Sujet Précédent Sujet Suivant

Pages IE qui s'ouvrent toutes seules !!!!!

Fermé
mickeymat75 Messages postés 66 Date d'inscription lundi 22 octobre 2007 Statut Membre Dernière intervention 7 novembre 2010 - 23 nov. 2008 à 20:11
mickeymat75 Messages postés 66 Date d'inscription lundi 22 octobre 2007 Statut Membre Dernière intervention 7 novembre 2010 - 30 nov. 2008 à 12:05
Bonjour,

j'ai un gros problème. Quand je suis sur internet (sous avant browser), toutes les 2,3 minutes, j'ai des pages internet explorer qui s'ouvrent toutes seules (en général par trois). J'ai aussi un message me disant que frontpage 2000 cherche quelque chose qu'il ne trouve pas. Quand je clique sur annuler, j'aui une erreur 1706 de frontpage.
J'avoue que je n'y comprends rien mais que c'est lourd, toutes ces pages qui s'affichent ...
Je joins un rapport hijackthis au ca où ...

si quelqu'un pouvait m'aider, ce serait hyper sympa !!!

merci d'avance

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:10:57, on 23/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\TOPRO\TPPOLL.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\LSEPRN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sporever\Football365 Toolbar\launcher.exe
C:\Program Files\Ad-Aware 2007\aawservice.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Free Download Manager\fum\fum.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Sporever\Football365 Toolbar\Football365 Toolbar.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Nosibay\RunningObjectRegistry.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\msiexec.exe
D:\Program Files\Avant Browser\avant.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1036
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TPPOLL] C:\Program Files\TOPRO\TPPOLL.EXE
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PrinterSecurityLayer] C:\WINDOWS\LSEPRN.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Football365 Toolbar] "C:\Program Files\Sporever\Football365 Toolbar\launcher.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Free Upload Manager] "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun
O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: PrintKey 2000 Fr.lnk = C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O15 - Trusted Zone: http://canalplusalademande.canal-plus.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - https://www.snapfish.fr/2/home
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.photoways.com/clients/ImageUploader3.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.1.0.56.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553590000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

25 réponses

  • 1
  • 2
Réponse 1 / 25
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
23 nov. 2008 à 20:21
Salut !!

▶ Télécharge malwarebyte's anti-malware

▶ Un tutoriel sera à ta disposition sur ce site pour t'aider à l'utiliser.

▶ Fais la mise à jour du logiciel (elle se fait normalement à l'installation)

▶ Lance une analyse complète en cliquant sur "Exécuter un examen complet"

▶ Sélectionnes les disques que tu veux analyser et cliques sur "Lancer l'examen"

▶ L'analyse peut durer un bon moment.....

▶ Une fois l'analyse terminée, cliques sur "OK" puis sur "Afficher les résultats"

▶ Vérifies que tout est bien coché et cliques sur "Supprimer la sélection" => et ensuite sur "OK"

▶ Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum


* Il se pourrait que certains fichiers devront être supprimés au redémarrage du PC... Faites le en cliquant sur "oui" à la question posée
0
Réponse 2 / 25
mickeymat75 Messages postés 66 Date d'inscription lundi 22 octobre 2007 Statut Membre Dernière intervention 7 novembre 2010
24 nov. 2008 à 11:28
bonjour,

merci pour ton aide. Sur tes conseils, j'ai lancé l'analyse de mon Pc avec malwarebytes. Elle a commencé hier soir vers minuit mais quand je suis parti au boulot ce matin, elle n'était pas terminée. Je copierai donc le rapport en rentrant ce soir, en espèrant que ce ne soit pas trop grave et que tu pourras m'aider.

ad tal !
0
Réponse 3 / 25
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
24 nov. 2008 à 12:07
Salut !!

Ok y a pas de problèmes ;-)

Bonne journée @+
0
Réponse 4 / 25
mickeymat75 Messages postés 66 Date d'inscription lundi 22 octobre 2007 Statut Membre Dernière intervention 7 novembre 2010
24 nov. 2008 à 16:58
Me voici rentré du travail.
Malwarebyte s'est terminé et a trouvé 16 fichiers infectés qui ont été supprimés. Voici le rapport :

Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1419
Windows 5.1.2600 Service Pack 3

24/11/2008 16:56:21
mbam-log-2008-11-24 (16-56-21).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 178113
Temps écoulé: 8 hour(s), 49 minute(s), 37 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 11

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\poof (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe (Security.Hijack) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\rhcrgkj0ec9r (Rogue.AntivirusXP2008) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\QooBox\Quarantine\C\Program Files\Microsoft Security Adviser\mssadv.exe.vir (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\etnd.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\runsql.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\sv.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\svc.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\svw.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\svx.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\svzip.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\vlc.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\wdmon.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\blphcvgkj0ec9r.scr.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Merci encore pour ton aide, j'attends avec impatience ton prochain message !!

bye
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 25
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
24 nov. 2008 à 17:01
Très bien maintenant fais ceci stp :

Option 1 - Recherche :


▶ télécharge smitfraudfix et enregistre le sur le bureau

▶ Ensuite double clique sur smitfraudfix puis exécuter

▶ Sélectionner 1 pour créer un rapport des fichiers responsables de l'infection.

(attention : N utilises pas l option 2 si je ne te l ai pas demandé !!)

▶ copier/coller le rapport dans la réponse.


Voici un tutoriel sonore et animé en cas de problème d'utilisation



(Attention : "process.exe", un composant de l'outil, est détecté par certains antivirus comme étant un "RiskTool".
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains,
cet utilitaire pourrait arrêter des logiciels de sécurité.)
0
Réponse 6 / 25
mickeymat75 Messages postés 66 Date d'inscription lundi 22 octobre 2007 Statut Membre Dernière intervention 7 novembre 2010
24 nov. 2008 à 19:01
voici le rapport Smidtfraudix :

SmitFraudFix v2.240

Rapport fait à 18:59:52,96, 24/11/2008
Executé à partir de C:\Documents and Settings\Mickey\Bureau\programmes antivir\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\TOPRO\TPPOLL.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sporever\Football365 Toolbar\launcher.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Free Download Manager\fum\fum.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe
C:\Program Files\Sporever\Football365 Toolbar\Football365 Toolbar.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Nosibay\RunningObjectRegistry.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\LSFPRN.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
D:\PROGRA~1\AVANTB~1\avant.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Mickey


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Mickey\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Mickey\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau



»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Carte réseau virtuelle FreeBox USB #2 - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.40.241
DNS Server Search Order: 212.27.40.240

HKLM\SYSTEM\CCS\Services\Tcpip\..\{B74AE88B-0C1A-44F2-AB70-5ACBD7BE407E}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\..\{B74AE88B-0C1A-44F2-AB70-5ACBD7BE407E}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS2\Services\Tcpip\..\{B74AE88B-0C1A-44F2-AB70-5ACBD7BE407E}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS3\Services\Tcpip\..\{B74AE88B-0C1A-44F2-AB70-5ACBD7BE407E}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin
0
Réponse 7 / 25
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
24 nov. 2008 à 20:14
Ok RAS dans SmitfraudFix...

▶ Télécharger et enregistrer lopSD sur le Bureau

▶ Double-clic Lop S&D

▶ Faire l'installation

▶ Fermer toutes les applications

▶ Le lancer par un double-clic sur le raccourci qui est sur le bureau
Avec VISTA => clic-droit et => Exécuter en tant qu'administrateur

▶ Taper F pour français , puis presser entrée

▶ Taper 1

▶ Presser Entrée

▶ Le PC va redémarrer
Note= si l'antivirus annonce une infection dans TEMP , l'ignorer

▶ Attendre l'apparition du rapport
▶ Copier le rapport et le coller dans la réponse
le rapport se trouve aussi à C:\lopR
0
Réponse 8 / 25
mickeymat75 Messages postés 66 Date d'inscription lundi 22 octobre 2007 Statut Membre Dernière intervention 7 novembre 2010
24 nov. 2008 à 22:34
voici le rapport lopSD (par contre, le PC n'a pas redémarré avant le rapport, est-ce grave ?) :


--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
BIOS : BIOS Date: 11/17/05 21:52:19 Ver: 08.00.12
USER : Mickey ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1290 [VPS 081124-0] 4.8.1290 (Activated)
C:\ (Local Disk) - NTFS - Total:176 Go (Free:19 Go)
D:\ (Local Disk) - NTFS - Total:186 Go (Free:73 Go)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (CD or DVD)
J:\ (CD or DVD)
K:\ (CD or DVD)
L:\ (CD or DVD) - UDF - Total:6 Go (Free:0 Go)
M:\ (CD or DVD)
N:\ (CD or DVD) - UDF - Total:6 Go (Free:0 Go)
O:\ (CD or DVD) - UDF - Total:6 Go (Free:0 Go)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 24/11/2008|22:27 )

--------------------\\ Listing des dossiers dans APPLIC~1

[19/10/2007|14:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\Avant Profiles
[19/10/2007|14:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[04/04/2008|16:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[13/11/2006|20:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[22/10/2006|17:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Brother
[26/12/2007|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[03/02/2008|03:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FloodLightGames
[27/10/2007|13:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreeDownloadManager.ORG
[20/10/2007|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[22/10/2006|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[19/10/2007|08:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[08/02/2007|17:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[23/10/2007|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[23/11/2008|23:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[02/08/2008|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[09/02/2007|10:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[26/06/2008|17:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NewsBin
[26/10/2006|22:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[02/08/2008|19:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[20/02/2008|23:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[04/11/2008|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[07/12/2006|23:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[04/12/2007|23:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[13/10/2006|13:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[27/03/2007|07:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[24/02/2008|18:26] C:\DOCUME~1\Mickey\APPLIC~1\ADDINSOFT
[04/09/2008|16:43] C:\DOCUME~1\Mickey\APPLIC~1\Adobe
[13/05/2008|18:40] C:\DOCUME~1\Mickey\APPLIC~1\AdobeUM
[09/02/2007|10:19] C:\DOCUME~1\Mickey\APPLIC~1\Ahead
[06/04/2007|16:38] C:\DOCUME~1\Mickey\APPLIC~1\Ankh - Heart of Osiris
[26/01/2007|14:59] C:\DOCUME~1\Mickey\APPLIC~1\Apple Computer
[08/02/2007|17:42] C:\DOCUME~1\Mickey\APPLIC~1\Avant Browser
[20/04/2007|11:40] C:\DOCUME~1\Mickey\APPLIC~1\Avant Profiles
[06/07/2008|14:00] C:\DOCUME~1\Mickey\APPLIC~1\BitTorrent
[27/10/2006|23:16] C:\DOCUME~1\Mickey\APPLIC~1\Brother
[13/02/2007|12:30] C:\DOCUME~1\Mickey\APPLIC~1\BSplayer
[13/02/2007|12:26] C:\DOCUME~1\Mickey\APPLIC~1\BSplayer Pro
[29/10/2007|22:13] C:\DOCUME~1\Mickey\APPLIC~1\Codemasters
[21/10/2006|07:00] C:\DOCUME~1\Mickey\APPLIC~1\CopyToDvd
[06/02/2007|08:18] C:\DOCUME~1\Mickey\APPLIC~1\Digital Red
[21/05/2007|11:12] C:\DOCUME~1\Mickey\APPLIC~1\Disney Interactive Studios
[01/06/2007|10:07] C:\DOCUME~1\Mickey\APPLIC~1\dvdcss
[08/03/2008|08:26] C:\DOCUME~1\Mickey\APPLIC~1\FileZilla
[03/02/2008|03:39] C:\DOCUME~1\Mickey\APPLIC~1\FloodLightGames
[24/11/2008|22:26] C:\DOCUME~1\Mickey\APPLIC~1\Free Download Manager
[29/05/2007|17:20] C:\DOCUME~1\Mickey\APPLIC~1\Google
[20/10/2007|19:25] C:\DOCUME~1\Mickey\APPLIC~1\Grisoft
[14/01/2007|20:53] C:\DOCUME~1\Mickey\APPLIC~1\Help
[20/02/2008|17:31] C:\DOCUME~1\Mickey\APPLIC~1\HLSW
[13/10/2006|13:17] C:\DOCUME~1\Mickey\APPLIC~1\Identities
[31/10/2008|14:36] C:\DOCUME~1\Mickey\APPLIC~1\InstallShield
[15/01/2008|21:00] C:\DOCUME~1\Mickey\APPLIC~1\Macromedia
[23/11/2008|23:05] C:\DOCUME~1\Mickey\APPLIC~1\Malwarebytes
[09/12/2006|20:10] C:\DOCUME~1\Mickey\APPLIC~1\Media Player Classic
[24/02/2008|18:27] C:\DOCUME~1\Mickey\APPLIC~1\Microsoft
[20/10/2006|10:00] C:\DOCUME~1\Mickey\APPLIC~1\Microsoft Web Folders
[26/06/2008|17:19] C:\DOCUME~1\Mickey\APPLIC~1\NewsBin
[11/01/2007|07:32] C:\DOCUME~1\Mickey\APPLIC~1\Nosibay
[15/01/2008|21:00] C:\DOCUME~1\Mickey\APPLIC~1\PlayFirst
[29/10/2006|00:00] C:\DOCUME~1\Mickey\APPLIC~1\Real
[02/08/2008|20:20] C:\DOCUME~1\Mickey\APPLIC~1\Reallusion
[25/12/2007|20:36] C:\DOCUME~1\Mickey\APPLIC~1\Samsung
[18/12/2006|13:39] C:\DOCUME~1\Mickey\APPLIC~1\SecuROM
[30/07/2008|22:00] C:\DOCUME~1\Mickey\APPLIC~1\SEGA
[16/12/2007|04:16] C:\DOCUME~1\Mickey\APPLIC~1\Snapfish
[23/10/2007|16:43] C:\DOCUME~1\Mickey\APPLIC~1\Sports Interactive
[23/04/2007|21:50] C:\DOCUME~1\Mickey\APPLIC~1\Sun
[26/07/2008|18:14] C:\DOCUME~1\Mickey\APPLIC~1\teamspeak2
[23/11/2008|13:05] C:\DOCUME~1\Mickey\APPLIC~1\uTorrent
[03/03/2008|08:51] C:\DOCUME~1\Mickey\APPLIC~1\VirtuaWin
[15/06/2007|09:33] C:\DOCUME~1\Mickey\APPLIC~1\vlc
[17/11/2006|20:59] C:\DOCUME~1\Mickey\APPLIC~1\Vso
[26/07/2008|18:14] C:\DOCUME~1\Mickey\APPLIC~1\Xfire

[13/10/2006|13:13] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[05/09/2007|16:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[24/11/2008 18:56][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/03/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[21/11/2008|15:55] C:\Program Files\Activision
[19/10/2007|13:38] C:\Program Files\Ad-Aware 2007
[24/02/2008|18:26] C:\Program Files\Addinsoft
[28/10/2006|10:52] C:\Program Files\Adobe
[11/11/2008|16:54] C:\Program Files\adslTV
[23/03/2008|15:11] C:\Program Files\AGEIA Technologies
[23/08/2008|15:47] C:\Program Files\Alcohol Soft
[05/09/2008|05:52] C:\Program Files\Alwil Software
[27/08/2008|08:20] C:\Program Files\ANACONDA
[13/10/2006|13:27] C:\Program Files\Analog Devices
[17/02/2008|03:31] C:\Program Files\AngelSmile
[13/10/2006|13:28] C:\Program Files\ASUS
[13/10/2006|13:32] C:\Program Files\ATI Technologies
[18/08/2008|16:19] C:\Program Files\Avanquest update
[10/01/2008|08:04] C:\Program Files\avant browser
[03/03/2007|03:48] C:\Program Files\Avid
[18/02/2008|17:57] C:\Program Files\AviSynth 2.5
[03/07/2008|23:28] C:\Program Files\BitTorrent
[02/08/2008|20:13] C:\Program Files\Brother
[17/11/2006|21:20] C:\Program Files\CDBurnerXP Pro 3
[23/09/2007|02:06] C:\Program Files\Cdiscount photos
[02/10/2007|15:23] C:\Program Files\ChessBase
[26/10/2006|22:12] C:\Program Files\Combined Community Codec Pack
[18/02/2008|15:30] C:\Program Files\Common Files
[13/10/2006|13:11] C:\Program Files\ComPlus Applications
[24/06/2008|18:29] C:\Program Files\Conduit
[20/08/2008|08:20] C:\Program Files\DAEMON Tools
[25/11/2006|19:32] C:\Program Files\DaemonTools_WhenUSave_Installer
[01/02/2008|18:36] C:\Program Files\Daily Services
[25/04/2008|17:04] C:\Program Files\directx
[14/02/2008|18:51] C:\Program Files\EA GAMES
[24/04/2007|00:02] C:\Program Files\EA SPORTS
[05/02/2007|07:23] C:\Program Files\enregistrements free
[26/01/2007|14:16] C:\Program Files\Exploris
[06/09/2008|10:48] C:\Program Files\Fichiers communs
[08/03/2008|08:10] C:\Program Files\FileZilla Client
[18/08/2008|16:19] C:\Program Files\Flash Slideshow Maker Professional
[27/08/2007|12:40] C:\Program Files\FLV Player
[10/12/2007|09:18] C:\Program Files\Free
[18/08/2008|16:19] C:\Program Files\Free Download Manager
[18/08/2008|16:19] C:\Program Files\Freeplayer
[16/07/2007|15:58] C:\Program Files\GrabIt
[20/10/2007|19:24] C:\Program Files\Grisoft
[06/11/2006|17:04] C:\Program Files\Illustrate
[02/02/2008|19:44] C:\Program Files\IncrediMail
[21/11/2008|16:09] C:\Program Files\InstallShield Installation Information
[15/10/2008|06:28] C:\Program Files\Internet Explorer
[13/11/2006|20:17] C:\Program Files\iPod
[09/07/2008|23:04] C:\Program Files\IsoBuster
[13/11/2006|20:17] C:\Program Files\iTunes
[08/08/2008|18:13] C:\Program Files\Java
[16/11/2007|15:16] C:\Program Files\JoWooD Productions
[22/03/2007|16:28] C:\Program Files\Lavalys
[20/10/2007|19:18] C:\Program Files\Lavasoft
[23/11/2008|23:05] C:\Program Files\Malwarebytes' Anti-Malware
[26/10/2006|22:46] C:\Program Files\Media Player Classic
[03/11/2008|07:51] C:\Program Files\Messenger
[03/12/2006|10:18] C:\Program Files\microsoft frontpage
[20/10/2006|10:00] C:\Program Files\Microsoft Office
[04/12/2007|23:35] C:\Program Files\Microsoft SQL Server Compact Edition
[03/12/2006|10:20] C:\Program Files\Microsoft Visual Studio
[26/12/2007|11:45] C:\Program Files\Motorola Phone Tools
[03/11/2008|07:48] C:\Program Files\Movie Maker
[27/12/2007|14:11] C:\Program Files\mp3DirectCut
[13/10/2006|13:10] C:\Program Files\MSN
[13/10/2006|13:10] C:\Program Files\MSN Gaming Zone
[12/01/2007|03:00] C:\Program Files\MSXML 4.0
[04/04/2008|16:43] C:\Program Files\MSXML 6.0
[18/02/2008|22:05] C:\Program Files\nanocosmos
[20/10/2007|16:44] C:\Program Files\Navilog1
[09/02/2007|10:08] C:\Program Files\Nero
[03/11/2008|07:46] C:\Program Files\NetMeeting
[19/07/2008|10:18] C:\Program Files\Noel Danjou
[13/10/2006|13:10] C:\Program Files\Online Services
[20/02/2007|12:29] C:\Program Files\OpenAL
[03/11/2008|07:46] C:\Program Files\Outlook Express
[18/02/2008|15:30] C:\Program Files\PC Camera
[25/12/2006|17:11] C:\Program Files\PENTAX
[15/01/2008|20:59] C:\Program Files\PlayFirst
[28/01/2007|18:55] C:\Program Files\PowerpointImageExtractor_V1_2
[02/09/2007|23:49] C:\Program Files\PrintKey 2000 Fr
[24/06/2008|22:25] C:\Program Files\ProtectDisc Driver Installer
[23/09/2007|02:06] C:\Program Files\QuickPar
[13/11/2006|20:17] C:\Program Files\QuickTime
[23/09/2007|02:06] C:\Program Files\Real Alternative
[02/08/2008|20:13] C:\Program Files\Reallusion
[25/12/2007|19:54] C:\Program Files\Samsung
[22/10/2006|18:35] C:\Program Files\ScanSoft
[13/10/2006|13:12] C:\Program Files\Services en ligne
[18/10/2006|06:32] C:\Program Files\Setup
[27/08/2008|08:16] C:\Program Files\Sierra
[22/12/2006|18:54] C:\Program Files\Singles2
[16/10/2006|15:14] C:\Program Files\SLD Codec Pack
[18/12/2006|13:25] C:\Program Files\Smart Projects
[11/01/2007|07:32] C:\Program Files\Sporever
[09/12/2007|12:53] C:\Program Files\Star Downloader
[04/09/2008|05:53] C:\Program Files\SUPER
[24/02/2008|17:59] C:\Program Files\SYSTAT 11
[25/12/2006|16:56] C:\Program Files\T‚l‚chargement PHOTOWAYS
[07/04/2007|14:00] C:\Program Files\THQ
[01/07/2008|13:48] C:\Program Files\TmUnitedForever
[26/01/2008|20:12] C:\Program Files\Topro
[10/02/2007|18:45] C:\Program Files\TrackMania Nations ESWC
[20/10/2007|16:51] C:\Program Files\Trend Micro
[13/10/2006|13:17] C:\Program Files\Uninstall Information
[18/08/2008|16:57] C:\Program Files\uTorrent
[31/07/2008|17:05] C:\Program Files\VID_0E8F&PID_0003
[17/10/2006|10:51] C:\Program Files\VideoLAN
[18/02/2008|21:06] C:\Program Files\VirtualDub
[17/11/2006|20:59] C:\Program Files\VSO
[15/10/2006|22:58] C:\Program Files\Webteh
[27/02/2008|23:40] C:\Program Files\Windows Live
[26/03/2007|07:07] C:\Program Files\Windows Media Connect 2
[03/11/2008|07:46] C:\Program Files\Windows Media Player
[03/11/2008|07:46] C:\Program Files\Windows NT
[13/10/2006|13:12] C:\Program Files\WindowsUpdate
[16/09/2007|10:33] C:\Program Files\WinRAR
[17/09/2007|11:36] C:\Program Files\World Poker Championship
[13/10/2006|13:13] C:\Program Files\xerox
[17/09/2007|21:54] C:\Program Files\Xfire
[08/08/2007|22:00] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[28/10/2006|10:52] C:\Program Files\Fichiers communs\Adobe
[04/04/2008|16:44] C:\Program Files\Fichiers communs\Adobe AIR
[09/02/2007|10:11] C:\Program Files\Fichiers communs\Ahead
[20/10/2006|10:01] C:\Program Files\Fichiers communs\Designer
[03/01/2007|07:24] C:\Program Files\Fichiers communs\InstallShield
[23/04/2007|21:49] C:\Program Files\Fichiers communs\Java
[08/02/2007|17:39] C:\Program Files\Fichiers communs\Macromedia Shared
[26/12/2007|11:37] C:\Program Files\Fichiers communs\Microsoft Shared
[26/12/2007|11:44] C:\Program Files\Fichiers communs\Motorola Shared
[13/10/2006|13:11] C:\Program Files\Fichiers communs\MSSoap
[11/01/2007|07:32] C:\Program Files\Fichiers communs\Nosibay
[13/10/2006|14:14] C:\Program Files\Fichiers communs\ODBC
[22/01/2008|22:02] C:\Program Files\Fichiers communs\Reallusion
[02/08/2008|19:37] C:\Program Files\Fichiers communs\ScanSoft Shared
[13/10/2006|13:11] C:\Program Files\Fichiers communs\Services
[13/10/2006|14:14] C:\Program Files\Fichiers communs\SpeechEngines
[03/11/2008|07:46] C:\Program Files\Fichiers communs\System
[04/12/2007|23:09] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[23/03/2008|15:12] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 60 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\Mickey\Cookies\mickey@banner.cotedazurpalace[2].txt
C:\DOCUME~1\Mickey\Cookies\mickey@cotedazurpalace[2].txt
C:\DOCUME~1\Mickey\Cookies\mickey@partypoker[1].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-24 22:28:10
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 43

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Mickey\Application Data\uTorrent\Call of Duty 5 World at War Keygen.rar.torrent
C:\DOCUME~1\Mickey\Application Data\uTorrent\Dead Space CRACK + Serial.torrent
C:\DOCUME~1\Mickey\Application Data\uTorrent\Far Cry 2 crack Fully Working.rar.torrent
C:\DOCUME~1\Mickey\Bureau\jeux\F.E.A.R\FEARXP\Crack
C:\DOCUME~1\Mickey\Bureau\jeux\F.E.A.R\FEARXP\Crack\FEAR.exe
C:\DOCUME~1\Mickey\Bureau\jeux\F.E.A.R\FEARXP\Crack\FEARMP.exe
C:\DOCUME~1\Mickey\Bureau\jeux\F.E.A.R\FEARXP\Crack\FEARXP
C:\DOCUME~1\Mickey\Bureau\jeux\F.E.A.R\FEARXP\Crack\rld-fepkg.exe
C:\DOCUME~1\Mickey\Bureau\jeux\F.E.A.R\FEARXP\Crack\FEARXP\FEARXP.exe
C:\DOCUME~1\Mickey\Bureau\jeux\Scrabble2007\Crack
C:\DOCUME~1\Mickey\Bureau\jeux\Scrabble2007\Crack\Scrabble2007.exe
C:\DOCUME~1\Mickey\Bureau\jeux\TW07\Crack
C:\DOCUME~1\Mickey\Bureau\jeux\TW07\Crack\rld-tw7k.exe
C:\DOCUME~1\Mickey\Bureau\jeux\TW07\Crack\TW2007.exe
C:\DOCUME~1\Mickey\Bureau\MOH aiborne\PC-Game.Medal.of.Honor.Airborne.Crack.&.KeyGen.Only-HATRED
C:\DOCUME~1\Mickey\Bureau\MOH aiborne\PC-Game.Medal.of.Honor.Airborne.Crack.&.KeyGen.Only-HATRED\hatred.exe
C:\DOCUME~1\Mickey\Bureau\MOH aiborne\PC-Game.Medal.of.Honor.Airborne.Crack.&.KeyGen.Only-HATRED\hatred.nfo
C:\DOCUME~1\Mickey\Bureau\MOH aiborne\PC-Game.Medal.of.Honor.Airborne.Crack.&.KeyGen.Only-HATRED\keygen.exe
C:\DOCUME~1\Mickey\Bureau\MOH aiborne\PC-Game.Medal.of.Honor.Airborne.Crack.&.KeyGen.Only-HATRED\MOHA.exe
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack\CrazyTalk v4.5
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack\CrazyTalk v4.5\crack
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack\CrazyTalk v4.5\crazytalk.exe
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack\CrazyTalk v4.5\crack\CTICard.ppg
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack\CrazyTalk v4.5\crack\CTIFitting.ppg
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack\CrazyTalk v4.5\crack\CTIMedia.ppg
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack\CrazyTalk v4.5\crack\CTIMessage.ppg
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack\CrazyTalk v4.5\crack\CTIMobile.ppg
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack\CrazyTalk v4.5\crack\CTIScript.ppg
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack\CrazyTalk v4.5\crack\CTIWeb.ppg
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack\CrazyTalk v4.5\crack\Desperate.nfo
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack\CrazyTalk v4.5\crack\RLResource.dll
C:\DOCUME~1\Mickey\Bureau\rzr-cod4\cod5fr\Call of Duty 5 World at War Keygen
C:\DOCUME~1\Mickey\Bureau\rzr-cod4\cod5fr\Call of Duty 5 World at War Keygen\Call of Duty 5 World at War Keygen
C:\DOCUME~1\Mickey\Bureau\rzr-cod4\cod5fr\Call of Duty 5 World at War Keygen\Call of Duty 5 World at War Keygen\rzr-c5kg.exe
C:\DOCUME~1\Mickey\Bureau\rzr-cod4\cod5fr\Call of Duty 5 World at War Keygen\Call of Duty 5 World at War Keygen\rzr-c5kg.sfv
C:\DOCUME~1\Mickey\Bureau\rzr-cod4\cod5fr\cod5\CODWAW\Crack
C:\DOCUME~1\Mickey\Bureau\rzr-cod4\cod5fr\cod5\CODWAW\Crack\CoDWaW.exe
C:\DOCUME~1\Mickey\Bureau\rzr-cod4\Dead.Space.German-darkc0der\Dead.Space.CRACK-Darkc0der
C:\DOCUME~1\Mickey\Bureau\rzr-cod4\Dead.Space.German-darkc0der\Dead.Space.CRACK-Darkc0der\dp.nfo
C:\DOCUME~1\Mickey\Bureau\rzr-cod4\Dead.Space.German-darkc0der\Dead.Space.CRACK-Darkc0der\dp.rar
C:\DOCUME~1\Mickey\Local Settings\Application Data\IM\Identities\{39967D0E-15D1-4D5B-9801-35F00CB27D11}\Message Store\Attachments\Age of Empires III AOE 3 crack nocd + patch vo fr + serial keygen pc RTS de refe_.rar
C:\DOCUME~1\Mickey\Local Settings\temp\$.ficn$\index\www.crackwhoreconfessions.com.ini
C:\DOCUME~1\Mickey\Mes documents\Downloads\Call of Duty 5 World at War Keygen.rar
C:\DOCUME~1\Mickey\Recent\(DeCall_Of_Duty_World_At_War_Keygen-RazorDOX - nzbsrus.com ) [46] - rzr-c5kg.sfv yEnc (11) (by nzbsrus@nzbzrus.com (nzbsrus poster)).txt.lnk
C:\DOCUME~1\Mickey\Recent\Alcohol_120_1.9.9_+_Full_working_CracK_[mininova].torrent.lnk
C:\DOCUME~1\Mickey\Recent\Call of Duty 5 World at War Keygen.rar.lnk
C:\DOCUME~1\Mickey\Recent\dead space Key and crack.lnk
C:\DOCUME~1\Mickey\Recent\dead space Key and crack.rar.lnk
C:\DOCUME~1\Mickey\Recent\Dead Space keygen by Gib.rar.lnk
C:\DOCUME~1\Mickey\Recent\Dead.Space.CRACK-Darkc0der.lnk
C:\DOCUME~1\Mickey\Recent\DeCall_Of_Duty_World_At_War_Keygen-RazorDOX_-_nzbsrus.com[1].lnk
C:\DOCUME~1\Mickey\Recent\Far Cry 2 crack Fully Working.lnk
C:\DOCUME~1\Mickey\Recent\Far Cry 2 crack Fully Working.rar.lnk
C:\DOCUME~1\Mickey\Recent\Far.Cry.2.darkc0der.crack.rar.lnk
C:\DOCUME~1\Mickey\Recent\Pro_Evolution_Soccer_2008-crack+serial-JM.zip_[mininova].torrent.lnk


[F:1250][D:30]-> C:\DOCUME~1\Mickey\LOCALS~1\Temp
[F:77][D:0]-> C:\DOCUME~1\Mickey\Cookies
[F:7742][D:13]-> C:\DOCUME~1\Mickey\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 24/11/2008|22:30 - Option : [1]

--------------------\\ Fin du rapport a 22:30:31

Merci encore pour ton aide
0
Réponse 9 / 25
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
24 nov. 2008 à 23:08
Roo les cracks !! mdr

▶ Relance Lop S&D

▶ Choisis cette fois-ci l'option 2 (Suppression)

▶ Ne ferme pas la fenêtre lors de la suppression !

▶ Poste le rapport généré (C:\lopR.txt)

* (Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

et ensuite refais un nouveau rapport hijackthis stp
0
Réponse 10 / 25
mickeymat75 Messages postés 66 Date d'inscription lundi 22 octobre 2007 Statut Membre Dernière intervention 7 novembre 2010
24 nov. 2008 à 23:16
Voici le rapport lopSD :


--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
BIOS : BIOS Date: 11/17/05 21:52:19 Ver: 08.00.12
USER : Mickey ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1290 [VPS 081124-0] 4.8.1290 (Activated)
C:\ (Local Disk) - NTFS - Total:176 Go (Free:19 Go)
D:\ (Local Disk) - NTFS - Total:186 Go (Free:73 Go)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (CD or DVD)
J:\ (CD or DVD)
K:\ (CD or DVD)
L:\ (CD or DVD) - UDF - Total:6 Go (Free:0 Go)
M:\ (CD or DVD)
N:\ (CD or DVD) - UDF - Total:6 Go (Free:0 Go)
O:\ (CD or DVD) - UDF - Total:6 Go (Free:0 Go)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 24/11/2008|23:10 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[19/10/2007|14:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\Avant Profiles
[19/10/2007|14:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[04/04/2008|16:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[13/11/2006|20:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[22/10/2006|17:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Brother
[26/12/2007|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[03/02/2008|03:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FloodLightGames
[27/10/2007|13:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreeDownloadManager.ORG
[20/10/2007|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[22/10/2006|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[19/10/2007|08:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[08/02/2007|17:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[23/10/2007|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[23/11/2008|23:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[02/08/2008|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[09/02/2007|10:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[26/06/2008|17:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NewsBin
[26/10/2006|22:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[02/08/2008|19:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[20/02/2008|23:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[04/11/2008|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[07/12/2006|23:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[04/12/2007|23:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[13/10/2006|13:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[27/03/2007|07:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[24/02/2008|18:26] C:\DOCUME~1\Mickey\APPLIC~1\ADDINSOFT
[04/09/2008|16:43] C:\DOCUME~1\Mickey\APPLIC~1\Adobe
[13/05/2008|18:40] C:\DOCUME~1\Mickey\APPLIC~1\AdobeUM
[09/02/2007|10:19] C:\DOCUME~1\Mickey\APPLIC~1\Ahead
[06/04/2007|16:38] C:\DOCUME~1\Mickey\APPLIC~1\Ankh - Heart of Osiris
[26/01/2007|14:59] C:\DOCUME~1\Mickey\APPLIC~1\Apple Computer
[08/02/2007|17:42] C:\DOCUME~1\Mickey\APPLIC~1\Avant Browser
[20/04/2007|11:40] C:\DOCUME~1\Mickey\APPLIC~1\Avant Profiles
[06/07/2008|14:00] C:\DOCUME~1\Mickey\APPLIC~1\BitTorrent
[27/10/2006|23:16] C:\DOCUME~1\Mickey\APPLIC~1\Brother
[13/02/2007|12:30] C:\DOCUME~1\Mickey\APPLIC~1\BSplayer
[13/02/2007|12:26] C:\DOCUME~1\Mickey\APPLIC~1\BSplayer Pro
[29/10/2007|22:13] C:\DOCUME~1\Mickey\APPLIC~1\Codemasters
[21/10/2006|07:00] C:\DOCUME~1\Mickey\APPLIC~1\CopyToDvd
[06/02/2007|08:18] C:\DOCUME~1\Mickey\APPLIC~1\Digital Red
[21/05/2007|11:12] C:\DOCUME~1\Mickey\APPLIC~1\Disney Interactive Studios
[01/06/2007|10:07] C:\DOCUME~1\Mickey\APPLIC~1\dvdcss
[08/03/2008|08:26] C:\DOCUME~1\Mickey\APPLIC~1\FileZilla
[03/02/2008|03:39] C:\DOCUME~1\Mickey\APPLIC~1\FloodLightGames
[24/11/2008|23:08] C:\DOCUME~1\Mickey\APPLIC~1\Free Download Manager
[29/05/2007|17:20] C:\DOCUME~1\Mickey\APPLIC~1\Google
[20/10/2007|19:25] C:\DOCUME~1\Mickey\APPLIC~1\Grisoft
[14/01/2007|20:53] C:\DOCUME~1\Mickey\APPLIC~1\Help
[20/02/2008|17:31] C:\DOCUME~1\Mickey\APPLIC~1\HLSW
[13/10/2006|13:17] C:\DOCUME~1\Mickey\APPLIC~1\Identities
[31/10/2008|14:36] C:\DOCUME~1\Mickey\APPLIC~1\InstallShield
[15/01/2008|21:00] C:\DOCUME~1\Mickey\APPLIC~1\Macromedia
[23/11/2008|23:05] C:\DOCUME~1\Mickey\APPLIC~1\Malwarebytes
[09/12/2006|20:10] C:\DOCUME~1\Mickey\APPLIC~1\Media Player Classic
[24/02/2008|18:27] C:\DOCUME~1\Mickey\APPLIC~1\Microsoft
[20/10/2006|10:00] C:\DOCUME~1\Mickey\APPLIC~1\Microsoft Web Folders
[26/06/2008|17:19] C:\DOCUME~1\Mickey\APPLIC~1\NewsBin
[11/01/2007|07:32] C:\DOCUME~1\Mickey\APPLIC~1\Nosibay
[15/01/2008|21:00] C:\DOCUME~1\Mickey\APPLIC~1\PlayFirst
[29/10/2006|00:00] C:\DOCUME~1\Mickey\APPLIC~1\Real
[02/08/2008|20:20] C:\DOCUME~1\Mickey\APPLIC~1\Reallusion
[25/12/2007|20:36] C:\DOCUME~1\Mickey\APPLIC~1\Samsung
[18/12/2006|13:39] C:\DOCUME~1\Mickey\APPLIC~1\SecuROM
[30/07/2008|22:00] C:\DOCUME~1\Mickey\APPLIC~1\SEGA
[16/12/2007|04:16] C:\DOCUME~1\Mickey\APPLIC~1\Snapfish
[23/10/2007|16:43] C:\DOCUME~1\Mickey\APPLIC~1\Sports Interactive
[23/04/2007|21:50] C:\DOCUME~1\Mickey\APPLIC~1\Sun
[26/07/2008|18:14] C:\DOCUME~1\Mickey\APPLIC~1\teamspeak2
[23/11/2008|13:05] C:\DOCUME~1\Mickey\APPLIC~1\uTorrent
[03/03/2008|08:51] C:\DOCUME~1\Mickey\APPLIC~1\VirtuaWin
[15/06/2007|09:33] C:\DOCUME~1\Mickey\APPLIC~1\vlc
[17/11/2006|20:59] C:\DOCUME~1\Mickey\APPLIC~1\Vso
[26/07/2008|18:14] C:\DOCUME~1\Mickey\APPLIC~1\Xfire

[13/10/2006|13:13] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[05/09/2007|16:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[24/11/2008 18:56][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/03/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[21/11/2008|15:55] C:\Program Files\Activision
[19/10/2007|13:38] C:\Program Files\Ad-Aware 2007
[24/02/2008|18:26] C:\Program Files\Addinsoft
[28/10/2006|10:52] C:\Program Files\Adobe
[11/11/2008|16:54] C:\Program Files\adslTV
[23/03/2008|15:11] C:\Program Files\AGEIA Technologies
[23/08/2008|15:47] C:\Program Files\Alcohol Soft
[05/09/2008|05:52] C:\Program Files\Alwil Software
[27/08/2008|08:20] C:\Program Files\ANACONDA
[13/10/2006|13:27] C:\Program Files\Analog Devices
[17/02/2008|03:31] C:\Program Files\AngelSmile
[13/10/2006|13:28] C:\Program Files\ASUS
[13/10/2006|13:32] C:\Program Files\ATI Technologies
[18/08/2008|16:19] C:\Program Files\Avanquest update
[10/01/2008|08:04] C:\Program Files\avant browser
[03/03/2007|03:48] C:\Program Files\Avid
[18/02/2008|17:57] C:\Program Files\AviSynth 2.5
[03/07/2008|23:28] C:\Program Files\BitTorrent
[02/08/2008|20:13] C:\Program Files\Brother
[17/11/2006|21:20] C:\Program Files\CDBurnerXP Pro 3
[23/09/2007|02:06] C:\Program Files\Cdiscount photos
[02/10/2007|15:23] C:\Program Files\ChessBase
[26/10/2006|22:12] C:\Program Files\Combined Community Codec Pack
[18/02/2008|15:30] C:\Program Files\Common Files
[13/10/2006|13:11] C:\Program Files\ComPlus Applications
[24/06/2008|18:29] C:\Program Files\Conduit
[20/08/2008|08:20] C:\Program Files\DAEMON Tools
[25/11/2006|19:32] C:\Program Files\DaemonTools_WhenUSave_Installer
[01/02/2008|18:36] C:\Program Files\Daily Services
[25/04/2008|17:04] C:\Program Files\directx
[14/02/2008|18:51] C:\Program Files\EA GAMES
[24/04/2007|00:02] C:\Program Files\EA SPORTS
[05/02/2007|07:23] C:\Program Files\enregistrements free
[26/01/2007|14:16] C:\Program Files\Exploris
[06/09/2008|10:48] C:\Program Files\Fichiers communs
[08/03/2008|08:10] C:\Program Files\FileZilla Client
[18/08/2008|16:19] C:\Program Files\Flash Slideshow Maker Professional
[27/08/2007|12:40] C:\Program Files\FLV Player
[10/12/2007|09:18] C:\Program Files\Free
[18/08/2008|16:19] C:\Program Files\Free Download Manager
[18/08/2008|16:19] C:\Program Files\Freeplayer
[16/07/2007|15:58] C:\Program Files\GrabIt
[20/10/2007|19:24] C:\Program Files\Grisoft
[06/11/2006|17:04] C:\Program Files\Illustrate
[02/02/2008|19:44] C:\Program Files\IncrediMail
[21/11/2008|16:09] C:\Program Files\InstallShield Installation Information
[15/10/2008|06:28] C:\Program Files\Internet Explorer
[13/11/2006|20:17] C:\Program Files\iPod
[09/07/2008|23:04] C:\Program Files\IsoBuster
[13/11/2006|20:17] C:\Program Files\iTunes
[08/08/2008|18:13] C:\Program Files\Java
[16/11/2007|15:16] C:\Program Files\JoWooD Productions
[22/03/2007|16:28] C:\Program Files\Lavalys
[20/10/2007|19:18] C:\Program Files\Lavasoft
[23/11/2008|23:05] C:\Program Files\Malwarebytes' Anti-Malware
[26/10/2006|22:46] C:\Program Files\Media Player Classic
[03/11/2008|07:51] C:\Program Files\Messenger
[03/12/2006|10:18] C:\Program Files\microsoft frontpage
[20/10/2006|10:00] C:\Program Files\Microsoft Office
[04/12/2007|23:35] C:\Program Files\Microsoft SQL Server Compact Edition
[03/12/2006|10:20] C:\Program Files\Microsoft Visual Studio
[26/12/2007|11:45] C:\Program Files\Motorola Phone Tools
[03/11/2008|07:48] C:\Program Files\Movie Maker
[27/12/2007|14:11] C:\Program Files\mp3DirectCut
[13/10/2006|13:10] C:\Program Files\MSN
[13/10/2006|13:10] C:\Program Files\MSN Gaming Zone
[12/01/2007|03:00] C:\Program Files\MSXML 4.0
[04/04/2008|16:43] C:\Program Files\MSXML 6.0
[18/02/2008|22:05] C:\Program Files\nanocosmos
[20/10/2007|16:44] C:\Program Files\Navilog1
[09/02/2007|10:08] C:\Program Files\Nero
[03/11/2008|07:46] C:\Program Files\NetMeeting
[19/07/2008|10:18] C:\Program Files\Noel Danjou
[13/10/2006|13:10] C:\Program Files\Online Services
[20/02/2007|12:29] C:\Program Files\OpenAL
[03/11/2008|07:46] C:\Program Files\Outlook Express
[18/02/2008|15:30] C:\Program Files\PC Camera
[25/12/2006|17:11] C:\Program Files\PENTAX
[15/01/2008|20:59] C:\Program Files\PlayFirst
[28/01/2007|18:55] C:\Program Files\PowerpointImageExtractor_V1_2
[02/09/2007|23:49] C:\Program Files\PrintKey 2000 Fr
[24/06/2008|22:25] C:\Program Files\ProtectDisc Driver Installer
[23/09/2007|02:06] C:\Program Files\QuickPar
[13/11/2006|20:17] C:\Program Files\QuickTime
[23/09/2007|02:06] C:\Program Files\Real Alternative
[02/08/2008|20:13] C:\Program Files\Reallusion
[25/12/2007|19:54] C:\Program Files\Samsung
[22/10/2006|18:35] C:\Program Files\ScanSoft
[13/10/2006|13:12] C:\Program Files\Services en ligne
[18/10/2006|06:32] C:\Program Files\Setup
[27/08/2008|08:16] C:\Program Files\Sierra
[22/12/2006|18:54] C:\Program Files\Singles2
[16/10/2006|15:14] C:\Program Files\SLD Codec Pack
[18/12/2006|13:25] C:\Program Files\Smart Projects
[11/01/2007|07:32] C:\Program Files\Sporever
[09/12/2007|12:53] C:\Program Files\Star Downloader
[04/09/2008|05:53] C:\Program Files\SUPER
[24/02/2008|17:59] C:\Program Files\SYSTAT 11
[25/12/2006|16:56] C:\Program Files\T‚l‚chargement PHOTOWAYS
[07/04/2007|14:00] C:\Program Files\THQ
[01/07/2008|13:48] C:\Program Files\TmUnitedForever
[26/01/2008|20:12] C:\Program Files\Topro
[10/02/2007|18:45] C:\Program Files\TrackMania Nations ESWC
[20/10/2007|16:51] C:\Program Files\Trend Micro
[13/10/2006|13:17] C:\Program Files\Uninstall Information
[18/08/2008|16:57] C:\Program Files\uTorrent
[31/07/2008|17:05] C:\Program Files\VID_0E8F&PID_0003
[17/10/2006|10:51] C:\Program Files\VideoLAN
[18/02/2008|21:06] C:\Program Files\VirtualDub
[17/11/2006|20:59] C:\Program Files\VSO
[15/10/2006|22:58] C:\Program Files\Webteh
[27/02/2008|23:40] C:\Program Files\Windows Live
[26/03/2007|07:07] C:\Program Files\Windows Media Connect 2
[03/11/2008|07:46] C:\Program Files\Windows Media Player
[03/11/2008|07:46] C:\Program Files\Windows NT
[13/10/2006|13:12] C:\Program Files\WindowsUpdate
[16/09/2007|10:33] C:\Program Files\WinRAR
[17/09/2007|11:36] C:\Program Files\World Poker Championship
[13/10/2006|13:13] C:\Program Files\xerox
[17/09/2007|21:54] C:\Program Files\Xfire
[08/08/2007|22:00] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[28/10/2006|10:52] C:\Program Files\Fichiers communs\Adobe
[04/04/2008|16:44] C:\Program Files\Fichiers communs\Adobe AIR
[09/02/2007|10:11] C:\Program Files\Fichiers communs\Ahead
[20/10/2006|10:01] C:\Program Files\Fichiers communs\Designer
[03/01/2007|07:24] C:\Program Files\Fichiers communs\InstallShield
[23/04/2007|21:49] C:\Program Files\Fichiers communs\Java
[08/02/2007|17:39] C:\Program Files\Fichiers communs\Macromedia Shared
[26/12/2007|11:37] C:\Program Files\Fichiers communs\Microsoft Shared
[26/12/2007|11:44] C:\Program Files\Fichiers communs\Motorola Shared
[13/10/2006|13:11] C:\Program Files\Fichiers communs\MSSoap
[11/01/2007|07:32] C:\Program Files\Fichiers communs\Nosibay
[13/10/2006|14:14] C:\Program Files\Fichiers communs\ODBC
[22/01/2008|22:02] C:\Program Files\Fichiers communs\Reallusion
[02/08/2008|19:37] C:\Program Files\Fichiers communs\ScanSoft Shared
[13/10/2006|13:11] C:\Program Files\Fichiers communs\Services
[13/10/2006|14:14] C:\Program Files\Fichiers communs\SpeechEngines
[03/11/2008|07:46] C:\Program Files\Fichiers communs\System
[04/12/2007|23:09] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[23/03/2008|15:12] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 59 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-24 23:11:14
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 43

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Mickey\Application Data\uTorrent\Call of Duty 5 World at War Keygen.rar.torrent
C:\DOCUME~1\Mickey\Application Data\uTorrent\Dead Space CRACK + Serial.torrent
C:\DOCUME~1\Mickey\Application Data\uTorrent\Far Cry 2 crack Fully Working.rar.torrent
C:\DOCUME~1\Mickey\Bureau\jeux\F.E.A.R\FEARXP\Crack
C:\DOCUME~1\Mickey\Bureau\jeux\F.E.A.R\FEARXP\Crack\FEAR.exe
C:\DOCUME~1\Mickey\Bureau\jeux\F.E.A.R\FEARXP\Crack\FEARMP.exe
C:\DOCUME~1\Mickey\Bureau\jeux\F.E.A.R\FEARXP\Crack\FEARXP
C:\DOCUME~1\Mickey\Bureau\jeux\F.E.A.R\FEARXP\Crack\rld-fepkg.exe
C:\DOCUME~1\Mickey\Bureau\jeux\F.E.A.R\FEARXP\Crack\FEARXP\FEARXP.exe
C:\DOCUME~1\Mickey\Bureau\jeux\Scrabble2007\Crack
C:\DOCUME~1\Mickey\Bureau\jeux\Scrabble2007\Crack\Scrabble2007.exe
C:\DOCUME~1\Mickey\Bureau\jeux\TW07\Crack
C:\DOCUME~1\Mickey\Bureau\jeux\TW07\Crack\rld-tw7k.exe
C:\DOCUME~1\Mickey\Bureau\jeux\TW07\Crack\TW2007.exe
C:\DOCUME~1\Mickey\Bureau\MOH aiborne\PC-Game.Medal.of.Honor.Airborne.Crack.&.KeyGen.Only-HATRED
C:\DOCUME~1\Mickey\Bureau\MOH aiborne\PC-Game.Medal.of.Honor.Airborne.Crack.&.KeyGen.Only-HATRED\hatred.exe
C:\DOCUME~1\Mickey\Bureau\MOH aiborne\PC-Game.Medal.of.Honor.Airborne.Crack.&.KeyGen.Only-HATRED\hatred.nfo
C:\DOCUME~1\Mickey\Bureau\MOH aiborne\PC-Game.Medal.of.Honor.Airborne.Crack.&.KeyGen.Only-HATRED\keygen.exe
C:\DOCUME~1\Mickey\Bureau\MOH aiborne\PC-Game.Medal.of.Honor.Airborne.Crack.&.KeyGen.Only-HATRED\MOHA.exe
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack\CrazyTalk v4.5
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack\CrazyTalk v4.5\crack
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack\CrazyTalk v4.5\crazytalk.exe
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack\CrazyTalk v4.5\crack\CTICard.ppg
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack\CrazyTalk v4.5\crack\CTIFitting.ppg
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack\CrazyTalk v4.5\crack\CTIMedia.ppg
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack\CrazyTalk v4.5\crack\CTIMessage.ppg
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack\CrazyTalk v4.5\crack\CTIMobile.ppg
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack\CrazyTalk v4.5\crack\CTIScript.ppg
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack\CrazyTalk v4.5\crack\CTIWeb.ppg
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack\CrazyTalk v4.5\crack\Desperate.nfo
C:\DOCUME~1\Mickey\Bureau\programmes\Reallusion CrazyTalk 4.5 +crack\CrazyTalk v4.5\crack\RLResource.dll
C:\DOCUME~1\Mickey\Bureau\rzr-cod4\cod5fr\Call of Duty 5 World at War Keygen
C:\DOCUME~1\Mickey\Bureau\rzr-cod4\cod5fr\Call of Duty 5 World at War Keygen\Call of Duty 5 World at War Keygen
C:\DOCUME~1\Mickey\Bureau\rzr-cod4\cod5fr\Call of Duty 5 World at War Keygen\Call of Duty 5 World at War Keygen\rzr-c5kg.exe
C:\DOCUME~1\Mickey\Bureau\rzr-cod4\cod5fr\Call of Duty 5 World at War Keygen\Call of Duty 5 World at War Keygen\rzr-c5kg.sfv
C:\DOCUME~1\Mickey\Bureau\rzr-cod4\cod5fr\cod5\CODWAW\Crack
C:\DOCUME~1\Mickey\Bureau\rzr-cod4\cod5fr\cod5\CODWAW\Crack\CoDWaW.exe
C:\DOCUME~1\Mickey\Bureau\rzr-cod4\Dead.Space.German-darkc0der\Dead.Space.CRACK-Darkc0der
C:\DOCUME~1\Mickey\Bureau\rzr-cod4\Dead.Space.German-darkc0der\Dead.Space.CRACK-Darkc0der\dp.nfo
C:\DOCUME~1\Mickey\Bureau\rzr-cod4\Dead.Space.German-darkc0der\Dead.Space.CRACK-Darkc0der\dp.rar
C:\DOCUME~1\Mickey\Local Settings\Application Data\IM\Identities\{39967D0E-15D1-4D5B-9801-35F00CB27D11}\Message Store\Attachments\Age of Empires III AOE 3 crack nocd + patch vo fr + serial keygen pc RTS de refe_.rar
C:\DOCUME~1\Mickey\Local Settings\temp\$.ficn$\index\www.crackwhoreconfessions.com.ini
C:\DOCUME~1\Mickey\Mes documents\Downloads\Call of Duty 5 World at War Keygen.rar
C:\DOCUME~1\Mickey\Recent\(DeCall_Of_Duty_World_At_War_Keygen-RazorDOX - nzbsrus.com ) [46] - rzr-c5kg.sfv yEnc (11) (by nzbsrus@nzbzrus.com (nzbsrus poster)).txt.lnk
C:\DOCUME~1\Mickey\Recent\Alcohol_120_1.9.9_+_Full_working_CracK_[mininova].torrent.lnk
C:\DOCUME~1\Mickey\Recent\Call of Duty 5 World at War Keygen.rar.lnk
C:\DOCUME~1\Mickey\Recent\dead space Key and crack.lnk
C:\DOCUME~1\Mickey\Recent\dead space Key and crack.rar.lnk
C:\DOCUME~1\Mickey\Recent\Dead Space keygen by Gib.rar.lnk
C:\DOCUME~1\Mickey\Recent\Dead.Space.CRACK-Darkc0der.lnk
C:\DOCUME~1\Mickey\Recent\DeCall_Of_Duty_World_At_War_Keygen-RazorDOX_-_nzbsrus.com[1].lnk
C:\DOCUME~1\Mickey\Recent\Far Cry 2 crack Fully Working.lnk
C:\DOCUME~1\Mickey\Recent\Far Cry 2 crack Fully Working.rar.lnk
C:\DOCUME~1\Mickey\Recent\Far.Cry.2.darkc0der.crack.rar.lnk
C:\DOCUME~1\Mickey\Recent\Pro_Evolution_Soccer_2008-crack+serial-JM.zip_[mininova].torrent.lnk


[F:1257][D:30]-> C:\DOCUME~1\Mickey\LOCALS~1\Temp
[F:41][D:0]-> C:\DOCUME~1\Mickey\Cookies
[F:8796][D:17]-> C:\DOCUME~1\Mickey\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 24/11/2008|22:30 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 24/11/2008|23:13 - Option : [2]

--------------------\\ Fin du rapport a 23:13:27

et le rapport hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:14:17, on 24/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\TOPRO\TPPOLL.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sporever\Football365 Toolbar\launcher.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Free Download Manager\fum\fum.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe
C:\Program Files\Sporever\Football365 Toolbar\Football365 Toolbar.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Nosibay\RunningObjectRegistry.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\LSFPRN.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\msiexec.exe
D:\Program Files\Avant Browser\avant.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1036
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TPPOLL] C:\Program Files\TOPRO\TPPOLL.EXE
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PrinterSecurityLayer] C:\WINDOWS\LSFPRN.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Football365 Toolbar] "C:\Program Files\Sporever\Football365 Toolbar\launcher.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Free Upload Manager] "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun
O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: PrintKey 2000 Fr.lnk = C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O15 - Trusted Zone: http://canalplusalademande.canal-plus.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - https://www.snapfish.fr/2/home
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.photoways.com/clients/ImageUploader3.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.1.0.56.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553590000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
0
Réponse 11 / 25
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
24 nov. 2008 à 23:29
relance hijackthis en cliquant sur scan only et coches ces lignes stp :

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

puis tu cliques sur fix checked.

ensuite :

▶ Télécharge RegCleaner

▶ Une fois installé, double-clique sur son icône pour l'exécuter

▶ Dans la barre de menu, clique sur Options puis sélectionne Language => Choose the language

▶ recherche French.rlg et double-clique dessus pour appliquer la langue

▶ Clique ensuite sur Outils dans la barre de menu

▶ Sélectionne Nettoyage du registre => Nettoyeur de registre automatique

▶ RegCleaner va alors lancer le nettoyage automatiquement

▶ Coche ensuite les entrées invalides qui sont apparues dans la fenêtre et clique sur Supprimer sélections => Terminer => Quitter


Et ensuite dis moi si tu as encore des problèmes
0
Réponse 12 / 25
mickeymat75 Messages postés 66 Date d'inscription lundi 22 octobre 2007 Statut Membre Dernière intervention 7 novembre 2010
24 nov. 2008 à 23:42
Euh, oui, j'ai encore des problèmes !!!

j'ai fait comme tu m'as dit mais les pages apparaissent toujours !!
0
Réponse 13 / 25
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
24 nov. 2008 à 23:45
peut être une infection navipromo qui ne se vois pas...

▶ Télécharge sur le bureau Navilog1

*Si ton antivirus s'affole , le désactiver
sous vista : Clic-droit sur le raccourci Navilog1 présent sur le bureau et choisis "Exécuter en tant qu'administrateur
sous XP : double-clic dessus pour l'installer et le lancer


▶ Quand installé
▶ taper F
▶ Appuyer sur une touche jusqu' arriver aux options
▶ Choisir Recherche ( = taper 1 )

▶ne pas utiliser les autres sans avis , il peut y avoir des processus légitimes

▶un rapport : fixnavi.txt dans ==> C:

▶le copier et le coller dans la réponse
0
Réponse 14 / 25
mickeymat75 Messages postés 66 Date d'inscription lundi 22 octobre 2007 Statut Membre Dernière intervention 7 novembre 2010
25 nov. 2008 à 00:01
Search Navipromo version 3.6.9 commencé le 24/11/2008 à 23:47:57,50

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Mickey"

Mise à jour le 05.11.2008 à 21h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS

Recherche executé en mode normal

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\WINDOWS" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\Mickey\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\Mickey\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\Mickey\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\Mickey\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *



*** Recherche fichiers ***



*** Recherche clés spécifiques dans le Registre ***


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :


* Dans "C:\Documents and Settings\Mickey\locals~1\applic~1" :


* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :



*** Analyse terminée le 24/11/2008 à 23:58:26,25 ***
0
Réponse 15 / 25
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
25 nov. 2008 à 00:07
rien dans le rapport...

▶ Télécharge Combofix de sUBs


▶ et enregistre le sur le Bureau.


▶ désactive tes protections et ferme toutes tes applications(antivirus, parefeu, garde en temps réel de l'antispyware)


Voici le tutoriel officiel de Bleeping Computer pour savoir l utiliser :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix


ensuite envois le rapport et refais un nouveau rapport hijackthis stp
0
Réponse 16 / 25
mickeymat75 Messages postés 66 Date d'inscription lundi 22 octobre 2007 Statut Membre Dernière intervention 7 novembre 2010
25 nov. 2008 à 00:31
Voici le rapport :

ComboFix 08-11-23.02 - Mickey 2008-11-25 0:14:48.13 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.501 [GMT 1:00]
Lancé depuis: c:\documents and settings\Mickey\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé

[COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/B][/COLOR]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\sc32.dll
c:\windows\system32\43upd.dll
c:\windows\system32\44upd.dll

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-24 au 2008-11-24 ))))))))))))))))))))))))))))))))))))
.

2008-11-24 23:34 . 2008-11-24 23:38 <REP> d-------- c:\program files\RegCleaner
2008-11-24 22:26 . 2008-11-24 23:13 <REP> d-------- C:\Lop SD
2008-11-24 18:59 . 2007-09-05 23:22 289,144 --a------ c:\windows\system32\VCCLSID.exe
2008-11-24 18:59 . 2006-04-27 16:49 288,417 --a------ c:\windows\system32\SrchSTS.exe
2008-11-24 18:59 . 2004-07-31 17:50 51,200 --a------ c:\windows\system32\dumphive.exe
2008-11-24 18:59 . 2007-10-03 23:36 25,600 --a------ c:\windows\system32\WS2Fix.exe
2008-11-24 18:57 . 2008-11-24 18:57 25,088 --a------ c:\windows\system32\upd44.exe
2008-11-24 18:57 . 2008-11-24 18:57 25,088 --a------ c:\windows\LSFPRN.EXE
2008-11-23 23:05 . 2008-11-23 23:05 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-23 23:05 . 2008-11-23 23:05 <REP> d-------- c:\documents and settings\Mickey\Application Data\Malwarebytes
2008-11-23 23:05 . 2008-11-23 23:05 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-23 23:05 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-23 23:05 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-23 12:33 . 2008-11-25 00:16 626 --a------ c:\windows\iexplore.htm
2008-11-23 12:31 . 2008-11-23 12:31 25,088 --a------ c:\windows\system32\upd42.exe
2008-11-23 12:31 . 2008-11-23 12:31 25,088 --a------ c:\windows\LSEPRN.EXE
2008-11-11 21:19 . 2008-09-04 18:16 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-11 21:19 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-03 07:48 . 2008-11-03 07:48 <REP> d-------- c:\windows\system32\fr
2008-11-03 07:48 . 2008-11-03 07:48 <REP> d-------- c:\windows\system32\bits
2008-11-03 07:48 . 2008-11-03 07:48 <REP> d-------- c:\windows\l2schemas
2008-11-03 07:46 . 2008-11-03 07:49 <REP> d-------- c:\windows\ServicePackFiles
2008-11-03 07:40 . 2008-11-03 07:40 <REP> d-------- c:\windows\EHome
2008-10-28 17:26 . 2008-10-28 17:26 <REP> d-------- c:\windows\Logs
2008-10-24 13:27 . 2008-10-15 17:35 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-24 23:22 --------- d-----w c:\documents and settings\Mickey\Application Data\Free Download Manager
2008-11-24 23:00 --------- d-----w c:\program files\Navilog1
2008-11-23 12:05 --------- d-----w c:\documents and settings\Mickey\Application Data\uTorrent
2008-11-21 15:09 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-21 14:55 --------- d-----w c:\program files\Activision
2008-11-11 15:54 --------- d-----w c:\program files\adslTV
2008-11-04 17:50 --------- d-----w c:\documents and settings\All Users\Application Data\TrackMania
2008-10-31 13:36 --------- d-----w c:\documents and settings\Mickey\Application Data\InstallShield
2008-10-28 16:26 22,328 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2008-10-28 16:26 22,328 ----a-w c:\documents and settings\Mickey\Application Data\PnkBstrK.sys
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2007-12-26 10:36 92,064 ----a-w c:\documents and settings\Mickey\mqdmmdm.sys
2007-12-26 10:36 9,232 ----a-w c:\documents and settings\Mickey\mqdmmdfl.sys
2007-12-26 10:36 79,328 ----a-w c:\documents and settings\Mickey\mqdmserd.sys
2007-12-26 10:36 66,656 ----a-w c:\documents and settings\Mickey\mqdmbus.sys
2007-12-26 10:36 6,208 ----a-w c:\documents and settings\Mickey\mqdmcmnt.sys
2007-12-26 10:36 5,936 ----a-w c:\documents and settings\Mickey\mqdmwhnt.sys
2007-12-26 10:36 4,048 ----a-w c:\documents and settings\Mickey\mqdmcr.sys
2007-12-26 10:36 25,600 ----a-w c:\documents and settings\Mickey\usbsermptxp.sys
2007-12-26 10:36 22,768 ----a-w c:\documents and settings\Mickey\usbsermpt.sys
2006-11-17 19:59 47,360 ----a-w c:\documents and settings\Mickey\Application Data\pcouffin.sys
2006-05-03 10:06 163,328 --sh--r c:\windows\system32\flvDX.dll
2007-02-21 11:47 31,232 --sh--r c:\windows\system32\msfDX.dll
2008-02-04 19:26 151,040 --sh--w c:\windows\system32\VistaUltm.dll
.

((((((((((((((((((((((((((((( snapshot@2008-09-04_18.56.46.48 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB938464\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB938464\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB938464\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB938464\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB938464\update\updspapi.dll
+ 2008-09-15 15:14:42 1,847,040 ----a-w c:\windows\$hf_mig$\KB954211\SP2QFE\win32k.sys
+ 2008-09-15 15:26:07 1,846,528 ----a-w c:\windows\$hf_mig$\KB954211\SP3GDR\win32k.sys
+ 2008-09-15 15:20:39 1,847,040 ----a-w c:\windows\$hf_mig$\KB954211\SP3QFE\win32k.sys
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB954211\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB954211\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB954211\update\spcustom.dll
+ 2008-07-09 07:40:26 767,352 ----a-w c:\windows\$hf_mig$\KB954211\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB954211\update\updspapi.dll
+ 2008-09-10 01:12:14 1,379,840 ----a-w c:\windows\$hf_mig$\KB954459\SP3QFE\msxml6.dll
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB954459\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB954459\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB954459\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB954459\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB954459\update\updspapi.dll
+ 2008-08-26 09:10:25 124,928 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\advpack.dll
+ 2008-08-26 09:10:25 347,136 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtmsft.dll
+ 2008-08-26 09:10:25 214,528 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtrans.dll
+ 2008-08-26 09:10:25 132,608 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\extmgr.dll
+ 2008-08-26 09:10:25 63,488 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\icardie.dll
+ 2008-08-25 08:43:21 70,656 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ie4uinit.exe
+ 2008-08-26 09:10:26 153,088 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakeng.dll
+ 2008-08-26 09:10:26 230,400 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieaksie.dll
+ 2008-08-23 05:54:50 161,792 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dat
+ 2008-08-26 09:10:26 380,928 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dll
+ 2008-08-26 09:10:26 388,608 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iedkcs32.dll
+ 2008-10-03 16:22:30 6,068,224 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieframe.dll
+ 2008-08-26 09:10:27 44,544 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iernonce.dll
+ 2008-08-26 09:10:27 267,776 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iertutil.dll
+ 2008-08-25 08:43:21 13,824 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieudinit.exe
+ 2008-08-23 05:56:16 635,848 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe
+ 2008-08-26 09:10:27 27,648 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\jsproxy.dll
+ 2008-08-26 09:10:27 459,264 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeeds.dll
+ 2008-08-26 09:10:27 52,224 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeedsbs.dll
+ 2008-08-26 09:10:28 3,594,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
+ 2008-08-26 09:10:28 477,696 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtmled.dll
+ 2008-08-26 09:10:28 193,024 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msrating.dll
+ 2008-08-26 09:10:29 671,232 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mstime.dll
+ 2008-08-26 09:10:29 102,912 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\occache.dll
+ 2008-08-26 09:10:29 44,544 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\pngfilt.dll
+ 2008-08-26 09:10:29 105,984 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\url.dll
+ 2008-08-26 09:10:29 1,162,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\urlmon.dll
+ 2008-08-26 09:10:29 233,472 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\webcheck.dll
+ 2008-08-26 09:10:29 827,904 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w c:\windows\$hf_mig$\KB956390-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w c:\windows\$hf_mig$\KB956390-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\updspapi.dll
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB956391\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB956391\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB956391\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956391\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB956391\update\updspapi.dll
+ 2008-08-14 09:48:52 138,368 ----a-w c:\windows\$hf_mig$\KB956803\SP2QFE\afd.sys
+ 2008-08-14 10:04:36 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3GDR\afd.sys
+ 2008-08-14 10:34:26 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3QFE\afd.sys
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956803\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956803\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956803\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB956803\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB956803\update\updspapi.dll
+ 2008-08-14 13:39:07 2,144,768 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlmp.exe
+ 2008-08-14 13:39:12 2,065,024 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlpa.exe
+ 2008-08-14 13:39:03 2,022,912 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrpamp.exe
+ 2008-08-14 13:39:11 2,188,032 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe
+ 2008-08-14 13:23:44 2,147,328 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlmp.exe
+ 2008-08-14 13:23:49 2,068,096 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
+ 2008-08-14 13:23:44 2,025,984 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrpamp.exe
+ 2008-08-14 13:23:49 2,191,232 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
+ 2008-08-14 13:55:54 2,147,328 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlmp.exe
+ 2008-08-14 17:26:00 2,068,096 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
+ 2008-08-14 13:55:47 2,025,984 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrpamp.exe
+ 2008-08-14 17:26:02 2,191,232 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956841\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956841\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956841\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956841\update\update.exe
+ 2008-07-09 07:40:35 406,392 ----a-w c:\windows\$hf_mig$\KB956841\update\updspapi.dll
+ 2008-08-28 10:35:33 333,056 ----a-w c:\windows\$hf_mig$\KB957095\SP2QFE\srv.sys
+ 2008-09-08 10:41:42 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3GDR\srv.sys
+ 2008-09-08 11:37:19 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3QFE\srv.sys
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB957095\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB957095\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB957095\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB957095\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB957095\update\updspapi.dll
+ 2007-11-30 12:39:29 234,872 -c----w c:\windows\$NtUninstallKB938464_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB938464_0$\spuninst\updspapi.dll
- 2004-08-19 14:22:10 82,944 -c----w c:\windows\$NtUninstallKB946648$\msgsc.dll
+ 2004-08-19 14:22:10 82,944 -c----w c:\windows\$NtUninstallKB946648_0$\msgsc.dll
+ 2007-11-30 12:39:29 234,872 -c----w c:\windows\$NtUninstallKB946648_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB946648_0$\spuninst\updspapi.dll
- 2006-07-13 08:48:58 202,240 -c----w c:\windows\$NtUninstallKB950762$\rmcast.sys
+ 2006-07-13 08:48:58 202,240 -c----w c:\windows\$NtUninstallKB950762_0$\rmcast.sys
+ 2007-11-30 12:39:29 234,872 -c----w c:\windows\$NtUninstallKB950762_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB950762_0$\spuninst\updspapi.dll
- 2005-07-26 04:39:57 243,200 -c----w c:\windows\$NtUninstallKB950974$\es.dll
+ 2005-07-26 04:39:57 243,200 -c----w c:\windows\$NtUninstallKB950974_0$\es.dll
+ 2007-11-30 12:39:29 234,872 -c----w c:\windows\$NtUninstallKB950974_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:29 406,392 -c----w c:\windows\$NtUninstallKB950974_0$\spuninst\updspapi.dll
- 2007-08-21 06:17:23 683,520 -c----w c:\windows\$NtUninstallKB951066$\inetcomm.dll
+ 2007-08-21 06:17:23 683,520 -c----w c:\windows\$NtUninstallKB951066_0$\inetcomm.dll
+ 2007-11-30 12:39:29 234,872 -c----w c:\windows\$NtUninstallKB951066_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB951066_0$\spuninst\updspapi.dll
- 2008-04-14 15:52:45 272,768 -c----w c:\windows\$NtUninstallKB951376-v2$\bthport.sys
+ 2008-04-14 15:52:45 272,768 -c----w c:\windows\$NtUninstallKB951376-v2_0$\bthport.sys
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB951376-v2_0$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w c:\windows\$NtUninstallKB951376-v2_0$\spuninst\updspapi.dll
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB951376_0$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w c:\windows\$NtUninstallKB951376_0$\spuninst\updspapi.dll
- 2007-10-29 22:43:32 1,293,824 -c----w c:\windows\$NtUninstallKB951698$\quartz.dll
+ 2007-10-29 22:43:32 1,293,824 -c----w c:\windows\$NtUninstallKB951698_0$\quartz.dll
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB951698_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB951698_0$\spuninst\updspapi.dll
- 2006-03-02 12:00:00 138,496 -c----w c:\windows\$NtUninstallKB951748$\afd.sys
- 2008-02-20 05:35:05 148,992 -c----w c:\windows\$NtUninstallKB951748$\dnsapi.dll
- 2006-03-02 12:00:00 247,808 -c----w c:\windows\$NtUninstallKB951748$\mswsock.dll
- 2007-10-30 17:20:55 360,064 -c----w c:\windows\$NtUninstallKB951748$\tcpip.sys
- 2006-08-16 09:37:30 225,664 -c----w c:\windows\$NtUninstallKB951748$\tcpip6.sys
+ 2006-03-02 12:00:00 138,496 -c----w c:\windows\$NtUninstallKB951748_0$\afd.sys
+ 2008-02-20 05:35:05 148,992 -c----w c:\windows\$NtUninstallKB951748_0$\dnsapi.dll
+ 2006-03-02 12:00:00 247,808 -c----w c:\windows\$NtUninstallKB951748_0$\mswsock.dll
+ 2007-11-30 12:39:29 234,872 -c----w c:\windows\$NtUninstallKB951748_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:29 406,392 -c----w c:\windows\$NtUninstallKB951748_0$\spuninst\updspapi.dll
+ 2007-10-30 17:20:55 360,064 -c----w c:\windows\$NtUninstallKB951748_0$\tcpip.sys
+ 2006-08-16 09:37:30 225,664 -c----w c:\windows\$NtUninstallKB951748_0$\tcpip6.sys
- 2006-03-02 12:00:00 331,776 -c----w c:\windows\$NtUninstallKB952287$\msadce.dll
+ 2006-03-02 12:00:00 331,776 -c----w c:\windows\$NtUninstallKB952287_0$\msadce.dll
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB952287_0$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w c:\windows\$NtUninstallKB952287_0$\spuninst\updspapi.dll
- 2005-06-29 01:49:41 74,240 -c----w c:\windows\$NtUninstallKB952954$\mscms.dll
+ 2005-06-29 01:49:41 74,240 -c----w c:\windows\$NtUninstallKB952954_0$\mscms.dll
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB952954_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB952954_0$\spuninst\updspapi.dll
+ 2007-07-27 06:28:58 234,872 -c----w c:\windows\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe
+ 2007-07-27 08:41:48 382,840 -c----w c:\windows\$NtUninstallKB954154_WM11$\spuninst\updspapi.dll
+ 2006-10-18 19:47:20 295,936 -c----w c:\windows\$NtUninstallKB954154_WM11$\wmpeffects.dll
+ 2007-11-30 12:39:29 234,872 -c----w c:\windows\$NtUninstallKB954211_0$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB954211_0$\spuninst\updspapi.dll
+ 2008-03-20 08:09:22 1,845,376 -c----w c:\windows\$NtUninstallKB954211_0$\win32k.sys
+ 2007-11-30 12:39:29 234,872 -c----w c:\windows\$NtUninstallKB956391$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB956391$\spuninst\updspapi.dll
+ 2008-06-20 10:44:38 138,368 -c----w c:\windows\$NtUninstallKB956803_0$\afd.sys
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB956803_0$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w c:\windows\$NtUninstallKB956803_0$\spuninst\updspapi.dll
+ 2007-02-28 16:02:21 2,138,112 -c----w c:\windows\$NtUninstallKB956841_0$\ntkrnlmp.exe
+ 2007-02-28 16:02:36 2,059,648 -c----w c:\windows\$NtUninstallKB956841_0$\ntkrnlpa.exe
+ 2007-02-28 16:02:21 2,017,792 -c----w c:\windows\$NtUninstallKB956841_0$\ntkrpamp.exe
+ 2007-02-28 16:02:36 2,182,400 -c----w c:\windows\$NtUninstallKB956841_0$\ntoskrnl.exe
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB956841_0$\spuninst\spuninst.exe
+ 2008-07-09 07:40:35 406,392 -c----w c:\windows\$NtUninstallKB956841_0$\spuninst\updspapi.dll
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB957095_0$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w c:\windows\$NtUninstallKB957095_0$\spuninst\updspapi.dll
+ 2006-08-14 10:34:41 332,928 -c----w c:\windows\$NtUninstallKB957095_0$\srv.sys
- 2006-10-04 14:05:26 39,424 ------w c:\windows\AppPatch\acadproc.dll
+ 2008-04-14 02:33:18 39,424 ----a-w c:\windows\AppPatch\acadproc.dll
- 2006-03-02 12:00:00 1,852,416 ----a-w c:\windows\AppPatch\AcGenral.dll
+ 2008-04-14 02:33:18 1,852,928 ----a-w c:\windows\AppPatch\acgenral.dll
- 2006-03-02 12:00:00 450,048 ----a-w c:\windows\AppPatch\AcLayers.dll
+ 2008-04-14 02:33:18 451,072 ----a-w c:\windows\AppPatch\aclayers.dll
- 2006-03-02 12:00:00 137,728 ----a-w c:\windows\AppPatch\AcLua.dll
+ 2008-04-14 02:33:18 141,312 ----a-w c:\windows\AppPatch\aclua.dll
- 2006-03-02 12:00:00 244,736 ----a-w c:\windows\AppPatch\AcSpecfc.dll
+ 2008-04-14 02:33:18 245,248 ----a-w c:\windows\AppPatch\acspecfc.dll
- 2006-03-02 12:00:00 116,224 ----a-w c:\windows\AppPatch\AcXtrnal.dll
+ 2008-04-14 02:33:18 116,224 ----a-w c:\windows\AppPatch\acxtrnal.dll
- 2008-07-01 12:49:05 53,248 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2008-11-21 15:09:28 53,248 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2008-07-01 12:49:06 12,800 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2008-11-21 15:09:29 12,800 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2008-07-01 12:49:06 473,600 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2008-11-21 15:09:29 473,600 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2008-07-01 12:48:54 2,676,224 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-11-21 15:09:20 2,676,224 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-07-01 12:48:56 2,846,720 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-11-21 15:09:22 2,846,720 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-07-01 12:48:57 563,712 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-11-21 15:09:23 563,712 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-07-01 12:48:58 567,296 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-11-21 15:09:23 567,296 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-07-01 12:48:59 576,000 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-11-21 15:09:24 576,000 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-07-01 12:48:59 577,024 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-11-21 15:09:25 577,024 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-07-01 12:49:01 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-11-21 15:09:25 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-07-01 12:49:02 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-11-21 15:09:26 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-07-01 12:49:02 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-11-21 15:09:27 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-07-01 12:49:07 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-11-21 15:09:30 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-07-01 12:49:07 145,920 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2008-11-21 15:09:31 145,920 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2008-07-01 12:49:08 159,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2008-11-21 15:09:31 159,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2008-07-01 12:49:08 364,544 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2008-11-21 15:09:32 364,544 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2008-07-01 12:49:09 178,176 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2008-11-21 15:09:32 178,176 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2008-07-01 12:49:04 223,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2008-11-21 15:09:28 223,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2008-06-14 17:59:52 272,768 ------w c:\windows\Driver Cache\i386\bthport.sys
+ 2008-06-14 17:33:37 272,768 ------w c:\windows\Driver Cache\i386\bthport.sys
- 2006-05-05 09:41:45 453,120 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-10-24 11:21:09 455,296 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
- 2007-02-28 16:02:21 2,138,112 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 13:23:44 2,147,328 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2007-02-28 16:02:36 2,059,648 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 13:23:49 2,068,096 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2007-02-28 16:02:21 2,017,792 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 13:23:44 2,025,984 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2007-02-28 16:02:36 2,182,400 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-08-14 13:23:49 2,191,232 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2005-10-20 18:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2008-08-07 14:27:04 163,328 ----a-w c:\windows\ERUNT\SDFIX\ERDNT.EXE
+ 2008-09-07 10:22:05 14,336,000 ----a-w c:\windows\ERUNT\SDFIX\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-09-07 10:22:05 208,896 ----a-w c:\windows\ERUNT\SDFIX\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-08-07 14:27:04 163,328 ----a-w c:\windows\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-09-07 10:21:47 14,336,000 ----a-w c:\windows\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-09-07 10:21:47 208,896 ----a-w c:\windows\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000002\UsrClass.dat
- 2007-06-13 13:22:28 1,037,312 ----a-w c:\windows\explorer.exe
+ 2008-04-14 02:34:03 1,037,824 ----a-w c:\windows\explorer.exe
- 2006-03-02 12:00:00 34,816 ----a-w c:\windows\Help\sniffpol.dll
+ 2008-04-14 02:33:41 34,816 ----a-w c:\windows\Help\sniffpol.dll
- 2006-03-02 12:00:00 33,280 ----a-w c:\windows\Help\sstub.dll
+ 2008-04-14 02:33:46 33,280 ----a-w c:\windows\Help\sstub.dll
- 2006-03-02 12:00:00 279,040 ----a-w c:\windows\Help\tshoot.dll
+ 2008-04-14 02:33:46 279,040 ----a-w c:\windows\Help\tshoot.dll
- 2005-05-26 23:22:01 10,752 ----a-w c:\windows\hh.exe
+ 2008-04-14 02:34:06 10,752 ----a-w c:\windows\hh.exe
+ 2008-06-23 16:28:17 124,928 -c----w c:\windows\ie7updates\KB956390-IE7\advpack.dll
+ 2008-06-23 16:28:17 347,136 -c----w c:\windows\ie7updates\KB956390-IE7\dxtmsft.dll
+ 2008-06-23 16:28:17 214,528 -c----w c:\windows\ie7updates\KB956390-IE7\dxtrans.dll
+ 2008-06-23 16:28:17 133,120 -c----w c:\windows\ie7updates\KB956390-IE7\extmgr.dll
+ 2008-06-23 16:28:17 63,488 -c----w c:\windows\ie7updates\KB956390-IE7\icardie.dll
+ 2008-06-23 09:21:30 70,656 -c----w c:\windows\ie7updates\KB956390-IE7\ie4uinit.exe
+ 2008-06-23 16:28:18 153,088 -c----w c:\windows\ie7updates\KB956390-IE7\ieakeng.dll
+ 2008-06-23 16:28:18 230,400 -c----w c:\windows\ie7updates\KB956390-IE7\ieaksie.dll
+ 2008-06-21 05:23:54 161,792 -c----w c:\windows\ie7updates\KB956390-IE7\ieakui.dll
+ 2008-06-23 16:28:18 383,488 -c----w c:\windows\ie7updates\KB956390-IE7\ieapfltr.dll
+ 2008-06-23 16:28:18 384,512 -c----w c:\windows\ie7updates\KB956390-IE7\iedkcs32.dll
+ 2008-06-23 16:28:19 6,066,176 -c----w c:\windows\ie7updates\KB956390-IE7\ieframe.dll
+ 2008-06-23 16:28:19 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\iernonce.dll
+ 2008-06-23 16:28:20 267,776 -c----w c:\windows\ie7updates\KB956390-IE7\iertutil.dll
+ 2008-06-23 09:20:26 13,824 -c----w c:\windows\ie7updates\KB956390-IE7\ieudinit.exe
+ 2008-06-23 09:21:49 625,664 -c----w c:\windows\ie7updates\KB956390-IE7\iexplore.exe
+ 2008-06-23 16:28:20 27,648 -c----w c:\windows\ie7updates\KB956390-IE7\jsproxy.dll
+ 2008-06-23 16:28:20 459,264 -c----w c:\windows\ie7updates\KB956390-IE7\msfeeds.dll
+ 2008-06-23 16:28:20 52,224 -c----w c:\windows\ie7updates\KB956390-IE7\msfeedsbs.dll
+ 2008-06-24 08:28:24 3,592,192 -c----w c:\windows\ie7updates\KB956390-IE7\mshtml.dll
+ 2008-06-23 16:28:22 477,696 -c----w c:\windows\ie7updates\KB956390-IE7\mshtmled.dll
+ 2008-06-23 16:28:22 193,024 -c----w c:\windows\ie7updates\KB956390-IE7\msrating.dll
+ 2008-06-23 16:28:22 671,232 -c----w c:\windows\ie7updates\KB956390-IE7\mstime.dll
+ 2008-06-23 16:28:22 102,912 -c----w c:\windows\ie7updates\KB956390-IE7\occache.dll
+ 2008-06-23 16:28:22 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\updspapi.dll
+ 2008-06-23 16:28:22 105,984 -c----w c:\windows\ie7updates\KB956390-IE7\url.dll
+ 2008-06-23 16:28:23 1,159,680 -c----w c:\windows\ie7updates\KB956390-IE7\urlmon.dll
+ 2008-06-23 16:28:23 233,472 -c----w c:\windows\ie7updates\KB956390-IE7\webcheck.dll
+ 2008-06-23 16:28:23 826,368 -c----w c:\windows\ie7updates\KB956390-IE7\wininet.dll
- 2006-03-02 12:00:00 220,160 ----a-w c:\windows\ime\mscandui.dll
+ 2008-04-14 02:33:30 220,160 ----a-w c:\windows\ime\mscandui.dll
- 2006-03-02 12:00:00 130,048 ----a-w c:\windows\ime\SOFTKBD.DLL
+ 2008-04-14 02:33:41 130,048 ----a-w c:\windows\ime\softkbd.dll
- 2006-03-02 12:00:00 62,976 ----a-w c:\windows\ime\SPGRMR.dll
+ 2008-04-13 16:43:18 62,976 ----a-w c:\windows\ime\spgrmr.dll
- 2006-03-02 12:00:00 272,384 ----a-w c:\windows\ime\SPTIP.dll
+ 2008-04-14 02:33:46 272,384 ----a-w c:\windows\ime\sptip.dll
+ 2008-11-12 05:47:00 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
- 2007-12-04 22:15:52 29,926 ----a-r c:\windows\Installer\{BADF6744-3787-48F6-B8C9-4C4995401D65}\MsblIco.Exe
+ 2008-11-03 19:36:17 29,926 ----a-r c:\windows\Installer\{BADF6744-3787-48F6-B8C9-4C4995401D65}\MsblIco.Exe
+ 2008-11-21 15:09:01 11,502 ----a-r c:\windows\Installer\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\ARPPRODUCTICON.exe
+ 2008-01-18 15:13:09 2,247 ------w c:\windows\Installer\tsclientmsitrans\tscdsbl.bat
+ 2007-12-12 10:33:51 18,917 ------w c:\windows\Installer\tsclientmsitrans\tscinst.vbs
+ 2007-10-30 10:06:46 13,801 ------w c:\windows\Installer\tsclientmsitrans\tscuinst.vbs
+ 2008-04-14 02:33:06 25,600 ------w c:\windows\Installer\tsclientmsitrans\tscupdc.dll
- 2006-03-02 12:00:00 24,064 ----a-w c:\windows\msagent\agentanm.dll
+ 2008-04-14 02:33:18 24,064 ----a-w c:\windows\msagent\agentanm.dll
- 2006-03-02 12:00:00 214,016 ----a-w c:\windows\msagent\agentctl.dll
+ 2008-04-14 02:33:18 214,016 ----a-w c:\windows\msagent\agentctl.dll
- 2006-10-12 13:55:58 42,496 ----a-w c:\windows\msagent\agentdp2.dll
+ 2008-04-14 02:33:18 42,496 ----a-w c:\windows\msagent\agentdp2.dll
- 2007-03-09 14:00:38 57,344 ----a-w c:\windows\msagent\agentdpv.dll
+ 2008-04-14 02:33:18 57,344 ----a-w c:\windows\msagent\agentdpv.dll
- 2006-03-02 12:00:00 49,152 ----a-w c:\windows\msagent\agentmpx.dll
+ 2008-04-14 02:33:18 49,152 ----a-w c:\windows\msagent\agentmpx.dll
- 2006-03-02 12:00:00 24,064 ----a-w c:\windows\msagent\agentpsh.dll
+ 2008-04-14 02:33:18 24,064 ----a-w c:\windows\msagent\agentpsh.dll
- 2006-03-02 12:00:00 44,032 ----a-w c:\windows\msagent\agentsr.dll
+ 2008-04-14 02:33:18 44,032 ----a-w c:\windows\msagent\agentsr.dll
- 2006-10-12 11:54:07 256,512 ----a-w c:\windows\msagent\agentsvr.exe
+ 2008-04-14 02:33:53 256,512 ----a-w c:\windows\msagent\agentsvr.exe
- 2006-03-02 12:00:00 24,064 ----a-w c:\windows\msagent\agtintl.dll
+ 2008-04-14 02:33:19 24,064 ----a-w c:\windows\msagent\agtintl.dll
- 2006-03-02 12:00:00 19,456 ----a-w c:\windows\msagent\intl\agt0405.dll
+ 2007-04-02 18:25:59 19,456 ----a-w c:\windows\msagent\intl\agt0405.dll
- 2006-03-02 12:00:00 19,456 ----a-w c:\windows\msagent\intl\agt0406.dll
+ 2007-04-02 18:25:59 19,456 ----a-w c:\windows\msagent\intl\agt0406.dll
- 2006-03-02 12:00:00 21,504 ----a-w c:\windows\msagent\intl\agt0407.dll
+ 2007-04-02 18:26:00 21,504 ----a-w c:\windows\msagent\intl\agt0407.dll
- 2006-03-02 12:00:00 22,016 ----a-w c:\windows\msagent\intl\agt0408.dll
+ 2007-04-02 18:26:00 22,016 ----a-w c:\windows\msagent\intl\agt0408.dll
- 2006-03-02 12:00:00 19,456 ----a-w c:\windows\msagent\intl\agt0409.dll
+ 2008-04-13 17:32:28 19,968 ----a-w c:\windows\msagent\intl\agt0409.dll
- 2006-03-02 12:00:00 19,456 ----a-w c:\windows\msagent\intl\agt040b.dll
+ 2007-04-02 18:26:00 19,456 ----a-w c:\windows\msagent\intl\agt040b.dll
- 2006-03-02 12:00:00 21,504 ----a-w c:\windows\msagent\intl\agt040c.dll
+ 2007-04-02 18:26:00 21,504 ----a-w c:\windows\msagent\intl\agt040c.dll
- 2006-03-02 12:00:00 19,968 ----a-w c:\windows\msagent\intl\agt040e.dll
+ 2007-04-02 18:26:00 19,968 ----a-w c:\windows\msagent\intl\agt040e.dll
- 2006-03-02 12:00:00 20,992 ----a-w c:\windows\msagent\intl\agt0410.dll
+ 2007-04-02 18:26:00 20,992 ----a-w c:\windows\msagent\intl\agt0410.dll
- 2006-03-02 12:00:00 20,992 ----a-w c:\windows\msagent\intl\agt0413.dll
+ 2007-04-02 18:26:01 20,992 ----a-w c:\windows\msagent\intl\agt0413.dll
- 2006-03-02 12:00:00 19,456 ----a-w c:\windows\msagent\intl\agt0414.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt0414.dll
- 2006-03-02 12:00:00 19,456 ----a-w c:\windows\msagent\intl\agt0415.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt0415.dll
- 2006-03-02 12:00:00 20,480 ----a-w c:\windows\msagent\intl\agt0416.dll
+ 2007-04-02 18:26:01 20,480 ----a-w c:\windows\msagent\intl\agt0416.dll
- 2006-03-02 12:00:00 19,456 ----a-w c:\windows\msagent\intl\agt0419.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt0419.dll
- 2006-03-02 12:00:00 19,456 ----a-w c:\windows\msagent\intl\agt041d.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt041d.dll
- 2006-03-02 12:00:00 19,456 ----a-w c:\windows\msagent\intl\agt041f.dll
+ 2007-04-02 18:26:01 19,456 ----a-w c:\windows\msagent\intl\agt041f.dll
- 2006-03-02 12:00:00 20,992 ----a-w c:\windows\msagent\intl\agt0816.dll
+ 2007-04-02 18:26:02 20,992 ----a-w c:\windows\msagent\intl\agt0816.dll
- 2006-03-02 12:00:00 20,480 ----a-w c:\windows\msagent\intl\agt0c0a.dll
+ 2007-04-02 18:26:02 20,480 ----a-w c:\windows\msagent\intl\agt0c0a.dll
- 2006-03-02 12:00:00 39,936 ----a-w c:\windows\msagent\mslwvtts.dll
+ 2008-04-14 02:33:32 39,936 ----a-w c:\windows\msagent\mslwvtts.dll
- 2006-06-02 19:32:20 33,792 ------w c:\windows\network diagnostic\custsat.dll
+ 2008-04-14 02:33:22 33,792 ------w c:\windows\network diagnostic\custsat.dll
- 2006-10-10 12:44:50 557,568 ------w c:\windows\network diagnostic\xpnetdiag.exe
+ 2008-04-13 18:53:32 558,080 ------w c:\windows\network diagnostic\xpnetdiag.exe
- 2000-08-31 06:00:00 28,672 ----a-w c:\windows\NirCmd.exe
+ 2000-08-31 07:00:00 28,672 ----a-w c:\windows\NirCmd.exe
- 2006-03-02 12:00:00 70,656 ----a-w c:\windows\NOTEPAD.EXE
+ 2008-04-14 02:34:15 70,656 ----a-w c:\windows\notepad.exe
- 2006-03-02 12:00:00 768,512 ----a-w c:\windows\pchealth\helpctr\binaries\HelpCtr.exe
+ 2008-04-14 02:34:06 769,024 ----a-w c:\windows\pchealth\helpctr\binaries\helpctr.exe
- 2006-03-02 12:00:00 743,936 ----a-w c:\windows\pchealth\helpctr\binaries\HelpSvc.exe
+ 2008-04-14 02:34:06 744,448 ----a-w c:\windows\pchealth\helpctr\binaries\helpsvc.exe
- 2006-03-02 12:00:00 18,944 ----a-w c:\windows\pchealth\helpctr\binaries\HscUpd.exe
+ 2008-04-14 02:34:06 18,432 ----a-w c:\windows\pchealth\helpctr\binaries\hscupd.exe
- 2006-03-02 12:00:00 160,768 ----a-w c:\windows\pchealth\helpctr\binaries\msconfig.exe
+ 2008-04-14 02:34:12 172,544 ----a-w c:\windows\pchealth\helpctr\binaries\msconfig.exe
- 2006-03-02 12:00:00 381,952 ----a-w c:\windows\pchealth\helpctr\binaries\msinfo.dll
+ 2008-04-14 02:33:32 382,464 ----a-w c:\windows\pchealth\helpctr\binaries\msinfo.dll
- 2006-03-02 12:00:00 102,400 ----a-w c:\windows\pchealth\helpctr\binaries\pchshell.dll
+ 2008-04-14 02:33:38 102,912 ----a-w c:\windows\pchealth\helpctr\binaries\pchshell.dll
- 2006-03-02 12:00:00 38,912 ----a-w c:\windows\pchealth\helpctr\binaries\pchsvc.dll
+ 2008-04-14 02:33:38 38,400 ----a-w c:\windows\pchealth\helpctr\binaries\pchsvc.dll
- 2006-10-16 12:13:17 76,507 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
+ 2008-11-03 06:50:35 76,507 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
- 2006-10-16 12:13:17 2,398 ----a-w c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
+ 2008-11-03 06:50:35 2,704 ----a-w c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
- 2006-03-02 12:00:00 151,040 ----a-w c:\windows\pchealth\UploadLB\Binaries\UploadM.exe
+ 2008-04-14 02:34:26 151,040 ----a-w c:\windows\pchealth\UploadLB\Binaries\uploadm.exe
- 2006-03-02 12:00:00 151,552 ----a-w c:\windows\PeerNet\sqldb20.dll
+ 2008-04-14 02:33:46 151,552 ----a-w c:\windows\PeerNet\sqldb20.dll
- 2006-03-02 12:00:00 462,848 ----a-w c:\windows\PeerNet\sqlqp20.dll
+ 2008-04-14 02:33:46 462,848 ----a-w c:\windows\PeerNet\sqlqp20.dll
- 2006-03-02 12:00:00 110,592 ----a-w c:\windows\PeerNet\sqlse20.dll
+ 2008-04-14 02:33:46 110,592 ----a-w c:\windows\PeerNet\sqlse20.dll
- 2006-03-02 12:00:00 153,088 ----a-w c:\windows\regedit.exe
+ 2008-04-14 02:34:19 153,088 ----a-w c:\windows\regedit.exe
+ 2008-04-13 18:46:18 53,376 ------w c:\windows\ServicePackFiles\i386\1394bus.sys
+ 2008-04-13 18:40:50 12,288 ------w c:\windows\ServicePackFiles\i386\4mmdat.sys
+ 2008-04-13 18:46:20 48,128 ------w c:\windows\ServicePackFiles\i386\61883.sys
+ 2008-04-14 02:33:18 100,352 ------w c:\windows\ServicePackFiles\i386\6to4svc.dll
+ 2008-04-14 02:33:18 136,192 ------w c:\windows\ServicePackFiles\i386\aaclient.dll
+ 2004-08-03 20:32:22 231,552 ------w c:\windows\ServicePackFiles\i386\ac97ali.sys
+ 2004-08-03 20:32:32 84,480 ------w c:\windows\ServicePackFiles\i386\ac97via.sys
+ 2008-04-14 02:33:18 39,424 ------w c:\windows\ServicePackFiles\i386\acadproc.dll
+ 2008-04-14 02:33:53 190,464 ------w c:\windows\ServicePackFiles\i386\accwiz.exe
+ 2008-04-14 02:33:18 1,852,928 ------w c:\windows\ServicePackFiles\i386\acgenral.dll
+ 2008-04-14 02:33:18 451,072 ------w c:\windows\ServicePackFiles\i386\aclayers.dll
+ 2008-04-14 02:33:18 141,312 ------w c:\windows\ServicePackFiles\i386\aclua.dll
+ 2008-04-14 02:33:18 120,320 ------w c:\windows\ServicePackFiles\i386\aclui.dll
+ 2008-04-14 01:52:42 188,672 ------w c:\windows\ServicePackFiles\i386\acpi.sys
+ 2008-04-14 02:33:18 245,248 ------w c:\windows\ServicePackFiles\i386\acspecfc.dll
+ 2008-04-14 02:33:18 193,536 ------w c:\windows\ServicePackFiles\i386\activeds.dll
+ 2008-04-14 02:33:53 4,096 ------w c:\windows\ServicePackFiles\i386\actmovie.exe
+ 2008-04-14 02:33:18 98,304 ------w c:\windows\ServicePackFiles\i386\actxprxy.dll
+ 2008-04-14 02:33:18 116,224 ------w c:\windows\ServicePackFiles\i386\acxtrnal.dll
+ 2008-04-14 02:33:18 20,540 ------w c:\windows\ServicePackFiles\i386\admin.dll
+ 2008-04-14 02:33:53 16,439 ------w c:\windows\ServicePackFiles\i386\admin.exe
+ 2004-08-03 20:32:24 10,880 ------w c:\windows\ServicePackFiles\i386\admjoy.sys
+ 2008-04-14 02:33:18 61,440 ------w c:\windows\ServicePackFiles\i386\admparse.dll
+ 2008-04-14 02:33:18 175,616 ------w c:\windows\ServicePackFiles\i386\adsldp.dll
+ 2008-04-14 02:33:18 143,360 ------w c:\windows\ServicePackFiles\i386\adsldpc.dll
+ 2008-04-14 02:33:18 68,096 ------w c:\windows\ServicePackFiles\i386\adsmsext.dll
+ 2008-04-14 02:33:18 263,680 ------w c:\windows\ServicePackFiles\i386\adsnt.dll
+ 2008-04-14 02:33:18 4,255 ------w c:\windows\ServicePackFiles\i386\adv01nt5.dll
+ 2008-04-14 02:33:18 3,967 ------w c:\windows\ServicePackFiles\i386\adv02nt5.dll
+ 2008-04-14 02:33:18 3,615 ------w c:\windows\ServicePackFiles\i386\adv05nt5.dll
+ 2008-04-14 02:33:18 3,647 ------w c:\windows\ServicePackFiles\i386\adv07nt5.dll
+ 2008-04-14 02:33:18 3,135 ------w c:\windows\ServicePackFiles\i386\adv08nt5.dll
+ 2008-04-14 02:33:18 3,711 ------w c:\windows\ServicePackFiles\i386\adv09nt5.dll
+ 2008-04-14 02:33:18 3,775 ------w c:\windows\ServicePackFiles\i386\adv11nt5.dll
+ 2008-04-14 02:33:18 685,568 ------w c:\windows\ServicePackFiles\i386\advapi32.dll
+ 2008-04-14 02:33:18 101,888 ------w c:\windows\ServicePackFiles\i386\advpack.dll
+ 2008-04-13 16:39:23 142,592 ------w c:\windows\ServicePackFiles\i386\aec.sys
+ 2008-04-13 19:19:23 138,112 ------w c:\windows\ServicePackFiles\i386\afd.sys
+ 2008-04-14 02:33:18 24,064 ------w c:\windows\ServicePackFiles\i386\agentanm.dll
+ 2008-04-14 02:33:18 214,016 ------w c:\windows\ServicePackFiles\i386\agentctl.dll
+ 2008-04-14 02:33:18 42,496 ------w c:\windows\ServicePackFiles\i386\agentdp2.dll
+ 2008-04-14 02:33:18 57,344 ------w c:\windows\ServicePackFiles\i386\agentdpv.dll
+ 2008-04-14 02:33:18 49,152 ------w c:\windows\ServicePackFiles\i386\agentmpx.dll
+ 2008-04-14 02:33:18 24,064 ------w c:\windows\ServicePackFiles\i386\agentpsh.dll
+ 2008-04-14 02:33:18 44,032 ------w c:\windows\ServicePackFiles\i386\agentsr.dll
+ 2008-04-14 02:33:53 256,512 ------w c:\windows\ServicePackFiles\i386\agentsvr.exe
+ 2008-04-13 18:36:38 42,368 ------w c:\windows\ServicePackFiles\i386\agp440.sys
+ 2008-04-13 18:36:39 44,928 ------w c:\windows\ServicePackFiles\i386\agpcpq.sys
+ 2007-04-02 18:25:59 19,456 ------w c:\windows\ServicePackFiles\i386\agt0401.dll
+ 2007-04-02 18:25:59 19,456 ------w c:\windows\ServicePackFiles\i386\agt0404.dll
+ 2007-04-02 18:25:59 19,456 ------w c:\windows\ServicePackFiles\i386\agt0405.dll
+ 2007-04-02 18:25:59 19,456 ------w c:\windows\ServicePackFiles\i386\agt0406.dll
+ 2007-04-02 18:26:00 21,504 ------w c:\windows\ServicePackFiles\i386\agt0407.dll
+ 2007-04-02 18:26:00 22,016 ------w c:\windows\ServicePackFiles\i386\agt0408.dll
+ 2008-04-13 17:32:28 19,968 ------w c:\windows\ServicePackFiles\i386\agt0409.dll
+ 2007-04-02 18:26:00 19,456 ------w c:\windows\ServicePackFiles\i386\agt040b.dll
+ 2007-04-02 18:26:00 21,504 ------w c:\windows\ServicePackFiles\i386\agt040c.dll
+ 2007-04-02 18:26:00 19,456 ------w c:\windows\ServicePackFiles\i386\agt040d.dll
+ 2007-04-02 18:26:00 19,968 ------w c:\windows\ServicePackFiles\i386\agt040e.dll
+ 2007-04-02 18:26:00 20,992 ------w c:\windows\ServicePackFiles\i386\agt0410.dll
+ 2007-04-02 18:26:00 19,456 ------w c:\windows\ServicePackFiles\i386\agt0411.dll
+ 2007-04-02 18:26:00 19,456 ------w c:\windows\ServicePackFiles\i386\agt0412.dll
+ 2007-04-02 18:26:01 20,992 ------w c:\windows\ServicePackFiles\i386\agt0413.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt0414.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt0415.dll
+ 2007-04-02 18:26:01 20,480 ------w c:\windows\ServicePackFiles\i386\agt0416.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt0419.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt041d.dll
+ 2007-04-02 18:26:01 19,456 ------w c:\windows\ServicePackFiles\i386\agt041f.dll
+ 2007-04-02 18:26:02 19,456 ------w c:\windows\ServicePackFiles\i386\agt0804.dll
+ 2007-04-02 18:26:02 20,992 ------w c:\windows\ServicePackFiles\i386\agt0816.dll
+ 2007-04-02 18:26:02 20,480 ------w c:\windows\ServicePackFiles\i386\agt0c0a.dll
+ 2008-04-14 02:33:19 24,064 ------w c:\windows\ServicePackFiles\i386\agtintl.dll
+ 2008-04-14 02:33:53 98,304 ------w c:\windows\ServicePackFiles\i386\ahui.exe
+ 2008-04-14 02:33:53 44,544 ------w c:\windows\ServicePackFiles\i386\alg.exe
+ 2008-04-13 18:36:38 42,752 ------w c:\windows\ServicePackFiles\i386\alim1541.sys
+ 2008-04-14 02:33:19 17,408 ------w c:\windows\ServicePackFiles\i386\alrsvc.dll
+ 2008-04-13 18:36:39 43,008 ------w c:\windows\ServicePackFiles\i386\amdagp.sys
+ 2008-04-14 01:54:28 41,472 ------w c:\windows\ServicePackFiles\i386\amdk6.sys
+ 2008-04-14 01:54:29 41,856 ------w c:\windows\ServicePackFiles\i386\amdk7.sys
+ 2008-04-14 02:33:19 70,656 ------w c:\windows\ServicePackFiles\i386\amstream.dll
+ 2004-08-03 20:31:20 36,224 ------w c:\windows\ServicePackFiles\i386\an983.sys
+ 2008-04-14 02:33:19 125,952 ------w c:\windows\ServicePackFiles\i386\apphelp.dll
+ 2008-04-14 02:33:19 334,336 ------w c:\windows\ServicePackFiles\i386\aqueue.dll
+ 2008-04-13 18:51:25 60,800 ------w c:\windows\ServicePackFiles\i386\arp1394.sys
+ 2008-04-14 02:33:19 65,024 ------w c:\windows\ServicePackFiles\i386\asycfilt.dll
+ 2008-04-13 18:57:27 14,336 ------w c:\windows\ServicePackFiles\i386\asyncmac.sys
+ 2008-04-14 02:33:53 25,088 ------w c:\windows\ServicePackFiles\i386\at.exe
+ 2008-04-13 18:40:30 96,512 ------w c:\windows\ServicePackFiles\i386\atapi.sys
+ 2004-08-03 20:29:30 56,623 ------w c:\windows\ServicePackFiles\i386\ati1btxx.sys
+ 2004-08-03 20:29:30 11,615 ------w c:\windows\ServicePackFiles\i386\ati1mdxx.sys
+ 2004-08-03 20:29:30 12,047 ------w c:\windows\ServicePackFiles\i386\ati1pdxx.sys
+ 2004-08-03 20:29:32 30,671 ------w c:\windows\ServicePackFiles\i386\ati1raxx.sys
+ 2004-08-03 20:29:32 63,663 ------w c:\windows\ServicePackFiles\i386\ati1rvxx.sys
+ 2004-08-03 20:29:32 26,367 ------w c:\windows\ServicePackFiles\i386\ati1snxx.sys
+ 2004-08-03 20:29:32 21,343 ------w c:\windows\ServicePackFiles\i386\ati1ttxx.sys
+ 2004-08-03 20:29:32 36,463 ------w c:\windows\ServicePackFiles\i386\ati1tuxx.sys
+ 2004-08-03 20:29:32 29,455 ------w c:\windows\ServicePackFiles\i386\ati1xbxx.sys
+ 2004-08-03 20:29:32 34,735 ------w c:\windows\ServicePackFiles\i386\ati1xsxx.sys
+ 2008-04-14 02:33:19 229,376 ------w c:\windows\ServicePackFiles\i386\ati2cqag.dll
+ 2008-04-14 02:33:19 377,984 ------w c:\windows\ServicePackFiles\i386\ati2dvaa.dll
+ 2008-04-14 02:33:19 201,728 ------w c:\windows\ServicePackFiles\i386\ati2dvag.dll
+ 2004-08-19 13:53:40 327,168 ------w c:\windows\ServicePackFiles\i386\ati2mtaa.sys
+ 2004-08-19 13:53:42 701,440 ------w c:\windows\ServicePackFiles\i386\ati2mtag.sys
+ 2008-04-14 02:33:19 870,784 ------w c:\windows\ServicePackFiles\i386\ati3d1ag.dll
+ 2008-04-14 02:33:19 1,057,760 ------w c:\windows\ServicePackFiles\i386\ati3d2ag.dll
+ 2008-04-14 02:33:19 1,888,992 ------w c:\windows\ServicePackFiles\i386\ati3duag.dll
+ 2004-08-03 20:29:28 57,856 ------w c:\windows\ServicePackFiles\i386\atinbtxx.sys
+ 2004-08-03 20:29:30 13,824 ------w c:\windows\ServicePackFiles\i386\atinmdxx.sys
+ 2004-08-03 20:29:30 14,336 ------w c:\windows\ServicePackFiles\i386\atinpdxx.sys
+ 2004-08-03 20:29:30 52,224 ------w c:\windows\ServicePackFiles\i386\atinraxx.sys
+ 2004-08-03 20:29:32 104,960 ------w c:\windows\ServicePackFiles\i386\atinrvxx.sys
+ 2004-08-03 20:29:32 28,672 ------w c:\windows\ServicePackFiles\i386\atinsnxx.sys
+ 2004-08-03 20:29:32 13,824 ------w c:\windows\ServicePackFiles\i386\atinttxx.sys
+ 2004-08-03 20:29:32 73,216 ------w c:\windows\ServicePackFiles\i386\atintuxx.sys
+ 2004-08-03 20:29:32 31,744 ------w c:\windows\ServicePackFiles\i386\atinxbxx.sys
+ 2004-08-03 20:29:32 63,488 ------w c:\windows\ServicePackFiles\i386\atinxsxx.sys
+ 2008-04-14 02:33:19 32,768 ------w c:\windows\ServicePackFiles\i386\ativtmxx.dll
+ 2008-04-14 02:33:19 516,768 ------w c:\windows\ServicePackFiles\i386\ativvaxx.dll
+ 2008-04-14 02:33:19 58,880 ------w c:\windows\ServicePackFiles\i386\atl.dll
+ 2008-04-14 02:33:53 11,264 ------w c:\windows\ServicePackFiles\i386\atmadm.exe
+ 2008-04-13 18:51:25 59,904 ------w c:\windows\ServicePackFiles\i386\atmarpc.sys
+ 2008-04-14 02:31:00 285,696 ------w c:\windows\ServicePackFiles\i386\atmfd.dll
+ 2008-04-13 18:51:30 55,808 ------w c:\windows\ServicePackFiles\i386\atmlane.sys
+ 2008-04-14 02:33:19 30,208 ------w c:\windows\ServicePackFiles\i386\atmlib.dll
+ 2008-04-14 02:33:53 12,288 ------w c:\windows\ServicePackFiles\i386\attrib.exe
+ 2008-04-14 02:33:19 21,183 ------w c:\windows\ServicePackFiles\i386\atv01nt5.dll
+ 2008-04-14 02:33:19 11,359 ------w c:\windows\ServicePackFiles\i386\atv02nt5.dll
+ 2008-04-14 02:33:19 25,471 ------w c:\windows\ServicePackFiles\i386\atv04nt5.dll
+ 2008-04-14 02:33:19 14,143 ------w c:\windows\ServicePackFiles\i386\atv06nt5.dll
+ 2008-04-14 02:33:19 17,279 ------w c:\windows\ServicePackFiles\i386\atv10nt5.dll
+ 2008-04-14 02:33:19 42,496 ------w c:\windows\ServicePackFiles\i386\audiosrv.dll
+ 2008-04-14 02:33:53 14,336 ------w c:\windows\ServicePackFiles\i386\auditusr.exe
+ 2008-04-14 02:33:19 20,540 ------w c:\windows\ServicePackFiles\i386\author.dll
+ 2008-04-14 02:33:53 16,439 ------w c:\windows\ServicePackFiles\i386\author.exe
+ 2008-04-14 02:33:19 62,464 ------w c:\windows\ServicePackFiles\i386\authz.dll
+ 2008-04-14 02:33:53 625,152 ------w c:\windows\ServicePackFiles\i386\autochk.exe
+ 2008-04-14 02:33:53 638,976 ------w c:\windows\ServicePackFiles\i386\autoconv.exe
+ 2008-04-14 02:33:54 616,960 ------w c:\windows\ServicePackFiles\i386\autofmt.exe
+ 2008-04-14 02:33:54 11,264 ------w c:\windows\ServicePackFiles\i386\autolfn.exe
+ 2008-04-13 18:46:20 38,912 ------w c:\windows\ServicePackFiles\i386\avc.sys
+ 2008-04-13 18:46:07 13,696 ------w c:\windows\ServicePackFiles\i386\avcstrm.sys
+ 2008-04-14 02:33:19 85,504 ------w c:\windows\ServicePackFiles\i386\avifil32.dll
+ 2008-04-14 02:33:19 233,472 ------w c:\windows\ServicePackFiles\i386\azroles.dll
+ 2008-04-14 02:33:19 52,736 ------w c:\windows\ServicePackFiles\i386\basesrv.dll
+ 2008-04-14 02:33:19 29,184 ------w c:\windows\ServicePackFiles\i386\batmeter.dll
+ 2008-04-14 02:33:19 8,704 ------w c:\windows\ServicePackFiles\i386\batt.dll
+ 2008-04-13 18:36:32 14,208 ------w c:\windows\ServicePackFiles\i386\battc.sys
+ 2008-04-13 18:46:21 11,776 ------w c:\windows\ServicePackFiles\i386\bdasup.sys
+ 2008-04-14 02:33:19 17,408 ------w c:\windows\ServicePackFiles\i386\bidispl.dll
+ 2008-04-14 02:33:19 8,192 ------w c:\windows\ServicePackFiles\i386\bitsprx2.dll
+ 2008-04-14 02:33:19 7,168 ------w c:\windows\ServicePackFiles\i386\bitsprx3.dll
+ 2008-04-14 02:33:19 7,168 ------w c:\windows\ServicePackFiles\i386\bitsprx4.dll
+ 2008-04-14 02:33:55 71,680 ------w c:\windows\ServicePackFiles\i386\blastcln.exe
+ 2008-04-13 18:53:23 71,552 ------w c:\windows\ServicePackFiles\i386\bridge.sys
+ 2008-04-14 01:57:48 70,144 ------w c:\windows\ServicePackFiles\i386\browselc.dll
+ 2008-04-14 02:33:20 77,824 ------w c:\windows\ServicePackFiles\i386\browser.dll
+ 2008-04-14 02:33:20 1,025,024 ------w c:\windows\ServicePackFiles\i386\browseui.dll
+ 2008-04-14 02:33:20 78,336 ------w c:\windows\ServicePackFiles\i386\browsewm.dll
+ 2008-04-14 02:33:20 20,992 ------w c:\windows\ServicePackFiles\i386\bthci.dll
+ 2008-04-13 18:46:33 17,024 ------w c:\windows\ServicePackFiles\i386\bthenum.sys
+ 2008-04-13 18:46:33 37,888 ------w c:\windows\ServicePackFiles\i386\bthmodem.sys
+ 2008-04-13 18:51:34 101,120 ------w c:\windows\ServicePackFiles\i386\bthpan.sys
+ 2008-04-14 01:58:00 273,664 ------w c:\windows\ServicePackFiles\i386\bthport.sys
+ 2008-04-13 18:46:31 36,480 ------w c:\windows\ServicePackFiles\i386\bthprint.sys
+ 2008-04-14 02:33:20 30,208 ------w c:\windows\ServicePackFiles\i386\bthserv.dll
+ 2008-04-13 18:46:29 18,944 ------w c:\windows\ServicePackFiles\i386\bthusb.sys
+ 2008-04-14 02:33:20 50,688 ------w c:\windows\ServicePackFiles\i386\btpanui.dll
+ 2008-04-14 02:33:20 218,112 ------w c:\windows\ServicePackFiles\i386\c_g18030.dll
+ 2008-04-14 02:33:20 60,416 ------w c:\windows\ServicePackFiles\i386\cabinet.dll
+ 2008-04-14 02:33:20 85,504 ------w c:\windows\ServicePackFiles\i386\cabview.dll
+ 2008-04-14 02:33:55 20,992 ------w c:\windows\ServicePackFiles\i386\cacls.exe
+ 2008-04-14 02:33:20 385,024 ------w c:\windows\ServicePackFiles\i386\callcont.dll
+ 2008-04-14 02:33:20 121,856 ------w c:\windows\ServicePackFiles\i386\camext30.dll
+ 2008-04-14 02:33:20 50,688 ------w c:\windows\ServicePackFiles\i386\camocx.dll
+ 2008-04-14 02:33:20 153,600 ------w c:\windows\ServicePackFiles\i386\capesnpn.dll
+ 2008-04-14 02:33:20 226,304 ------w c:\windows\ServicePackFiles\i386\catsrv.dll
+ 2008-04-14 02:33:20 85,504 ------w c:\windows\ServicePackFiles\i386\catsrvps.dll
+ 2008-04-14 02:33:20 625,664 ------w c:\windows\ServicePackFiles\i386\catsrvut.dll
+ 2008-04-13 18:46:23 17,024 ------w c:\windows\ServicePackFiles\i386\ccdecode.sys
+ 2008-04-13 19:14:21 63,744 ------w c:\windows\ServicePackFiles\i386\cdfs.sys
+ 2008-04-14 02:33:20 152,064 ------w c:\windows\ServicePackFiles\i386\cdfview.dll
+ 2008-04-14 02:33:20 66,560 ------w c:\windows\ServicePackFiles\i386\cdm.dll
+ 2008-04-14 02:33:20 2,091,520 ------w c:\windows\ServicePackFiles\i386\cdosys.dll
+ 2008-04-13 18:40:46 62,976 ------w c:\windows\ServicePackFiles\i386\cdrom.sys
+ 2008-04-14 02:33:20 200,192 ------w c:\windows\ServicePackFiles\i386\certcli.dll
+ 2008-04-14 02:33:20 467,968 ------w c:\windows\ServicePackFiles\i386\certmgr.dll
+ 2008-04-14 02:33:20 39,424 ------w c:\windows\ServicePackFiles\i386\cfgbkend.dll
+ 2008-04-14 02:31:03 16,896 ------w c:\windows\ServicePackFiles\i386\cfgmgr32.dll
+ 2008-04-14 02:33:56 188,480 ------w c:\windows\ServicePackFiles\i386\cfgwiz.exe
+ 2008-04-14 02:33:20 15,423 ------w c:\windows\ServicePackFiles\i386\ch7xxnt5.dll
+ 2008-04-13 18:40:58 8,192 ------w c:\windows\ServicePackFiles\i386\changer.sys
+ 2008-04-14 02:33:20 148,480 ------w c:\windows\ServicePackFiles\i386\cic.dll
+ 2008-04-14 02:33:20 1,359,360 ------w c:\windows\ServicePackFiles\i386\cimwin32.dll
+ 2008-04-14 02:33:20 69,120 ------w c:\windows\ServicePackFiles\i386\ciodm.dll
+ 2008-04-14 02:33:57 5,632 ------w c:\windows\ServicePackFiles\i386\cisvc.exe
+ 2008-04-13 19:16:22 49,536 ------w c:\windows\ServicePackFiles\i386\classpnp.sys
+ 2008-04-14 02:33:21 110,592 ------w c:\windows\ServicePackFiles\i386\clbcatex.dll
+ 2008-04-14 02:33:21 498,688 ------w c:\windows\ServicePackFiles\i386\clbcatq.dll
+ 2008-04-14 02:33:57 65,536 ------w c:\windows\ServicePackFiles\i386\cleanmgr.exe
+ 2008-04-14 02:33:21 77,824 ------w c:\windows\ServicePackFiles\i386\cliconfg.dll
+ 2008-04-14 02:33:57 20,480 ------w c:\windows\ServicePackFiles\i386\cliconfg.exe
+ 2008-04-14 02:33:57 104,448 ------w c:\windows\ServicePackFiles\i386\clipbrd.exe
+ 2008-04-14 02:33:57 33,280 ------w c:\windows\ServicePackFiles\i386\clipsrv.exe
+ 2008-04-14 02:33:21 58,368 ------w c:\windows\ServicePackFiles\i386\clusapi.dll
+ 2008-04-13 18:36:37 13,952 ------w c:\windows\ServicePackFiles\i386\cmbatt.sys
+ 2008-04-14 02:33:21 15,872 ------w c:\windows\ServicePackFiles\i386\cmcfg32.dll
+ 2008-04-14 02:33:57 401,408 ------w c:\windows\ServicePackFiles\i386\cmd.exe
+ 2008-04-14 02:33:21 353,280 ------w c:\windows\ServicePackFiles\i386\cmdial32.dll
+ 2008-04-14 02:33:57 25,600 ------w c:\windows\ServicePackFiles\i386\cmdl32.exe
+ 2008-04-14 02:33:57 39,936 ------w c:\windows\ServicePackFiles\i386\cmmon32.exe
+ 2008-04-14 02:33:21 191,488 ------w c:\windows\ServicePackFiles\i386\cmprops.dll
+ 2008-04-14 02:33:21 13,312 ------w c:\windows\ServicePackFiles\i386\cmsetacl.dll
+ 2008-04-14 02:33:57 65,536 ------w c:\windows\ServicePackFiles\i386\cmstp.exe
+ 2008-04-14 02:33:21 40,960 ------w c:\windows\ServicePackFiles\i386\cmutil.dll
+ 2008-04-14 02:33:21 50,688 ------w c:\windows\ServicePackFiles\i386\cnbjmon.dll
+ 2008-04-14 02:33:21 83,968 ------w c:\windows\ServicePackFiles\i386\cnbjmon2.dll
+ 2008-04-13 16:44:16 17,920 ------w c:\windows\ServicePackFiles\i386\cobramsg.dll
+ 2008-04-14 02:33:21 60,416 ------w c:\windows\ServicePackFiles\i386\colbact.dll
+ 2008-04-14 02:33:21 28,160 ------w c:\windows\ServicePackFiles\i386\comaddin.dll
+ 2008-04-14 02:33:21 195,072 ------w c:\windows\ServicePackFiles\i386\comadmin.dll
+ 2008-04-14 02:33:21 617,472 ------w c:\windows\ServicePackFiles\i386\comctl32.dll
+ 2008-04-14 02:33:21 281,600 ------w c:\windows\ServicePackFiles\i386\comdlg32.dll
+ 2008-04-14 02:33:21 253,440 ------w c:\windows\ServicePackFiles\i386\compatui.dll
+ 2008-04-13 18:36:37 10,240 ------w c:\windows\ServicePackFiles\i386\compbatt.sys
+ 2008-04-14 02:33:21 230,912 ------w c:\windows\ServicePackFiles\i386\compstui.dll
+ 2008-04-14 02:33:21 97,792 ------w c:\windows\ServicePackFiles\i386\comrepl.dll
+ 2008-04-14 02:33:57 9,728 ------w c:\windows\ServicePackFiles\i386\comrepl.exe
+ 2008-04-14 02:33:57 6,144 ------w c:\windows\ServicePackFiles\i386\comrereg.exe
+ 2008-04-14 02:33:21 851,968 ------w c:\windows\ServicePackFiles\i386\comres.dll
+ 2008-04-14 02:33:21 274,944 ------w c:\windows\ServicePackFiles\i386\comsetup.dll
+ 2008-04-14 02:33:21 167,424 ------w c:\windows\ServicePackFiles\i386\comsnap.dll
+ 2008-04-14 02:33:21 1,267,200 ------w c:\windows\ServicePackFiles\i386\comsvcs.dll
+ 2008-04-14 02:33:21 539,648 ------w c:\windows\ServicePackFiles\i386\comuid.dll
+ 2008-04-14 02:33:58 1,044,480 ------w c:\windows\ServicePackFiles\i386\conf.exe
+ 2008-04-14 02:33:21 45,056 ------w c:\windows\ServicePackFiles\i386\confmrsl.dll
+ 2008-04-14 02:33:21 358,400 ------w c:\windows\ServicePackFiles\i386\confmsp.dll
+ 2008-04-14 02:33:59 27,648 ------w c:\windows\ServicePackFiles\i386\conime.exe
+ 2008-04-14 02:33:21 35,328 ------w c:\windows\ServicePackFiles\i386\corpol.dll
+ 2008-04-14 02:33:21 12,800 ------w c:\windows\ServicePackFiles\i386\credssp.dll
+ 2008-04-14 02:33:21 165,888 ------w c:\windows\ServicePackFiles\i386\credui.dll
+ 2008-04-14 02:02:47 40,960 ------w c:\windows\ServicePackFiles\i386\crusoe.sys
+ 2008-04-14 02:33:21 606,208 ------w c:\windows\ServicePackFiles\i386\crypt32.dll
+ 2008-04-14 02:33:21 75,776 ------w c:\windows\ServicePackFiles\i386\cryptdlg.dll
+ 2008-04-14 02:33:21 33,280 ------w c:\windows\ServicePackFiles\i386\cryptdll.dll
+ 2008-04-14 02:33:21 54,784 ------w c:\windows\ServicePackFiles\i386\cryptext.dll
+ 2008-04-14 02:33:21 64,512 ------w c:\windows\ServicePackFiles\i386\cryptnet.dll
+ 2008-04-14 02:33:21 62,464 ------w c:\windows\ServicePackFiles\i386\cryptsvc.dll
+ 2008-04-14 02:33:21 530,432 ------w c:\windows\ServicePackFiles\i386\cryptui.dll
+ 2008-04-14 02:33:21 102,912 ------w c:\windows\ServicePackFiles\i386\cscdll.dll
+ 2008-04-14 02:33:59 139,264 ------w c:\windows\ServicePackFiles\i386\cscript.exe
+ 2008-04-14 02:33:21 337,920 ------w c:\windows\ServicePackFiles\i386\cscui.dll
+ 2008-04-14 02:33:22 32,256 ------w c:\windows\ServicePackFiles\i386\csrsrv.dll
+ 2008-04-14 02:33:59 6,144 ------w c:\windows\ServicePackFiles\i386\csrss.exe
+ 2008-04-14 02:33:59 15,360 ------w c:\windows\ServicePackFiles\i386\ctfmon.exe
+ 2008-04-14 02:33:22 252,416 ------w c:\windows\ServicePackFiles\i386\ctmasetp.dll
+ 2008-04-14 02:33:22 33,792 ------w c:\windows\ServicePackFiles\i386\custsat.dll
+ 2004-08-03 20:32:26 48,640 ------w c:\windows\ServicePackFiles\i386\cwrwdm.sys
+ 2008-04-14 02:33:22 1,179,648 ------w c:\windows\ServicePackFiles\i386\d3d8.dll
+ 2008-04-14 02:33:22 8,192 ------w c:\windows\ServicePackFiles\i386\d3d8thk.dll
+ 2008-04-14 02:33:22 1,689,088 ------w c:\windows\ServicePackFiles\i386\d3d9.dll
+ 2008-04-14 02:33:22 824,320 ------w c:\windows\ServicePackFiles\i386\d3dim700.dll
+ 2008-04-14 02:33:22 1,056,768 ------w c:\windows\ServicePackFiles\i386\danim.dll
+ 2008-03-25 04:50:25 554,008 ------w c:\windows\ServicePackFiles\i386\dao360.dll
+ 2008-04-14 02:33:22 55,296 ------w c:\windows\ServicePackFiles\i386\dataclen.dll
+ 2008-04-14 02:33:22 165,376 ------w c:\windows\ServicePackFiles\i386\datime.dll
+ 2008-04-14 02:33:22 25,600 ------w c:\windows
0
Réponse 17 / 25
mickeymat75 Messages postés 66 Date d'inscription lundi 22 octobre 2007 Statut Membre Dernière intervention 7 novembre 2010
25 nov. 2008 à 21:16
Salut Geoffrey5,

alors, tu ne peux plus m'aider, car là j'ai toujours mon problème ???
0
Réponse 18 / 25
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
25 nov. 2008 à 21:28
Salut !!

Je n'étais pas chez moi dsl...

▶ Télécharge a-squared free 3.5

▶ Voici un tutoriel pour bien l utiliser.

▶ fais la mise à jour et une analyse complète.

▶ poste le rapport stp
0
Réponse 19 / 25
mickeymat75 Messages postés 66 Date d'inscription lundi 22 octobre 2007 Statut Membre Dernière intervention 7 novembre 2010
26 nov. 2008 à 06:56
Merci de continuer à m'aider...

voici le rapport a-squared (P.S. : j'ai fait un scan rusé comme indiqué sur le tuto, est-ce que ça suffit ?)

Version - a-squared Free 3.5
Dernière mise à jour : 25/11/2008 23:09:13

Paramètres des balayages :

Éléments : Mémoire, Traces, Cookies, C:\WINDOWS\, C:\Program Files
Balaye dans les archives : Marche
Analyse heuristique : Marche
Balaye dans les ADS : Marche

Début du balayage : 25/11/2008 23:24:30

c:\documents and settings\mickey\application data\bsplayer Objets détectés : Trace.Directory.BSplayer!A2
c:\documents and settings\mickey\application data\bsplayer pro Objets détectés : Trace.Directory.BSplayer!A2
c:\documents and settings\mickey\application data\bsplayer\bslib Objets détectés : Trace.Directory.BSplayer!A2
c:\program files\webteh\bsplayer Objets détectés : Trace.Directory.BSplayer!A2
c:\program files\webteh\bsplayer\lang Objets détectés : Trace.Directory.BSplayer!A2
c:\program files\webteh\bsplayer\skins Objets détectés : Trace.Directory.BSplayer!A2
c:\program files\playfirst Objets détectés : Trace.Directory.Believe in Santa!A2
c:\documents and settings\mickey\application data\bsplayer pro\bsplayer.xml Objets détectés : Trace.File.BSplayer!A2
c:\documents and settings\mickey\application data\bsplayer pro\eq.xml Objets détectés : Trace.File.BSplayer!A2
c:\documents and settings\mickey\application data\bsplayer\bslib\bspmlib.dat Objets détectés : Trace.File.BSplayer!A2
Value: HKEY_CLASSES_ROOT\CLSID\{EFC25C6F-1A04-43FD-AB25-0F3ED89E050A}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Blubster!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFC25C6F-1A04-43FD-AB25-0F3ED89E050A}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Blubster!A2
Value: HKEY_USERS\S-1-5-21-1606980848-1078081533-839522115-1004\Software\BST\bsplayerv1 --> AppPath Objets détectés : Trace.Registry.BSplayer!A2
Value: HKEY_USERS\S-1-5-21-1606980848-1078081533-839522115-1004\Software\BST\bsplayerv1 --> AppVer Objets détectés : Trace.Registry.BSplayer!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BSPlayer1 --> DisplayName Objets détectés : Trace.Registry.BSplayer!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BSPlayer1 --> UninstallString Objets détectés : Trace.Registry.BSplayer!A2
Key: HKEY_USERS\S-1-5-21-1606980848-1078081533-839522115-1004\software\kazaa Objets détectés : Trace.Registry.KaZaA!A2
C:\Documents and Settings\Mickey\Cookies\mickey@2o7[1].txt Objets détectés : Trace.TrackingCookie.2o7!A2
C:\Documents and Settings\Mickey\Cookies\mickey@adserver.aol[1].txt Objets détectés : Trace.TrackingCookie.adserv!A2
C:\Documents and Settings\Mickey\Cookies\mickey@adserver.aol[1].txt Objets détectés : Trace.TrackingCookie.adserver!A2
C:\Documents and Settings\Mickey\Cookies\mickey@adtech[2].txt Objets détectés : Trace.TrackingCookie.adtech!A2
C:\Documents and Settings\Mickey\Cookies\mickey@advertising[2].txt Objets détectés : Trace.TrackingCookie.advertising!A2
C:\Documents and Settings\Mickey\Cookies\mickey@atdmt[2].txt Objets détectés : Trace.TrackingCookie.atdmt!A2
C:\Documents and Settings\Mickey\Cookies\mickey@doubleclick[2].txt Objets détectés : Trace.TrackingCookie.doubleclick!A2
C:\Documents and Settings\Mickey\Cookies\mickey@serving-sys[2].txt Objets détectés : Trace.TrackingCookie.serving-sys!A2
C:\Documents and Settings\Mickey\Cookies\mickey@smartadserver[2].txt Objets détectés : Trace.TrackingCookie.smartadserver!A2
C:\Documents and Settings\Mickey\Cookies\mickey@tradedoubler[2].txt Objets détectés : Trace.TrackingCookie.tradedoubler!A2
C:\Documents and Settings\Mickey\Cookies\mickey@weborama[1].txt Objets détectés : Trace.TrackingCookie.weborama!A2
C:\WINDOWS\system32\IEDFix.C.exe Objets détectés : Hoax.Win32.Renos.esa!A2
C:\WINDOWS\system32\IEDFix.exe Objets détectés : Hoax.Win32.Renos.vaoz!A2
C:\Program Files\IncrediMail\bin\IncrediMail_Install.exe Objets détectés : Riskware.Downloader.Win32.ImLoader.e!A2
C:\Program Files\Navilog1\Process.exe Objets détectés : Riskware.RiskTool.Win32.Processor.20!A2
C:\Program Files\Navilog1\reboot.exe Objets détectés : Riskware.RiskTool.Win32.Reboot.f!A2

Analysé

Fichiers : 241670
Traces : 545371
Cookies : 108
Processus : 54

Objets trouvés

Fichiers : 5
Traces : 17
Cookies : 11
Processus : 0
Clés de Registre : 0

Fin du balayage : 26/11/2008 00:45:13
Temps du balayage : 1:20:43

que dois-je faire des éléments trouvés ? les supprimer ou les mettre en quarantaine ??
0
Réponse 20 / 25
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
26 nov. 2008 à 19:09
Salut !!

Tu peux aller vider la quarantaine d a-squared et ensuite fais ceci stp :

▶ Télécharger SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.

▶ Double cliquer sur SDFix.exe et choisir Install pour l'extraire dans un dossier dédié sur ton disque C:.

/!\ Démarre en mode sans échec : après le bip et avant le logo windows tapoter sur la touche F8 (ou F5): menu M.S.E..

▶ Choisir son compte, pas celui de l'Administrateur ou autre.

Dérouler la liste des instructions ci-dessous :

• Ouvrir le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuyer sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuyer sur une touche pour redémarrer le PC.
• Le système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuyer sur une touche pour finir l'exécution du script et charger les icônes du Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copier/coller le contenu du fichier Report.txt dans la prochaine réponse sur le forum

et ensuite refais un nouveau rapport hijackthis stp
0

Discussions similaires

Virus Android page internet qui s'ouvre
Maxibaer -
Gars sympa -

3 réponses
[PIX] Commencer chaque poème sur une nouvelle page
ETHAN -
Willzac -

19 réponses
Prélèvement Google Ireland Limited
jaffa1961 -
gill34051 -

32 réponses
Facture de google 380€ !
Misternet -
okapi -

61 réponses
Arnaque frauduleuse Ireland ltd
Mymy -
celine -

3 réponses