Plus moyen de se connecter à internet
Résolu/Fermé
Ella_elle_a
Messages postés
46
Date d'inscription
mercredi 30 juillet 2008
Statut
Membre
Dernière intervention
26 juin 2009
-
21 août 2008 à 12:15
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 - 23 août 2008 à 13:08
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 - 23 août 2008 à 13:08
A voir également:
- Plus moyen de se connecter à internet
- Se connecter à ma boite hotmail - Guide
- Se connecter à un autre compte facebook - Guide
- Gmail se connecter - Guide
- Comment connecter chromecast à la télé - Guide
- Gps sans internet - Guide
21 réponses
Stalker Havoc
Messages postés
17
Date d'inscription
jeudi 21 août 2008
Statut
Membre
Dernière intervention
15 janvier 2009
21 août 2008 à 12:17
21 août 2008 à 12:17
desinstalle ton kapersky cest lui qui fout la merde j'ai deja eu le probleme avec cet antivirus cest une vraie daube !!!
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
21 août 2008 à 12:20
21 août 2008 à 12:20
rien à voir avec kaspersky Stalker mdr
ella fais ceci stp :
télécharge combofix (par sUBs) à cette adresse :
(c est le numéro 5 en bas de la page) : https://www.androidworld.fr/
et enregistre le sur le Bureau.
désactive tes protections et ferme toutes tes applications(antivirus, parefeu, garde en temps réel de l'antispyware)
Voici un tuto pour bien l'installer et savoir l utiliser : https://www.androidworld.fr/
envois le rapport et ensuite refais un nouveau rapport hijackthis stp
ella fais ceci stp :
télécharge combofix (par sUBs) à cette adresse :
(c est le numéro 5 en bas de la page) : https://www.androidworld.fr/
et enregistre le sur le Bureau.
désactive tes protections et ferme toutes tes applications(antivirus, parefeu, garde en temps réel de l'antispyware)
Voici un tuto pour bien l'installer et savoir l utiliser : https://www.androidworld.fr/
envois le rapport et ensuite refais un nouveau rapport hijackthis stp
Stalker Havoc
Messages postés
17
Date d'inscription
jeudi 21 août 2008
Statut
Membre
Dernière intervention
15 janvier 2009
21 août 2008 à 12:22
21 août 2008 à 12:22
regarde son rapport trois firewall cela te choque pas d'autant que kapersky a tendance a verrouiller les ports lorsqu'il ne comprend plus rien !!
Stalker Havoc
Messages postés
17
Date d'inscription
jeudi 21 août 2008
Statut
Membre
Dernière intervention
15 janvier 2009
21 août 2008 à 12:21
21 août 2008 à 12:21
en plus je viens de voir que tu as bitdefender lol tu as combien d'antivirus firewall d'installer sur ton pc !!
Kapersky, BitDefnder et celui de windows cela fait trois !! il n'y en aurai pas deux de trop par hasard !!
Kapersky, BitDefnder et celui de windows cela fait trois !! il n'y en aurai pas deux de trop par hasard !!
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
21 août 2008 à 12:25
21 août 2008 à 12:25
je ne vois pas où tu vois kaspersky et 3 pare feu !
il n y a que AVG comme antivirus
a-squared comme antimalwares
et comodo comme pare feu lol
qu est ce que t as fumé ?!
il n y a que AVG comme antivirus
a-squared comme antimalwares
et comodo comme pare feu lol
qu est ce que t as fumé ?!
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Ella_elle_a
Messages postés
46
Date d'inscription
mercredi 30 juillet 2008
Statut
Membre
Dernière intervention
26 juin 2009
21 août 2008 à 12:25
21 août 2008 à 12:25
Je n'ai ni Kapersky, ni bitdefender, j'ai juste fait des scanns en ligne, pas d'installations.
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
21 août 2008 à 12:27
21 août 2008 à 12:27
c est pas AVG antivirus, c est l antispyware !
il n y a pas d antivirus d installé...
et le fichier kaspersky que tu vois c est le scanner en ligne
ella : télécharge antivir qui est gratuit et tres performant :
https://www.androidworld.fr/
et voici un tuto pour bien le configurer : https://www.malekal.com/avira-free-security-antivirus-gratuit/
il n y a pas d antivirus d installé...
et le fichier kaspersky que tu vois c est le scanner en ligne
ella : télécharge antivir qui est gratuit et tres performant :
https://www.androidworld.fr/
et voici un tuto pour bien le configurer : https://www.malekal.com/avira-free-security-antivirus-gratuit/
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
21 août 2008 à 12:29
21 août 2008 à 12:29
t inquiete pas ella, il a juste fumé un peu de trop je crois
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
21 août 2008 à 12:29
21 août 2008 à 12:29
fais ce que je t ai écris ici au deuxième message stp :
http://www.commentcamarche.net/forum/affich 8003408 plus moyen de se connecter a internet#2
http://www.commentcamarche.net/forum/affich 8003408 plus moyen de se connecter a internet#2
Ella_elle_a
Messages postés
46
Date d'inscription
mercredi 30 juillet 2008
Statut
Membre
Dernière intervention
26 juin 2009
21 août 2008 à 12:59
21 août 2008 à 12:59
Voilà pour Combofix, t'inquiète, j'étais dessus, merci de t'occuper de mon souci ;)
ComboFix 08-08-19.06 - jnh 2008-08-21 12:32:18.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1605 [GMT 2:00]
Endroit: C:\Documents and Settings\jnh\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
((((((((((((((((((((((((((((( Fichiers créés 2008-07-21 to 2008-08-21 ))))))))))))))))))))))))))))))))))))
.
2008-08-13 06:41 . 2008-05-01 16:31 331,776 -----c--- C:\WINDOWS\system32\dllcache\msadce.dll
2008-08-01 14:57 . 2008-08-01 14:57 <REP> d-------- C:\Program Files\COMODO
2008-08-01 14:57 . 2008-08-01 14:57 <REP> d-------- C:\Documents and Settings\jnh\Application Data\Comodo
2008-08-01 14:57 . 2008-08-01 15:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\comodo
2008-08-01 14:57 . 2008-08-01 14:57 139,008 --a------ C:\WINDOWS\system32\guard32.dll
2008-08-01 14:57 . 2008-08-01 14:57 79,096 --a------ C:\WINDOWS\system32\drivers\cmdGuard.sys
2008-08-01 14:57 . 2008-08-01 14:57 23,672 --a------ C:\WINDOWS\system32\drivers\cmdhlp.sys
2008-08-01 11:22 . 2008-08-01 11:23 <REP> d-------- C:\WINDOWS\ERUNT
2008-07-31 13:19 . 2008-07-31 13:19 <REP> d-------- C:\Documents and Settings\jnh\Application Data\Grisoft
2008-07-31 13:18 . 2008-07-31 13:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-07-31 13:18 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-07-31 10:31 . 2008-07-31 10:31 14,113,576 --a------ C:\Program Files\ewido-setup.exe
2008-07-30 12:25 . 2008-07-30 12:25 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-07-25 19:00 . 2008-08-11 12:25 8,192 --ahs---- C:\WINDOWS\Thumbs.db
2008-07-25 18:49 . 2008-07-25 18:51 <REP> d-------- C:\Program Files\PhotoFiltre Studio
2008-07-25 18:49 . 2008-07-25 18:49 45 ---h----- C:\WINDOWS\dsez6135.dat
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-20 10:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-08-12 13:10 --------- d-----w C:\Program Files\a-squared Free
2008-08-01 12:05 --------- d-----w C:\Program Files\Java
2008-07-30 19:58 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-07-30 11:09 --------- d-----w C:\Documents and Settings\jnh\Application Data\OpenOffice.org2
2008-07-18 18:39 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-29 10:48 --------- d-----w C:\Program Files\RocketDock
2008-06-25 05:06 --------- d-----w C:\Program Files\Google
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 16:28 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-21 15:30 --------- d-----w C:\Program Files\Navilog1
2008-06-21 13:54 --------- d-----w C:\Program Files\Canta
2008-06-21 09:47 --------- d-----w C:\Program Files\ERUNT
2008-06-21 09:21 --------- d-----w C:\Documents and Settings\jnh\Application Data\Malwarebytes
2008-06-21 09:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-21 08:37 --------- d-----w C:\Documents and Settings\jnh\Application Data\ItsLabel
2008-06-21 08:15 --------- d-----w C:\Program Files\EoRezo
2008-06-21 08:15 --------- d-----w C:\Documents and Settings\jnh\Application Data\EoRezo
2008-06-21 08:12 --------- d-----w C:\Program Files\CCleaner
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
.
((((((((((((((((((((((((((((( snapshot@2008-06-21_15.43.55,31 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-07-07 20:18:27 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:28:20 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:24:11 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:26 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:29 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-07-14 11:03:00 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2006-08-16 12:13:24 100,352 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
+ 2008-06-20 10:44:08 138,368 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\afd.sys
+ 2008-06-20 17:37:01 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
+ 2008-06-20 17:37:01 247,808 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll
+ 2008-06-20 10:44:42 360,960 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
+ 2008-06-20 09:32:39 225,920 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
+ 2008-06-20 11:40:08 138,496 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\afd.sys
+ 2008-06-20 17:47:22 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
+ 2008-06-20 17:47:22 247,808 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll
+ 2008-06-20 11:51:12 361,600 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
+ 2008-06-20 11:08:27 225,856 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
+ 2008-06-20 11:48:03 138,496 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
+ 2008-06-20 17:44:02 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
+ 2008-06-20 17:44:02 247,808 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll
+ 2008-06-20 11:59:02 361,600 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
+ 2008-06-20 11:16:44 225,856 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
+ 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951748\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951748\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\spcustom.dll
+ 2007-11-30 12:39:26 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\update.exe
+ 2007-11-30 12:39:29 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\updspapi.dll
+ 2008-06-24 16:30:27 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:44:02 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:53:52 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\updspapi.dll
+ 2008-06-21 14:02:40 45,056 ----a-w C:\WINDOWS\BDOSCAN8\avxdisk.dll
+ 2008-06-21 14:02:40 10,240 ----a-w C:\WINDOWS\BDOSCAN8\avxs.dll
+ 2008-06-21 14:02:41 27,136 ----a-w C:\WINDOWS\BDOSCAN8\avxt.dll
+ 2008-06-21 14:02:42 181,760 ----a-w C:\WINDOWS\BDOSCAN8\bdcore.dll
+ 2006-05-24 23:21:00 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
+ 2006-05-24 23:21:14 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll
+ 2008-06-21 14:02:42 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll
+ 2008-06-21 14:02:41 86,016 ----a-w C:\WINDOWS\BDOSCAN8\librtvr.dll
+ 2006-05-24 23:22:06 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
+ 2006-05-24 23:21:00 118,784 ----a-w C:\WINDOWS\Downloaded Program Files\bdupd.dll
+ 2006-05-24 23:21:14 53,248 ----a-w C:\WINDOWS\Downloaded Program Files\ipsupd.dll
- 2008-06-21 09:47:21 5,890,048 ----a-w C:\WINDOWS\ERDNT\21-06-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-06-21 14:18:37 5,890,048 ----a-w C:\WINDOWS\ERDNT\21-06-08\Users\[u]0[/u]0000001\NTUSER.DAT
- 2008-06-21 09:47:21 151,552 ----a-w C:\WINDOWS\ERDNT\21-06-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-06-21 14:18:37 151,552 ----a-w C:\WINDOWS\ERDNT\21-06-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]1-08-08\ERDNT.EXE
+ 2008-08-01 08:42:56 4,796,416 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]1-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-01 08:42:56 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]1-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]3-08-08\ERDNT.EXE
+ 2008-08-03 18:39:44 4,796,416 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]3-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-03 18:39:44 155,648 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]3-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]4-08-08\ERDNT.EXE
+ 2008-08-04 07:05:50 4,796,416 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]4-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-04 07:05:50 155,648 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]4-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]5-08-08\ERDNT.EXE
+ 2008-08-05 08:34:14 4,931,584 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]5-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-05 08:34:15 155,648 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]5-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]6-08-08\ERDNT.EXE
+ 2008-08-06 08:09:41 4,931,584 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]6-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-06 08:09:41 155,648 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]6-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]7-08-08\ERDNT.EXE
+ 2008-08-07 09:22:57 4,931,584 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]7-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-07 09:22:57 155,648 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]7-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]9-08-08\ERDNT.EXE
+ 2008-08-09 08:49:09 4,931,584 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]9-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-09 08:49:09 155,648 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]9-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\10-07-08\ERDNT.EXE
+ 2008-07-10 04:44:54 4,542,464 ----a-w C:\WINDOWS\ERDNT\AutoBackup\10-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-10 04:44:54 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\10-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\10-08-08\ERDNT.EXE
+ 2008-08-10 12:02:01 4,931,584 ----a-w C:\WINDOWS\ERDNT\AutoBackup\10-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-10 12:02:01 155,648 ----a-w C:\WINDOWS\ERDNT\AutoBackup\10-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\11-08-08\ERDNT.EXE
+ 2008-08-11 08:11:57 4,931,584 ----a-w C:\WINDOWS\ERDNT\AutoBackup\11-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-11 08:11:57 155,648 ----a-w C:\WINDOWS\ERDNT\AutoBackup\11-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\12-08-08\ERDNT.EXE
+ 2008-08-12 07:44:16 4,931,584 ----a-w C:\WINDOWS\ERDNT\AutoBackup\12-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-12 07:44:16 155,648 ----a-w C:\WINDOWS\ERDNT\AutoBackup\12-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\13-07-08\ERDNT.EXE
+ 2008-07-13 11:13:17 4,542,464 ----a-w C:\WINDOWS\ERDNT\AutoBackup\13-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-13 11:13:18 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\13-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\14-07-08\ERDNT.EXE
+ 2008-07-14 09:19:01 4,562,944 ----a-w C:\WINDOWS\ERDNT\AutoBackup\14-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-14 09:19:01 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\14-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\16-07-08\ERDNT.EXE
+ 2008-07-16 06:10:34 4,562,944 ----a-w C:\WINDOWS\ERDNT\AutoBackup\16-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-16 06:10:35 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\16-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\16-08-08\ERDNT.EXE
+ 2008-08-16 18:04:59 4,931,584 ----a-w C:\WINDOWS\ERDNT\AutoBackup\16-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-16 18:04:59 155,648 ----a-w C:\WINDOWS\ERDNT\AutoBackup\16-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\20-07-08\ERDNT.EXE
+ 2008-07-20 09:44:30 4,616,192 ----a-w C:\WINDOWS\ERDNT\AutoBackup\20-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-20 09:44:30 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\20-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\20-08-08\ERDNT.EXE
+ 2008-08-20 09:55:18 4,931,584 ----a-w C:\WINDOWS\ERDNT\AutoBackup\20-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-20 09:55:18 155,648 ----a-w C:\WINDOWS\ERDNT\AutoBackup\20-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\21-08-08\ERDNT.EXE
+ 2008-08-21 09:26:45 5,197,824 ----a-w C:\WINDOWS\ERDNT\AutoBackup\21-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-21 09:26:45 155,648 ----a-w C:\WINDOWS\ERDNT\AutoBackup\21-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\22-07-08\ERDNT.EXE
+ 2008-07-22 04:52:48 4,616,192 ----a-w C:\WINDOWS\ERDNT\AutoBackup\22-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-22 04:52:48 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\22-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\24-06-08\ERDNT.EXE
+ 2008-06-24 04:44:43 3,997,696 ----a-w C:\WINDOWS\ERDNT\AutoBackup\24-06-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-06-24 04:44:43 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\24-06-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\24-07-08\ERDNT.EXE
+ 2008-07-24 04:49:45 4,616,192 ----a-w C:\WINDOWS\ERDNT\AutoBackup\24-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-24 04:49:45 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\24-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\25-06-08\ERDNT.EXE
+ 2008-06-25 04:26:07 3,997,696 ----a-w C:\WINDOWS\ERDNT\AutoBackup\25-06-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-06-25 04:26:07 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\25-06-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\25-07-08\ERDNT.EXE
+ 2008-07-25 04:51:25 4,628,480 ----a-w C:\WINDOWS\ERDNT\AutoBackup\25-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-25 04:51:25 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\25-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\26-07-08\ERDNT.EXE
+ 2008-07-26 07:24:20 4,628,480 ----a-w C:\WINDOWS\ERDNT\AutoBackup\26-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-26 07:24:20 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\26-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\27-07-08\ERDNT.EXE
+ 2008-07-27 07:42:48 4,702,208 ----a-w C:\WINDOWS\ERDNT\AutoBackup\27-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-27 07:42:48 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\27-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\29-07-08\ERDNT.EXE
+ 2008-07-29 07:44:39 4,993,024 ----a-w C:\WINDOWS\ERDNT\AutoBackup\29-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-29 07:44:40 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\29-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\30-06-08\ERDNT.EXE
+ 2008-06-30 04:53:21 4,542,464 ----a-w C:\WINDOWS\ERDNT\AutoBackup\30-06-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-06-30 04:53:21 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\30-06-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\30-07-08\ERDNT.EXE
+ 2008-07-30 18:23:57 4,993,024 ----a-w C:\WINDOWS\ERDNT\AutoBackup\30-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-30 18:23:57 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\30-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\31-07-08\ERDNT.EXE
+ 2008-07-31 08:08:35 4,726,784 ----a-w C:\WINDOWS\ERDNT\AutoBackup\31-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-31 08:08:36 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\31-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-08-01 02:32:34 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2008-08-01 09:23:42 4,796,416 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-01 09:23:42 151,552 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-08-01 02:32:34 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-08-01 09:23:12 4,796,416 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-01 09:23:12 151,552 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-04-23 04:16:39 124,928 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\advpack.dll
+ 2008-04-23 04:16:39 347,136 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\dxtmsft.dll
+ 2008-04-23 04:16:39 214,528 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\dxtrans.dll
+ 2008-04-23 04:16:39 133,120 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\extmgr.dll
+ 2008-04-23 04:16:39 63,488 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\icardie.dll
+ 2008-04-22 07:41:08 70,656 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ie4uinit.exe
+ 2008-04-23 04:16:39 153,088 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieakeng.dll
+ 2008-04-23 04:16:39 230,400 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieaksie.dll
+ 2008-04-20 05:07:51 161,792 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieakui.dll
+ 2008-04-23 04:16:39 383,488 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieapfltr.dll
+ 2008-04-23 04:16:39 384,512 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iedkcs32.dll
+ 2008-04-23 04:16:39 6,066,176 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieframe.dll
+ 2008-04-23 04:16:39 44,544 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iernonce.dll
+ 2008-04-23 04:16:39 267,776 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iertutil.dll
+ 2008-04-22 07:39:58 13,824 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieudinit.exe
+ 2008-04-22 07:41:30 625,664 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iexplore.exe
+ 2008-04-23 04:16:40 27,648 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\jsproxy.dll
+ 2008-04-23 04:16:40 459,264 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msfeeds.dll
+ 2008-04-23 04:16:40 52,224 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msfeedsbs.dll
+ 2008-04-23 20:16:42 3,591,680 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mshtml.dll
+ 2008-04-23 04:16:40 478,208 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mshtmled.dll
+ 2008-04-23 04:16:40 193,024 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msrating.dll
+ 2008-04-23 04:16:40 671,232 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mstime.dll
+ 2008-04-23 04:16:40 102,912 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\occache.dll
+ 2008-04-23 04:16:40 44,544 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\updspapi.dll
+ 2008-04-23 04:16:40 105,984 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\url.dll
+ 2008-04-23 04:16:40 1,159,680 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\urlmon.dll
+ 2008-04-23 04:16:40 233,472 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\webcheck.dll
+ 2008-04-23 04:16:40 826,368 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\wininet.dll
+ 2006-10-26 19:12:56 396,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]00021090200C0400000000000F01FEC\12.0.6021\MOC.EXE
+ 2007-05-08 10:10:18 16,874,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]00021090200C0400000000000F01FEC\12.0.6021\MSO.DLL
+ 2007-03-21 17:56:50 8,425,856 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]00021090200C0400000000000F01FEC\12.0.6021\OARTCONV.DLL
+ 2006-10-27 14:18:34 1,658,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]00021090200C0400000000000F01FEC\12.0.6021\OGL.DLL
+ 2007-05-10 08:04:28 846,248 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]00021090200C0400000000000F01FEC\12.0.6021\OICE.EXE
+ 2007-05-10 09:11:42 1,767,256 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]00021090200C0400000000000F01FEC\12.0.6021\PPCNV.DLL
+ 2007-03-21 18:00:06 72,096 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]00021090200C0400000000000F01FEC\12.0.6021\PXBCOM.EXE
+ 2007-08-24 03:00:34 1,767,768 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]00021090200C0400000000000F01FEC\12.0.6215\PPCNV.DLL
+ 2007-08-24 03:00:48 72,096 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]00021090200C0400000000000F01FEC\12.0.6215\PXBCOM.EXE
+ 2008-02-04 09:10:10 208,928 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\ImagingDevice.dll
+ 2008-02-04 09:06:54 417,312 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\ImagingServices.dll
+ 2008-02-04 09:08:42 83,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\LiveAlbumXCtrl.dll
+ 2008-02-04 09:07:46 1,779,744 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\MicrosoftEffects.dll
+ 2008-02-04 09:05:04 46,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\PhotoViewerShim.dll
+ 2008-02-04 09:06:46 372,256 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXAlbumDownloadWizard.exe
+ 2008-02-01 10:23:12 279,680 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\wlxclip.dll
+ 2008-02-01 10:13:40 191,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXDSPA.dll
+ 2008-02-04 09:10:02 130,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXGrinderScheduler.dll
+ 2008-02-04 09:06:00 59,424 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXImageTranscode.dll
+ 2008-02-04 09:08:26 712,224 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXMediaPublishSubscribe.dll
+ 2008-02-01 10:17:40 587,264 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPGSS.SCR
+ 2008-02-04 09:07:22 1,565,728 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoAcq.dll
+ 2008-02-01 10:13:40 227,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoAcquireWizard.exe
+ 2008-02-04 09:08:38 86,560 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoCinematic.dll
+ 2008-02-04 09:08:32 83,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoClassic.dll
+ 2008-02-04 09:09:08 125,472 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoGallery.exe
+ 2008-02-01 10:13:42 16,000 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoGalleryRepair.exe
+ 2008-02-04 09:06:54 394,272 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoLibraryDatabase.dll
+ 2008-02-04 09:06:20 1,515,040 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoViewer.dll
+ 2008-02-04 09:06:20 1,250,336 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoVoyager.dll
+ 2008-02-04 09:06:18 752,672 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPipeline.dll
+ 2008-02-04 09:06:14 734,752 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPipetran.dll
+ 2008-02-01 10:13:42 101,504 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXQuickTimeControlHost.exe
+ 2008-02-04 09:05:00 20,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXQuickTimeControlHostPS.dll
+ 2008-02-04 09:05:04 53,792 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXQuickTimeShellExt.dll
+ 2008-02-04 09:08:42 85,024 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXThumbCache.dll
+ 2008-02-04 09:10:04 144,416 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXVAFilt.dll
+ 2008-02-04 09:07:40 675,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXVideoAcquireWizard.exe
+ 2008-02-04 09:07:10 69,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXVideoCameraAutoPlayManager.exe
+ 2008-02-04 09:10:10 165,408 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXVideoTrim.dll
+ 2007-05-31 11:35:22 6,420,320 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.8173\POWERPNT.EXE
- 2008-06-11 01:00:20 38,240 ----a-r C:\WINDOWS\Installer\{90120000-0020-040C-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2008-08-13 08:23:48 38,240 ----a-r C:\WINDOWS\Installer\{90120000-0020-040C-0000-0000000FF1CE}\O12ConvIcon.exe
- 2008-06-18 01:03:18 593,920 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-08-13 08:24:38 593,920 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-06-18 01:03:18 12,288 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-08-13 08:24:38 12,288 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-06-18 01:03:18 135,168 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-08-13 08:24:38 135,168 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-06-18 01:03:18 11,264 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-08-13 08:24:38 11,264 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-06-18 01:03:18 27,136 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-08-13 08:24:39 27,136 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-06-18 01:03:18 4,096 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-08-13 08:24:39 4,096 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-06-18 01:03:18 794,624 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-08-13 08:24:39 794,624 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-06-18 01:03:18 249,856 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-08-13 08:24:38 249,856 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-06-18 01:03:18 61,440 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-08-13 08:24:38 61,440 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-06-18 01:03:18 23,040 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-08-13 08:24:39 23,040 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-06-18 01:03:18 286,720 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-08-13 08:24:38 286,720 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-06-18 01:03:18 409,600 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-08-13 08:24:37 409,600 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-02-27 21:33:10 123,008 ----a-r C:\WINDOWS\Installer\{A70FA218-6598-4AC9-813D-63597C5DD068}\WLXPhotoGalleryIcon.exe
+ 2008-08-07 19:00:11 123,008 ----a-r C:\WINDOWS\Installer\{A70FA218-6598-4AC9-813D-63597C5DD068}\WLXPhotoGalleryIcon.exe
- 2008-04-23 04:16:39 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-06-23 16:28:17 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2007-12-18 01:53:15 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-07-30 19:47:19 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2007-12-18 01:53:15 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2008-07-30 19:47:19 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
- 2007-12-18 01:53:15 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-07-30 19:47:19 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-08-01 12:51:53 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\NtUser.dat
- 2008-04-23 04:16:39 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-06-23 16:28:17 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-06-20 10:44:38 138,368 -c----w C:\WINDOWS\system32\dllcache\afd.sys
- 2008-02-20 05:35:05 148,992 -c----w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2008-06-20 17:41:06 148,992 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
- 2008-04-23 04:16:39 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-06-23 16:28:17 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2008-04-23 04:16:39 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-06-23 16:28:17 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-07-07 20:31:48 253,952 -c----w C:\WINDOWS\system32\dllcache\es.dll
- 2008-04-23 04:16:39 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-06-23 16:28:17 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2008-04-23 04:16:39 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-06-23 16:28:17 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2008-04-22 07:41:08 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-06-23 09:21:30 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2008-04-23 04:16:39 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-06-23 16:28:18 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2008-04-23 04:16:39 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-06-23 16:28:18 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2008-04-20 05:07:51 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-06-21 05:23:54 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2008-04-23 04:16:39 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-06-23 16:28:18 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2008-04-23 04:16:39 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-06-23 16:28:18 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2008-04-23 04:16:39 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-06-23 16:28:19 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2008-04-23 04:16:39 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-06-23 16:28:19 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2008-04-23 04:16:39 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-06-23 16:28:20 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2008-04-22 07:39:58 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2008-06-23 09:20:26 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2008-04-22 07:41:30 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2008-06-23 09:21:49 625,664 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2007-08-21 06:17:23 683,520 -c----w C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2008-04-11 18:51:06 683,520 -c----w C:\WINDOWS\system32\dllcache\inetcomm.dll
- 2008-04-23 04:16:40 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-06-23 16:28:20 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-06-24 16:23:56 74,240 -c----w C:\WINDOWS\system32\dllcache\mscms.dll
- 2008-04-23 04:16:40 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-06-23 16:28:20 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2008-04-23 04:16:40 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-06-23 16:28:20 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2008-04-23 20:16:42 3,591,680 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-06-24 08:28:24 3,592,192 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2008-04-23 04:16:40 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-06-23 16:28:22 477,696 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2008-04-23 04:16:40 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-06-23 16:28:22 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
- 2008-04-23 04:16:40 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-06-23 16:28:22 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-06-20 17:41:06 247,808 -c----w C:\WINDOWS\system32\dllcache\mswsock.dll
- 2008-04-23 04:16:40 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-06-23 16:28:22 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-04-23 04:16:40 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-06-23 16:28:22 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2007-10-30 17:20:55 360,064 -c----w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2008-06-20 10:45:13 360,320 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
- 2006-08-16 09:37:30 225,664 -c----w C:\WINDOWS\system32\dllcache\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
- 2008-04-23 04:16:40 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-06-23 16:28:22 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
- 2008-04-23 04:16:40 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-06-23 16:28:23 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2008-04-23 04:16:40 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-06-23 16:28:23 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2008-04-23 04:16:40 826,368 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-06-23 16:28:23 826,368 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
- 2008-02-20 05:35:05 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-06-20 17:41:06 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
- 2004-08-03 22:14:16 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys
+ 2008-06-20 10:44:38 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
+ 2008-08-01 12:57:47 74,616 ----a-w C:\WINDOWS\system32\drivers\inspect.sys
- 2007-10-30 17:20:55 360,064 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2008-06-20 10:45:13 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
- 2006-08-16 09:37:30 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
- 2008-04-23 04:16:39 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-06-23 16:28:17 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2008-04-23 04:16:39 214,528 ------w C:\WINDOWS\system32\dxtrans.dll
+ 2008-06-23 16:28:17 214,528 ------w C:\WINDOWS\system32\dxtrans.dll
- 2008-04-23 04:16:39 133,120 ------w C:\WINDOWS\system32\extmgr.dll
+ 2008-06-23 16:28:17 133,120 ------w C:\WINDOWS\system32\extmgr.dll
- 2008-04-23 04:16:39 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2008-06-23 16:28:17 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2008-04-22 07:41:08 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-06-23 09:21:30 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
- 2008-04-23 04:16:39 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
+ 2008-06-23 16:28:18 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
- 2008-04-23 04:16:39 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
+ 2008-06-23 16:28:18 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
- 2008-04-20 05:07:51 161,792 ------w C:\WINDOWS\system32\ieakui.dll
+ 2008-06-21 05:23:54 161,792 ------w C:\WINDOWS\system32\ieakui.dll
- 2008-04-23 04:16:39 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-06-23 16:28:18 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2008-04-23 04:16:39 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-06-23 16:28:18 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
- 2008-04-23 04:16:39 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2008-06-23 16:28:19 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2008-04-23 04:16:39 44,544 ------w C:\WINDOWS\system32\iernonce.dll
+ 2008-06-23 16:28:19 44,544 ------w C:\WINDOWS\system32\iernonce.dll
- 2008-04-23 04:16:39 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2008-06-23 16:28:20 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2008-04-22 07:39:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-06-23 09:20:26 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2007-08-21 06:17:23 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
+ 2008-04-11 18:51:06 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
- 2008-02-22 00:23:35 135,168 ----a-w C:\WINDOWS\system32\java.exe
+ 2008-06-09 23:21:01 135,168 ----a-w C:\WINDOWS\system32\java.exe
- 2008-02-22 00:23:39 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2008-06-09 23:21:04 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
- 2008-02-22 01:33:32 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2008-06-10 00:32:34 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
- 2008-04-23 04:16:40 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
+ 2008-06-23 16:28:20 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
+ 2005-05-16 17:34:48 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2006-03-20 11:17:24 65,536 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2006-03-20 11:17:20 798,720 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
+ 2008-03-25 02:32:44 218,496 ----a-r C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe
- 2007-12-18 18:52:36 74,649 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
+ 2008-07-22 04:53:48 74,137 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
- 2008-05-29 23:35:11 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-08-05 18:11:01 15,888,504 ----a-w C:\WINDOWS\system32\MRT.exe
- 2008-04-23 04:16:40 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-06-23 16:28:20 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2008-04-23 04:16:40 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-06-23 16:28:20 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2008-04-23 20:16:42 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-06-24 08:28:24 3,592,192 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-04-23 04:16:40 478,208 ------w C:\WINDOWS\system32\mshtmled.dll
+ 2008-06-23 16:28:22 477,696 ------w C:\WINDOWS\system32\mshtmled.dll
- 2008-04-23 04:16:40 193,024 ------w C:\WINDOWS\system32\msrating.dll
+ 2008-06-23 16:28:22 193,024 ------w C:\WINDOWS\system32\msrating.dll
- 2008-04-23 04:16:40 671,232 ------w C:\WINDOWS\system32\mstime.dll
+ 2008-06-23 16:28:22 671,232 ------w C:\WINDOWS\system32\mstime.dll
- 2008-04-23 04:16:40 102,912 ------w C:\WINDOWS\system32\occache.dll
+ 2008-06-23 16:28:22 102,912 ------w C:\WINDOWS\system32\occache.dll
- 2008-04-23 04:16:40 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-06-23 16:28:22 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2007-11-13 11:31:11 60,416 ------w C:\WINDOWS\system32\tzchange.exe
+ 2008-07-14 11:09:18 62,976 ------w C:\WINDOWS\system32\tzchange.exe
- 2008-04-23 04:16:40 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-06-23 16:28:22 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2008-04-23 04:16:40 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-06-23 16:28:23 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2008-04-23 04:16:40 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-06-23 16:28:23 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-03-08 11:25 68856]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 17:09 15360]
"RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [2007-09-02 13:58 495616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VX6000"="C:\WINDOWS\vVX6000.exe" [2007-04-10 23:46 996712]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-08-02 09:30 7110656]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [2008-08-01 14:57 1481984]
C:\Documents and Settings\jnh\Menu D‚marrer\Programmes\D‚marrage\
ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE [2005-10-20 12:04:08 38912]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-03-08 11:25:32 125624]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"= C:\WINDOWS\system32\guard32.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide du logiciel HP Image Zone.lnk
backup=C:\WINDOWS\pss\Démarrage rapide du logiciel HP Image Zone.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^ImageMixer for HDD Camcorder.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\ImageMixer for HDD Camcorder.lnk
backup=C:\WINDOWS\pss\ImageMixer for HDD Camcorder.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^jnh^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.4.lnk]
path=C:\Documents and Settings\jnh\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.4.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.4.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\TrackMania United\\TmUnited.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\WINDOWS\system32\DRIVERS\cmdguard.sys [2008-08-01 14:57]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [2008-08-01 14:57]
R2 MSCamSvc;MSCamSvc;C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 23:45]
R3 VX6000;Microsoft LifeCam VX-6000;C:\WINDOWS\system32\DRIVERS\VX6000Xp.sys [2007-04-10 23:46]
S3 BRGSp50;BRGSp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\BRGSp50.sys [2005-06-08 19:44]
S3 ovt530;Webcam Deluxe;C:\WINDOWS\system32\Drivers\ov530vid.sys []
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 12:38]
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
2008-08-21 C:\WINDOWS\Tasks\User_Feed_Synchronization-{B36D67D1-99E6-4CC1-8B32-9C35291660D5}.job
- C:\WINDOWS\system32\msfeedssync.exe [2007-08-13 19:36]
.
- - - - ORPHANS REMOVED - - - -
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.com
R0 -: HKLM-Main,Start Page = hxxp://www.google.com
O8 -: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O16 -: DirectAnimation Java Classes - file://C:\WINDOWS\Java\classes\dajava.cab
C:\WINDOWS\Downloaded Program Files\DirectAnimation Java Classes.osd
O16 -: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd
O16 -: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
C:\WINDOWS\Downloaded Program Files\oscan8.inf
C:\WINDOWS\bdoscandellang.ini
C:\WINDOWS\bdoscandel.exe
C:\WINDOWS\Downloaded Program Files\live.ini
C:\WINDOWS\Downloaded Program Files\scanoptions.tsi
C:\WINDOWS\Downloaded Program Files\lang.ini
C:\WINDOWS\Downloaded Program Files\ipsupd.dll
C:\WINDOWS\Downloaded Program Files\bdupd.dll
C:\WINDOWS\Downloaded Program Files\libfn.dll
C:\WINDOWS\Downloaded Program Files\bdcore.dll
C:\WINDOWS\Downloaded Program Files\oscan8.ocx
O16 -: {B9907873-6560-4A36-B76B-9DADE84A7F55} - hxxp://www.fnacmusic.com/telechargementFnacmusic/FnacmusicDnl.CAB
C:\WINDOWS\Downloaded Program Files\FnacmusicDnl.INF
C:\WINDOWS\system32\asycfilt.dll
C:\WINDOWS\system32\msvbvm50.dll
C:\WINDOWS\system32\VB5FR.DLL
C:\WINDOWS\system32\MSPRPFR.DLL
C:\WINDOWS\Downloaded Program Files\MSFLXGRD.OCX
C:\WINDOWS\Downloaded Program Files\DNLMANAGER.DEP
C:\WINDOWS\Downloaded Program Files\OLELIB.TLB
C:\WINDOWS\Downloaded Program Files\DNLMANAGER.EXE
C:\WINDOWS\system32\MSSTKPRP.DLL
C:\WINDOWS\Downloaded Program Files\FNACMUSICDNL.OCX
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-21 12:47:02
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\guard32.dll
PROCESS: C:\WINDOWS\system32\lsass.exe
-> C:\WINDOWS\system32\guard32.dll
.
Temps d'accomplissement: 2008-08-21 12:48:37
ComboFix-quarantined-files.txt 2008-08-21 10:47:56
ComboFix2.txt 2008-06-21 13:44:11
Pre-Run: 1,329,750,016 octets libres
Post-Run: 1,318,383,616 octets libres
596 --- E O F --- 2008-08-20 10:02:10
ComboFix 08-08-19.06 - jnh 2008-08-21 12:32:18.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1605 [GMT 2:00]
Endroit: C:\Documents and Settings\jnh\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
((((((((((((((((((((((((((((( Fichiers créés 2008-07-21 to 2008-08-21 ))))))))))))))))))))))))))))))))))))
.
2008-08-13 06:41 . 2008-05-01 16:31 331,776 -----c--- C:\WINDOWS\system32\dllcache\msadce.dll
2008-08-01 14:57 . 2008-08-01 14:57 <REP> d-------- C:\Program Files\COMODO
2008-08-01 14:57 . 2008-08-01 14:57 <REP> d-------- C:\Documents and Settings\jnh\Application Data\Comodo
2008-08-01 14:57 . 2008-08-01 15:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\comodo
2008-08-01 14:57 . 2008-08-01 14:57 139,008 --a------ C:\WINDOWS\system32\guard32.dll
2008-08-01 14:57 . 2008-08-01 14:57 79,096 --a------ C:\WINDOWS\system32\drivers\cmdGuard.sys
2008-08-01 14:57 . 2008-08-01 14:57 23,672 --a------ C:\WINDOWS\system32\drivers\cmdhlp.sys
2008-08-01 11:22 . 2008-08-01 11:23 <REP> d-------- C:\WINDOWS\ERUNT
2008-07-31 13:19 . 2008-07-31 13:19 <REP> d-------- C:\Documents and Settings\jnh\Application Data\Grisoft
2008-07-31 13:18 . 2008-07-31 13:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-07-31 13:18 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-07-31 10:31 . 2008-07-31 10:31 14,113,576 --a------ C:\Program Files\ewido-setup.exe
2008-07-30 12:25 . 2008-07-30 12:25 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-07-25 19:00 . 2008-08-11 12:25 8,192 --ahs---- C:\WINDOWS\Thumbs.db
2008-07-25 18:49 . 2008-07-25 18:51 <REP> d-------- C:\Program Files\PhotoFiltre Studio
2008-07-25 18:49 . 2008-07-25 18:49 45 ---h----- C:\WINDOWS\dsez6135.dat
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-20 10:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-08-12 13:10 --------- d-----w C:\Program Files\a-squared Free
2008-08-01 12:05 --------- d-----w C:\Program Files\Java
2008-07-30 19:58 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-07-30 11:09 --------- d-----w C:\Documents and Settings\jnh\Application Data\OpenOffice.org2
2008-07-18 18:39 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-29 10:48 --------- d-----w C:\Program Files\RocketDock
2008-06-25 05:06 --------- d-----w C:\Program Files\Google
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 16:28 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-21 15:30 --------- d-----w C:\Program Files\Navilog1
2008-06-21 13:54 --------- d-----w C:\Program Files\Canta
2008-06-21 09:47 --------- d-----w C:\Program Files\ERUNT
2008-06-21 09:21 --------- d-----w C:\Documents and Settings\jnh\Application Data\Malwarebytes
2008-06-21 09:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-21 08:37 --------- d-----w C:\Documents and Settings\jnh\Application Data\ItsLabel
2008-06-21 08:15 --------- d-----w C:\Program Files\EoRezo
2008-06-21 08:15 --------- d-----w C:\Documents and Settings\jnh\Application Data\EoRezo
2008-06-21 08:12 --------- d-----w C:\Program Files\CCleaner
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
.
((((((((((((((((((((((((((((( snapshot@2008-06-21_15.43.55,31 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-07-07 20:18:27 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:28:20 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:24:11 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:26 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:29 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-07-14 11:03:00 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2006-08-16 12:13:24 100,352 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
+ 2008-06-20 10:44:08 138,368 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\afd.sys
+ 2008-06-20 17:37:01 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
+ 2008-06-20 17:37:01 247,808 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll
+ 2008-06-20 10:44:42 360,960 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
+ 2008-06-20 09:32:39 225,920 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
+ 2008-06-20 11:40:08 138,496 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\afd.sys
+ 2008-06-20 17:47:22 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
+ 2008-06-20 17:47:22 247,808 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll
+ 2008-06-20 11:51:12 361,600 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
+ 2008-06-20 11:08:27 225,856 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
+ 2008-06-20 11:48:03 138,496 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
+ 2008-06-20 17:44:02 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
+ 2008-06-20 17:44:02 247,808 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll
+ 2008-06-20 11:59:02 361,600 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
+ 2008-06-20 11:16:44 225,856 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
+ 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951748\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951748\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\spcustom.dll
+ 2007-11-30 12:39:26 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\update.exe
+ 2007-11-30 12:39:29 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\updspapi.dll
+ 2008-06-24 16:30:27 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:44:02 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:53:52 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\updspapi.dll
+ 2008-06-21 14:02:40 45,056 ----a-w C:\WINDOWS\BDOSCAN8\avxdisk.dll
+ 2008-06-21 14:02:40 10,240 ----a-w C:\WINDOWS\BDOSCAN8\avxs.dll
+ 2008-06-21 14:02:41 27,136 ----a-w C:\WINDOWS\BDOSCAN8\avxt.dll
+ 2008-06-21 14:02:42 181,760 ----a-w C:\WINDOWS\BDOSCAN8\bdcore.dll
+ 2006-05-24 23:21:00 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
+ 2006-05-24 23:21:14 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll
+ 2008-06-21 14:02:42 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll
+ 2008-06-21 14:02:41 86,016 ----a-w C:\WINDOWS\BDOSCAN8\librtvr.dll
+ 2006-05-24 23:22:06 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
+ 2006-05-24 23:21:00 118,784 ----a-w C:\WINDOWS\Downloaded Program Files\bdupd.dll
+ 2006-05-24 23:21:14 53,248 ----a-w C:\WINDOWS\Downloaded Program Files\ipsupd.dll
- 2008-06-21 09:47:21 5,890,048 ----a-w C:\WINDOWS\ERDNT\21-06-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-06-21 14:18:37 5,890,048 ----a-w C:\WINDOWS\ERDNT\21-06-08\Users\[u]0[/u]0000001\NTUSER.DAT
- 2008-06-21 09:47:21 151,552 ----a-w C:\WINDOWS\ERDNT\21-06-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-06-21 14:18:37 151,552 ----a-w C:\WINDOWS\ERDNT\21-06-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]1-08-08\ERDNT.EXE
+ 2008-08-01 08:42:56 4,796,416 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]1-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-01 08:42:56 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]1-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]3-08-08\ERDNT.EXE
+ 2008-08-03 18:39:44 4,796,416 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]3-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-03 18:39:44 155,648 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]3-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]4-08-08\ERDNT.EXE
+ 2008-08-04 07:05:50 4,796,416 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]4-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-04 07:05:50 155,648 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]4-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]5-08-08\ERDNT.EXE
+ 2008-08-05 08:34:14 4,931,584 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]5-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-05 08:34:15 155,648 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]5-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]6-08-08\ERDNT.EXE
+ 2008-08-06 08:09:41 4,931,584 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]6-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-06 08:09:41 155,648 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]6-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]7-08-08\ERDNT.EXE
+ 2008-08-07 09:22:57 4,931,584 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]7-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-07 09:22:57 155,648 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]7-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]9-08-08\ERDNT.EXE
+ 2008-08-09 08:49:09 4,931,584 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]9-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-09 08:49:09 155,648 ----a-w C:\WINDOWS\ERDNT\AutoBackup\[u]0[/u]9-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\10-07-08\ERDNT.EXE
+ 2008-07-10 04:44:54 4,542,464 ----a-w C:\WINDOWS\ERDNT\AutoBackup\10-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-10 04:44:54 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\10-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\10-08-08\ERDNT.EXE
+ 2008-08-10 12:02:01 4,931,584 ----a-w C:\WINDOWS\ERDNT\AutoBackup\10-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-10 12:02:01 155,648 ----a-w C:\WINDOWS\ERDNT\AutoBackup\10-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\11-08-08\ERDNT.EXE
+ 2008-08-11 08:11:57 4,931,584 ----a-w C:\WINDOWS\ERDNT\AutoBackup\11-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-11 08:11:57 155,648 ----a-w C:\WINDOWS\ERDNT\AutoBackup\11-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\12-08-08\ERDNT.EXE
+ 2008-08-12 07:44:16 4,931,584 ----a-w C:\WINDOWS\ERDNT\AutoBackup\12-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-12 07:44:16 155,648 ----a-w C:\WINDOWS\ERDNT\AutoBackup\12-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\13-07-08\ERDNT.EXE
+ 2008-07-13 11:13:17 4,542,464 ----a-w C:\WINDOWS\ERDNT\AutoBackup\13-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-13 11:13:18 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\13-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\14-07-08\ERDNT.EXE
+ 2008-07-14 09:19:01 4,562,944 ----a-w C:\WINDOWS\ERDNT\AutoBackup\14-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-14 09:19:01 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\14-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\16-07-08\ERDNT.EXE
+ 2008-07-16 06:10:34 4,562,944 ----a-w C:\WINDOWS\ERDNT\AutoBackup\16-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-16 06:10:35 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\16-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\16-08-08\ERDNT.EXE
+ 2008-08-16 18:04:59 4,931,584 ----a-w C:\WINDOWS\ERDNT\AutoBackup\16-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-16 18:04:59 155,648 ----a-w C:\WINDOWS\ERDNT\AutoBackup\16-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\20-07-08\ERDNT.EXE
+ 2008-07-20 09:44:30 4,616,192 ----a-w C:\WINDOWS\ERDNT\AutoBackup\20-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-20 09:44:30 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\20-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\20-08-08\ERDNT.EXE
+ 2008-08-20 09:55:18 4,931,584 ----a-w C:\WINDOWS\ERDNT\AutoBackup\20-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-20 09:55:18 155,648 ----a-w C:\WINDOWS\ERDNT\AutoBackup\20-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\21-08-08\ERDNT.EXE
+ 2008-08-21 09:26:45 5,197,824 ----a-w C:\WINDOWS\ERDNT\AutoBackup\21-08-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-21 09:26:45 155,648 ----a-w C:\WINDOWS\ERDNT\AutoBackup\21-08-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\22-07-08\ERDNT.EXE
+ 2008-07-22 04:52:48 4,616,192 ----a-w C:\WINDOWS\ERDNT\AutoBackup\22-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-22 04:52:48 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\22-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\24-06-08\ERDNT.EXE
+ 2008-06-24 04:44:43 3,997,696 ----a-w C:\WINDOWS\ERDNT\AutoBackup\24-06-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-06-24 04:44:43 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\24-06-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\24-07-08\ERDNT.EXE
+ 2008-07-24 04:49:45 4,616,192 ----a-w C:\WINDOWS\ERDNT\AutoBackup\24-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-24 04:49:45 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\24-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\25-06-08\ERDNT.EXE
+ 2008-06-25 04:26:07 3,997,696 ----a-w C:\WINDOWS\ERDNT\AutoBackup\25-06-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-06-25 04:26:07 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\25-06-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\25-07-08\ERDNT.EXE
+ 2008-07-25 04:51:25 4,628,480 ----a-w C:\WINDOWS\ERDNT\AutoBackup\25-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-25 04:51:25 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\25-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\26-07-08\ERDNT.EXE
+ 2008-07-26 07:24:20 4,628,480 ----a-w C:\WINDOWS\ERDNT\AutoBackup\26-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-26 07:24:20 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\26-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\27-07-08\ERDNT.EXE
+ 2008-07-27 07:42:48 4,702,208 ----a-w C:\WINDOWS\ERDNT\AutoBackup\27-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-27 07:42:48 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\27-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\29-07-08\ERDNT.EXE
+ 2008-07-29 07:44:39 4,993,024 ----a-w C:\WINDOWS\ERDNT\AutoBackup\29-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-29 07:44:40 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\29-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\30-06-08\ERDNT.EXE
+ 2008-06-30 04:53:21 4,542,464 ----a-w C:\WINDOWS\ERDNT\AutoBackup\30-06-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-06-30 04:53:21 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\30-06-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\30-07-08\ERDNT.EXE
+ 2008-07-30 18:23:57 4,993,024 ----a-w C:\WINDOWS\ERDNT\AutoBackup\30-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-30 18:23:57 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\30-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-10-20 10:02:28 163,328 ----a-w C:\WINDOWS\ERDNT\AutoBackup\31-07-08\ERDNT.EXE
+ 2008-07-31 08:08:35 4,726,784 ----a-w C:\WINDOWS\ERDNT\AutoBackup\31-07-08\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-07-31 08:08:36 151,552 ----a-w C:\WINDOWS\ERDNT\AutoBackup\31-07-08\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-08-01 02:32:34 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2008-08-01 09:23:42 4,796,416 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-01 09:23:42 151,552 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-08-01 02:32:34 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-08-01 09:23:12 4,796,416 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-08-01 09:23:12 151,552 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-04-23 04:16:39 124,928 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\advpack.dll
+ 2008-04-23 04:16:39 347,136 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\dxtmsft.dll
+ 2008-04-23 04:16:39 214,528 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\dxtrans.dll
+ 2008-04-23 04:16:39 133,120 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\extmgr.dll
+ 2008-04-23 04:16:39 63,488 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\icardie.dll
+ 2008-04-22 07:41:08 70,656 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ie4uinit.exe
+ 2008-04-23 04:16:39 153,088 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieakeng.dll
+ 2008-04-23 04:16:39 230,400 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieaksie.dll
+ 2008-04-20 05:07:51 161,792 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieakui.dll
+ 2008-04-23 04:16:39 383,488 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieapfltr.dll
+ 2008-04-23 04:16:39 384,512 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iedkcs32.dll
+ 2008-04-23 04:16:39 6,066,176 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieframe.dll
+ 2008-04-23 04:16:39 44,544 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iernonce.dll
+ 2008-04-23 04:16:39 267,776 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iertutil.dll
+ 2008-04-22 07:39:58 13,824 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieudinit.exe
+ 2008-04-22 07:41:30 625,664 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iexplore.exe
+ 2008-04-23 04:16:40 27,648 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\jsproxy.dll
+ 2008-04-23 04:16:40 459,264 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msfeeds.dll
+ 2008-04-23 04:16:40 52,224 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msfeedsbs.dll
+ 2008-04-23 20:16:42 3,591,680 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mshtml.dll
+ 2008-04-23 04:16:40 478,208 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mshtmled.dll
+ 2008-04-23 04:16:40 193,024 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msrating.dll
+ 2008-04-23 04:16:40 671,232 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mstime.dll
+ 2008-04-23 04:16:40 102,912 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\occache.dll
+ 2008-04-23 04:16:40 44,544 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\updspapi.dll
+ 2008-04-23 04:16:40 105,984 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\url.dll
+ 2008-04-23 04:16:40 1,159,680 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\urlmon.dll
+ 2008-04-23 04:16:40 233,472 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\webcheck.dll
+ 2008-04-23 04:16:40 826,368 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\wininet.dll
+ 2006-10-26 19:12:56 396,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]00021090200C0400000000000F01FEC\12.0.6021\MOC.EXE
+ 2007-05-08 10:10:18 16,874,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]00021090200C0400000000000F01FEC\12.0.6021\MSO.DLL
+ 2007-03-21 17:56:50 8,425,856 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]00021090200C0400000000000F01FEC\12.0.6021\OARTCONV.DLL
+ 2006-10-27 14:18:34 1,658,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]00021090200C0400000000000F01FEC\12.0.6021\OGL.DLL
+ 2007-05-10 08:04:28 846,248 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]00021090200C0400000000000F01FEC\12.0.6021\OICE.EXE
+ 2007-05-10 09:11:42 1,767,256 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]00021090200C0400000000000F01FEC\12.0.6021\PPCNV.DLL
+ 2007-03-21 18:00:06 72,096 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]00021090200C0400000000000F01FEC\12.0.6021\PXBCOM.EXE
+ 2007-08-24 03:00:34 1,767,768 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]00021090200C0400000000000F01FEC\12.0.6215\PPCNV.DLL
+ 2007-08-24 03:00:48 72,096 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]00021090200C0400000000000F01FEC\12.0.6215\PXBCOM.EXE
+ 2008-02-04 09:10:10 208,928 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\ImagingDevice.dll
+ 2008-02-04 09:06:54 417,312 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\ImagingServices.dll
+ 2008-02-04 09:08:42 83,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\LiveAlbumXCtrl.dll
+ 2008-02-04 09:07:46 1,779,744 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\MicrosoftEffects.dll
+ 2008-02-04 09:05:04 46,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\PhotoViewerShim.dll
+ 2008-02-04 09:06:46 372,256 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXAlbumDownloadWizard.exe
+ 2008-02-01 10:23:12 279,680 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\wlxclip.dll
+ 2008-02-01 10:13:40 191,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXDSPA.dll
+ 2008-02-04 09:10:02 130,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXGrinderScheduler.dll
+ 2008-02-04 09:06:00 59,424 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXImageTranscode.dll
+ 2008-02-04 09:08:26 712,224 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXMediaPublishSubscribe.dll
+ 2008-02-01 10:17:40 587,264 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPGSS.SCR
+ 2008-02-04 09:07:22 1,565,728 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoAcq.dll
+ 2008-02-01 10:13:40 227,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoAcquireWizard.exe
+ 2008-02-04 09:08:38 86,560 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoCinematic.dll
+ 2008-02-04 09:08:32 83,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoClassic.dll
+ 2008-02-04 09:09:08 125,472 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoGallery.exe
+ 2008-02-01 10:13:42 16,000 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoGalleryRepair.exe
+ 2008-02-04 09:06:54 394,272 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoLibraryDatabase.dll
+ 2008-02-04 09:06:20 1,515,040 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoViewer.dll
+ 2008-02-04 09:06:20 1,250,336 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoVoyager.dll
+ 2008-02-04 09:06:18 752,672 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPipeline.dll
+ 2008-02-04 09:06:14 734,752 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPipetran.dll
+ 2008-02-01 10:13:42 101,504 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXQuickTimeControlHost.exe
+ 2008-02-04 09:05:00 20,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXQuickTimeControlHostPS.dll
+ 2008-02-04 09:05:04 53,792 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXQuickTimeShellExt.dll
+ 2008-02-04 09:08:42 85,024 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXThumbCache.dll
+ 2008-02-04 09:10:04 144,416 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXVAFilt.dll
+ 2008-02-04 09:07:40 675,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXVideoAcquireWizard.exe
+ 2008-02-04 09:07:10 69,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXVideoCameraAutoPlayManager.exe
+ 2008-02-04 09:10:10 165,408 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXVideoTrim.dll
+ 2007-05-31 11:35:22 6,420,320 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\C040111900063D11C8EF10054038389C\11.0.8173\POWERPNT.EXE
- 2008-06-11 01:00:20 38,240 ----a-r C:\WINDOWS\Installer\{90120000-0020-040C-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2008-08-13 08:23:48 38,240 ----a-r C:\WINDOWS\Installer\{90120000-0020-040C-0000-0000000FF1CE}\O12ConvIcon.exe
- 2008-06-18 01:03:18 593,920 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-08-13 08:24:38 593,920 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-06-18 01:03:18 12,288 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-08-13 08:24:38 12,288 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-06-18 01:03:18 135,168 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-08-13 08:24:38 135,168 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-06-18 01:03:18 11,264 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-08-13 08:24:38 11,264 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-06-18 01:03:18 27,136 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-08-13 08:24:39 27,136 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-06-18 01:03:18 4,096 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-08-13 08:24:39 4,096 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-06-18 01:03:18 794,624 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-08-13 08:24:39 794,624 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-06-18 01:03:18 249,856 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-08-13 08:24:38 249,856 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-06-18 01:03:18 61,440 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-08-13 08:24:38 61,440 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-06-18 01:03:18 23,040 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-08-13 08:24:39 23,040 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-06-18 01:03:18 286,720 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-08-13 08:24:38 286,720 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-06-18 01:03:18 409,600 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-08-13 08:24:37 409,600 ----a-r C:\WINDOWS\Installer\{9111040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-02-27 21:33:10 123,008 ----a-r C:\WINDOWS\Installer\{A70FA218-6598-4AC9-813D-63597C5DD068}\WLXPhotoGalleryIcon.exe
+ 2008-08-07 19:00:11 123,008 ----a-r C:\WINDOWS\Installer\{A70FA218-6598-4AC9-813D-63597C5DD068}\WLXPhotoGalleryIcon.exe
- 2008-04-23 04:16:39 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-06-23 16:28:17 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2007-12-18 01:53:15 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-07-30 19:47:19 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2007-12-18 01:53:15 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2008-07-30 19:47:19 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
- 2007-12-18 01:53:15 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-07-30 19:47:19 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-08-01 12:51:53 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\NtUser.dat
- 2008-04-23 04:16:39 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-06-23 16:28:17 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-06-20 10:44:38 138,368 -c----w C:\WINDOWS\system32\dllcache\afd.sys
- 2008-02-20 05:35:05 148,992 -c----w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2008-06-20 17:41:06 148,992 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
- 2008-04-23 04:16:39 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-06-23 16:28:17 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2008-04-23 04:16:39 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-06-23 16:28:17 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-07-07 20:31:48 253,952 -c----w C:\WINDOWS\system32\dllcache\es.dll
- 2008-04-23 04:16:39 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-06-23 16:28:17 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2008-04-23 04:16:39 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-06-23 16:28:17 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2008-04-22 07:41:08 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-06-23 09:21:30 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2008-04-23 04:16:39 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-06-23 16:28:18 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2008-04-23 04:16:39 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-06-23 16:28:18 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2008-04-20 05:07:51 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-06-21 05:23:54 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2008-04-23 04:16:39 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-06-23 16:28:18 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2008-04-23 04:16:39 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-06-23 16:28:18 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2008-04-23 04:16:39 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-06-23 16:28:19 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2008-04-23 04:16:39 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-06-23 16:28:19 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2008-04-23 04:16:39 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-06-23 16:28:20 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2008-04-22 07:39:58 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2008-06-23 09:20:26 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2008-04-22 07:41:30 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2008-06-23 09:21:49 625,664 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2007-08-21 06:17:23 683,520 -c----w C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2008-04-11 18:51:06 683,520 -c----w C:\WINDOWS\system32\dllcache\inetcomm.dll
- 2008-04-23 04:16:40 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-06-23 16:28:20 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-06-24 16:23:56 74,240 -c----w C:\WINDOWS\system32\dllcache\mscms.dll
- 2008-04-23 04:16:40 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-06-23 16:28:20 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2008-04-23 04:16:40 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-06-23 16:28:20 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2008-04-23 20:16:42 3,591,680 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-06-24 08:28:24 3,592,192 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2008-04-23 04:16:40 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-06-23 16:28:22 477,696 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2008-04-23 04:16:40 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-06-23 16:28:22 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
- 2008-04-23 04:16:40 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-06-23 16:28:22 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-06-20 17:41:06 247,808 -c----w C:\WINDOWS\system32\dllcache\mswsock.dll
- 2008-04-23 04:16:40 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-06-23 16:28:22 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-04-23 04:16:40 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-06-23 16:28:22 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2007-10-30 17:20:55 360,064 -c----w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2008-06-20 10:45:13 360,320 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
- 2006-08-16 09:37:30 225,664 -c----w C:\WINDOWS\system32\dllcache\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
- 2008-04-23 04:16:40 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-06-23 16:28:22 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
- 2008-04-23 04:16:40 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-06-23 16:28:23 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2008-04-23 04:16:40 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-06-23 16:28:23 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2008-04-23 04:16:40 826,368 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-06-23 16:28:23 826,368 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
- 2008-02-20 05:35:05 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-06-20 17:41:06 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
- 2004-08-03 22:14:16 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys
+ 2008-06-20 10:44:38 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
+ 2008-08-01 12:57:47 74,616 ----a-w C:\WINDOWS\system32\drivers\inspect.sys
- 2007-10-30 17:20:55 360,064 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2008-06-20 10:45:13 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
- 2006-08-16 09:37:30 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
- 2008-04-23 04:16:39 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-06-23 16:28:17 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2008-04-23 04:16:39 214,528 ------w C:\WINDOWS\system32\dxtrans.dll
+ 2008-06-23 16:28:17 214,528 ------w C:\WINDOWS\system32\dxtrans.dll
- 2008-04-23 04:16:39 133,120 ------w C:\WINDOWS\system32\extmgr.dll
+ 2008-06-23 16:28:17 133,120 ------w C:\WINDOWS\system32\extmgr.dll
- 2008-04-23 04:16:39 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2008-06-23 16:28:17 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2008-04-22 07:41:08 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-06-23 09:21:30 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
- 2008-04-23 04:16:39 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
+ 2008-06-23 16:28:18 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
- 2008-04-23 04:16:39 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
+ 2008-06-23 16:28:18 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
- 2008-04-20 05:07:51 161,792 ------w C:\WINDOWS\system32\ieakui.dll
+ 2008-06-21 05:23:54 161,792 ------w C:\WINDOWS\system32\ieakui.dll
- 2008-04-23 04:16:39 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-06-23 16:28:18 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2008-04-23 04:16:39 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-06-23 16:28:18 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
- 2008-04-23 04:16:39 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2008-06-23 16:28:19 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2008-04-23 04:16:39 44,544 ------w C:\WINDOWS\system32\iernonce.dll
+ 2008-06-23 16:28:19 44,544 ------w C:\WINDOWS\system32\iernonce.dll
- 2008-04-23 04:16:39 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2008-06-23 16:28:20 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2008-04-22 07:39:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-06-23 09:20:26 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2007-08-21 06:17:23 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
+ 2008-04-11 18:51:06 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
- 2008-02-22 00:23:35 135,168 ----a-w C:\WINDOWS\system32\java.exe
+ 2008-06-09 23:21:01 135,168 ----a-w C:\WINDOWS\system32\java.exe
- 2008-02-22 00:23:39 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2008-06-09 23:21:04 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
- 2008-02-22 01:33:32 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2008-06-10 00:32:34 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
- 2008-04-23 04:16:40 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
+ 2008-06-23 16:28:20 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
+ 2005-05-16 17:34:48 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2006-03-20 11:17:24 65,536 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2006-03-20 11:17:20 798,720 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
+ 2008-03-25 02:32:44 218,496 ----a-r C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe
- 2007-12-18 18:52:36 74,649 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
+ 2008-07-22 04:53:48 74,137 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
- 2008-05-29 23:35:11 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-08-05 18:11:01 15,888,504 ----a-w C:\WINDOWS\system32\MRT.exe
- 2008-04-23 04:16:40 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-06-23 16:28:20 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2008-04-23 04:16:40 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-06-23 16:28:20 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2008-04-23 20:16:42 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-06-24 08:28:24 3,592,192 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-04-23 04:16:40 478,208 ------w C:\WINDOWS\system32\mshtmled.dll
+ 2008-06-23 16:28:22 477,696 ------w C:\WINDOWS\system32\mshtmled.dll
- 2008-04-23 04:16:40 193,024 ------w C:\WINDOWS\system32\msrating.dll
+ 2008-06-23 16:28:22 193,024 ------w C:\WINDOWS\system32\msrating.dll
- 2008-04-23 04:16:40 671,232 ------w C:\WINDOWS\system32\mstime.dll
+ 2008-06-23 16:28:22 671,232 ------w C:\WINDOWS\system32\mstime.dll
- 2008-04-23 04:16:40 102,912 ------w C:\WINDOWS\system32\occache.dll
+ 2008-06-23 16:28:22 102,912 ------w C:\WINDOWS\system32\occache.dll
- 2008-04-23 04:16:40 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-06-23 16:28:22 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2007-11-13 11:31:11 60,416 ------w C:\WINDOWS\system32\tzchange.exe
+ 2008-07-14 11:09:18 62,976 ------w C:\WINDOWS\system32\tzchange.exe
- 2008-04-23 04:16:40 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-06-23 16:28:22 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2008-04-23 04:16:40 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-06-23 16:28:23 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2008-04-23 04:16:40 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-06-23 16:28:23 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-03-08 11:25 68856]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 17:09 15360]
"RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [2007-09-02 13:58 495616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VX6000"="C:\WINDOWS\vVX6000.exe" [2007-04-10 23:46 996712]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-08-02 09:30 7110656]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [2008-08-01 14:57 1481984]
C:\Documents and Settings\jnh\Menu D‚marrer\Programmes\D‚marrage\
ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE [2005-10-20 12:04:08 38912]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-03-08 11:25:32 125624]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"= C:\WINDOWS\system32\guard32.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide du logiciel HP Image Zone.lnk
backup=C:\WINDOWS\pss\Démarrage rapide du logiciel HP Image Zone.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^ImageMixer for HDD Camcorder.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\ImageMixer for HDD Camcorder.lnk
backup=C:\WINDOWS\pss\ImageMixer for HDD Camcorder.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^jnh^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.4.lnk]
path=C:\Documents and Settings\jnh\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.4.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.4.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\TrackMania United\\TmUnited.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\WINDOWS\system32\DRIVERS\cmdguard.sys [2008-08-01 14:57]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [2008-08-01 14:57]
R2 MSCamSvc;MSCamSvc;C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 23:45]
R3 VX6000;Microsoft LifeCam VX-6000;C:\WINDOWS\system32\DRIVERS\VX6000Xp.sys [2007-04-10 23:46]
S3 BRGSp50;BRGSp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\BRGSp50.sys [2005-06-08 19:44]
S3 ovt530;Webcam Deluxe;C:\WINDOWS\system32\Drivers\ov530vid.sys []
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 12:38]
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
2008-08-21 C:\WINDOWS\Tasks\User_Feed_Synchronization-{B36D67D1-99E6-4CC1-8B32-9C35291660D5}.job
- C:\WINDOWS\system32\msfeedssync.exe [2007-08-13 19:36]
.
- - - - ORPHANS REMOVED - - - -
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.com
R0 -: HKLM-Main,Start Page = hxxp://www.google.com
O8 -: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O16 -: DirectAnimation Java Classes - file://C:\WINDOWS\Java\classes\dajava.cab
C:\WINDOWS\Downloaded Program Files\DirectAnimation Java Classes.osd
O16 -: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd
O16 -: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
C:\WINDOWS\Downloaded Program Files\oscan8.inf
C:\WINDOWS\bdoscandellang.ini
C:\WINDOWS\bdoscandel.exe
C:\WINDOWS\Downloaded Program Files\live.ini
C:\WINDOWS\Downloaded Program Files\scanoptions.tsi
C:\WINDOWS\Downloaded Program Files\lang.ini
C:\WINDOWS\Downloaded Program Files\ipsupd.dll
C:\WINDOWS\Downloaded Program Files\bdupd.dll
C:\WINDOWS\Downloaded Program Files\libfn.dll
C:\WINDOWS\Downloaded Program Files\bdcore.dll
C:\WINDOWS\Downloaded Program Files\oscan8.ocx
O16 -: {B9907873-6560-4A36-B76B-9DADE84A7F55} - hxxp://www.fnacmusic.com/telechargementFnacmusic/FnacmusicDnl.CAB
C:\WINDOWS\Downloaded Program Files\FnacmusicDnl.INF
C:\WINDOWS\system32\asycfilt.dll
C:\WINDOWS\system32\msvbvm50.dll
C:\WINDOWS\system32\VB5FR.DLL
C:\WINDOWS\system32\MSPRPFR.DLL
C:\WINDOWS\Downloaded Program Files\MSFLXGRD.OCX
C:\WINDOWS\Downloaded Program Files\DNLMANAGER.DEP
C:\WINDOWS\Downloaded Program Files\OLELIB.TLB
C:\WINDOWS\Downloaded Program Files\DNLMANAGER.EXE
C:\WINDOWS\system32\MSSTKPRP.DLL
C:\WINDOWS\Downloaded Program Files\FNACMUSICDNL.OCX
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-21 12:47:02
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\guard32.dll
PROCESS: C:\WINDOWS\system32\lsass.exe
-> C:\WINDOWS\system32\guard32.dll
.
Temps d'accomplissement: 2008-08-21 12:48:37
ComboFix-quarantined-files.txt 2008-08-21 10:47:56
ComboFix2.txt 2008-06-21 13:44:11
Pre-Run: 1,329,750,016 octets libres
Post-Run: 1,318,383,616 octets libres
596 --- E O F --- 2008-08-20 10:02:10
Ella_elle_a
Messages postés
46
Date d'inscription
mercredi 30 juillet 2008
Statut
Membre
Dernière intervention
26 juin 2009
21 août 2008 à 13:01
21 août 2008 à 13:01
Nouveau rapport Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:00:01, on 21/08/08
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hercules\Hercules WiFi Controller Software\WiFiCtrl.exe
C:\WINDOWS\explorer.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Documents and Settings\jnh\Mes documents\HiJackThis.exe
C:\WINDOWS\system32\msfeedssync.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [VX6000] C:\WINDOWS\vVX6000.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -s
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://boogy79.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFnacmusic/FnacmusicDnl.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:00:01, on 21/08/08
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hercules\Hercules WiFi Controller Software\WiFiCtrl.exe
C:\WINDOWS\explorer.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Documents and Settings\jnh\Mes documents\HiJackThis.exe
C:\WINDOWS\system32\msfeedssync.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [VX6000] C:\WINDOWS\vVX6000.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -s
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://boogy79.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFnacmusic/FnacmusicDnl.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
21 août 2008 à 13:09
21 août 2008 à 13:09
ok maintenant :
Télécharger SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
(c est le numéro 8 en bas de la page) : https://www.androidworld.fr/
Double cliquer sur SDFix.exe et choisir Install pour l'extraire dans un dossier dédié sur le Bureau.
> Démarre en mode sans échec : après le bip et avant le logo windows tapoter sur la touche F8 (ou F5): menu M.S.E..
Choisir son compte, pas celui de l'Administrateur ou autre.
Dérouler la liste des instructions ci-dessous :
• Ouvrir le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuyer sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuyer sur une touche pour redémarrer le PC.
• Le système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuyer sur une touche pour finir l'exécution du script et charger les icônes du Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copier/coller le contenu du fichier Report.txt dans la prochaine réponse sur le forum
ensuite :
Télécharger sur le bureau malwarebytes à cette adresse :
https://www.androidworld.fr/
Voici un tuto pour bien l installer et bien l utiliser :
https://www.androidworld.fr/
Après l analyse, redémarrer le pc et poste le rapport !!
et ensuite refais un nouveau rapport hijackthis stp
Télécharger SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
(c est le numéro 8 en bas de la page) : https://www.androidworld.fr/
Double cliquer sur SDFix.exe et choisir Install pour l'extraire dans un dossier dédié sur le Bureau.
> Démarre en mode sans échec : après le bip et avant le logo windows tapoter sur la touche F8 (ou F5): menu M.S.E..
Choisir son compte, pas celui de l'Administrateur ou autre.
Dérouler la liste des instructions ci-dessous :
• Ouvrir le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuyer sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuyer sur une touche pour redémarrer le PC.
• Le système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuyer sur une touche pour finir l'exécution du script et charger les icônes du Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copier/coller le contenu du fichier Report.txt dans la prochaine réponse sur le forum
ensuite :
Télécharger sur le bureau malwarebytes à cette adresse :
https://www.androidworld.fr/
Voici un tuto pour bien l installer et bien l utiliser :
https://www.androidworld.fr/
Après l analyse, redémarrer le pc et poste le rapport !!
et ensuite refais un nouveau rapport hijackthis stp
Ella_elle_a
Messages postés
46
Date d'inscription
mercredi 30 juillet 2008
Statut
Membre
Dernière intervention
26 juin 2009
21 août 2008 à 13:42
21 août 2008 à 13:42
Rapport SD Fix:
[b]SDFix: Version 1.218 [/b]
Run by jnh on 21/08/08 at 13:24
Microsoft Windows XP [version 5.1.2600]
Running From: C:\Documents and Settings\jnh\Bureau\SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
No Trojan Files Found
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-21 13:34:25
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwClose
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\TrackMania United\\TmUnited.exe"="C:\\Program Files\\TrackMania United\\TmUnited.exe:*:Enabled:TmUnited"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"="C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe:*:Enabled:LifeCam.exe"
"C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"="C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe:*:Enabled:LifeExp.exe"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[b]Remaining Files [/b]:
[b]Files with Hidden Attributes [/b]:
Sat 21 Jun 2008 6,029,312 A..H. --- "C:\Documents and Settings\jnh\NTUSER.bak"
Sat 21 Jun 2008 262,144 A..H. --- "C:\Documents and Settings\LocalService\NTUSER.bak"
Sat 21 Jun 2008 262,144 A..H. --- "C:\Documents and Settings\NetworkService\NTUSER.bak"
Wed 19 Dec 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Wed 19 Dec 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Mon 5 May 2003 348,160 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\AACMP4.EXE"
Thu 7 Feb 2002 94,208 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\lpaccodec.dll"
Fri 2 Feb 2001 40,960 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\lpac_codec_api.dll"
Wed 16 Apr 2003 200,704 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\OFR.EXE"
Fri 17 Jan 2003 278,528 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\PNCRT.dll"
Mon 5 May 2003 16,384 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\RMADEC.EXE"
Wed 7 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\24af2a69c06a4de03e35dc89d706475f\BITBD.tmp"
Tue 4 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\927c988306a93278708f61afaae477cc\BIT57.tmp"
Tue 18 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cc102203f99c8c6ebf1523556f8411b6\BIT3.tmp"
Fri 11 Apr 2003 73,766 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\atrc3260.dll"
Fri 11 Apr 2003 45,099 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\auth3260.dll"
Fri 11 Apr 2003 65,575 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\cook3260.dll"
Fri 11 Apr 2003 102,437 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\drv13260.dll"
Fri 11 Apr 2003 176,165 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\drv23260.dll"
Fri 11 Apr 2003 208,935 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\drv33260.dll"
Fri 11 Apr 2003 217,127 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\drv43260.dll"
Tue 15 Apr 2003 976,896 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\pnen3260.dll"
Fri 11 Apr 2003 348,203 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\pnvi3260.dll"
Fri 11 Apr 2003 53,289 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\pnxr3260.dll"
Fri 11 Apr 2003 45,101 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\ramf3260.dll"
Fri 11 Apr 2003 135,213 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rare3260.dll"
Mon 14 Oct 2002 57,344 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rims3290.dll"
Fri 11 Apr 2003 163,885 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rmff3260.dll"
Mon 14 Oct 2002 737,280 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rmse3290.dll"
Mon 14 Oct 2002 245,760 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rmwr3260.dll"
Fri 11 Apr 2003 245,805 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rnlt3260.dll"
Mon 14 Oct 2002 245,760 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rorw3290.dll"
Mon 14 Oct 2002 114,688 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rtae3290.dll"
Mon 14 Oct 2002 65,536 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rtin3290.dll"
Mon 14 Oct 2002 163,840 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rtve3290.dll"
Fri 11 Apr 2003 45,093 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rv103260.dll"
Fri 11 Apr 2003 98,341 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rv203260.dll"
Fri 11 Apr 2003 94,247 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rv303260.dll"
Fri 11 Apr 2003 90,151 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rv403260.dll"
Fri 11 Apr 2003 159,785 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rvre3260.dll"
Mon 14 Oct 2002 102,400 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\sipr3260.dll"
Fri 11 Apr 2003 61,485 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\smpl3260.dll"
Fri 11 Apr 2003 106,541 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\vsrl3260.dll"
Fri 11 Apr 2003 86,061 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\xmlp3261.dll"
Fri 11 Apr 2003 159,787 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\zipf3260.dll"
Sun 23 Feb 2003 64,512 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\MusePack\MPPDEC.EXE"
Sat 26 Oct 2002 79,360 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\MusePack\MPPENC.EXE"
Sat 21 Jun 2008 262,144 A..H. --- "C:\Documents and Settings\jnh\Local Settings\Application Data\Microsoft\Windows\UsrClass.bak"
Tue 18 Dec 2007 262,144 A..H. --- "C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.bak"
Tue 18 Dec 2007 262,144 A..H. --- "C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.bak"
[b]Finished![/b]
[b]SDFix: Version 1.218 [/b]
Run by jnh on 21/08/08 at 13:24
Microsoft Windows XP [version 5.1.2600]
Running From: C:\Documents and Settings\jnh\Bureau\SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
No Trojan Files Found
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-21 13:34:25
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwClose
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\TrackMania United\\TmUnited.exe"="C:\\Program Files\\TrackMania United\\TmUnited.exe:*:Enabled:TmUnited"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"="C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe:*:Enabled:LifeCam.exe"
"C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"="C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe:*:Enabled:LifeExp.exe"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[b]Remaining Files [/b]:
[b]Files with Hidden Attributes [/b]:
Sat 21 Jun 2008 6,029,312 A..H. --- "C:\Documents and Settings\jnh\NTUSER.bak"
Sat 21 Jun 2008 262,144 A..H. --- "C:\Documents and Settings\LocalService\NTUSER.bak"
Sat 21 Jun 2008 262,144 A..H. --- "C:\Documents and Settings\NetworkService\NTUSER.bak"
Wed 19 Dec 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Wed 19 Dec 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Mon 5 May 2003 348,160 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\AACMP4.EXE"
Thu 7 Feb 2002 94,208 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\lpaccodec.dll"
Fri 2 Feb 2001 40,960 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\lpac_codec_api.dll"
Wed 16 Apr 2003 200,704 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\OFR.EXE"
Fri 17 Jan 2003 278,528 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\PNCRT.dll"
Mon 5 May 2003 16,384 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\RMADEC.EXE"
Wed 7 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\24af2a69c06a4de03e35dc89d706475f\BITBD.tmp"
Tue 4 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\927c988306a93278708f61afaae477cc\BIT57.tmp"
Tue 18 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cc102203f99c8c6ebf1523556f8411b6\BIT3.tmp"
Fri 11 Apr 2003 73,766 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\atrc3260.dll"
Fri 11 Apr 2003 45,099 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\auth3260.dll"
Fri 11 Apr 2003 65,575 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\cook3260.dll"
Fri 11 Apr 2003 102,437 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\drv13260.dll"
Fri 11 Apr 2003 176,165 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\drv23260.dll"
Fri 11 Apr 2003 208,935 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\drv33260.dll"
Fri 11 Apr 2003 217,127 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\drv43260.dll"
Tue 15 Apr 2003 976,896 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\pnen3260.dll"
Fri 11 Apr 2003 348,203 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\pnvi3260.dll"
Fri 11 Apr 2003 53,289 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\pnxr3260.dll"
Fri 11 Apr 2003 45,101 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\ramf3260.dll"
Fri 11 Apr 2003 135,213 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rare3260.dll"
Mon 14 Oct 2002 57,344 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rims3290.dll"
Fri 11 Apr 2003 163,885 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rmff3260.dll"
Mon 14 Oct 2002 737,280 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rmse3290.dll"
Mon 14 Oct 2002 245,760 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rmwr3260.dll"
Fri 11 Apr 2003 245,805 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rnlt3260.dll"
Mon 14 Oct 2002 245,760 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rorw3290.dll"
Mon 14 Oct 2002 114,688 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rtae3290.dll"
Mon 14 Oct 2002 65,536 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rtin3290.dll"
Mon 14 Oct 2002 163,840 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rtve3290.dll"
Fri 11 Apr 2003 45,093 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rv103260.dll"
Fri 11 Apr 2003 98,341 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rv203260.dll"
Fri 11 Apr 2003 94,247 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rv303260.dll"
Fri 11 Apr 2003 90,151 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rv403260.dll"
Fri 11 Apr 2003 159,785 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rvre3260.dll"
Mon 14 Oct 2002 102,400 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\sipr3260.dll"
Fri 11 Apr 2003 61,485 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\smpl3260.dll"
Fri 11 Apr 2003 106,541 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\vsrl3260.dll"
Fri 11 Apr 2003 86,061 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\xmlp3261.dll"
Fri 11 Apr 2003 159,787 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\zipf3260.dll"
Sun 23 Feb 2003 64,512 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\MusePack\MPPDEC.EXE"
Sat 26 Oct 2002 79,360 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\MusePack\MPPENC.EXE"
Sat 21 Jun 2008 262,144 A..H. --- "C:\Documents and Settings\jnh\Local Settings\Application Data\Microsoft\Windows\UsrClass.bak"
Tue 18 Dec 2007 262,144 A..H. --- "C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.bak"
Tue 18 Dec 2007 262,144 A..H. --- "C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.bak"
[b]Finished![/b]
Ella_elle_a
Messages postés
46
Date d'inscription
mercredi 30 juillet 2008
Statut
Membre
Dernière intervention
26 juin 2009
21 août 2008 à 13:43
21 août 2008 à 13:43
Par contre pour Malwarebyte's, ça risque d'être assez long :( je viens de démarrer...
Ella_elle_a
Messages postés
46
Date d'inscription
mercredi 30 juillet 2008
Statut
Membre
Dernière intervention
26 juin 2009
21 août 2008 à 14:00
21 août 2008 à 14:00
Rapport Malwarebyte's:
Malwarebytes' Anti-Malware 1.18
Version de la base de données: 873
13:57:50 21/08/08
mbam-log-8-21-2008 (13-57-50).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 97086
Temps écoulé: 14 minute(s), 33 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Malwarebytes' Anti-Malware 1.18
Version de la base de données: 873
13:57:50 21/08/08
mbam-log-8-21-2008 (13-57-50).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 97086
Temps écoulé: 14 minute(s), 33 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Ella_elle_a
Messages postés
46
Date d'inscription
mercredi 30 juillet 2008
Statut
Membre
Dernière intervention
26 juin 2009
21 août 2008 à 14:06
21 août 2008 à 14:06
Voici mon nouveau rapport Hijackthis, mais toujours pas moyen de me connecter à internet:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:05:21, on 21/08/08
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\vVX6000.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Hercules\Hercules WiFi Controller Software\WiFiCtrl.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Documents and Settings\jnh\Mes documents\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [VX6000] C:\WINDOWS\vVX6000.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -s
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://boogy79.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFnacmusic/FnacmusicDnl.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:05:21, on 21/08/08
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\vVX6000.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Hercules\Hercules WiFi Controller Software\WiFiCtrl.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Documents and Settings\jnh\Mes documents\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [VX6000] C:\WINDOWS\vVX6000.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -s
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://boogy79.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFnacmusic/FnacmusicDnl.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
Ella_elle_a
Messages postés
46
Date d'inscription
mercredi 30 juillet 2008
Statut
Membre
Dernière intervention
26 juin 2009
21 août 2008 à 15:10
21 août 2008 à 15:10
Je viens de télécharger Mozilla Firefox depuis mon pc portable, jusqu'à mon pc fixe, apparement, je surfe nickel depuis.
Du coup je pense qu'une simple mise à jour de IE7 peut sûrement régler le problème,
Je vais vérifier ça et on verra, à moins que tu ne trouve encore un souci sur mon rapport Hijackthis :P
Merci beaucoup et je viendrais poster la réponse à la mise à jour de IE7...
Du coup je pense qu'une simple mise à jour de IE7 peut sûrement régler le problème,
Je vais vérifier ça et on verra, à moins que tu ne trouve encore un souci sur mon rapport Hijackthis :P
Merci beaucoup et je viendrais poster la réponse à la mise à jour de IE7...
Ella_elle_a
Messages postés
46
Date d'inscription
mercredi 30 juillet 2008
Statut
Membre
Dernière intervention
26 juin 2009
21 août 2008 à 16:56
21 août 2008 à 16:56
La réinstallation de IE7 n'a servi à rien, ça ne fonctionne toujours pas, du coup je passe par mozilla.
J'ai fait fonctionner antivir, je poste le rapport étant donné qu'il semble qu'il y ait une infection:
https://i56.servimg.com/u/f56/12/46/68/55/sans_t10.jpg
J'ai fait fonctionner antivir, je poste le rapport étant donné qu'il semble qu'il y ait une infection:
https://i56.servimg.com/u/f56/12/46/68/55/sans_t10.jpg
Ella_elle_a
Messages postés
46
Date d'inscription
mercredi 30 juillet 2008
Statut
Membre
Dernière intervention
26 juin 2009
21 août 2008 à 23:29
21 août 2008 à 23:29
Désinstallation et réinstallation de comodo, et tout fonctionne de nouveau parfaitement.
Merci beaucoup pour le reste!
Bonne nuit.
Merci beaucoup pour le reste!
Bonne nuit.
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
22 août 2008 à 08:19
22 août 2008 à 08:19
Salut !!
pourrais tu me refaire un nouveau rapport hijackthis stp merci
pourrais tu me refaire un nouveau rapport hijackthis stp merci
Ella_elle_a
Messages postés
46
Date d'inscription
mercredi 30 juillet 2008
Statut
Membre
Dernière intervention
26 juin 2009
22 août 2008 à 14:15
22 août 2008 à 14:15
OK je te fais ça de suite, merci
Ella_elle_a
Messages postés
46
Date d'inscription
mercredi 30 juillet 2008
Statut
Membre
Dernière intervention
26 juin 2009
22 août 2008 à 14:16
22 août 2008 à 14:16
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:16:23, on 22/08/08
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\vVX6000.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hercules\Hercules WiFi Controller Software\WiFiCtrl.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\jnh\Mes documents\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [VX6000] C:\WINDOWS\vVX6000.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://boogy79.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFnacmusic/FnacmusicDnl.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs:
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
Scan saved at 14:16:23, on 22/08/08
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\vVX6000.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hercules\Hercules WiFi Controller Software\WiFiCtrl.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\jnh\Mes documents\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [VX6000] C:\WINDOWS\vVX6000.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://boogy79.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFnacmusic/FnacmusicDnl.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs:
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
