\System32\xactengine3_2.dll
2008-07-31 10:40 509,448 ----a-w C:\Windows\System32\XAudio2_2.dll
2008-07-29 20:21 218,376 ----a-w C:\Windows\System32\klogon.dll
2008-07-16 09:30 8,704 ----a-w C:\Windows\System32\hcrstco.dll
2008-07-15 09:11 174 --sha-w C:\Program Files\desktop.ini
2008-07-15 09:07 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
2008-07-15 09:07 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
2008-07-15 09:07 542,720 ----a-w C:\Windows\System32\sysmain.dll
2008-07-15 09:07 502,784 ----a-w C:\Windows\System32\wlansvc.dll
2008-07-15 09:07 47,104 ----a-w C:\Windows\System32\wlanapi.dll
2008-07-15 09:07 297,984 ----a-w C:\Windows\System32\wlansec.dll
2008-07-15 09:07 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
2008-07-15 09:07 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
2008-07-15 09:07 2,923,520 ----a-w C:\Windows\explorer.exe
2008-07-15 09:05 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL
2008-07-15 09:05 7,680 ----a-w C:\Windows\System32\spwmp.dll
2008-07-15 09:05 4,096 ----a-w C:\Windows\System32\dxmasf.dll
2008-07-15 09:05 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll
2008-07-14 06:47 49,664 ----a-w C:\Windows\System32\csrsrv.dll
2008-07-14 06:47 376,320 ----a-w C:\Windows\System32\winsrv.dll
2008-07-14 06:47 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-07-14 06:47 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-07-14 06:47 25,600 ----a-w C:\Windows\System32\LangCleanupSysprepAction.dll
2008-07-14 06:47 166,912 ----a-w C:\Windows\System32\lpksetup.exe
2008-07-14 06:47 10,240 ----a-w C:\Windows\System32\MUILanguageCleanup.dll
2008-07-14 06:46 23,552 ----a-w C:\Windows\System32\lpremove.exe
2008-07-14 06:46 14,848 ----a-w C:\Windows\System32\wshrm.dll
2008-07-14 06:46 11,776 ----a-w C:\Windows\System32\sbunattend.exe
2008-07-14 06:45 1,327,104 ----a-w C:\Windows\System32\quartz.dll
2008-07-14 06:43 2,048 ----a-w C:\Windows\System32\tzres.dll
2008-07-13 09:22 87,040 ----a-w C:\Windows\System32\msoert2.dll
2008-07-13 09:22 39,424 ----a-w C:\Windows\System32\ACCTRES.dll
2008-07-13 09:22 205,824 ----a-w C:\Windows\System32\msoeacct.dll
2008-07-13 09:22 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-07-13 09:20 86,016 ----a-w C:\Windows\System32\icfupgd.dll
2008-07-13 09:20 61,952 ----a-w C:\Windows\System32\cmifw.dll
2008-07-13 09:20 414,208 ----a-w C:\Windows\System32\msscp.dll
2008-07-13 09:20 396,800 ----a-w C:\Windows\System32\MPSSVC.dll
2008-07-13 09:20 392,192 ----a-w C:\Windows\System32\FirewallAPI.dll
2008-07-13 09:20 178,688 ----a-w C:\Windows\System32\iphlpsvc.dll
2008-07-13 09:20 16,896 ----a-w C:\Windows\System32\wfapigp.dll
2008-07-13 09:20 104,448 ----a-w C:\Windows\System32\DWWIN.EXE
.
------- Sigcheck -------
2008-09-19 00:54 803328 82c4070707d100febc3d25cf00b77a4c C:\Windows\System32\drivers\tcpip.sys
2006-11-02 08:58 802816 d944522b048a5feb7700b5170d3d9423 C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
2008-09-19 00:54 803328 82c4070707d100febc3d25cf00b77a4c C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
2008-07-13 08:18 806400 52a8bd6294f7d1443c6184c67ae13af4 C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{a6e4a4eb-d169-4e99-8988-250fcbafe767}"= "C:\Program Files\isoHunt\tbisoH.dll" [2008-07-10 1600024]
[HKEY_CLASSES_ROOT\clsid\{a6e4a4eb-d169-4e99-8988-250fcbafe767}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-8087-36EE87E26986}]
2008-07-29 19:56 1987544 --a------ C:\PROGRA~1\OOVOOT~1\OOVOOT~1.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a6e4a4eb-d169-4e99-8988-250fcbafe767}]
2008-07-10 14:04 1600024 --a------ C:\Program Files\isoHunt\tbisoH.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{a6e4a4eb-d169-4e99-8988-250fcbafe767}"= "C:\Program Files\isoHunt\tbisoH.dll" [2008-07-10 1600024]
"{A057A204-BACC-4D26-8087-36EE87E26986}"= "C:\PROGRA~1\OOVOOT~1\OOVOOT~1.DLL" [2008-07-29 1987544]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{A6E4A4EB-D169-4E99-8988-250FCBAFE767}"= "C:\Program Files\isoHunt\tbisoH.dll" [2008-07-10 1600024]
"{A057A204-BACC-4D26-8087-36EE87E26986}"= "C:\PROGRA~1\OOVOOT~1\OOVOOT~1.DLL" [2008-07-29 1987544]
[HKEY_CLASSES_ROOT\clsid\{a6e4a4eb-d169-4e99-8988-250fcbafe767}]
[HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-8087-36ee87e26986}]
[HKEY_CLASSES_ROOT\oovooToolbar.OOVOOTOOLBAR]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="D:\UTorrent 1 8\uTorrent.exe" [2008-08-16 267056]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-10-03 851968]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 153136]
"Yahoo! Pager"="D:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2007-11-06 3810544]
"ares destiny"="D:\Ares Destiny\Ares.exe" [2008-10-03 2973184]
"BitComet"="D:\Bitcomet\BitComet.exe" [2008-08-22 2567992]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 125440]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="D:\Winamp 5 53\Winamp\winampa.exe" [2008-10-03 36352]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-10-03 90112]
"PWRISOVM.EXE"="D:\PowerISO\PWRISOVM.EXE" [2008-10-03 167936]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"Adobe_ID0EYTHM"="C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2008-10-03 1884160]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-07-29 206088]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 C:\Windows\KHALMNPR.Exe]
C:\Users\Aristide\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - D:\Program Files\MagicDisc\MagicDisc.exe [2008-09-12 575488]
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\
Adobe Reader Synchronizer.lnk - D:\Adobe Creative Suite 3\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 734872]
Lancement rapide d'Adobe Acrobat.lnk - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe [2008-08-11 295606]
Logitech SetPoint.lnk - D:\Logitech 4 60\SetPoint\SetPoint.exe [2008-07-09 805392]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\disallowrun]
"1"= cmd.exe
"2"= mmc.exe
"3"= rstrui.exe
"4"= regedit.exe
"5"= regedt32.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= divxa32.acm
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
@="FSFilter System Recovery"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SRService]
@="Service"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1130438823-3524183207-3403761355-1000]
"EnableNotificationsRef"=dword:00000003
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{33A14AF4-8DE1-4DC3-AA8E-73F39A116B22}"= TCP:6004|D:\MS Office 2007\Office12\outlook.exe:Microsoft Office Outlook
"TCP Query User{8B2DF36A-4600-4610-9801-6B27EEE466B2}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{8F6C3A10-4A70-401E-AF77-A40D08046C7B}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
"{C7F2893F-D769-45A3-8E85-9CC81D34B101}"= UDP:D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{1BAE97F6-6AA6-46DA-A209-91CCC4D89AB9}"= TCP:D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{EFB77742-E44F-4E00-BB9E-63693E353F05}"= C:\Program Files\Windows Live\Messenger\wlcsdk.exe:Windows Live Messenger (Phone)
"{DE9938C4-CE1C-4A5B-B4C9-AAB504BC1AFD}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{05E8C7CF-519A-4645-BA3B-FC00B679E1FA}"= UDP:C:1\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
"{2D5186E1-05DB-4934-AEF1-627340BFABB6}"= TCP:C:1\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
"{D84A2C5F-96C8-4F7F-9880-DE0A4156004A}"= UDP:C:1\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
"{AC003FBE-8AEB-40F8-8DBE-48A9B23822F0}"= TCP:C:1\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
"{435A5D7A-C127-4606-BDD6-AADF91DD49EA}"= UDP:C:1\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
"{90103605-6895-4148-9240-52CA89DCA768}"= TCP:C:1\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
"{D502EFDC-20C2-4A33-9BB4-C3F02A4EBA08}"= UDP:D:\UTorrent 1 8\uTorrent.exe:µTorrent (TCP-In)
"{B46B00F3-C0E3-4F5F-AF84-FDF2DA69970F}"= TCP:D:\UTorrent 1 8\uTorrent.exe:µTorrent (UDP-In)
"{FAC18785-F011-4E20-8C11-7BDD6812CA01}"= UDP:3703:Adobe Version Cue CS3 Server
"{C50ADF18-E003-4713-BA80-51AE87B4F1CD}"= UDP:3704:Adobe Version Cue CS3 Server
"{58CF08FE-3D8C-4BAE-97FF-D09C0703F971}"= UDP:50900:Adobe Version Cue CS3 Server
"{D9734941-6BEB-4CB5-B30E-751565BD2B6F}"= UDP:50901:Adobe Version Cue CS3 Server
"{82AD7696-741F-425D-93BF-F44CA0C7C267}"= UDP:C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server
"{5004BE53-B8E6-40EA-9085-E576273E4B0D}"= TCP:C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server
"{5148B32A-3C4C-4A09-B0D1-2C05515C1428}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{C20299BD-6A8E-477D-8D3A-573E6FBE5850}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{F0ECBF53-89DE-4AA3-96A4-49DC28A0864E}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{D6E597D7-10BF-4590-9718-6DC1B43EBD73}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{3247F591-15AF-475D-8136-32324675758C}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{6EB47315-56CA-4871-818A-D92353F87117}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{8CF68E0E-6F84-4D84-8094-8E7DE7E1584C}"= UDP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{429892F2-6818-4457-A7C8-3E8A5F8323BE}"= TCP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{804ADD5D-D460-4513-BF6E-8F31F84177B2}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{5F87594A-6FF6-4CE0-84CD-D91448D3E221}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{5B23FF40-88B2-48DE-8398-E6E1A303E6B7}"= UDP:443:TCP port 443 ooVoo
"{71A36C96-EEA9-4594-81D4-8197D9D90A8E}"= TCP:443:UDP port 443 ooVoo
"{3024E162-5300-423E-BBC2-66A2B364E530}"= UDP:37674:TCP port 37674 ooVoo
"{13A729A8-F2B7-40FC-9326-5EB1B03F59E3}"= TCP:37674:UDP port 37674 ooVoo
"{069FC467-1805-49FA-ABC8-389261600682}"= TCP:37675:UDP port 37675 ooVoo
"TCP Query User{8E5DE5F7-E84C-4C36-9025-B45BA65F7F50}D:\\bitcomet\\bitcomet.exe"= UDP:D:\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{2EC208F2-B6CC-4C8E-A923-B8CED862F08D}D:\\bitcomet\\bitcomet.exe"= TCP:D:\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"TCP Query User{DF96001B-E0AF-4224-9906-ACBF202753CA}D:\\ares destiny\\ares.exe"= UDP:D:\ares destiny\ares.exe:Ares p2p for windows
"UDP Query User{FDDFFB36-0084-4541-BBE9-25EB826A371A}D:\\ares destiny\\ares.exe"= TCP:D:\ares destiny\ares.exe:Ares p2p for windows
"TCP Query User{7A129059-210F-4617-B03E-D91DE2EC0D34}C:\\program files\\winamp remote\\bin\\orbtray.exe"= UDP:C:\program files\winamp remote\bin\orbtray.exe:Orb
"UDP Query User{C6A0EC0D-FB01-40D8-B616-2F5F06AF8388}C:\\program files\\winamp remote\\bin\\orbtray.exe"= TCP:C:\program files\winamp remote\bin\orbtray.exe:Orb
"{74BC0BC5-DA62-4319-BEB1-FC3B5A63562F}"= UDP:C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:SMC Service
"{93CE87FB-C928-4A7D-9A82-BF1B0EEEED8F}"= TCP:C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:SMC Service
"{9001DF20-B39A-4274-A99B-38FA1051B75F}"= UDP:C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE:SNAC Service
"{86B1F8A7-9D31-41AC-8EA4-661D8ADD46A1}"= TCP:C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE:SNAC Service
"{66F8449D-BD0B-4500-8699-22065B359785}"= UDP:C:\Program Files\Common Files\Symantec Shared\ccApp.exe:Symantec Email
"{9E04FDDB-0D48-49E7-AB2F-D0D6CF4CD403}"= TCP:C:\Program Files\Common Files\Symantec Shared\ccApp.exe:Symantec Email
"TCP Query User{CE7030E7-8F4A-41E4-B210-E0FD27029B47}C:\\program files\\winamp remote\\bin\\orbir.exe"= UDP:C:\program files\winamp remote\bin\orbir.exe:OrbIR
"UDP Query User{658D05C2-CF3B-4152-8B1A-7965A6BC763C}C:\\program files\\winamp remote\\bin\\orbir.exe"= TCP:C:\program files\winamp remote\bin\orbir.exe:OrbIR
"TCP Query User{10128BE4-2B8A-48AB-A414-F1BAA8C0D91E}C:\\program files\\winamp remote\\bin\\orb.exe"= UDP:C:\program files\winamp remote\bin\orb.exe:Orb Application
"UDP Query User{2FA471A1-285E-4DA2-A96D-72D4B000611E}C:\\program files\\winamp remote\\bin\\orb.exe"= TCP:C:\program files\winamp remote\bin\orb.exe:Orb Application
"TCP Query User{07CE3D9D-DEE7-4332-996C-0381C082C848}D:\\ares destiny\\ares.exe"= UDP:D:\ares destiny\ares.exe:Ares p2p for windows
"UDP Query User{5E904CE6-E2C3-4292-99DC-E6396514E46A}D:\\ares destiny\\ares.exe"= TCP:D:\ares destiny\ares.exe:Ares p2p for windows
"TCP Query User{85E0D794-5C9C-4E61-B8B1-48D20480F1CB}D:\\utorrent 1 8\\utorrent.exe"= UDP:D:\utorrent 1 8\utorrent.exe:µTorrent
"UDP Query User{825C07D1-3B94-4E00-8578-FB9840608AD5}D:\\utorrent 1 8\\utorrent.exe"= TCP:D:\utorrent 1 8\utorrent.exe:µTorrent
"{608035D9-DD1D-45EB-BB24-1F1DD22F1F55}"= UDP:C:\Users\Aristide\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{309F3D08-4895-41C5-8522-047099195F24}"= TCP:C:\Users\Aristide\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"TCP Query User{B9F11B52-69A6-4F03-B4C3-96D9EA1634B8}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 2009\\english\\setup.exe"= UDP:C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe:Kaspersky Internet Security 2009 Setup
"UDP Query User{F5263E24-6FC4-429E-B40D-7B27C2D6379C}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 2009\\english\\setup.exe"= TCP:C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe:Kaspersky Internet Security 2009 Setup
"{7778CC22-D429-41BC-A46D-7127FCEB3551}"= UDP:26579:BitComet 26579 TCP
"{A6017C98-2F10-4F77-9677-734D3EA2AADE}"= TCP:26579:BitComet 26579 UDP
"{A44123C7-21DB-4F64-9CF6-9946A8E45CED}"= UDP:26579:BitComet 26579 TCP
"{3801B058-1E8C-4323-A859-DB49931583D1}"= TCP:26579:BitComet 26579 UDP
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"DoNotAllowExceptions"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
R0 klbg;Kaspersky Lab Boot Guard Driver;C:\Windows\system32\drivers\klbg.sys [2008-01-29 32784]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys [2008-07-09 20496]
R2 UxTuneUp;TuneUp Extension de thème;C:\Windows\System32\svchost.exe [2006-11-02 22016]
R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-12-21 3478528]
R3 e4usbaw;USB ADSL2 WAN Adapter;C:\Windows\system32\DRIVERS\e4usbaw.sys [2007-01-04 104344]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\Windows\system32\DRIVERS\klfltdev.sys [2008-03-13 26640]
S0 OemBiosDevice;Royalty OEM BIOS Extension;C:\Windows\system32\DRIVERS\royal.sys [2007-03-02 240128]
S2 E4LOADER;General Purpose USB Driver (e4ldr.sys);C:\Windows\system32\Drivers\e4ldr.sys [2007-01-04 69656]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;D:\EVEREST Ultimate Edition\kerneld.wnt [2008-03-17 23152]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.exe [2008-09-13 307968]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
rsmsvcs REG_MULTI_SZ ntmssvc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-eMuleAutoStart - D:\Emule\emule.exe
HKLM-Run-UnlockerAssistant - D:\Unlocker 1 8 7\Unlocker\UnlockerAssistant.exe
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-03 19:48:30
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\System32\Ati2evxx.exe
C:\Windows\System32\audiodg.exe
C:\Windows\System32\Ati2evxx.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\System32\conime.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\System32\wbem\unsecapp.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
D:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
C:\Windows\System32\dllhost.exe
.
**************************************************************************
.
Completion time: 2008-10-03 19:55:43 - machine was rebooted
ComboFix-quarantined-files.txt 2008-10-03 19:55:36
ComboFix2.txt 2008-10-03 15:17:03
Avant-CF: 9ÿ560ÿ309ÿ760 octets libres
Post-Run: 8,996,155,392 octets libres
400 --- E O F --- 2008-08-30 05:25:49
- Télécharge RavAntivirus d'Evosla sur ton bureau :
http://ww25.evosla.com/compteur.php?soft=rav_antivirus
- Branche tes disques amovibles à ton PC (clefs USB, disque dur externe, etc...) sans les ouvrir avant de lancer le fix
- Clique droit sur le fichier rav.zip, puis "Extraire Ici".
- Doucle-clique sur "rav.exe" pour lancer le fix. (Pour Vista, clique droit sur rav et choisis Exécuter en tant qu'administrateur)
- Laisse le programme agir : il scanne automatiquement tous les lecteurs (disques fixes et amovibles)
- Quitte le programme quand le message suivant apparaît : Votre ordinateur est sain
- Ensuite : retire tes disques amovibles et redémarre le PC.
http://ww25.evosla.com/compteur.php?soft=rav_antivirus
- Branche tes disques amovibles à ton PC (clefs USB, disque dur externe, etc...) sans les ouvrir avant de lancer le fix
- Clique droit sur le fichier rav.zip, puis "Extraire Ici".
- Doucle-clique sur "rav.exe" pour lancer le fix. (Pour Vista, clique droit sur rav et choisis Exécuter en tant qu'administrateur)
- Laisse le programme agir : il scanne automatiquement tous les lecteurs (disques fixes et amovibles)
- Quitte le programme quand le message suivant apparaît : Votre ordinateur est sain
- Ensuite : retire tes disques amovibles et redémarre le PC.
Bonjour,
Vlà. je viens de scanner mon poste avec RavAntivirus d'Evosla, je ne sais pas s'il y a encore une autre étape mais je voulais déjà te dire un grand merci, car ça m'a evité un formatage de la partition où est situé mon OS.
Vlà. je viens de scanner mon poste avec RavAntivirus d'Evosla, je ne sais pas s'il y a encore une autre étape mais je voulais déjà te dire un grand merci, car ça m'a evité un formatage de la partition où est situé mon OS.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Salut,
Non il n'a rien détecté.
Mais j'ai lancé après un scan complet de kaspersky. Il m'a déniché certains virus. J'ai pu désinfecté les fichiers infectés. Présentement le scan est en cours. Après le scan je pense que je serai beaucoup plus rassuré.
Non il n'a rien détecté.
Mais j'ai lancé après un scan complet de kaspersky. Il m'a déniché certains virus. J'ai pu désinfecté les fichiers infectés. Présentement le scan est en cours. Après le scan je pense que je serai beaucoup plus rassuré.
rapport kaspersky
Full Scan: completed 03/10/2008 23:11:19 (events: 1476, objects: 753063, time: 01:36:18)
25/09/2008 17:17:35 Task completed
25/09/2008 17:14:29 Task started
Full Scan: completed 03/10/2008 23:11:19 (events: 1476, objects: 753063, time: 01:36:18)
26/09/2008 14:12:57 Task completed
26/09/2008 14:12:52 Task started
Full Scan: completed 03/10/2008 23:11:19 (events: 1476, objects: 753063, time: 01:36:18)
29/09/2008 14:42:29 Task completed
29/09/2008 14:42:28 Task started
Full Scan: completed 03/10/2008 23:11:19 (events: 1476, objects: 753063, time: 01:36:18)
30/09/2008 06:29:16 Password protected J:\Web\Saved_Games.rar
30/09/2008 06:29:16 Password protected J:\Web\Saved_Games.rar
30/09/2008 06:29:00 Untreated: Trojan-Spy.Win32.BZub.ffd J:\Web\Kaspersky Internet Security 2009 version 8.0.0.357 + Blacklist PROOF key\kis8.0.0.357en.exe/data0000.cab/is157000.exe Postponed
30/09/2008 06:28:59 Detected: Trojan-Spy.Win32.BZub.ffd J:\Web\Kaspersky Internet Security 2009 version 8.0.0.357 + Blacklist PROOF key\kis8.0.0.357en.exe/data0000.cab/is157000.exe
30/09/2008 02:58:29 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\ru.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:29 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\zh_CN.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:29 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\zh_TW.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\sv.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\nb.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\nl.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\ko.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\ja.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\it.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\fr.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\fi.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\es.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\en.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\QuickTimePlayer.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\de.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\da.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\zh_TW.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\zh_CN.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\sv.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\ru.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\nb.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\nl.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\ja.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\ko.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\it.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\fr.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\fi.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\es.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\en.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\QuickTimeWebHelper.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\de.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\da.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\zh_TW.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\zh_CN.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\ru.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\sv.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\nl.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:26 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\nb.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:26 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\ko.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:26 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\ja.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\it.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\fi.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\fr.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\es.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\de.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\en.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\QuickTimeVRAuthoring.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\zh_TW.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\da.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\zh_CN.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\sv.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\ru.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\nl.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\nb.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\ko.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\ja.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:24 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\it.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:24 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\fr.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:24 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\fi.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:24 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\es.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:24 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\en.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\de.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\da.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\QuickTimeVR.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\zh_TW.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\sv.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\zh_CN.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\ru.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\nl.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\nb.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\ko.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\ja.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\it.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\fr.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\fi.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\es.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\en.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\de.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\da.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\QuickTimeStreamingExtras.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\zh_TW.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\zh_CN.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\sv.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\ru.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\nl.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\ko.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\nb.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\ja.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\es.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\it.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\fr.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\en.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\fi.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:21 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\de.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:21 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\da.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:21 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\zh_TW.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:21 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\QuickTimeStreamingAuthoring.qtr
30/09/2008 02:58:21 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\zh_CN.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:21 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\sv.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:21 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\nl.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:21 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\ru.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:21 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\nb.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:21 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\ko.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:20 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\ja.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:20 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\it.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:20 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\fr.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:20 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\fi.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:20 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\en.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:20 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\es.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\de.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\da.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\QuickTimeStreaming.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\zh_TW.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\zh_CN.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\sv.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\ru.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\nl.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\nb.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\ko.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\ja.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\fi.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\es.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\it.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\fr.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\en.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\de.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\QuickTimeQD3D.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\da.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\zh_TW.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\sv.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\zh_CN.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\nb.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\ru.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\nl.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\ko.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\it.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\ja.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\es.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\fr.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\fi.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\QuickTimeMusic.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\en.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\de.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\da.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\ru.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\zh_TW.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\zh_CN.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\sv.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\nl.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\nb.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\fr.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\ko.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\ja.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\es.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\it.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\fi.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\de.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\en.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\da.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\QuickTimeMPEG4Authoring.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\zh_TW.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\zh_CN.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\sv.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\ru.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\nl.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\ko.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\nb.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\ja.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\it.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\fr.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\es.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\fi.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\da.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\en.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\de.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\QuickTimeMPEG4.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\zh_TW.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\zh_CN.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\nl.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\sv.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\ru.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\nb.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\ko.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\ja.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\fr.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\it.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\fi.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\es.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\en.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\de.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\da.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\QuickTimeMPEG.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\zh_TW.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\zh_CN.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:14 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\sv.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:14 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\ru.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:14 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\nb.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:14 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\nl.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:14 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\ko.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:14 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\ja.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:14 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\it.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:14 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\fr.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\fi.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\es.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\da.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\de.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\en.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\zh_CN.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\QuickTimeInternetExtras.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\zh_TW.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\sv.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\ru.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\ko.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\nl.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\nb.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\it.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\ja.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\fr.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\fi.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\es.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\en.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\de.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\da.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\QuickTimeImage.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\zh_TW.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\zh_CN.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\sv.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\nb.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\ru.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\nl.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\ja.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\ko.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\it.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\fr.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\fi.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\es.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\en.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\de.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeEssentials.Resources\sv.lproj\QuickTimeEssentialsLocalized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\QuickTimeH264.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\da.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeEssentials.Resources\zh_TW.lproj\QuickTimeEssentialsLocalized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeEssentials.Resources\zh_CN.lproj\QuickTimeEssentialsLocalized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeEssentials.Resources\ru.lproj\QuickTimeEssentialsLocalized.qtr
30/09/2008 02:58:12 Detected
Full Scan: completed 03/10/2008 23:11:19 (events: 1476, objects: 753063, time: 01:36:18)
25/09/2008 17:17:35 Task completed
25/09/2008 17:14:29 Task started
Full Scan: completed 03/10/2008 23:11:19 (events: 1476, objects: 753063, time: 01:36:18)
26/09/2008 14:12:57 Task completed
26/09/2008 14:12:52 Task started
Full Scan: completed 03/10/2008 23:11:19 (events: 1476, objects: 753063, time: 01:36:18)
29/09/2008 14:42:29 Task completed
29/09/2008 14:42:28 Task started
Full Scan: completed 03/10/2008 23:11:19 (events: 1476, objects: 753063, time: 01:36:18)
30/09/2008 06:29:16 Password protected J:\Web\Saved_Games.rar
30/09/2008 06:29:16 Password protected J:\Web\Saved_Games.rar
30/09/2008 06:29:00 Untreated: Trojan-Spy.Win32.BZub.ffd J:\Web\Kaspersky Internet Security 2009 version 8.0.0.357 + Blacklist PROOF key\kis8.0.0.357en.exe/data0000.cab/is157000.exe Postponed
30/09/2008 06:28:59 Detected: Trojan-Spy.Win32.BZub.ffd J:\Web\Kaspersky Internet Security 2009 version 8.0.0.357 + Blacklist PROOF key\kis8.0.0.357en.exe/data0000.cab/is157000.exe
30/09/2008 02:58:29 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\ru.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:29 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\zh_CN.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:29 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\zh_TW.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\sv.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\nb.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\nl.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\ko.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\ja.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\it.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\fr.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\fi.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\es.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\en.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\QuickTimePlayer.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\de.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QuickTimePlayer.Resources\da.lproj\QuickTimePlayerLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\zh_TW.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\zh_CN.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\sv.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:28 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\ru.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\nb.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\nl.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\ja.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\ko.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\it.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\fr.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\fi.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\es.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\en.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\QuickTimeWebHelper.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\de.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeWebHelper.Resources\da.lproj\QuickTimeWebHelperLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\zh_TW.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\zh_CN.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\ru.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\sv.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:27 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\nl.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:26 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\nb.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:26 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\ko.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:26 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\ja.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\it.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\fi.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\fr.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\es.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\de.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\en.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\QuickTimeVRAuthoring.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\zh_TW.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVRAuthoring.Resources\da.lproj\QuickTimeVRAuthoringLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\zh_CN.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\sv.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\ru.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\nl.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\nb.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\ko.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:25 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\ja.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:24 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\it.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:24 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\fr.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:24 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\fi.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:24 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\es.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:24 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\en.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\de.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\da.lproj\QuickTimeVRLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeVR.Resources\QuickTimeVR.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\zh_TW.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\sv.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\zh_CN.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\ru.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\nl.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\nb.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\ko.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\ja.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\it.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\fr.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\fi.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\es.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\en.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\de.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\da.lproj\QuickTimeStreamingExtrasLocalized.qtr
30/09/2008 02:58:23 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingExtras.Resources\QuickTimeStreamingExtras.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\zh_TW.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\zh_CN.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\sv.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\ru.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\nl.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\ko.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\nb.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\ja.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\es.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\it.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\fr.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\en.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:22 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\fi.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:21 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\de.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:21 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\da.lproj\QuickTimeStreamingAuthoringLocalized.qtr
30/09/2008 02:58:21 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\zh_TW.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:21 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreamingAuthoring.Resources\QuickTimeStreamingAuthoring.qtr
30/09/2008 02:58:21 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\zh_CN.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:21 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\sv.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:21 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\nl.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:21 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\ru.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:21 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\nb.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:21 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\ko.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:20 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\ja.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:20 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\it.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:20 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\fr.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:20 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\fi.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:20 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\en.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:20 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\es.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\de.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\da.lproj\QuickTimeStreamingLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeStreaming.Resources\QuickTimeStreaming.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\zh_TW.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\zh_CN.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\sv.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\ru.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\nl.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\nb.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\ko.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\ja.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\fi.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\es.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\it.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\fr.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\en.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\de.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\QuickTimeQD3D.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeQD3D.Resources\da.lproj\QuickTimeQD3DLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\zh_TW.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\sv.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\zh_CN.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\nb.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\ru.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:19 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\nl.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\ko.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\it.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\ja.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\es.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\fr.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\fi.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\QuickTimeMusic.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\en.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\de.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMusic.Resources\da.lproj\QuickTimeMusicLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\ru.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\zh_TW.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\zh_CN.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:18 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\sv.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\nl.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\nb.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\fr.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\ko.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\ja.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\es.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\it.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\fi.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\de.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\en.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\da.lproj\QuickTimeMPEG4AuthoringLocalized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4Authoring.Resources\QuickTimeMPEG4Authoring.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\zh_TW.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\zh_CN.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\sv.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\ru.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:17 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\nl.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\ko.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\nb.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\ja.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\it.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\fr.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\es.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\fi.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\da.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\en.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\de.lproj\QuickTimeMPEG4Localized.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG4.Resources\QuickTimeMPEG4.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\zh_TW.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:16 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\zh_CN.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\nl.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\sv.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\ru.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\nb.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\ko.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\ja.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\fr.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\it.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\fi.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\es.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\en.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\de.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\da.lproj\QuickTimeMPEGLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeMPEG.Resources\QuickTimeMPEG.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\zh_TW.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:15 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\zh_CN.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:14 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\sv.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:14 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\ru.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:14 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\nb.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:14 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\nl.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:14 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\ko.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:14 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\ja.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:14 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\it.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:14 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\fr.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\fi.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\es.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\da.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\de.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\en.lproj\QuickTimeInternetExtrasLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\zh_CN.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeInternetExtras.Resources\QuickTimeInternetExtras.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\zh_TW.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\sv.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\ru.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\ko.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\nl.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\nb.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\it.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\ja.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\fr.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\fi.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\es.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\en.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\de.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\da.lproj\QuickTimeImageLocalized.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeImage.Resources\QuickTimeImage.qtr
30/09/2008 02:58:13 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\zh_TW.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\zh_CN.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\sv.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\nb.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\ru.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\nl.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\ja.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\ko.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\it.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\fr.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\fi.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\es.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\en.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\de.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeEssentials.Resources\sv.lproj\QuickTimeEssentialsLocalized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\QuickTimeH264.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeH264.Resources\da.lproj\QuickTimeH264Localized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeEssentials.Resources\zh_TW.lproj\QuickTimeEssentialsLocalized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeEssentials.Resources\zh_CN.lproj\QuickTimeEssentialsLocalized.qtr
30/09/2008 02:58:12 Detected: https://securelist.com/ d:\quicktime\QTSystem\QuickTimeEssentials.Resources\ru.lproj\QuickTimeEssentialsLocalized.qtr
30/09/2008 02:58:12 Detected
Ok reçu. Je désistalle supprime les clés avec tuneUp et reprend le scan avec kaspersky. A la fin je posterai le rapport.
Salut,
je n'arrive pas à editer mon rapport depuis 2 jours. Kaspersky tourne , je crois normalement, il effectue ts les scans normalement; mais lorsqu'il s'agit d'éditer le rapport, il plante.
En fait j'avais choper un virus qui le faisait planter. En utilisant Findykill et combofix j'ai pu le remettre en etat de fonctionement mais pour le rapport afin de vérifier si ts les virus sont oter il plante.
Un idée? ;-)
je n'arrive pas à editer mon rapport depuis 2 jours. Kaspersky tourne , je crois normalement, il effectue ts les scans normalement; mais lorsqu'il s'agit d'éditer le rapport, il plante.
En fait j'avais choper un virus qui le faisait planter. En utilisant Findykill et combofix j'ai pu le remettre en etat de fonctionement mais pour le rapport afin de vérifier si ts les virus sont oter il plante.
Un idée? ;-)
