Sujet Précédent Sujet Suivant

Problème trojans

Fermé
diegoasm Messages postés 20 Date d'inscription mercredi 19 novembre 2008 Statut Membre Dernière intervention 4 décembre 2008 - 19 nov. 2008 à 21:16
diegoasm Messages postés 20 Date d'inscription mercredi 19 novembre 2008 Statut Membre Dernière intervention 4 décembre 2008 - 4 déc. 2008 à 16:49
Bonjour,

Voila je suis infecté depuis quelques jours de nombreux trojans, qui m'affichent sans cesse lorsque je navigue sur internet le message suivant :
"Processus hote pour les services windows a cessé de fonctionner"

De plus, mon pc se coupe parfois et un ecran bleu apparait...

J'ai réussit a obtenir les noms de certains trojans:
Win32/Wigon.DV
Win32/Vundo.gen!D
Win32/Renos.AW

Mon probleme est que nod32 ne supprime pas ces virus et des logiciels tel que Spybot ou encore Malwarebytes ne se lancent plus, un message apparait a chaque fois que j'ouvre ces logiciels
"Malwaresbytes a cesser de fonctionner"

Je joins ici le rapport Hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:16:18, on 19/11/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16757)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Users\Gauthier\AppData\Local\Temp\winlogin.exe
C:\Windows\System32\rs32net.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Windows\System32\rs32net.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\notepad.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\wermgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe
C:\Users\Gauthier\AppData\Local\Temp\csrssc.exe
C:\Users\Gauthier\Downloads\mbam-setup.exe
C:\Windows\system32\WerFault.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\WerFault.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: C:\Windows\system32\jsne87fidgf.dll - {C5BF49A2-94F3-42BD-F434-3604812C897D} - C:\Windows\system32\jsne87fidgf.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [xsjfn83jkemfofght] C:\Users\Gauthier\AppData\Local\Temp\winlogin.exe
O4 - HKLM\..\Run: [rs32net] C:\Windows\System32\rs32net.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [update 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000] %AppData%\wunauclt.exe
O4 - HKCU\..\Run: [xsjfn83jkemfofght] C:\Users\Gauthier\AppData\Local\Temp\winlogin.exe
O4 - HKCU\..\Run: [Jnskdfmf9eldfd] C:\Users\Gauthier\AppData\Local\Temp\csrssc.exe
O4 - HKCU\..\Run: [rs32net] C:\Windows\System32\rs32net.exe
O4 - HKCU\..\Run: [12CFG94-z641-2SF-N31P-5M1ER6H6L1] C:\RECYCLER\S-1-5-21-2543280688-2235057422-947018642-0300\winigon.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\StartRegistryBooster.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.zebulon.fr/outils/antivirus/kavwebscan_unicode.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: mjwjmcu - C:\Windows\SYSTEM32\mjwjmcu32.dll
O22 - SharedTaskScheduler: mcb7uehuj3n8weuhejsw - {C5BF49A2-94F3-42BD-F434-3604812C897D} - C:\Windows\system32\jsne87fidgf.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FCI - Unknown owner - C:\Windows\system32\fci.exe.exe:ext.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: ICF - Unknown owner - C:\Windows\system32\icf.exe.exe:ext.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

34 réponses

Précédent
  • 1
  • 2
Réponse 21 / 34
diegoasm Messages postés 20 Date d'inscription mercredi 19 novembre 2008 Statut Membre Dernière intervention 4 décembre 2008
26 nov. 2008 à 20:11
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:11:16, on 26/11/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16757)
Boot mode: Normal

Running processes:
C:\Windows\system32\uesiuqcr.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Windows\system32\uesiuqcr.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: getfn32.msiets - {21A237A4-3A94-4198-911D-647ED2263DD2} - C:\Windows\system32\getfn32.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FCI - Unknown owner - C:\Windows\system32\fci.exe.exe:ext.exe (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: ICF - Unknown owner - C:\Windows\system32\icf.exe.exe:ext.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
0
Réponse 22 / 34
jorginho67 Messages postés 14716 Date d'inscription mardi 11 septembre 2007 Statut Contributeur sécurité Dernière intervention 11 février 2011 1 169
26 nov. 2008 à 20:46
Télécharge combofix.exe (par sUBs) et sauvegarde le sur ton bureau.
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

* Déconnecte toi d'internet et ferme toutes tes applications.

* Désactive tes protections (antivirus, parefeu,antispyware) provisoirement et seulement le temps de l'utilisation de ComboFix,

* Double-clic sur combofix.exe, il est possible que ton parefeu te demande si tu acceptes ou non l'accès de nircmd.cfexe à la zone sûre: accepte.

* /!\ Ne touche à rien tant que le scan n'est pas terminé.Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne /!\

* Attends que Combofix ait terminé, un rapport sera créé.

* réactive ton parefeu, ton antivirus, la garde de ton antispyware

* copie/colle le rapport, le rapport se trouve dans : C:Combofix.txt

* Réactive tes protections en temps réel, Antivirus, Antispywares, avant de te reconnecter à internet.
0
Réponse 23 / 34
diegoasm Messages postés 20 Date d'inscription mercredi 19 novembre 2008 Statut Membre Dernière intervention 4 décembre 2008
26 nov. 2008 à 21:58
Comme pour SDFix ou Malwarebytes, je ne parviens pas a l'executer. Dois-je essayer en mode sans echec?
0
Réponse 24 / 34
diegoasm Messages postés 20 Date d'inscription mercredi 19 novembre 2008 Statut Membre Dernière intervention 4 décembre 2008
3 déc. 2008 à 19:07
N'ayant pas reçu de réponse, j'ai essayer de me débrouiller par moi même, mais sans résultat....

Je sais que je suis infecté par Generic.Malwares, mais bitdefender ne parvient pas a le supprimer. Je suis également infecté par windows protection center, et les sites expliquant comment s'en débarrasser ne m'aident pas.

Je n'ai également plus accès au gestionnaire des taches.

Merci de bien vouloir m'aider :)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 34
jorginho67 Messages postés 14716 Date d'inscription mardi 11 septembre 2007 Statut Contributeur sécurité Dernière intervention 11 février 2011 1 169
3 déc. 2008 à 19:48
Fais un clic droit sur SDFix => renommer
Nomme le comme tu veux ( diego par exemple ), démarre en MSE et essaye de le lancer
0
Réponse 26 / 34
diegoasm Messages postés 20 Date d'inscription mercredi 19 novembre 2008 Statut Membre Dernière intervention 4 décembre 2008
3 déc. 2008 à 21:10
J'ai pas réussi a le lancer en mode sans echec....
Par contre j'ai fait un log en mode normal si sa peut t'aider


[b]System Report[/b]
*************

Run on 03/12/2008 at 21:07

Microsoft Windows [version 6.0.6000]

Current user is an administrator

[b]Running Processes[/b]:

\SystemRoot\System32\smss.exe [552]
C:\Windows\system32\csrss.exe [624]
C:\Windows\system32\wininit.exe [672]
C:\Windows\system32\csrss.exe [680]
C:\Windows\system32\services.exe [716]
C:\Windows\system32\lsass.exe [732]
C:\Windows\system32\lsm.exe [740]
C:\Windows\system32\svchost.exe [884]
C:\Windows\system32\nvvsvc.exe [960]
C:\Windows\system32\svchost.exe [984]
C:\Windows\System32\svchost.exe [1020]
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe [1072]
C:\Windows\system32\winlogon.exe [1096]
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe [1132]
C:\Windows\System32\svchost.exe [1200]
C:\Windows\System32\svchost.exe [1224]
C:\Windows\system32\svchost.exe [1248]
C:\Windows\system32\SLsvc.exe [1348]
C:\Windows\system32\svchost.exe [1504]
C:\Windows\system32\svchost.exe [1616]
C:\Windows\system32\rundll32.exe [1644]
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [1892]
C:\Windows\system32\WLANExt.exe [1964]
C:\Windows\system32\uesiuqcr.exe [2024]
C:\Windows\system32\Dwm.exe [332]
C:\Windows\Explorer.EXE [400]
C:\Program Files\Windows Defender\MSASCui.exe [784]
C:\Windows\System32\spoolsv.exe [2000]
C:\Windows\system32\svchost.exe [1864]
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [616]
C:\Program Files\Orange\Systray\SystrayApp.exe [1384]
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [1944]
C:\Windows\System32\rundll32.exe [1628]
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [1824]
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe [440]
C:\Windows\system32\taskeng.exe [2064]
C:\Program Files\Windows Sidebar\sidebar.exe [2108]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2180]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2208]
C:\Program Files\Logitech\SetPoint\SetPoint.exe [2220]
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe [2356]
C:\Program Files\Windows Sidebar\sidebar.exe [2504]
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE [2768]
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [3312]
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [3416]
C:\Windows\system32\svchost.exe [3516]
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [3560]
C:\Windows\system32\PnkBstrA.exe [3608]
C:\Windows\system32\svchost.exe [3644]
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [3700]
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [3720]
C:\Windows\system32\svchost.exe [3796]
C:\Windows\System32\svchost.exe [3824]
C:\Windows\system32\SearchIndexer.exe [3884]
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [3988]
C:\Windows\system32\wbem\wmiprvse.exe [2460]
C:\Windows\system32\taskeng.exe [1512]
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [3144]
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe [4672]
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe [4908]
C:\Program Files\Windows Live\Messenger\usnsvc.exe [5340]
C:\Windows\servicing\TrustedInstaller.exe [5812]
C:\Windows\system32\conime.exe [3688]
C:\Windows\system32\wuauclt.exe [4848]
C:\Windows\system32\wbem\wmiprvse.exe [2352]
C:\diego\apps\procs.exe [5756]


[b]Drivers - Running[/b]:

ACPI
AFD
atapi
bdfm
Bdfndisf
bdfsfltr
bdftdif
BDSelfPr
BDVEDISK
Beep
bowser
BT
BTHidEnum
BTHidMgr
cdfs
cdrom
circlass
CLFS
CmBatt
Compbatt
crcdisk
DfsC
disk
DXGKrnl
Ecache
FileInfo
FltMgr
GEARAspiWDM
HdAudAddService
HDAudBus
HidIr
HidUsb
HTTP
i8042prt
iaStor
intelide
intelppm
iScsiPrt
itecir
JRAID
kbdclass
kbdhid
KSecDD
LHidFilt
lltdio
LMouFilt
luafv
Modem
monitor
mouclass
mouhid
MountMgr
mpsdrv
MRxDAV
mrxsmb
mrxsmb10
mrxsmb20
Msfs
msisadrv
mssmbios
Mup
NativeWifiP
NDIS
NdisTapi
Ndisuio
NdisWan
NDProxy
NetBIOS
netbt
NETw4v32
Npfs
nsiproxy
Ntfs
Null
nvlddmkm
ohci1394
partmgr
pci
PEAUTH
PptpMiniport
PSched
RasAcd
Rasl2tp
RasPppoe
rdbss
RDPCDD
RDPENCDD
RDPWD
rimmptsk
rimsptsk
ROOTMODEM
rspndr
sdbus
secdrv
Serenum
Smb
spldr
sptd
srv
srv2
srvnet
swenum
Tcpip
tcpipreg
TDTCP
tdx
TermDD
tssecsrv
tunmp
tunnel
umbus
usbccgp
usbehci
usbhub
usbuhci
usbvideo
VComm
VcommMgr
VgaSave
volmgr
volmgrx
volsnap
Wanarpv6
Wdf01000
yukonwlh


[b]Drivers - Stopped[/b]:

adp94xx
adpahci
adpu160m
adpu320
agp440
aic78xx
aliide
amdagp
amdide
AmdK7
AmdK8
arc
arcsas
AsyncMac
blbdrive
BrFiltLo
BrFiltUp
Brserid
BrSerWdm
BrUsbMdm
BrUsbSer
Btcsrusb
BTHMODEM
cmdide
Crusoe
driverhardwarev2
drmkaud
E1G60
elxstor
EraserUtilRebootDrv
fastfat
fdc
Filetrace
flpydisk
gagp30kx
HidBth
HpCISSs
i2omp
iaStorV
iirsp
IpFilterDriver
IpInIp
IPMIDRV
IPNAT
IRENUM
isapnp
iteatapi
iteraid
jatmlano
LSI_FC
LSI_SAS
LSI_SCSI
megasas
mpio
Mraid35x
msahci
msdsm
MSKSSRV
MSPCLOCK
MSPQM
MsRPC
MSTEE
NETw3v32
nfrd960
ntrigdigi
nvraid
nvstor
nv_agp
NwlnkFlt
NwlnkFwd
Parport
Parvdm
PCAMp50
PCASp50
pciide
pcmcia
Processor
Profos
ql2300
ql40xx
QWAVEdrv
rdpdr
restore
sbp2port
Serial
sermouse
sffdisk
sffp_mmc
sffp_sd
sfloppy
sisagp
SiSRaid2
SiSRaid4
Symc8xx
Sym_hi
Sym_u3
Tcpip6
TDPIPE
Trufos
uagp35
udfs
uliagpkx
uliahci
UlSata
ulsata2
usbcir
usbohci
usbprint
USBSTOR
vga
viaagp
ViaC7
viaide
vsmraid
WacomPen
Wanarp
Wd
WmiAcpi
WpdUsb
ws2ifsl
WUDFRd


[b]Services - Running[/b]:

aawservice
AeLookupSvc
AudioEndpointBuilder
Audiosrv
BFE
BITS
Browser
CertPropSvc
CryptSvc
DcomLaunch
Dhcp
Dnscache
DPS
EapHost
EMDMgmt
Eventlog
EventSystem
EvtEng
fdPHost
FDResPub
FTRTSVC
gpsvc
hidserv
hpqcxs08
hpqddsvc
IAANTMON
IKEEXT
iphlpsvc
KeyIso
KtmRm
LanmanServer
LanmanWorkstation
LIVESRV
lmhosts
MMCSS
MpsSvc
Netman
netprofm
NlaSvc
nsi
nvsvc
PcaSvc
PlugPlay
PnkBstrA
PolicyAgent
ProfSvc
RasMan
RegSrvc
RoxMediaDB9
RoxWatch9
RpcSs
SamSs
SBSDWSCService
Schedule
seclogon
SENS
SessionEnv
ShellHWDetection
slsvc
Spooler
SSDPSRV
stisvc
SysMain
TabletInputService
TapiSrv
TermService
Themes
TrkWks
TrustedInstaller
upnphost
usnjsvc
UxSms
VSSERV
W32Time
WdiSystemHost
WebClient
WerSvc
WinDefend
WinHttpAutoProxySvc
Winmgmt
Wlansvc
WPDBusEnum
wscsvc
WSearch
wuauserv
wudfsvc


[b]Services - Stopped[/b]:

ALG
Appinfo
Arrakis3
clr_optimization_v2.0.50727_32
COMSysApp
DFSR
dot3svc
ehRecvr
ehSched
ehstart
FCI
FontCache3.0.0.0
hkmsvc
ICF
IDriverT
idsvc
IPBusEnum
LBTServ
lltdsvc
maconfservice
Mcx2Svc
MSDTC
MSiSCSI
msiserver
napagent
Netlogon
NetTcpPortSharing
ose
p2pimsvc
p2psvc
pla
PNRPAutoReg
PNRPsvc
ProtectedStorage
QWAVE
RasAuto
RemoteAccess
RemoteRegistry
RichVideo
RpcLocator
scan
SCardSvr
SCPolicySvc
SDRSVC
SharedAccess
SLUINotify
SNMPTRAP
Start
Steam
stllssvr
swprv
Symantec
TBS
THREADORDER
UI0Detect
vds
VSS
wcncsvc
WcsPlugInService
WdiServiceHost
Wecsvc
wercplsupport
WinRM
WLSetupSvc
wmiApSrv
WMPNetworkSvc
WPCSvc


[b]Files Created/Modified - 60 Days[/b]:


C:\

3 Dec 2008 21:00:42 3 211 190 272 A.SH. "C:\hiberfil.sys"
3 Dec 2008 21:00:40 3 525 115 904 A.SH. "C:\pagefile.sys"


C:\Windows\

3 Dec 2008 21:00:46 67 584 A.S.. "C:\Windows\bootstat.dat"
3 Dec 2008 21:03:08 1 966 A.... "C:\Windows\default.htm"
30 Nov 2008 13:18:58 51 200 A.... "C:\Windows\inf\infpub.dat"
30 Nov 2008 13:18:58 86 016 A.... "C:\Windows\inf\infstor.dat"
30 Nov 2008 13:18:58 86 016 A.... "C:\Windows\inf\infstrng.dat"
23 Nov 2008 18:54:52 89 615 A.... "C:\Windows\System32\av.dat"
21 Oct 2008 6:16:22 1 645 568 A.... "C:\Windows\System32\connect.dll"
10 Oct 2008 4:52:38 2 036 576 A.... "C:\Windows\System32\D3DCompiler_40.dll"
10 Oct 2008 4:52:38 4 379 984 A.... "C:\Windows\System32\D3DX9_40.dll"
10 Oct 2008 4:52:38 452 440 A.... "C:\Windows\System32\d3dx10_40.dll"
21 Nov 2008 20:58:52 0 A.... "C:\Windows\System32\fci.exe.exe"
3 Dec 2008 18:57:54 437 296 A.... "C:\Windows\System32\FNTCACHE.DAT"
3 Dec 2008 21:00:56 14 848 A.... "C:\Windows\System32\getfn32.dll"
21 Nov 2008 20:58:28 0 A.... "C:\Windows\System32\icf.exe.exe"
10 Oct 2008 7:58:08 82 944 A.... "C:\Windows\System32\IEDFix.C.exe"
21 Nov 2008 21:09:52 0 A.... "C:\Windows\System32\mjwjmcu.dll"
3 Nov 2008 16:10:26 17 318 336 A.... "C:\Windows\System32\mrt.exe"
16 Oct 2008 5:40:38 425 472 A.... "C:\Windows\System32\netapi32.dll"
10 Oct 2008 7:58:08 82 944 A.... "C:\Windows\System32\o4Patch.exe"
23 Nov 2008 13:10:24 108 458 A.... "C:\Windows\System32\perfc009.dat"
23 Nov 2008 13:10:24 122 898 A.... "C:\Windows\System32\perfc00C.dat"
23 Nov 2008 13:10:24 621 374 A.... "C:\Windows\System32\perfh009.dat"
23 Nov 2008 13:10:24 702 978 A.... "C:\Windows\System32\perfh00C.dat"
23 Nov 2008 18:59:54 63 488 A.... "C:\Windows\System32\smwin32.dll"
26 Nov 2008 19:28:12 3 730 A.... "C:\Windows\System32\tmp.reg"
23 Nov 2008 16:58:40 192 512 A.... "C:\Windows\System32\txmlutil.dll"
23 Nov 2008 18:59:58 89 615 A.... "C:\Windows\System32\uesiuqcr.exe"
16 Oct 2008 22:12:20 561 688 A.... "C:\Windows\System32\wuapi.dll"
16 Oct 2008 13:56:04 31 232 A.... "C:\Windows\System32\wuapp.exe"
16 Oct 2008 22:09:44 51 224 A.... "C:\Windows\System32\wuauclt.exe"
16 Oct 2008 22:13:40 1 809 944 A.... "C:\Windows\System32\wuaueng.dll"
16 Oct 2008 21:56:30 1 524 736 A.... "C:\Windows\System32\wucltux.dll"
16 Oct 2008 21:56:00 83 456 A.... "C:\Windows\System32\wudriver.dll"
16 Oct 2008 22:08:58 34 328 A.... "C:\Windows\System32\wups.dll"
16 Oct 2008 22:09:44 43 544 A.... "C:\Windows\System32\wups2.dll"
16 Oct 2008 14:08:00 162 064 A.... "C:\Windows\System32\wuwebv.dll"
27 Oct 2008 10:04:16 23 376 A.... "C:\Windows\System32\X3DAudio1_5.dll"
27 Oct 2008 10:04:16 235 856 A.... "C:\Windows\System32\xactengine3_3.dll"
27 Oct 2008 10:04:14 70 992 A.... "C:\Windows\System32\XAPOFX1_2.dll"
27 Oct 2008 10:04:18 514 384 A.... "C:\Windows\System32\XAudio2_3.dll"
3 Dec 2008 21:01:00 6 A..H. "C:\Windows\Tasks\SA.DAT"
3 Dec 2008 20:48:54 0 A.... "C:\Windows\Temp\JET8499.tmp"
3 Dec 2008 21:01:48 0 A.... "C:\Windows\Temp\JET8564.tmp"
3 Dec 2008 18:57:52 0 A.... "C:\Windows\Temp\JET8D8F.tmp"
3 Dec 2008 18:54:12 0 A.... "C:\Windows\Temp\JETE6B5.tmp"
3 Dec 2008 20:53:18 0 A.... "C:\Windows\Temp\report.dat"
3 Dec 2008 20:53:20 0 A.... "C:\Windows\Temp\rtsr.dat"
3 Dec 2008 21:03:08 262 144 A.SH. "C:\Windows\ServiceProfiles\LocalService\ntuser.dat"
3 Dec 2008 21:03:02 262 144 A.SH. "C:\Windows\ServiceProfiles\NetworkService\ntuser.dat"
23 Nov 2008 16:56:52 111 112 A.... "C:\Windows\System32\drivers\bdfm.sys"
23 Nov 2008 16:58:38 104 328 A.... "C:\Windows\System32\drivers\bdfndisf.sys"
23 Nov 2008 16:56:50 230 920 A.... "C:\Windows\System32\drivers\bdfsfltr.sys"
23 Nov 2008 16:58:38 82 440 A.... "C:\Windows\System32\drivers\BDVEDISK.sys"
22 Oct 2008 16:10:22 15 504 A.... "C:\Windows\System32\drivers\mbam.sys"
22 Oct 2008 16:10:38 38 496 A.... "C:\Windows\System32\drivers\mbamswissarmy.sys"
16 Nov 2008 11:41:12 717 296 A.... "C:\Windows\System32\drivers\sptd.sys"
16 Nov 2008 11:41:38 1 148 A.... "C:\Windows\System32\WDI\ERCQueuedResolutions.dat"
14 Nov 2008 22:50:20 347 136 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.16757_none_95b104b9849fbbb3_dxtmsft.dll_4b67eac6"
14 Nov 2008 22:53:32 2 048 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.16745_none_8661c59c99cb7ce9_msxml3r.dll_d752d00e"
14 Nov 2008 22:50:20 64 512 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_ffd3a927a4cebb32_wininetplugin.dll_f2ff35f9"
14 Nov 2008 22:50:18 180 736 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16757_none_628d2249b11ab295_ieui.dll_f0fcf806"
14 Nov 2008 22:50:18 3 593 216 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16757_none_112dc84625252468_mshtml.dll_fab8f891"
14 Nov 2008 22:50:20 124 928 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.16757_none_a9b61b23f5cc373c_advpack.dll_8c6ea088"
14 Nov 2008 22:53:44 2 027 520 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16754_none_b6db2e869d852707_win32k.sys_0d7a6fb3"
14 Nov 2008 22:50:20 826 368 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_ffd3a927a4cebb32_wininet.dll_790e2e3a"
14 Nov 2008 22:53:32 1 194 496 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.16745_none_8661c59c99cb7ce9_msxml3.dll_eaee1698"
14 Nov 2008 22:50:20 214 528 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.16757_none_95b104b9849fbbb3_dxtrans.dll_814d2aee"
14 Nov 2008 22:50:18 6 066 176 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16757_none_628d2249b11ab295_ieframe.dll_c6cbe33f"
14 Nov 2008 22:53:20 425 472 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-netapi32_31bf3856ad364e35_6.0.6000.16764_none_8b10fff30496576a_netapi32.dll_8b1e859a"
14 Nov 2008 22:50:40 1 341 440 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.16747_none_866381d899c9fc7a_msxml6.dll_ebe15265"
14 Nov 2008 22:50:40 2 048 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.16747_none_866381d899c9fc7a_msxml6r.dll_d8460bdb"
14 Nov 2008 22:50:54 3 470 904 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_6a18166cb7216faf_ntoskrnl.exe_0fb0ab79"
14 Nov 2008 22:50:20 27 648 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_ffd3a927a4cebb32_jsproxy.dll_3cc8d651"
14 Nov 2008 22:50:54 3 505 208 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_6a18166cb7216faf_ntkrnlpa.exe_165c312a"
14 Nov 2008 22:50:20 1 159 680 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.16757_none_b2cdcd85d9c5949f_urlmon.dll_95c89473"
16 Oct 2008 5:38:28 466 944 A.... "C:\Windows\winsxs\x86_microsoft-windows-netapi32_31bf3856ad364e35_6.0.6001.22288_none_8d6f3cb41ae72563\netapi32.dll"
16 Oct 2008 21:56:30 1 524 736 A.... "C:\Windows\winsxs\x86_microsoft-windows-windowsupdateclient-ui_31bf3856ad364e35_7.2.6001.788_none_a8125d5406872725\wucltux.dll"
16 Oct 2008 5:47:34 466 944 A.... "C:\Windows\winsxs\x86_microsoft-windows-netapi32_31bf3856ad364e35_6.0.6001.18157_none_8d050f6301b2186f\netapi32.dll"
16 Oct 2008 5:22:28 425 984 A.... "C:\Windows\winsxs\x86_microsoft-windows-netapi32_31bf3856ad364e35_6.0.6000.20937_none_8bbe0f461d98ec8d\netapi32.dll"
21 Oct 2008 6:25:18 1 645 568 A.... "C:\Windows\winsxs\x86_microsoft-windows-getconnectedwizards_31bf3856ad364e35_6.0.6001.18159_none_64e182cb96dae69e\connect.dll"
22 Oct 2008 4:34:56 160 768 A.... "C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6001.22292_none_4b2b163f056ebb45\PortableDeviceTypes.dll"
22 Oct 2008 4:34:56 94 720 A.... "C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6001.22292_none_4b2b163f056ebb45\PortableDeviceClassExtension.dll"
22 Oct 2008 4:34:56 241 152 A.... "C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6001.22292_none_4b2b163f056ebb45\PortableDeviceApi.dll"
22 Oct 2008 4:43:52 160 768 A.... "C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6000.16767_none_48e0ac03ef0db56a\PortableDeviceTypes.dll"
22 Oct 2008 4:43:52 95 232 A.... "C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6000.16767_none_48e0ac03ef0db56a\PortableDeviceClassExtension.dll"
22 Oct 2008 4:43:52 241 152 A.... "C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6000.16767_none_48e0ac03ef0db56a\PortableDeviceApi.dll"
16 Oct 2008 13:56:04 31 232 A.... "C:\Windows\winsxs\x86_microsoft-windows-w..pdateclient-activex_31bf3856ad364e35_7.2.6001.788_none_ba8134361ffa6f73\wuapp.exe"
16 Oct 2008 14:08:00 162 064 A.... "C:\Windows\winsxs\x86_microsoft-windows-w..pdateclient-activex_31bf3856ad364e35_7.2.6001.788_none_ba8134361ffa6f73\wuwebv.dll"
2 Dec 2008 22:10:22 224 768 A.... "C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcm90.dll"
2 Dec 2008 22:10:22 568 832 A.... "C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcp90.dll"
2 Dec 2008 22:10:22 655 872 A.... "C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcr90.dll"
16 Oct 2008 22:12:20 561 688 A.... "C:\Windows\winsxs\x86_microsoft-windows-w..owsupdateclient-aux_31bf3856ad364e35_7.2.6001.788_none_107673f57a433d77\wuapi.dll"
16 Oct 2008 21:56:00 83 456 A.... "C:\Windows\winsxs\x86_microsoft-windows-w..owsupdateclient-aux_31bf3856ad364e35_7.2.6001.788_none_107673f57a433d77\wudriver.dll"
16 Oct 2008 22:08:58 34 328 A.... "C:\Windows\winsxs\x86_microsoft-windows-w..owsupdateclient-aux_31bf3856ad364e35_7.2.6001.788_none_107673f57a433d77\wups.dll"
16 Oct 2008 22:09:44 51 224 A.... "C:\Windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.788_none_2a6539a96682e474\wuauclt.exe"
16 Oct 2008 22:13:40 1 809 944 A.... "C:\Windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.788_none_2a6539a96682e474\wuaueng.dll"
16 Oct 2008 22:09:44 43 544 A.... "C:\Windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.788_none_2a6539a96682e474\wups2.dll"
21 Oct 2008 6:16:22 1 645 568 A.... "C:\Windows\winsxs\x86_microsoft-windows-getconnectedwizards_31bf3856ad364e35_6.0.6000.16766_none_62ed735b99bf2599\connect.dll"
22 Oct 2008 4:39:44 160 768 A.... "C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6000.20941_none_4979e8d10820826f\PortableDeviceTypes.dll"
22 Oct 2008 4:39:44 95 232 A.... "C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6000.20941_none_4979e8d10820826f\PortableDeviceClassExtension.dll"
22 Oct 2008 4:39:44 241 152 A.... "C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6000.20941_none_4979e8d10820826f\PortableDeviceApi.dll"
22 Oct 2008 4:57:32 241 152 A.... "C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6001.18160_none_4abfe8a3ec3a94fa\PortableDeviceApi.dll"
21 Oct 2008 6:06:54 1 645 568 A.... "C:\Windows\winsxs\x86_microsoft-windows-getconnectedwizards_31bf3856ad364e35_6.0.6000.20940_none_6386b028b2d1f29e\connect.dll"
16 Oct 2008 5:40:38 425 472 A.... "C:\Windows\winsxs\x86_microsoft-windows-netapi32_31bf3856ad364e35_6.0.6000.16764_none_8b10fff30496576a\netapi32.dll"
14 Nov 2008 22:51:10 1 286 152 A.... "C:\Windows\winsxs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_b7e00e6c7b30b69b\msxml4.dll"
21 Oct 2008 6:21:44 1 645 568 A.... "C:\Windows\winsxs\x86_microsoft-windows-getconnectedwizards_31bf3856ad364e35_6.0.6001.22291_none_6537dd96b0202b74\connect.dll"
14 Nov 2008 22:51:20 105 480 A.... "C:\Windows\winsxs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_365945b9da656e4d\msxml4r.dll"
3 Dec 2008 21:00:48 2 048 A.SH. "C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat"
3 Dec 2008 21:00:48 2 048 A.SH. "C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat"
2 Dec 2008 22:51:28 6 291 456 A.... "C:\Windows\System32\SMI\Store\Machine\schema.dat"
26 Nov 2008 0:02:36 524 288 A.SH. "C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT{3a53986d-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms"
3 Dec 2008 20:46:44 0 A.... "C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RAC6057.tmp"
3 Dec 2008 20:53:18 0 A.... "C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RAC888F.tmp"
3 Dec 2008 20:43:16 0 A.... "C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RACD0C.tmp"


C:\Program Files\

30 Nov 2008 19:10:52 24 637 A.... "C:\Program Files\Free Audio Pack\unins000.dat"
30 Nov 2008 19:10:00 694 800 A.... "C:\Program Files\Free Audio Pack\unins000.exe"
22 Oct 2008 16:10:20 378 344 A.... "C:\Program Files\Malwarebytes' Anti-Malware\mbam-dor.exe"
22 Oct 2008 16:10:18 65 168 A.... "C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll"
22 Oct 2008 16:10:20 1 261 200 A.... "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"
22 Oct 2008 16:10:22 73 360 A.... "C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll"
22 Oct 2008 16:10:24 399 504 A.... "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe"
22 Oct 2008 16:10:24 170 640 A.... "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe"
22 Oct 2008 16:10:26 44 688 A.... "C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll"
30 Nov 2008 12:23:16 8 192 A.... "C:\Program Files\Malwarebytes' Anti-Malware\unins000.dat"
30 Nov 2008 12:23:02 688 784 A.... "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
22 Oct 2008 16:10:36 77 968 A.... "C:\Program Files\Malwarebytes' Anti-Malware\zlib.dll"
16 Nov 2008 11:32:00 17 408 A.... "C:\Program Files\Mozilla Firefox\AccessibleMarshal.dll"
16 Nov 2008 11:32:00 185 856 A.... "C:\Program Files\Mozilla Firefox\crashreporter.exe"
16 Nov 2008 11:32:02 307 712 A.... "C:\Program Files\Mozilla Firefox\firefox.exe"
16 Nov 2008 11:32:02 233 472 A.... "C:\Program Files\Mozilla Firefox\freebl3.dll"
16 Nov 2008 11:32:02 697 344 A.... "C:\Program Files\Mozilla Firefox\js3250.dll"
16 Nov 2008 11:32:02 710 144 A.... "C:\Program Files\Mozilla Firefox\mozcrt19.dll"
16 Nov 2008 11:32:02 198 144 A.... "C:\Program Files\Mozilla Firefox\nspr4.dll"
16 Nov 2008 11:32:02 697 856 A.... "C:\Program Files\Mozilla Firefox\nss3.dll"
16 Nov 2008 11:32:02 304 640 A.... "C:\Program Files\Mozilla Firefox\nssckbi.dll"
16 Nov 2008 11:32:02 103 936 A.... "C:\Program Files\Mozilla Firefox\nssdbm3.dll"
16 Nov 2008 11:32:02 87 552 A.... "C:\Program Files\Mozilla Firefox\nssutil3.dll"
16 Nov 2008 11:32:02 20 480 A.... "C:\Program Files\Mozilla Firefox\plc4.dll"
16 Nov 2008 11:32:02 17 408 A.... "C:\Program Files\Mozilla Firefox\plds4.dll"
16 Nov 2008 11:32:02 103 936 A.... "C:\Program Files\Mozilla Firefox\smime3.dll"
16 Nov 2008 11:32:02 151 552 A.... "C:\Program Files\Mozilla Firefox\softokn3.dll"
16 Nov 2008 11:32:02 395 776 A.... "C:\Program Files\Mozilla Firefox\sqlite3.dll"
16 Nov 2008 11:32:02 136 704 A.... "C:\Program Files\Mozilla Firefox\ssl3.dll"
16 Nov 2008 11:32:02 242 176 A.... "C:\Program Files\Mozilla Firefox\updater.exe"
16 Nov 2008 11:32:02 17 920 A.... "C:\Program Files\Mozilla Firefox\xpcom.dll"
16 Nov 2008 11:32:02 9 729 536 A.... "C:\Program Files\Mozilla Firefox\xul.dll"
30 Nov 2008 13:36:18 21 590 A.... "C:\Program Files\Spybot - Search & Destroy\unins000.dat"
30 Nov 2008 13:35:18 692 104 A.... "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
18 Nov 2008 18:17:10 122 864 A.... "C:\Program Files\Steam\CSERHelper.dll"
18 Nov 2008 18:17:08 1 039 192 A.... "C:\Program Files\Steam\dbghelp.dll"
18 Nov 2008 18:17:10 238 840 A.... "C:\Program Files\Steam\GameOverlayRenderer.dll"
18 Nov 2008 18:17:10 1 008 888 A.... "C:\Program Files\Steam\GameOverlayUI.exe"
18 Nov 2008 18:17:10 551 408 A.... "C:\Program Files\Steam\mss32_s.dll"
18 Nov 2008 18:17:08 3 069 176 A.... "C:\Program Files\Steam\Steam.dll"
18 Nov 2008 18:16:14 1 410 296 A.... "C:\Program Files\Steam\steam.exe"
18 Nov 2008 18:17:10 2 647 008 A.... "C:\Program Files\Steam\steamclient.dll"
18 Nov 2008 18:17:08 2 942 200 A.... "C:\Program Files\Steam\SteamUI.dll"
18 Nov 2008 18:17:10 238 840 A.... "C:\Program Files\Steam\tier0_s.dll"
18 Nov 2008 18:17:10 365 816 A.... "C:\Program Files\Steam\vstdlib_s.dll"
18 Nov 2008 18:17:08 256 496 A.... "C:\Program Files\Steam\WriteMiniDump.exe"
23 Nov 2008 16:56:54 245 760 A.... "C:\Program Files\BitDefender\BitDefender 2009\About.exe"
23 Nov 2008 16:56:50 45 056 A.... "C:\Program Files\BitDefender\BitDefender 2009\actxcont.dll"
23 Nov 2008 16:56:50 106 496 A.... "C:\Program Files\BitDefender\BitDefender 2009\advanced.dll"
23 Nov 2008 16:57:40 163 840 A.... "C:\Program Files\BitDefender\BitDefender 2009\agentreg.dll"
23 Nov 2008 16:57:40 139 264 A.... "C:\Program Files\BitDefender\BitDefender 2009\antispam.dll"
23 Nov 2008 16:57:00 37 376 A.... "C:\Program Files\BitDefender\BitDefender 2009\antispy.dll"
23 Nov 2008 16:56:50 34 304 A.... "C:\Program Files\BitDefender\BitDefender 2009\antivirus.dll"
23 Nov 2008 16:57:54 9 728 A.... "C:\Program Files\BitDefender\BitDefender 2009\asfn.dll"
23 Nov 2008 16:57:56 114 688 A.... "C:\Program Files\BitDefender\BitDefender 2009\ashield.dll"
23 Nov 2008 16:57:56 258 048 A.... "C:\Program Files\BitDefender\BitDefender 2009\backup.dll"
23 Nov 2008 16:57:58 741 376 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
23 Nov 2008 16:56:36 61 440 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdapupck.dll"
23 Nov 2008 16:57:04 24 576 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdch.dll"
23 Nov 2008 16:57:08 139 264 A.... "C:\Program Files\BitDefender\BitDefender 2009\BDChartActiveX.dll"
23 Nov 2008 16:56:58 155 648 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdelev.dll"
23 Nov 2008 16:56:36 98 304 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdfdrvi.dll"
23 Nov 2008 16:56:52 111 112 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdfm.sys"
23 Nov 2008 16:56:48 230 920 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdfsfltr.sys"
23 Nov 2008 16:56:38 266 240 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdfvcl.exe"
23 Nov 2008 16:56:48 335 360 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdfvconp.dll"
23 Nov 2008 16:57:04 134 656 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdfvsctx.dll"
23 Nov 2008 16:56:48 29 184 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdfvsecp.dll"
23 Nov 2008 16:56:56 716 800 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdfvwiz.exe"
23 Nov 2008 16:56:42 909 312 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdGUICtl.dll"
23 Nov 2008 16:57:08 69 632 A.... "C:\Program Files\BitDefender\BitDefender 2009\BDInProcPatch.exe"
23 Nov 2008 16:58:00 126 976 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdmcon.dll"
23 Nov 2008 16:57:08 8 192 A.... "C:\Program Files\BitDefender\BitDefender 2009\BDMsnScan.exe"
23 Nov 2008 16:56:44 348 160 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdo.dll"
23 Nov 2008 16:57:04 131 072 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdoe.dll"
23 Nov 2008 16:56:48 25 600 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdplugin.dll"
23 Nov 2008 16:58:00 86 016 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdpop3p.dll"
23 Nov 2008 16:56:44 26 112 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdpredir.dll"
23 Nov 2008 16:57:00 40 960 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdreinit.exe"
23 Nov 2008 16:56:48 151 552 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdshelxt.dll"
23 Nov 2008 16:58:00 86 016 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdsmtpp.dll"
23 Nov 2008 16:56:42 192 512 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdsubmit.dll"
23 Nov 2008 16:58:02 929 792 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdsubwiz.exe"
23 Nov 2008 16:58:04 332 288 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdthunderbird.exe"
23 Nov 2008 16:58:06 161 280 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdtkexec.exe"
23 Nov 2008 16:58:06 30 208 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdusers.dll"
23 Nov 2008 16:57:08 98 304 A.... "C:\Program Files\BitDefender\BitDefender 2009\BDUtils.dll"
23 Nov 2008 16:57:08 57 856 A.... "C:\Program Files\BitDefender\BitDefender 2009\BDVEDAPI.dll"
23 Nov 2008 16:57:10 82 440 A.... "C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys"
23 Nov 2008 16:57:10 57 344 A.... "C:\Program Files\BitDefender\BitDefender 2009\BDWizard.dll"
23 Nov 2008 16:58:10 847 872 A.... "C:\Program Files\BitDefender\BitDefender 2009\bdwizreg.exe"
23 Nov 2008 16:58:10 204 800 A.... "C:\Program Files\BitDefender\BitDefender 2009\bkpconp.dll"
23 Nov 2008 16:57:10 303 104 A.... "C:\Program Files\BitDefender\BitDefender 2009\BTCommon.dll"
23 Nov 2008 16:57:10 14 336 A.... "C:\Program Files\BitDefender\BitDefender 2009\BTCProxy.dll"
23 Nov 2008 16:58:10 236 A.... "C:\Program Files\BitDefender\BitDefender 2009\build.reg"
23 Nov 2008 16:58:12 241 664 A.... "C:\Program Files\BitDefender\BitDefender 2009\bwlist.dll"
23 Nov 2008 16:58:12 81 920 A.... "C:\Program Files\BitDefender\BitDefender 2009\bwlisttb.dll"
23 Nov 2008 16:58:12 24 064 A.... "C:\Program Files\BitDefender\BitDefender 2009\cleanIELow.exe"
23 Nov 2008 16:57:12 7 680 A.... "C:\Program Files\BitDefender\BitDefender 2009\CleanupMidas.exe"
23 Nov 2008 16:57:04 122 880 A.... "C:\Program Files\BitDefender\BitDefender 2009\Cookie.dll"
23 Nov 2008 16:56:54 208 896 A.... "C:\Program Files\BitDefender\BitDefender 2009\Dashboard.dll"
23 Nov 2008 16:58:16 73 728 A.... "C:\Program Files\BitDefender\BitDefender 2009\dbokf.dll"
23 Nov 2008 16:58:16 49 152 A.... "C:\Program Files\BitDefender\BitDefender 2009\dbokfui.dll"
23 Nov 2008 16:56:36 25 088 A.... "C:\Program Files\BitDefender\BitDefender 2009\encryption.dll"
23 Nov 2008 16:56:40 278 528 A.... "C:\Program Files\BitDefender\BitDefender 2009\Exclude.dll"
23 Nov 2008 16:56:54 167 936 A.... "C:\Program Files\BitDefender\BitDefender 2009\ExcMgr.dll"
23 Nov 2008 16:57:12 39 424 A.... "C:\Program Files\BitDefender\BitDefender 2009\FFComm.dll"
23 Nov 2008 16:56:52 58 880 A.... "C:\Program Files\BitDefender\BitDefender 2009\fshredctx.dll"
23 Nov 2008 16:58:18 376 832 A.... "C:\Program Files\BitDefender\BitDefender 2009\fwgui.dll"
23 Nov 2008 16:56:36 25 600 A.... "C:\Program Files\BitDefender\BitDefender 2009\general.dll"
23 Nov 2008 16:57:32 389 120 A.... "C:\Program Files\BitDefender\BitDefender 2009\History.exe"
23 Nov 2008 16:56:48 122 880 A.... "C:\Program Files\BitDefender\BitDefender 2009\hmcore.dll"
23 Nov 2008 16:57:30 765 952 A.... "C:\Program Files\BitDefender\BitDefender 2009\HMPlugin.dll"
23 Nov 2008 16:56:50 77 824 A.... "C:\Program Files\BitDefender\BitDefender 2009\htmlpack.dll"
23 Nov 2008 16:56:42 86 016 A.... "C:\Program Files\BitDefender\BitDefender 2009\httproxy.dll"
23 Nov 2008 16:57:32 69 632 A.... "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
23 Nov 2008 16:57:34 90 112 A.... "C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll"
23 Nov 2008 16:57:34 61 440 A.... "C:\Program Files\BitDefender\BitDefender 2009\IMEncUI.dll"
23 Nov 2008 16:56:56 143 360 A.... "C:\Program Files\BitDefender\BitDefender 2009\imguimsn.dll"
23 Nov 2008 16:56:46 143 360 A.... "C:\Program Files\BitDefender\BitDefender 2009\imguiym.dll"
23 Nov 2008 16:58:18 262 144 A.... "C:\Program Files\BitDefender\BitDefender 2009\issues.dll"
23 Nov 2008 16:56:38 11 776 A.... "C:\Program Files\BitDefender\BitDefender 2009\JsRcGen.exe"
23 Nov 2008 16:58:20 188 416 A.... "C:\Program Files\BitDefender\BitDefender 2009\live.dll"
23 Nov 2008 16:56:46 122 880 A.... "C:\Program Files\BitDefender\BitDefender 2009\midascomm.dll"
23 Nov 2008 16:56:44 86 016 A.... "C:\Program Files\BitDefender\BitDefender 2009\MsnDll.dll"
23 Nov 2008 16:57:06 53 248 A.... "C:\Program Files\BitDefender\BitDefender 2009\nag.dll"
23 Nov 2008 16:56:40 40 960 A.... "C:\Program Files\BitDefender\BitDefender 2009\npcomm.dll"
23 Nov 2008 16:56:50 376 832 A.... "C:\Program Files\BitDefender\BitDefender 2009\ODSW.exe"
23 Nov 2008 16:56:52 18 944 A.... "C:\Program Files\BitDefender\BitDefender 2009\OnlineSupport.dll"
23 Nov 2008 16:58:22 397 312 A.... "C:\Program Files\BitDefender\BitDefender 2009\pcontrol.dll"
23 Nov 2008 16:58:22 1 004 A.... "C:\Program Files\BitDefender\BitDefender 2009\phishingrsp.htm"
23 Nov 2008 16:58:22 274 432 A.... "C:\Program Files\BitDefender\BitDefender 2009\popup.dll"
23 Nov 2008 16:56:42 278 528 A.... "C:\Program Files\BitDefender\BitDefender 2009\privintf.dll"
23 Nov 2008 16:56:58 192 512 A.... "C:\Program Files\BitDefender\BitDefender 2009\privscan.dll"
23 Nov 2008 16:57:36 249 856 A.... "C:\Program Files\BitDefender\BitDefender 2009\ProductTweaksPlugin.dll"
23 Nov 2008 16:57:34 34 304 A.... "C:\Program Files\BitDefender\BitDefender 2009\ProductInfo.dll"
23 Nov 2008 16:56:46 53 760 A.... "C:\Program Files\BitDefender\BitDefender 2009\proxymgr.dll"
23 Nov 2008 16:56:44 73 728 A.... "C:\Program Files\BitDefender\BitDefender 2009\proxymgrui.dll"
23 Nov 2008 16:57:00 86 016 A.... "C:\Program Files\BitDefender\BitDefender 2009\quarcore.dll"
23 Nov 2008 16:57:04 86 016 A.... "C:\Program Files\BitDefender\BitDefender 2009\quarmgr.dll"
23 Nov 2008 16:56:54 122 880 A.... "C:\Program Files\BitDefender\BitDefender 2009\quarui.dll"
23 Nov 2008 16:56:50 49 152 A.... "C:\Program Files\BitDefender\BitDefender 2009\reginfo.dll"
23 Nov 2008 16:57:36 106 496 A.... "C:\Program Files\BitDefender\BitDefender 2009\Registry.dll"
23 Nov 2008 16:56:36 25 600 A.... "C:\Program Files\BitDefender\BitDefender 2009\reg_sup.dll"
23 Nov 2008 16:56:52 98 304 A.... "C:\Program Files\BitDefender\BitDefender 2009\sch_serv.dll"
23 Nov 2008 16:57:36 118 784 A.... "C:\Program Files\BitDefender\BitDefender 2009\Script.dll"
23 Nov 2008 16:58:26 413 696 A.... "C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe"
23 Nov 2008 16:56:58 65 536 A.... "C:\Program Files\BitDefender\BitDefender 2009\security.dll"
23 Nov 2008 16:58:26 8 192 A.... "C:\Program Files\BitDefender\BitDefender 2009\signcheck.exe"
23 Nov 2008 16:58:26 382 A.... "C:\Program Files\BitDefender\BitDefender 2009\support.reg"
23 Nov 2008 16:56:36 225 280 A.... "C:\Program Files\BitDefender\BitDefender 2009\sysinfo.dll"
23 Nov 2008 16:56:42 65 536 A.... "C:\Program Files\BitDefender\BitDefender 2009\taskWizard.dll"
23 Nov 2008 16:58:32 1 171 456 A.... "C:\Program Files\BitDefender\BitDefender 2009\tuneup.dll"
23 Nov 2008 16:58:32 65 536 A.... "C:\Program Files\BitDefender\BitDefender 2009\tuneupconp.dll"
23 Nov 2008 16:58:32 86 016 A.... "C:\Program Files\BitDefender\BitDefender 2009\txmlx.dll"
23 Nov 2008 16:58:34 618 496 A.... "C:\Program Files\BitDefender\BitDefender 2009\uiscan.exe"
23 Nov 2008 16:58:34 393 216 A.... "C:\Program Files\BitDefender\BitDefender 2009\vscan.dll"
23 Nov 2008 16:57:06 278 528 A.... "C:\Program Files\BitDefender\BitDefender 2009\vshield.dll"
23 Nov 2008 16:58:36 14 848 A.... "C:\Program Files\BitDefender\BitDefender 2009\vshieldpatch.exe"
23 Nov 2008 16:58:38 1 572 864 A.... "C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe"
23 Nov 2008 16:56:44 651 264 A.... "C:\Program Files\BitDefender\BitDefender 2009\vswizard.dll"
23 Nov 2008 16:57:00 77 824 A.... "C:\Program Files\BitDefender\BitDefender 2009\Vulnerability.dll"
23 Nov 2008 16:56:58 577 536 A.... "C:\Program Files\BitDefender\BitDefender 2009\wizards.dll"
23 Nov 2008 16:56:36 35 328 A.... "C:\Program Files\BitDefender\BitDefender 2009\wsc.dll"
23 Nov 2008 16:56:46 7 680 A.... "C:\Program Files\BitDefender\BitDefender 2009\wscfxas.exe"
23 Nov 2008 16:56:52 7 680 A.... "C:\Program Files\BitDefender\BitDefender 2009\wscfxav.exe"
23 Nov 2008 16:57:02 7 680 A.... "C:\Program Files\BitDefender\BitDefender 2009\wscfxfw.exe"
23 Nov 2008 16:56:40 65 536 A.... "C:\Program Files\BitDefender\BitDefender 2009\WSID.dll"
23 Nov 2008 16:56:40 634 880 A.... "C:\Program Files\BitDefender\BitDefender 2009\WSLib.dll"
23 Nov 2008 16:57:02 94 208 A.... "C:\Program Files\BitDefender\BitDefender 2009\WSPack.dll"
23 Nov 2008 16:57:38 98 304 A.... "C:\Program Files\BitDefender\BitDefender 2009\YCryptp.dll"
18 Nov 2008 18:17:08 104 944 A.... "C:\Program Files\Common Files\Steam\SteamService.exe"
18 Nov 2008 18:17:08 104 944 A.... "C:\Program Files\Common Files\Steam\SteamServiceTmp.exe"
20 Nov 2008 18:21:42 352 032 A.... "C:\Program Files\Free Audio Pack\Easy Audio Cutter\AudioCutter.exe"
23 Oct 2008 23:12:58 2 818 048 A.... "C:\Program Files\Free Audio Pack\Free CD Ripper\FreeCDRipper.exe"
20 Nov 2008 18:12:20 719 104 A.... "C:\Program Files\Free Audio Pack\FreeConverter\FreeConverter.exe"
6 Oct 2008 9:52:34 3 610 424 A.... "C:\Program Files\Microsoft Office\OFFICE11\OUTLFLTR.DAT"
16 Nov 2008 11:32:00 23 040 A.... "C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll"
16 Nov 2008 11:32:00 134 656 A.... "C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll"
28 Nov 2008 18:49:56 144 759 A.... "C:\Program Files\Mozilla Firefox\components\compreg.dat"
23 Nov 2008 16:57:12 39 424 A.... "C:\Program Files\Mozilla Firefox\components\FFComm.dll"
28 Nov 2008 18:49:54 98 222 A.... "C:\Program Files\Mozilla Firefox\components\xpti.dat"
16 Nov 2008 11:32:02 65 536 A.... "C:\Program Files\Mozilla Firefox\plugins\npnul32.dll"
16 Nov 2008 11:32:02 510 600 A.... "C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
19 Nov 2008 20:38:58 68 723 A.... "C:\Program Files\SafeSoft\Chaos Shredder\uninst.exe"
18 Nov 2008 18:17:08 206 072 A.... "C:\Program Files\Steam\bin\FileSystem_Steam.dll"
18 Nov 2008 18:17:08 1 271 032 A.... "C:\Program Files\Steam\bin\friendsUI.dll"
18 Nov 2008 18:17:08 161 016 A.... "C:\Program Files\Steam\bin\installscript.dll"
18 Nov 2008 18:17:08 546 040 A.... "C:\Program Files\Steam\bin\mss32_s.dll"
18 Nov 2008 18:17:08 831 208 A.... "C:\Program Files\Steam\bin\nattypeprobe.dll"
18 Nov 2008 18:17:08 5 288 928 A.... "C:\Program Files\Steam\bin\p2pcore.dll"
18 Nov 2008 18:17:08 1 185 016 A.... "C:\Program Files\Steam\bin\p2pvoice.dll"
18 Nov 2008 18:17:08 931 064 A.... "C:\Program Files\Steam\bin\ServerBrowser.dll"
18 Nov 2008 18:17:08 653 808 A.... "C:\Program Files\Steam\bin\SteamService.dll"
18 Nov 2008 18:17:08 104 944 A.... "C:\Program Files\Steam\bin\SteamService.exe"
18 Nov 2008 18:17:08 197 880 A.... "C:\Program Files\Steam\bin\vaudio_speex.dll"
18 Nov 2008 18:17:08 464 120 A.... "C:\Program Files\Steam\bin\vgui2.dll"
18 Nov 2008 18:17:08 1 670 A.... "C:\Program Files\Steam\Public\Account.html"
18 Nov 2008 18:17:08 36 596 A.... "C:\Program Files\Steam\Public\ssa_english.htm"
18 Nov 2008 18:17:08 41 518 A.... "C:\Program Files\Steam\Public\ssa_french.htm"
18 Nov 2008 18:17:08 43 448 A.... "C:\Program Files\Steam\Public\ssa_german.htm"
18 Nov 2008 18:17:08 42 536 A.... "C:\Program Files\Steam\Public\ssa_italian.htm"
18 Nov 2008 18:17:08 68 253 A.... "C:\Program Files\Steam\Public\ssa_russian.htm"
18 Nov 2008 18:17:08 41 413 A.... "C:\Program Files\Steam\Public\ssa_spanish.htm"
23 Nov 2008 16:57:02 151 552 A.... "C:\Program Files\BitDefender\BitDefender 2009\as2core\as2core.dll"
23 Nov 2008 16:57:54 217 088 A.... "C:\Program Files\BitDefender\BitDefender 2009\as2core\asregex.dll"
23 Nov 2008 16:57:04 147 456 A.... "C:\Program Files\BitDefender\BitDefender 2009\as2core\mimepack.dll"
27 Nov 2008 23:18:04 82 808 A.... "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdaterInstallMgr.exe"
27 Nov 2008 23:18:14 2 356 088 A.... "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe"
23 Nov 2008 16:56:22 94 208 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\bdardrv.dll"
23 Nov 2008 16:56:22 192 512 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\bdsubmit.dll"
23 Nov 2008 16:56:22 6 656 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.dll"
23 Nov 2008 16:56:22 13 056 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys"
23 Nov 2008 16:56:24 200 704 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll"
23 Nov 2008 16:56:34 2 197 936 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\smartscn.dat"
23 Nov 2008 16:56:34 65 536 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\smartscn.dll"
23 Nov 2008 16:56:34 12 800 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.dll"
23 Nov 2008 16:58:44 24 576 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Update Service\bdch.dll"
23 Nov 2008 16:58:42 909 312 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Update Service\bdGUICtl.dll"
23 Nov 2008 16:58:42 192 512 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Update Service\bdsubmit.dll"
23 Nov 2008 16:58:46 929 792 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Update Service\bdsubwiz.exe"
23 Nov 2008 16:58:42 98 304 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Update Service\BDUtils.dll"
23 Nov 2008 16:58:44 401 408 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe"
23 Nov 2008 16:58:40 40 960 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Update Service\npcomm.dll"
23 Nov 2008 16:58:44 192 512 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Update Service\txmlutil.dll"
23 Nov 2008 16:58:44 139 264 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Update Service\upgrepl.exe"
23 Nov 2008 16:58:40 634 880 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Update Service\WSLib.dll"
23 Nov 2008 16:58:44 94 208 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Update Service\WSPack.dll"
23 Nov 2008 16:56:34 135 944 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys"
15 Nov 2008 14:29:34 121 152 ..... "C:\Program Files\Sports Interactive\Football Manager 2009 Demo\Uninstall_Football Manager 2009 Demo\Uninstall Football Manager 2009 Demo.exe"
23 Nov 2008 16:57:06 4 608 A.... "C:\Program Files\BitDefender\BitDefender 2009\Account\Trial\trial.html"
22 Nov 2008 17:17:36 0 A.... "C:\Program Files\BitDefender\BitDefender 2009\as2core\antispam_sig_16056\pcdic.dat"
22 Nov 2008 17:17:36 0 A.... "C:\Program Files\BitDefender\BitDefender 2009\as2core\antispam_sig_16057\pcdic.dat"
23 Nov 2008 16:56:06 143 360 A.... "C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1_7\midas32.dll"
23 Nov 2008 16:56:06 57 344 A.... "C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1_7\neurons.dll"
23 Nov 2008 16:55:46 53 248 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\av32bit_8895\avxdisk.dll"
23 Nov 2008 16:55:48 102 400 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\av32bit_8895\bdcore.dll"
3 Dec 2008 21:01:52 3 618 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\av32bit_8895\plugins.htm"
23 Nov 2008 16:55:46 53 248 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\av32bit_8894\avxdisk.dll"
23 Nov 2008 16:55:48 102 400 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\av32bit_8894\bdcore.dll"
23 Nov 2008 18:55:00 3 618 A.... "C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\av32bit_8894\plugins.htm"
2 Dec 2008 22:13:46 1 A.... "C:\Program Files\OpenOffice.org 3\share\uno_packages\cache\stamp.sys"
15 Nov 2008 14:29:08 1 331 301 ..... "C:\Program Files\Sports Interactive\Football Manager 2009 Demo\jre\bin\awt.dll"
15 Nov 2008 14:29:14 143 462 ..... "C:\Program Files\Sports Interactive\Football Manager 2009 Demo\jre\bin\dcpr.dll"
15 Nov 2008 14:29:14 249 974 ..... "C:\Program Files\Sports Interactive\Football Manager 2009 Demo\jre\bin\fontmanager.dll"
15 Nov 2008 14:29:14 32 878 ..... "C:\Program Files\Sports Interactive\Football Manager 2009 Demo\jre\bin\hpi.dll"
15 Nov 2008 14:29:14 118 890 ..... "C:\Program Files\Sports Interactive\Football Manager 2009 Demo\jre\bin\java.dll"
15 Nov 2008 14:29:14 49 250 ..... "C:\Program Files\Sports Interactive\Football Manager 2009 Demo\jre\bin\javaw.exe"
15 Nov 2008 14:29:16 77 926 ..... "C:\Program Files\Sports Interactive\Football Manager 2009 Demo\jre\bin\net.dll"
15 Nov 2008 14:29:16 36 967 ..... "C:\Program Files\Sports Interactive\Football Manager 2009 Demo\jre\bin\nio.dll"
15 Nov 2008 14:29:18 49 252 ..... "C:\Program Files\Sports Interactive\Football Manager 2009 Demo\jre\bin\verify.dll"
15 Nov 2008 14:29:18 61 547 ..... "C:\Program Files\Sports Interactive\Football Manager 2009 Demo\jre\bin\zip.dll"
15 Nov 2008 14:29:34 71 168 ..... "C:\Program Files\Sports Interactive\Football Manager 2009 Demo\Uninstall_Football Manager 2009 Demo\resource\iawin32.dll"
15 Nov 2008 14:29:34 109 056 A.... "C:\Program Files\Sports Interactive\Football Manager 2009 Demo\Uninstall_Football Manager 2009 Demo\resource\remove.exe"
2 Dec 2008 22:10:28 0 A.... "C:\Program Files\OpenOffice.org 3\share\uno_packages\cache\uno_packages\C246.tmp"
2 Dec 2008 22:10:36 0 A.... "C:\Program Files\OpenOffice.org 3\share\uno_packages\cache\uno_packages\E263.tmp"
2 Dec 2008 22:10:36 0 A.... "C:\Program Files\OpenOffice.org 3\share\uno_packages\cache\uno_packages\E5FB.tmp"
15 Nov 2008 14:29:12 1 523 833 ..... "C:\Program Files\Sports Interactive\Football Manager 2009 Demo\jre\bin\client\jvm.dll"
2 Dec 2008 22:10:28 18 597 793 A.... "C:\Program Files\OpenOffice.org 3\share\uno_packages\cache\uno_packages\C246.tmp_\dict-en.oxt\th_en_US_v2.dat"
2 Dec 2008 22:10:36 4 506 346 A.... "C:\Program Files\OpenOffice.org 3\share\uno_packages\cache\uno_packages\E5FB.tmp_\dict-fr.oxt\th_fr_FR_v2.dat"


[b]Files with hidden attributes[/b]:

Thu 7 Aug 2008 1,024 A..H. --- "C:\diego\dummy.sys"
Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Mon 28 Jan 2008 2,097,488 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Tue 18 Nov 2008 72,704 ..SHR --- "C:\RECYCLER\S-1-5-21-2543280688-2235057422-947018642-0300\winigon.exe"
Thu 2 Nov 2006 524,288 A.SH. --- "C:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms"
Thu 2 Nov 2006 524,288 A.SH. --- "C:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms"
Sun 15 Jun 2008 524,288 A.SH. --- "C:\Users\Gauthier\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms"
Mon 25 Feb 2008 524,288 A.SH. --- "C:\Users\Gauthier\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms"
Mon 24 Nov 2008 524,288 A.SH. --- "C:\Users\Gauthier\ntuser.dat{4279ff4f-ba60-11dd-89c3-001b24a350c6}.TMContainer00000000000000000001.regtrans-ms"
Mon 24 Nov 2008 524,288 A.SH. --- "C:\Users\Gauthier\ntuser.dat{4279ff4f-ba60-11dd-89c3-001b24a350c6}.TMContainer00000000000000000002.regtrans-ms"
Thu 7 Aug 2008 1,024 A..H. --- "C:\$Recycle.Bin\S-1-5-21-916745695-1501797539-4020289792-1002\$R5PQYXW\dummy.sys"
Thu 7 Aug 2008 1,024 A..H. --- "C:\$Recycle.Bin\S-1-5-21-916745695-1501797539-4020289792-1002\$RWKVGWB\dummy.sys"
Thu 2 Nov 2006 524,288 A.SH. --- "C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms"
Thu 2 Nov 2006 524,288 A.SH. --- "C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms"
Sat 22 Mar 2008 524,288 A.SH. --- "C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{e2022792-f7f4-11dc-b785-00030d000001}.TMContainer00000000000000000001.regtrans-ms"
Sat 22 Mar 2008 524,288 A.SH. --- "C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{e2022792-f7f4-11dc-b785-00030d000001}.TMContainer00000000000000000002.regtrans-ms"
Thu 2 Nov 2006 524,288 A.SH. --- "C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3a539865-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms"
Thu 2 Nov 2006 524,288 A.SH. --- "C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3a539865-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms"
Sat 22 Mar 2008 524,288 A.SH. --- "C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{e202278e-f7f4-11dc-b785-00030d000001}.TMContainer00000000000000000001.regtrans-ms"
Sat 22 Mar 2008 524,288 A.SH. --- "C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{e202278e-f7f4-11dc-b785-00030d000001}.TMContainer00000000000000000002.regtrans-ms"
Sun 23 Nov 2008 5,629,208 A..H. --- "C:\Windows\SoftwareDistribution\Download\59b6efce37fc710d4834d009eab90c77\BIT5437.tmp"
Thu 11 Oct 2007 524,288 A.SH. --- "C:\Windows\System32\config\systemprofile\ntuser.dat{8aafc203-7820-11dc-a7d6-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms"
Thu 11 Oct 2007 524,288 A.SH. --- "C:\Windows\System32\config\systemprofile\ntuser.dat{8aafc203-7820-11dc-a7d6-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms"
Wed 3 Dec 2008 5,242,880 A.SH. --- "C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.2.regtrans-ms"
Fri 14 Nov 2008 524,288 A.SH. --- "C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000001.regtrans-ms"
Wed 10 Sep 2008 524,288 A.SH. --- "C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000002.regtrans-ms"
Thu 11 Sep 2008 5,242,880 A.SH. --- "C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.0.regtrans-ms"
Fri 14 Nov 2008 5,242,880 A.SH. --- "C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.1.regtrans-ms"
Fri 15 Aug 2008 524,288 A.SH. --- "C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000004.regtrans-ms"
Wed 3 Dec 2008 524,288 A.SH. --- "C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000003.regtrans-ms"
Wed 26 Nov 2008 524,288 A.SH. --- "C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT{3a53986d-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms"
Thu 2 Nov 2006 524,288 A.SH. --- "C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT{3a53986d-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms"
Mon 25 Feb 2008 524,288 A.SH. --- "C:\Users\Gauthier\AppData\Local\Microsoft\Windows\UsrClass.dat{2c53a35a-e3bb-11dc-97fd-00030d000001}.TMContainer00000000000000
0
Réponse 27 / 34
diegoasm Messages postés 20 Date d'inscription mercredi 19 novembre 2008 Statut Membre Dernière intervention 4 décembre 2008
3 déc. 2008 à 21:12
[b]Files with hidden attributes[/b]:

Thu 7 Aug 2008 1,024 A..H. --- "C:\diego\dummy.sys"
Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Mon 28 Jan 2008 2,097,488 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Tue 18 Nov 2008 72,704 ..SHR --- "C:\RECYCLER\S-1-5-21-2543280688-2235057422-947018642-0300\winigon.exe"
Thu 2 Nov 2006 524,288 A.SH. --- "C:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms"
Thu 2 Nov 2006 524,288 A.SH. --- "C:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms"
Sun 15 Jun 2008 524,288 A.SH. --- "C:\Users\Gauthier\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms"
Mon 25 Feb 2008 524,288 A.SH. --- "C:\Users\Gauthier\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms"
Mon 24 Nov 2008 524,288 A.SH. --- "C:\Users\Gauthier\ntuser.dat{4279ff4f-ba60-11dd-89c3-001b24a350c6}.TMContainer00000000000000000001.regtrans-ms"
Mon 24 Nov 2008 524,288 A.SH. --- "C:\Users\Gauthier\ntuser.dat{4279ff4f-ba60-11dd-89c3-001b24a350c6}.TMContainer00000000000000000002.regtrans-ms"
Thu 7 Aug 2008 1,024 A..H. --- "C:\$Recycle.Bin\S-1-5-21-916745695-1501797539-4020289792-1002\$R5PQYXW\dummy.sys"
Thu 7 Aug 2008 1,024 A..H. --- "C:\$Recycle.Bin\S-1-5-21-916745695-1501797539-4020289792-1002\$RWKVGWB\dummy.sys"
Thu 2 Nov 2006 524,288 A.SH. --- "C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms"
Thu 2 Nov 2006 524,288 A.SH. --- "C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms"
Sat 22 Mar 2008 524,288 A.SH. --- "C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{e2022792-f7f4-11dc-b785-00030d000001}.TMContainer00000000000000000001.regtrans-ms"
Sat 22 Mar 2008 524,288 A.SH. --- "C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{e2022792-f7f4-11dc-b785-00030d000001}.TMContainer00000000000000000002.regtrans-ms"
Thu 2 Nov 2006 524,288 A.SH. --- "C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3a539865-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms"
Thu 2 Nov 2006 524,288 A.SH. --- "C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3a539865-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms"
Sat 22 Mar 2008 524,288 A.SH. --- "C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{e202278e-f7f4-11dc-b785-00030d000001}.TMContainer00000000000000000001.regtrans-ms"
Sat 22 Mar 2008 524,288 A.SH. --- "C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{e202278e-f7f4-11dc-b785-00030d000001}.TMContainer00000000000000000002.regtrans-ms"
Sun 23 Nov 2008 5,629,208 A..H. --- "C:\Windows\SoftwareDistribution\Download\59b6efce37fc710d4834d009eab90c77\BIT5437.tmp"
Thu 11 Oct 2007 524,288 A.SH. --- "C:\Windows\System32\config\systemprofile\ntuser.dat{8aafc203-7820-11dc-a7d6-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms"
Thu 11 Oct 2007 524,288 A.SH. --- "C:\Windows\System32\config\systemprofile\ntuser.dat{8aafc203-7820-11dc-a7d6-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms"
Wed 3 Dec 2008 5,242,880 A.SH. --- "C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.2.regtrans-ms"
Fri 14 Nov 2008 524,288 A.SH. --- "C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000001.regtrans-ms"
Wed 10 Sep 2008 524,288 A.SH. --- "C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000002.regtrans-ms"
Thu 11 Sep 2008 5,242,880 A.SH. --- "C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.0.regtrans-ms"
Fri 14 Nov 2008 5,242,880 A.SH. --- "C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.1.regtrans-ms"
Fri 15 Aug 2008 524,288 A.SH. --- "C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000004.regtrans-ms"
Wed 3 Dec 2008 524,288 A.SH. --- "C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000003.regtrans-ms"
Wed 26 Nov 2008 524,288 A.SH. --- "C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT{3a53986d-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms"
Thu 2 Nov 2006 524,288 A.SH. --- "C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT{3a53986d-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms"
Mon 25 Feb 2008 524,288 A.SH. --- "C:\Users\Gauthier\AppData\Local\Microsoft\Windows\UsrClass.dat{2c53a35a-e3bb-11dc-97fd-00030d000001}.TMContainer00000000000000000001.regtrans-ms"
Mon 25 Feb 2008 524,288 A.SH. --- "C:\Users\Gauthier\AppData\Local\Microsoft\Windows\UsrClass.dat{2c53a35a-e3bb-11dc-97fd-00030d000001}.TMContainer00000000000000000002.regtrans-ms"
Mon 24 Nov 2008 524,288 A.SH. --- "C:\Users\Gauthier\AppData\Local\Microsoft\Windows\UsrClass.dat{4279ff53-ba60-11dd-89c3-001b24a350c6}.TMContainer00000000000000000001.regtrans-ms"
Mon 24 Nov 2008 524,288 A.SH. --- "C:\Users\Gauthier\AppData\Local\Microsoft\Windows\UsrClass.dat{4279ff53-ba60-11dd-89c3-001b24a350c6}.TMContainer00000000000000000002.regtrans-ms"
Tue 26 Feb 2008 524,288 A.SH. --- "C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat{755be32b-e47c-11dc-ac74-00030d000001}.TMContainer00000000000000000001.regtrans-ms"
Tue 26 Feb 2008 524,288 A.SH. --- "C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat{755be32b-e47c-11dc-ac74-00030d000001}.TMContainer00000000000000000002.regtrans-ms"
Tue 26 Feb 2008 524,288 A.SH. --- "C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat{755be331-e47c-11dc-ac74-00030d000001}.TMContainer00000000000000000001.regtrans-ms"
Tue 26 Feb 2008 524,288 A.SH. --- "C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat{755be331-e47c-11dc-ac74-00030d000001}.TMContainer00000000000000000002.regtrans-ms"
Tue 26 Feb 2008 524,288 A.SH. --- "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\usrclass.dat{755be13f-e47c-11dc-ac74-00030d000001}.TMContainer00000000000000000001.regtrans-ms"
Tue 26 Feb 2008 524,288 A.SH. --- "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\usrclass.dat{755be13f-e47c-11dc-ac74-00030d000001}.TMContainer00000000000000000002.regtrans-ms"
Tue 26 Feb 2008 524,288 A.SH. --- "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\usrclass.dat{755be335-e47c-11dc-ac74-00030d000001}.TMContainer00000000000000000001.regtrans-ms"
Tue 26 Feb 2008 524,288 A.SH. --- "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\usrclass.dat{755be335-e47c-11dc-ac74-00030d000001}.TMContainer00000000000000000002.regtrans-ms"


[b]Program Folders[/b]:

C:\Program Files\

Activation Assistant for the 2007 Microsoft Office suites
Activision
Adobe
Apple Software Update
BitDefender
CCleaner
Cisco
Common Files
CONEXANT
Counter-Strike Source LAN Edition
DAEMON Tools Lite
DAEMON Tools Toolbar
DIFX
DivX
eMule
ESET
Fichiers communs
FM Modifier 2.2
Free Audio Pack
Google
Guitar Pro 5
HDReg
HP
Infogrames
InstallShield Installation Information
Intel
Internet Explorer
IVT Corporation
Java
Lavalys
Lavasoft
Logitech
ma-config.com
Malwarebytes' Anti-Malware
Marvell
Messenger Plus! Live
Microsoft ActiveSync
Microsoft Games
Microsoft Office
Microsoft Works
Microsoft.NET
Movie Maker
Mozilla Firefox
MSBuild
MSN
MSXML 4.0
OpenAL
OpenOffice.org 3
Orange
Paint.NET
Panda Security
QuickTime
Reference Assemblies
Roxio
SafeSoft
SAGEM
Securitoo
Skype
SolidWorks
Sports Interactive
Spybot - Search & Destroy
Steam
SystemRequirementsLab
THQ
Trend Micro
Uninstall Information
UT2004
uTorrent
VideoLAN
Webtarot
Winamp
Windows Calendar
Windows Collaboration
Windows Defender
Windows Journal
Windows Live
Windows Mail
Windows Media Player
Windows NT
Windows Photo Gallery
Windows Sidebar
WinRAR
Wolfram Research
Yahoo!
Zero G Registry

C:\Program Files\Common Files\

Adobe
BitDefender
DESIGNER
France Telecom
HP
InstallShield
Java
Logishrd
microsoft shared
MSSoap
PX Storage Engine
Roxio Shared
Services
Skype
Sonic Shared
SpeechEngines
Steam
SureThing Shared
Symantec Shared
System
WindowsLiveInstaller
Wise Installation Wizard
??crosoft.NET


[b]Add/Remove Programs[/b]:

Package de pilotes Windows - ITE Tech.Inc. (itecir) HIDClass (01/05/2007 5.0.0003.2)
Package de pilotes Windows - NVIDIA (nvlddmkm) Display (01/20/2008 7.15.11.6762)
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
CCleaner (remove only)
Conexant HD Audio
Copy Utility
Counter-Strike Source LAN Edition
DAEMON Tools Toolbar
Editeur FM2008 Fr
eMule
EPSON Smart Panel
EVEREST Home Edition v2.20
Football Manager 2008
Free Mp3 Wma Converter V 1.8.0
Guitar Pro 5.0
HijackThis 2.0.2
HP Imaging Device Functions 9.0
HP Photosmart Essential 2.01
HP Solution Center 9.0
Microsoft .NET Framework 1.1 Hotfix (KB929729)
Malwarebytes' Anti-Malware
Messenger Plus! Live
Microsoft .NET Framework 1.1
Mozilla Firefox (3.0.4)
NVIDIA Drivers
OpenAL
Logiciel Intel(R) PROSet/Wireless
Adobe Flash Player 9 ActiveX
Counter-Strike: Source
Day of Defeat: Source
Half-Life 2: Deathmatch
Half-Life 2: Lost Coast
System Requirements Lab
VideoLAN VLC media player 0.8.6f
WebTarot 1.26
MSXML4 Parser
Apple Software Update
Steam(TM)
CDDRV_Installer
HDReg France
TrayApp
OpenOffice.org 3.0
livebox
QuickTime
AutoUpdate
DeviceDiscovery
KhalInstallWrapper
Java(TM) 6 Update 7
Dawn of War - Soulstorm
JMB36X Raid Configurer
Google Earth
HP Smart Web Printing
HPSSupply
Kit de langue française 3.0
UnloadSupport
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.50.03
Skype™ 3.2
Bluesoleil3.2.2.9 Release 070426
Activation Assistant for the 2007 Microsoft Office suites
eSupportQFolder
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Windows Media Player Firefox Plugin
CustomerResearchQFolder
Microsoft Visual C++ 2005 Redistributable
PanoStandAlone
DivX Codec
VideoToolkit01
HP Photosmart Essential2.01
MSXML 4.0 SP2 (KB954430)
SpeechRedist
BitDefender Total Security 2009
DivX Player
mPfMgr
mHelp
Microsoft Office Professional Edition 2003
Module de compatibilité pour Microsoft Office System 2007
Intel® Matrix Storage Manager
Counter-Strike: Source
mDriver
Adobe Shockwave Player
mCorev32.ism_new
HP Update
DeviceManagementQFolder
Adobe Reader 8.1.2 - Français
FM Modifier 2.22
HPProductAssistant
DivX Converter
Spybot - Search & Destroy
dj_sf_software
DivX Web Player
Roxio Creator 9 LE
Windows Live Messenger
SolutionCenter
MSXML 4.0 SP2 (KB936181)
Windows Live Mail
MSXML 4.0 SP2 (KB941833)
Marvell Miniport Driver
Microsoft .NET Framework 1.1
Ma-Config.com
Ad-Aware
BufferChm
mMHouse
Logitech SetPoint
mCPlug
PSSWCORE
ITECIR Driver
Windows Live installer
Status
Navigateur Orange
Orange - Logiciels Internet
Kit de langue française 3.0
µTorrent


[b]Run Values[/b]:

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Windows Defender"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,\
00,69,00,6c,00,65,00,73,00,25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,\
73,00,20,00,44,00,65,00,66,00,65,00,6e,00,64,00,65,00,72,00,5c,00,4d,00,53,\
00,41,00,53,00,43,00,75,00,69,00,2e,00,65,00,78,00,65,00,20,00,2d,00,68,00,\
69,00,64,00,65,00,00,00
"JMB36X IDE Setup"="C:\\Windows\\RaidTool\\xInsIDE.exe"
"RoxWatchTray"="\"C:\\Program Files\\Common Files\\Roxio Shared\\9.0\\SharedCOM\\RoxWatchTray9.exe\""
"SystrayORAHSS"="\"C:\\Program Files\\Orange\\Systray\\SystrayApp.exe\""
"ORAHSSSessionManager"="C:\\Program Files\\Orange\\SessionManager\\SessionManager.exe"
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE"
"IAAnotif"="C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe"
"NvSvc"="RUNDLL32.EXE C:\\Windows\\system32\\nvsvc.dll,nvsvcStart"
"NvCplDaemon"="RUNDLL32.EXE C:\\Windows\\system32\\NvCpl.dll,NvStartup"
"NvMediaCenter"="RUNDLL32.EXE C:\\Windows\\system32\\NvMcTray.dll,NvTaskbarInit"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_07\\bin\\jusched.exe\""
"BDAgent"="\"C:\\Program Files\\BitDefender\\BitDefender 2009\\bdagent.exe\""
"BitDefender Antiphishing Helper"="\"C:\\Program Files\\BitDefender\\BitDefender 2009\\IEShow.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
@=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"Sidebar"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun"
"msnmsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe\" /background"
"SpybotSD TeaTimer"="C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe"


[b]Bot Check[/b]:

SERVICE_NAME: wscsvc
DISPLAY_NAME : Centre de sécurité
START_TYPE : 2 AUTO_START

SERVICE_NAME: sharedaccess
DISPLAY_NAME : Partage de connexion Internet (ICS)
START_TYPE : 4 DISABLED

SERVICE_NAME: wuauserv
DISPLAY_NAME : Windows Update
START_TYPE : 2 AUTO_START

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole]
"EnableDCOM"="Y"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=dword:00000001

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=dword:00000001

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"restrictanonymous"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update]
"AUOptions"=dword:00000004

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"WaitToKillServiceTimeout"="20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="explorer.exe"
"Userinit"="C:\\Windows\\system32\\userinit.exe,C:\\Windows\\system32\\uesiuqcr.exe,"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shell extensions]


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters]
"TransportBindName"="\\Device\\"


[b]ShellExecuteHooks[/b]:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{47080957-7903-41FC-B655-CEBA0A65E64A}"=""



[b]Environment[/b]:


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager\environment
ComSpec REG_EXPAND_SZ %SystemRoot%\system32\cmd.exe
OS REG_SZ Windows_NT
Path REG_EXPAND_SZ %SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\
PATHEXT REG_SZ .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
TEMP REG_EXPAND_SZ %SystemRoot%\TEMP
TMP REG_EXPAND_SZ %SystemRoot%\TEMP
USERNAME REG_SZ SYSTEM
windir REG_EXPAND_SZ %SystemRoot%
RoxioCentral REG_SZ C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
CLASSPATH REG_SZ .;C:\Program Files\QuickTime\QTSystem\QTJava.zip
QTJAVA REG_SZ C:\Program Files\QuickTime\QTSystem\QTJava.zip

[b]SecurityProviders[/b]:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders
SecurityProviders REG_SZ credssp.dll


[b]Authentication Packages[/b]:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
Authentication Packages REG_MULTI_SZ msv1_0\0C:\Windows\system32\efcywVmn\0\0


[b]Subsystem Startup[/b]:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems]
"Windows"="%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16"


[b]Midi Drivers[/b]:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midi"="wdmaud.drv"


[b]Non-Default IFEO Debugger[/b]:


[b]Non-Default Installed Components[/b]:


[b]Non-Default Safeboot Minimal[/b]:


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\appinfo
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\keyiso
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\ntds
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\profsvc
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sacsvr
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\swprv
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\tabletinputservice
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\tbs
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\trustedinstaller
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\volmgr.sys
<NO NAME> REG_SZ Driver


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\volmgrx.sys
<NO NAME> REG_SZ Driver


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\windefend
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\{6bdd1fc1-810f-11d0-bec7-08002be2092f}
<NO NAME> REG_SZ IEEE 1394 Bus host controllers


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\{d48179be-ec20-11d1-b6b8-00c04fa372a7}
<NO NAME> REG_SZ SBP2 IEEE 1394 Devices


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}
<NO NAME> REG_SZ SecurityDevices


[b]File Associations[/b]:


[HKEY_CLASSES_ROOT\batfile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\cmdfile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\comfile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"

[HKEY_CLASSES_ROOT\htafile\shell\open\command]
@="C:\\Windows\\system32\\mshta.exe \"%1\" %*"

[HKEY_CLASSES_ROOT\http\shell\open\command]
@="\"C:\\Program Files\\Mozilla Firefox\\firefox.exe\" -requestPending -osint -url \"%1\""

[HKEY_CLASSES_ROOT\htmlfile\shell\open\command]

[HKEY_CLASSES_ROOT\regedit\shell\open\command]
@="regedit.exe \"%1\""

[HKEY_CLASSES_ROOT\regfile\shell\open\command]
@="regedit.exe \"%1\" %*"

[HKEY_CLASSES_ROOT\scrfile\shell\open\command]
@="\"%1\" /S"

[HKEY_CLASSES_ROOT\txtfile\shell\open\command]
@="%SystemRoot%\system32\NOTEPAD.EXE %1"


[b]Finished![/b]
0
Réponse 28 / 34
jorginho67 Messages postés 14716 Date d'inscription mardi 11 septembre 2007 Statut Contributeur sécurité Dernière intervention 11 février 2011 1 169
3 déc. 2008 à 21:48
Refais moi un log HJT tout frais stp...

Ø Relance Hijackthis en double cliquant sur son raccourci sur le Bureau.
Choisis l'option "Do a system scan and save a log file"
Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
Clique sur "Edition" ->> "Sélectionner tout", puis sur "Edition" ->> Copier" pour copier tout le contenu du rapport ici
0
Réponse 29 / 34
diegoasm Messages postés 20 Date d'inscription mercredi 19 novembre 2008 Statut Membre Dernière intervention 4 décembre 2008
3 déc. 2008 à 21:51
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:50:58, on 03/12/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16757)
Boot mode: Normal

Running processes:
C:\Windows\system32\uesiuqcr.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Windows\system32\uesiuqcr.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: getfn32.msiets - {21A237A4-3A94-4198-911D-647ED2263DD2} - C:\Windows\system32\getfn32.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (file missing)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (file missing)
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (file missing)
O13 - Gopher Prefix:
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FCI - Unknown owner - C:\Windows\system32\fci.exe.exe:ext.exe (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: ICF - Unknown owner - C:\Windows\system32\icf.exe.exe:ext.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Unknown owner - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (file missing)
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
0
Réponse 30 / 34
jorginho67 Messages postés 14716 Date d'inscription mardi 11 septembre 2007 Statut Contributeur sécurité Dernière intervention 11 février 2011 1 169
3 déc. 2008 à 22:05
Arffff Vista....

C'est pas mon fort, certains outils ne passent pas avec...

Je demande a mes ""collègues " une manip', et je reviens
0
Réponse 31 / 34
jorginho67 Messages postés 14716 Date d'inscription mardi 11 septembre 2007 Statut Contributeur sécurité Dernière intervention 11 février 2011 1 169
4 déc. 2008 à 00:42
Bon, après concertation :

Ouvre ton bloc notes ( clic droit sur le bureau ) => nouveau => document texte
Nomme le windows.reg.

Copie colle ce texte ( en gras ) ci dessous dans ce document. ( sans les ========)
==========================================
Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21A237A4-3A94-4198-911D-647ED2263DD2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21A237A4-3A94-4198-911D-647ED2263DD2}]
[-HKEY_CLASSES_ROOT\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=-

==========================================

Ferme ce document, et a sa demande, enregistre les modifications.
une fois que tu as fait ton script et que tu l'as enregistré avec l'extension reg,
tu obtiens une icone comme celle ci => http://img216.imageshack.us/img216/6931/regfix1yf1.jpg
double clique sur l'icône,et ensuite acceptes la fusion.

reposte moi un nouveau scan HJT ensuite.
0
Réponse 32 / 34
diegoasm Messages postés 20 Date d'inscription mercredi 19 novembre 2008 Statut Membre Dernière intervention 4 décembre 2008
4 déc. 2008 à 16:19
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:19:13, on 04/12/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16757)
Boot mode: Normal

Running processes:
C:\Windows\system32\uesiuqcr.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Windows\system32\uesiuqcr.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (file missing)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (file missing)
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (file missing)
O13 - Gopher Prefix:
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FCI - Unknown owner - C:\Windows\system32\fci.exe.exe:ext.exe (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: ICF - Unknown owner - C:\Windows\system32\icf.exe.exe:ext.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Unknown owner - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (file missing)
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
0
Réponse 33 / 34
jorginho67 Messages postés 14716 Date d'inscription mardi 11 septembre 2007 Statut Contributeur sécurité Dernière intervention 11 février 2011 1 169
4 déc. 2008 à 16:25
• Télécharge OTMoveIt3 de OldTimer
http://oldtimer.geekstogo.com/OTMoveIt3.exe

* Enregistre-le sur ton bureau
* Clique droit sur OTMoveIt3.exe et " executer en tant qu'admin' ...pour le lancer (l'extension peut ne pas apparaître)
* Copie-colle l'ensemble des lignes en gras ci dessous dans la partie "Paste Instructions for Items to be Moved" (en-dessous de la barre jaune) :

:files

C:\Windows\system3­2\uesiuqcr.exe
:commands
[emptytemp]
[Reboot]

* Clique sur le bouton rouge Moveit! pour lancer le nettoyage
* Copie-colle dans ta prochaine réponse tout ce qui se trouve dans la fenêtre Results (en vert à droite)

==> Un rapport sera généré dans le dossier C:\ _OTMoveIt\MovedFiles avec la date et l'heure du passage de l'outil (mmddyyyy_hhmmss.log)

* Ferme OTMoveIt3 (en cliquant sur Exit)


Note : Si un fichier ou un dossier ne sait être supprimé directement, l'outil peut demander un redémarrage pour terminer le processus.
Clique alors sur "Yes" pour accepter...
0
Réponse 34 / 34
diegoasm Messages postés 20 Date d'inscription mercredi 19 novembre 2008 Statut Membre Dernière intervention 4 décembre 2008
4 déc. 2008 à 16:49
========== FILES ==========
File/Folder C:\Windows\system3­2\uesiuqcr.exe not found.
========== COMMANDS ==========
File delete failed. C:\Users\Gauthier\AppData\Local\Temp\etilqs_crT7WBgdFx5Ks3xHFrE5 scheduled to be deleted on reboot.
File delete failed. C:\Users\Gauthier\AppData\Local\Temp\~DF1641.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\Gauthier\AppData\Local\Temp\~DF3710.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\Gauthier\AppData\Local\Temp\~DF3747.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\Gauthier\AppData\Local\Temp\~DFC47.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\Gauthier\AppData\Local\Temp\~DFED4.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\Windows\temp\JET8979.tmp scheduled to be deleted on reboot.
Windows Temp folder emptied.
File delete failed. C:\Users\Gauthier\AppData\Local\Mozilla\Firefox\Profiles\vs09ivn6.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Users\Gauthier\AppData\Local\Mozilla\Firefox\Profiles\vs09ivn6.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Users\Gauthier\AppData\Local\Mozilla\Firefox\Profiles\vs09ivn6.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Users\Gauthier\AppData\Local\Mozilla\Firefox\Profiles\vs09ivn6.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Users\Gauthier\AppData\Local\Mozilla\Firefox\Profiles\vs09ivn6.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Users\Gauthier\AppData\Local\Mozilla\Firefox\Profiles\vs09ivn6.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 12042008_164417

Files moved on Reboot...
File C:\Users\Gauthier\AppData\Local\Temp\etilqs_crT7WBgdFx5Ks3xHFrE5 not found!
C:\Users\Gauthier\AppData\Local\Temp\~DF1641.tmp moved successfully.
File C:\Users\Gauthier\AppData\Local\Temp\~DF3710.tmp not found!
File C:\Users\Gauthier\AppData\Local\Temp\~DF3747.tmp not found!
File C:\Users\Gauthier\AppData\Local\Temp\~DFC47.tmp not found!
File C:\Users\Gauthier\AppData\Local\Temp\~DFED4.tmp not found!
C:\Windows\temp\JET8979.tmp moved successfully.
C:\Users\Gauthier\AppData\Local\Mozilla\Firefox\Profiles\vs09ivn6.default\Cache\_CACHE_001_ moved successfully.
C:\Users\Gauthier\AppData\Local\Mozilla\Firefox\Profiles\vs09ivn6.default\Cache\_CACHE_002_ moved successfully.
C:\Users\Gauthier\AppData\Local\Mozilla\Firefox\Profiles\vs09ivn6.default\Cache\_CACHE_003_ moved successfully.
C:\Users\Gauthier\AppData\Local\Mozilla\Firefox\Profiles\vs09ivn6.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\Gauthier\AppData\Local\Mozilla\Firefox\Profiles\vs09ivn6.default\urlclassifier3.sqlite moved successfully.
C:\Users\Gauthier\AppData\Local\Mozilla\Firefox\Profiles\vs09ivn6.default\XUL.mfl moved successfully.
0

Discussions similaires

Trojans détectés
aeroloup -
Malekal_morte- -

5 réponses
Trojan : comment le détruire avec Bitdefender
celinette53 -
Wipi -

8 réponses
des spywares et Trojans envahissent mon pc
titite_baby -
titite_baby -

37 réponses
Problème Virus Trojan
jmpower -
bazfile -

4 réponses
Problème de trojan/Coinminer
linux89563 -
bazfile -

5 réponses