Probleme page internet - Sécurité - Virus
TomsGuide.com : 700 000 inscrits répondent à toutes vos questions high-tech et informatique.
Pour obtenir de l'aide, inscrivez-vous gratuitement !
 

Ajouter une réponse



Mot :   Pseudo :  
 
 Page : 1 2
Page Suivante
Page Précédente
Bas de page 
Auteur
 Sujet : Probleme page internet
 
P0oks
Profil : IDNaute
Plus d'informations
n°316416
18-06-2008 à 19:49:50

Bonjour a tous ,

Depuis quelque jour quand je vais sur firefox et que je lance une r

recherche sur Google n importe quoi par exemple si je tape "tortue" il va

avoir le résultat avec plusieurs site et j'ai une chance sur deux en

cliquant sur le lien de tomber sur une page qui na aucun rapport

souvent les même page d ailleurs par exemple un dictionnaire turque un site

pornographique ou encore des site de ventes ou des moteur de

recherche(je précise que je n'ai jamais été sur des site comme ceux la

au par avant )et d autre site encore . Que faire pour empêcher ses page

de s afficher et ce que je suis victime d'un virus ?

J'ai déjà fait deux analyse antivirus et ça na rien donné.

Encore plus grave il y a 5 minute mon ordinateur a completement

planter il a changé de site comme décrit juste avant et la boum l'ecran

est devenu tout blanc avec des très de toutes les couleurs

Merci de vos réponse

Liens sponsorisés


Inscrivez-vous ou connectez-vous pour masquer ceci.

Sham_Rock
<@_@>
Profil : Helper
Plus d'informations
n°316425
18-06-2008 à 20:28:19

bonsoir

probablement une infection wareout

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2


---------------
Prévention et protection
/!\Marre de la pub: Firefox sécurisé/!\
P0oks
Profil : IDNaute
Plus d'informations
n°316456
18-06-2008 à 21:54:08

Voila le rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:53:08, on 18/06/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\System32\nvraidservice.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Users\Paul\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Apanel] C:\ACERSW\config\NewSetApanel.cmd
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O13 - Gopher Prefix:
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe

--
End of file - 9786 bytes

Sham_Rock
<@_@>
Profil : Helper
Plus d'informations
n°316464
18-06-2008 à 22:08:48

re
pas très causant tout ça...

  • Télécharge SystemScan de la team SuspectFile
  • double-clique dessus (Ignore les alertes de ton antivirus s'il y en a.)
  • Clique sur Unselect all
  • Coche uniquement cette case

-Recent Files, days old 60 days
et
-hidden objects

  • Puis clique sur scan now, soit patient.
  • Une fois qu'il aura terminé, un rapport va s'ouvrir. Poste-le en entier.


---------------
Prévention et protection
/!\Marre de la pub: Firefox sécurisé/!\
P0oks
Profil : IDNaute
Plus d'informations
n°316477
18-06-2008 à 22:34:22

Voil
SystemScan - www.suspectfile.com - ver. 3.5.5 (code: holifay & bReAkdOWn)

Running on: Windows VISTA , Service Pack 1 (6001.6.0)
System directory: C:\Windows
SystemScan file: C:\Users\Paul\Desktop\sys76369.exe
Running in: User mode
Date: 18/06/2008
Time: 22:30:09

Output limited to:
-Recent files
-Hidden objects

===================== RECENT FILES =====================

Showing files newer than 60 days

----- recent files in C:\
05/06/2008 18:45:53 (DIR) 0 byte 13 days old -- AcerSW
05/06/2008 23:11:31 (DIR) 0 byte 13 days old -- Users
05/06/2008 23:12:01 (DIR) 0 byte 13 days old -- $RECYCLE.BIN
17/06/2008 12:56:04 (DIR) 0 byte 1 days old -- Program Files
17/06/2008 12:56:04 (DIR) 0 byte 1 days old -- ProgramData
18/06/2008 14:57:28 (DIR) 0 byte 0 days old -- Downloads
18/06/2008 16:03:00 (DIR) 0 byte 0 days old -- System Volume Information
18/06/2008 19:37:15 (DIR)-760926208 byte 0 days old -- pagefile.sys
18/06/2008 19:37:16 (DIR)-1074606080 byte 0 days old -- hiberfil.sys
18/06/2008 19:38:03 (DIR) 0 byte 0 days old -- Windows

----- recent files in C:\Windows\
05/06/2008 18:41:38 (DIR) 0 byte 13 days old -- rescache
05/06/2008 18:44:33 79 byte 13 days old -- MORChangeID.LOG
05/06/2008 18:44:35 25367 byte 13 days old -- Patch.log
05/06/2008 19:00:25 (DIR) 0 byte 13 days old -- Debug
05/06/2008 19:02:01 262162 byte 13 days old -- msxml4-KB936181-enu.LOG
05/06/2008 19:03:26 0 byte 13 days old -- nsreg.dat
05/06/2008 19:04:31 (DIR) 0 byte 13 days old -- AppPatch
05/06/2008 19:09:31 (DIR) 0 byte 13 days old -- SoftwareDistribution
05/06/2008 19:14:28 25 byte 13 days old -- CDE DX7400DEFGIPS.ini
05/06/2008 19:14:37 (DIR) 0 byte 13 days old -- twain_32
05/06/2008 20:16:51 4400 byte 13 days old -- DPINST.LOG
05/06/2008 22:47:16 263060 byte 13 days old -- msxml4-KB941833-enu.LOG
06/06/2008 08:58:56 (DIR) 0 byte 12 days old -- Logs
08/06/2008 11:28:08 119964 byte 10 days old -- DirectX.log
08/06/2008 15:06:53 (DIR) 0 byte 10 days old -- Registration
12/06/2008 19:09:44 (DIR) 0 byte 6 days old -- Downloaded Program Files
13/06/2008 21:06:30 (DIR) 0 byte 5 days old -- Tasks
15/06/2008 08:42:04 (DIR) 0 byte 3 days old -- ehome
15/06/2008 12:44:18 (DIR) 0 byte 3 days old -- Microsoft.NET
15/06/2008 22:30:03 (DIR) 0 byte 3 days old -- winsxs
15/06/2008 22:30:21 (DIR) 0 byte 3 days old -- assembly
17/06/2008 18:54:48 (DIR) 0 byte 1 days old -- Installer
18/06/2008 01:24:57 836 byte 0 days old -- bthservsdp.dat
18/06/2008 15:04:35 104881 byte 0 days old -- setupact.log
18/06/2008 19:17:37 890288 byte 0 days old -- WindowsUpdate.log
18/06/2008 19:37:15 814354 byte 0 days old -- PFRO.log
18/06/2008 19:43:34 (DIR) 0 byte 0 days old -- inf
18/06/2008 19:43:34 (DIR) 0 byte 0 days old -- System32
18/06/2008 21:48:36 67584 byte 0 days old -- bootstat.dat
18/06/2008 22:29:54 (DIR) 0 byte 0 days old -- Temp
18/06/2008 22:30:02 (DIR) 0 byte 0 days old -- Prefetch

----- recent files in C:\Windows\Downloaded Program Files\

----- recent files in C:\Windows\system\

----- recent files in C:\Windows\system32\
23/04/2008 06:41:36 57856 byte 56 days old -- MSDvbNP.ax
23/04/2008 06:41:36 218624 byte 56 days old -- psisrndr.ax
23/04/2008 06:42:37 428544 byte 56 days old -- EncDec.dll
23/04/2008 06:42:37 293376 byte 56 days old -- psisdecd.dll
25/04/2008 04:12:21 1383424 byte 54 days old -- mshtml.tlb
25/04/2008 06:35:13 28160 byte 54 days old -- jsproxy.dll
25/04/2008 06:35:14 3578368 byte 54 days old -- mshtml.dll
25/04/2008 06:35:16 671232 byte 54 days old -- mstime.dll
25/04/2008 06:35:19 1166336 byte 54 days old -- urlmon.dll
25/04/2008 06:35:23 826880 byte 54 days old -- wininet.dll
26/04/2008 10:08:15 1314816 byte 53 days old -- quartz.dll
29/04/2008 05:54:02 181760 byte 50 days old -- fsquirt.exe
10/05/2008 00:22:34 153 byte 39 days old -- RacUREx.xml
10/05/2008 00:22:34 9127 byte 39 days old -- RacUR.xml
10/05/2008 05:35:20 885248 byte 39 days old -- RacEngn.dll
23/05/2008 00:18:54 12288 byte 26 days old -- DivXWMPExtType.dll
23/05/2008 00:19:12 161096 byte 26 days old -- DivXCodecVersionChecker.exe
23/05/2008 00:19:44 3067 byte 26 days old -- dtu_fr.qm
23/05/2008 00:19:46 196608 byte 26 days old -- dtu100.dll
23/05/2008 00:19:46 416 byte 26 days old -- dtu100.dll.manifest
23/05/2008 00:19:46 81920 byte 26 days old -- dpl100.dll
23/05/2008 00:19:46 416 byte 26 days old -- dpl100.dll.manifest
23/05/2008 00:20:42 1044480 byte 26 days old -- libdivx.dll
23/05/2008 00:20:42 200704 byte 26 days old -- ssldivx.dll
23/05/2008 00:22:18 3596288 byte 26 days old -- qt-dx331.dll
23/05/2008 00:22:22 9878 byte 26 days old -- dsm_fr.qm
23/05/2008 00:22:22 4816 byte 26 days old -- divxsm.tlb
23/05/2008 00:22:22 524288 byte 26 days old -- DivXsm.exe
27/05/2008 10:50:34 57344 byte 22 days old -- QuickTime.qts
27/05/2008 10:50:34 90112 byte 22 days old -- QuickTimeVR.qtx
30/05/2008 01:35:11 17486968 byte 19 days old -- mrt.exe
31/05/2008 01:22:40 630784 byte 18 days old -- divxdec.ax
31/05/2008 01:22:46 683520 byte 18 days old -- DivX.dll
31/05/2008 01:22:46 815104 byte 18 days old -- divx_xx0a.dll
31/05/2008 01:22:48 802816 byte 18 days old -- divx_xx11.dll
31/05/2008 01:22:48 823296 byte 18 days old -- divx_xx0c.dll
31/05/2008 01:22:48 823296 byte 18 days old -- divx_xx07.dll
31/05/2008 01:22:54 294912 byte 18 days old -- dpu10.dll
31/05/2008 01:22:54 294912 byte 18 days old -- dpu11.dll
31/05/2008 01:22:54 593920 byte 18 days old -- dpuGUI11.dll
31/05/2008 01:22:54 57344 byte 18 days old -- dpv11.dll
31/05/2008 01:22:54 344064 byte 18 days old -- dpus11.dll
31/05/2008 01:22:58 53248 byte 18 days old -- dpuGUI10.dll
31/05/2008 01:23:12 8835 byte 18 days old -- dpufr.qm
05/06/2008 18:40:24 65328 byte 13 days old -- license.rtf
05/06/2008 19:04:32 (DIR) 0 byte 13 days old -- Boot
05/06/2008 19:06:07 295976 byte 13 days old -- FNTCACHE.DAT
05/06/2008 20:26:25 98304 byte 13 days old -- CmdLineExt.dll
06/06/2008 18:31:48 6450 byte 12 days old -- jupdate-1.6.0_06-b02.log
07/06/2008 11:32:11 (DIR) 0 byte 11 days old -- NDF
08/06/2008 11:28:11 669184 byte 10 days old -- pbsvc.exe
08/06/2008 11:28:12 66872 byte 10 days old -- PnkBstrA.exe
08/06/2008 11:28:19 103736 byte 10 days old -- PnkBstrB.exe
08/06/2008 11:30:38 (DIR) 0 byte 10 days old -- URTTEMP
09/06/2008 23:46:51 (DIR) 0 byte 9 days old -- WDI
11/06/2008 14:06:53 (DIR) 0 byte 7 days old -- migration
11/06/2008 19:48:24 (DIR) 0 byte 7 days old -- LogFiles
16/06/2008 21:18:17 (DIR) 0 byte 2 days old -- Tasks
18/06/2008 12:58:13 (DIR) 0 byte 0 days old -- catroot2
18/06/2008 15:06:10 (DIR) 0 byte 0 days old -- catroot
18/06/2008 15:06:29 (DIR) 0 byte 0 days old -- drivers
18/06/2008 19:43:34 595748 byte 0 days old -- perfh009.dat
18/06/2008 19:43:34 105078 byte 0 days old -- perfc009.dat
18/06/2008 19:43:34 128212 byte 0 days old -- perfc00C.dat
18/06/2008 19:43:34 1499302 byte 0 days old -- PerfStringBackup.INI
18/06/2008 19:43:34 679192 byte 0 days old -- perfh00C.dat
18/06/2008 21:48:44 3216 byte 0 days old -- 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
18/06/2008 21:48:44 3216 byte 0 days old -- 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
18/06/2008 21:48:47 16515 byte 0 days old -- Config.MPF

----- recent files in C:\Windows\system32\drivers\
29/04/2008 03:42:21 29184 byte 50 days old -- BTHUSB.SYS
29/04/2008 03:42:23 220160 byte 50 days old -- bthport.sys
10/05/2008 03:33:10 113664 byte 39 days old -- rmcast.sys
06/06/2008 19:27:30 717296 byte 12 days old -- sptd.sys
08/06/2008 11:28:26 22328 byte 10 days old -- PnkBstrK.sys
15/06/2008 08:42:09 (DIR) 0 byte 3 days old -- UMDF
15/06/2008 08:42:17 0 byte 3 days old -- Msft_User_WpdMtpDr_01_00_00.Wdf

----- recent files in C:\Windows\temp\
05/06/2008 18:41:59 0 byte 13 days old -- sqlite_vtw9Nw7zvPTNar2
05/06/2008 18:41:59 0 byte 13 days old -- sqlite_7EMNoUHMNf6o0S7
05/06/2008 18:42:32 19922944 byte 13 days old -- WinSAT_KernelLog.etl
05/06/2008 18:42:32 33554432 byte 13 days old -- WinSAT_DX.etl
05/06/2008 18:44:22 4194304 byte 13 days old -- WinSAT_StorageAsmt.etl
05/06/2008 18:44:52 (DIR) 0 byte 13 days old -- History
05/06/2008 18:44:52 (DIR) 0 byte 13 days old -- Cookies
05/06/2008 18:44:52 (DIR) 0 byte 13 days old -- Fichiers Internet temporaires
05/06/2008 19:02:02 0 byte 13 days old -- sqlite_tmHDaYiBfHOKWXc
05/06/2008 19:06:32 (DIR) 0 byte 13 days old -- MCE00000
05/06/2008 19:07:29 1024 byte 13 days old -- sqlite_0av8TxPjRxd4uJT
05/06/2008 19:07:29 0 byte 13 days old -- sqlite_ANSiTp3b1jXwjPL
05/06/2008 19:19:15 132 byte 13 days old -- E_S8B8C.tmp
05/06/2008 19:19:18 118 byte 13 days old -- E_S976F.tmp
05/06/2008 19:29:36 (DIR) 0 byte 13 days old -- MCE00001
05/06/2008 19:30:36 0 byte 13 days old -- sqlite_jNqgBxSiwN2IM0c
05/06/2008 19:30:36 0 byte 13 days old -- sqlite_Rb92a2LKJce8daZ
05/06/2008 20:29:35 (DIR) 0 byte 13 days old -- CLDigitalHome
05/06/2008 22:14:21 (DIR) 0 byte 13 days old -- MCE00002
05/06/2008 22:15:19 0 byte 13 days old -- sqlite_r5uS4syZWI4ctrc
05/06/2008 22:15:19 0 byte 13 days old -- sqlite_x3bEfgi0QWJGx4Q
05/06/2008 23:11:32 (DIR) 0 byte 13 days old -- MCE00003
05/06/2008 23:12:32 1024 byte 13 days old -- sqlite_M0EKnegWjbcYTCY
05/06/2008 23:12:32 0 byte 13 days old -- sqlite_gZ2ery1qE3ujAMZ
06/06/2008 00:00:06 0 byte 12 days old -- sqlite_C0bRmKwtQeSf7DM
06/06/2008 08:07:03 (DIR) 0 byte 12 days old -- MCE00004
06/06/2008 08:07:07 0 byte 12 days old -- mcmsc_XlNNx9h1bVLHNSJ
06/06/2008 08:08:03 0 byte 12 days old -- sqlite_GqyToXJ8WrKRZ1D
06/06/2008 08:08:03 0 byte 12 days old -- sqlite_h1ionwc5LrPH1bJ
06/06/2008 16:47:07 (DIR) 0 byte 12 days old -- MCE00005
06/06/2008 16:47:08 0 byte 12 days old -- mcmsc_Zyyd12A3t747Svs
06/06/2008 16:48:02 0 byte 12 days old -- sqlite_p1fWf2sI8pzVazf
06/06/2008 16:48:02 0 byte 12 days old -- sqlite_MHeO0k2xTU5TUwe
06/06/2008 16:55:19 2048 byte 12 days old -- mcafee_J2nm3FgtmGwzvBb
06/06/2008 17:34:28 1024 byte 12 days old -- mcmsc_3aMMjsVfHSL50Sr
06/06/2008 18:31:49 0 byte 12 days old -- mcmsc_Ho4UmTb6WVQydyb
06/06/2008 18:31:49 0 byte 12 days old -- mcmsc_1ieuLmt0VqtkwBf
06/06/2008 18:54:09 (DIR) 0 byte 12 days old -- MCE00006
06/06/2008 18:55:08 0 byte 12 days old -- sqlite_FyKkFgsRxPVqtDe
06/06/2008 18:55:08 0 byte 12 days old -- sqlite_9fbBXEhAYhuooXA
06/06/2008 19:36:52 (DIR) 0 byte 12 days old -- MCE00007
06/06/2008 19:36:56 0 byte 12 days old -- mcmsc_VMUWAhmaUEDbPNz
06/06/2008 19:37:52 0 byte 12 days old -- sqlite_JB1t2dA9ELwf4cw
06/06/2008 19:37:52 0 byte 12 days old -- sqlite_aaSTDs7rQbxHNKg
07/06/2008 01:27:05 0 byte 11 days old -- sqlite_uoUKvmrVY3NEzNh
07/06/2008 08:42:10 (DIR) 0 byte 11 days old -- MCE00008
07/06/2008 08:42:23 0 byte 11 days old -- sqlite_Ha4wVP9QrmGmZff
07/06/2008 08:43:10 0 byte 11 days old -- sqlite_PhOhUfcQnaR1HFC
07/06/2008 08:43:10 0 byte 11 days old -- sqlite_JyH5xtdPbZN27CU
07/06/2008 16:42:57 (DIR) 0 byte 11 days old -- MCE00009
07/06/2008 16:43:56 0 byte 11 days old -- sqlite_9Acx4wibhiEtVeI
07/06/2008 16:43:56 0 byte 11 days old -- sqlite_cE3cfdyfXGQ0i9M
08/06/2008 02:00:00 0 byte 10 days old -- sqlite_DU5srHpHRJUmhZs
08/06/2008 15:06:29 6326 byte 10 days old -- ASPNETSetup.log
08/06/2008 15:07:10 6659 byte 10 days old -- netfxupdate.log
08/06/2008 18:27:35 25830 byte 10 days old -- netfxsl.log
08/06/2008 18:28:03 11458 byte 10 days old -- NetFxUpdate_v1.1.4322.log
09/06/2008 12:10:33 (DIR) 0 byte 9 days old -- MCE0000a
09/06/2008 12:11:33 0 byte 9 days old -- sqlite_LlvXBQ5Oba7QFdQ
09/06/2008 12:11:33 0 byte 9 days old -- sqlite_tBqsjYKqgGJR4lC
09/06/2008 12:12:05 0 byte 9 days old -- sqlite_Ob3cVXxTPanXkRL
10/06/2008 11:59:31 (DIR) 0 byte 8 days old -- MCE0000b
10/06/2008 11:59:43 0 byte 8 days old -- sqlite_Ip1y3DPhhwV2KvH
10/06/2008 12:00:31 0 byte 8 days old -- sqlite_D7rKv4ftqWR6JrT
10/06/2008 12:00:31 0 byte 8 days old -- sqlite_XcNFYnqMUI8ldK0
11/06/2008 14:06:31 (DIR) 0 byte 7 days old -- MCE0000c
11/06/2008 14:06:34 0 byte 7 days old -- mcmsc_31yOMXDnXp12bwm
11/06/2008 14:08:28 (DIR) 0 byte 7 days old -- MCE0000d
11/06/2008 14:08:31 0 byte 7 days old -- mcmsc_nRUZgP1mmVi3Aqz
11/06/2008 14:09:28 0 byte 7 days old -- sqlite_HIccVvj8IpKkXot
11/06/2008 14:09:28 0 byte 7 days old -- sqlite_6RDNfakzThIdHzB
11/06/2008 14:12:30 2048 byte 7 days old -- mcafee_ZX4rR2anvjJbjyS
11/06/2008 16:06:55 1024 byte 7 days old -- mcmsc_Ik414y2ydpuQ5to
11/06/2008 16:53:07 1024 byte 7 days old -- mcmsc_bdC3a5Q4ne85VTg
11/06/2008 16:53:07 1024 byte 7 days old -- mcmsc_1ta6ZhrelDiUJyA
11/06/2008 21:44:29 (DIR) 0 byte 7 days old -- MCE0000e
11/06/2008 21:44:33 0 byte 7 days old -- mcmsc_ySlwBa0CMkWObak
11/06/2008 21:44:52 2048 byte 7 days old -- mcafee_D14qWH2DBVQlcAr
11/06/2008 21:45:29 0 byte 7 days old -- sqlite_bX36hFf8dUYrfua
11/06/2008 21:45:29 0 byte 7 days old -- sqlite_1VQFGYEGbfRVcbF
11/06/2008 22:33:03 1024 byte 7 days old -- mcmsc_Q6bkV2kBfyHfQeZ
12/06/2008 00:20:51 120 byte 6 days old -- fwtsqmfile01.sqm
12/06/2008 12:11:38 (DIR) 0 byte 6 days old -- MCE0000f
12/06/2008 12:11:49 0 byte 6 days old -- sqlite_K26lzM26xvkIy9A
12/06/2008 12:12:38 0 byte 6 days old -- sqlite_mA5uj8IK08xkl2d
12/06/2008 12:12:38 0 byte 6 days old -- sqlite_hNYtOxt4x8X8T4B
12/06/2008 18:48:07 (DIR) 0 byte 6 days old -- MCE00010
12/06/2008 18:49:07 0 byte 6 days old -- sqlite_AMaAV2LCivIYQkh
12/06/2008 18:49:07 0 byte 6 days old -- sqlite_M5ajDnuP9JF7Uzd
13/06/2008 08:25:25 0 byte 5 days old -- sqlite_OIQrLIUkq6yoUj7
13/06/2008 15:40:51 (DIR) 0 byte 5 days old -- MCE00011
13/06/2008 15:41:51 0 byte 5 days old -- sqlite_PiW9XQU1jYHnVlQ
13/06/2008 15:41:51 0 byte 5 days old -- sqlite_T8zVmU4bIWy4LJ7
13/06/2008 21:03:12 (DIR) 0 byte 5 days old -- MCE00012
13/06/2008 21:03:17 0 byte 5 days old -- mcmsc_rW01ejOyrf1L6iU
13/06/2008 21:04:12 0 byte 5 days old -- sqlite_r1FD9l90RUpziP9
13/06/2008 21:04:12 0 byte 5 days old -- sqlite_CNrKmQcmaAdyP3E
13/06/2008 22:53:31 0 byte 5 days old -- sqlite_AT4fKE52fjhoD6o
14/06/2008 00:10:41 (DIR) 0 byte 4 days old -- MCE00013
14/06/2008 00:11:41 0 byte 4 days old -- sqlite_KGc1wO8KWCCHceZ
14/06/2008 00:11:41 0 byte 4 days old -- sqlite_hYLsTOTvVj6cCb8
14/06/2008 20:07:56 (DIR) 0 byte 4 days old -- MCE00014
14/06/2008 20:08:08 0 byte 4 days old -- sqlite_vgV5jzUfk79fM7S
14/06/2008 20:08:56 0 byte 4 days old -- sqlite_fEvidgZpxV46i8i
14/06/2008 20:08:56 0 byte 4 days old -- sqlite_HICmUw4fkVBzhEB
15/06/2008 08:38:09 (DIR) 0 byte 3 days old -- MCE00015
15/06/2008 08:38:50 0 byte 3 days old -- sqlite_KmxEsdlg6chLDAB
15/06/2008 08:39:09 0 byte 3 days old -- sqlite_ERQ0ajsJ7cCgGz3
15/06/2008 08:39:09 0 byte 3 days old -- sqlite_Tm0EB15faE4OoBV
15/06/2008 20:55:25 (DIR) 0 byte 3 days old -- MCE00016
15/06/2008 20:56:25 0 byte 3 days old -- sqlite_kdrtJ68yrCDoicP
15/06/2008 20:56:25 0 byte 3 days old -- sqlite_5tRHEddkWZvhmkK
15/06/2008 23:19:00 (DIR) 0 byte 3 days old -- MCE00017
15/06/2008 23:20:00 0 byte 3 days old -- sqlite_J3t0tYUJWO0P7v1
15/06/2008 23:20:00 0 byte 3 days old -- sqlite_GDlqEDuCR8ouocO
16/06/2008 12:28:51 (DIR) 0 byte 2 days old -- MCE00018
16/06/2008 12:29:02 0 byte 2 days old -- sqlite_ZMDt3psVliLE7Ni
16/06/2008 12:29:51 0 byte 2 days old -- sqlite_0QK9w9TVkEqZqan
16/06/2008 12:29:51 0 byte 2 days old -- sqlite_Ya6i52Rcscvv4xA
16/06/2008 16:43:38 (DIR) 0 byte 2 days old -- MCE00019
16/06/2008 16:44:38 0 byte 2 days old -- sqlite_MxsHMFLLdsZpeet
16/06/2008 16:44:38 0 byte 2 days old -- sqlite_98GWPNqQxsUhGe8
16/06/2008 23:56:24 (DIR) 0 byte 2 days old -- MCE0001a
16/06/2008 23:57:24 0 byte 2 days old -- sqlite_6VmkL7IMun1erNf
16/06/2008 23:57:24 0 byte 2 days old -- sqlite_zceM64dLKdZHjr4
17/06/2008 12:51:44 (DIR) 0 byte 1 days old -- MCE0001b
17/06/2008 12:51:55 0 byte 1 days old -- sqlite_jamVzdNTydQZ0Du
17/06/2008 12:52:43 0 byte 1 days old -- sqlite_9zQec6t9WRLdeoU
17/06/2008 12:52:43 0 byte 1 days old -- sqlite_WO8wXXKLbQdbj9Y
17/06/2008 13:23:24 (DIR) 0 byte 1 days old -- MCE0001c
17/06/2008 13:23:29 0 byte 1 days old -- mcmsc_afkTsv95nOBdM5B
17/06/2008 13:24:24 0 byte 1 days old -- sqlite_Qdw9LEquVUHrRuA
17/06/2008 13:24:24 0 byte 1 days old -- sqlite_wNQSKQao9AT4h1B
17/06/2008 16:12:06 (DIR) 0 byte 1 days old -- MCE0001d
17/06/2008 16:13:06 0 byte 1 days old -- sqlite_2onDfyUtUxnhedf
17/06/2008 16:13:06 0 byte 1 days old -- sqlite_8qN8HCkopRRDCAG
17/06/2008 16:44:20 (DIR) 0 byte 1 days old -- MCE0001e
17/06/2008 16:45:20 0 byte 1 days old -- sqlite_iCbaYyDamdq9cYL
17/06/2008 16:45:20 0 byte 1 days old -- sqlite_wmJNDYQVtKYtgoE
17/06/2008 20:28:31 (DIR) 0 byte 1 days old -- MCE0001f
17/06/2008 20:29:31 0 byte 1 days old -- sqlite_xCwIoOI8khD19Z4
17/06/2008 20:29:31 0 byte 1 days old -- sqlite_hxAva61NMPnvO5j
18/06/2008 00:20:36 (DIR) 0 byte 0 days old -- MCE00020
18/06/2008 00:21:36 0 byte 0 days old -- sqlite_82dFv5kBfqzHfhU
18/06/2008 00:21:36 0 byte 0 days old -- sqlite_uD6KbDQAzAJY603
18/06/2008 11:43:07 (DIR) 0 byte 0 days old -- MCE00021
18/06/2008 11:43:11 0 byte 0 days old -- mcmsc_kW2ThGaUrg5wJ6Z
18/06/2008 11:43:19 0 byte 0 days old -- sqlite_7JEMHxnHpubCq72
18/06/2008 11:44:07 0 byte 0 days old -- sqlite_8pXrCrZBRQ9V88w
18/06/2008 11:44:07 0 byte 0 days old -- sqlite_ZwARojkUMfafEsX
18/06/2008 11:51:02 2048 byte 0 days old -- mcafee_fUNAUYmKgHo8eiv
18/06/2008 12:16:11 1024 byte 0 days old -- mcmsc_TMb8C5T0b8GfmkW
18/06/2008 19:37:27 (DIR) 0 byte 0 days old -- MCE00022
18/06/2008 19:37:31 0 byte 0 days old -- mcmsc_pmG4pC2ADkInfOk
18/06/2008 19:37:37 2048 byte 0 days old -- mcafee_0s2puxzJGAD8nyn
18/06/2008 19:38:27 0 byte 0 days old -- sqlite_on16yuT1KV3uRcd
18/06/2008 19:38:27 0 byte 0 days old -- sqlite_NsmRz08EfafkaNa
18/06/2008 20:27:01 1024 byte 0 days old -- mcmsc_Kod8hFjlbjjHlod
18/06/2008 21:54:52 0 byte 0 days old -- mcafee_XZPUaNZaUI9HgJa

----- recent files in C:\Program Files\
05/06/2008 18:41:20 (DIR) 0 byte 13 days old -- Windows NT
05/06/2008 18:41:20 (DIR) 0 byte 13 days old -- Fichiers communs
05/06/2008 19:01:52 (DIR) 0 byte 13 days old -- MSXML 4.0
05/06/2008 19:03:09 (DIR) 0 byte 13 days old -- Mozilla Firefox
05/06/2008 19:21:44 (DIR) 0 byte 13 days old -- ABBYY FineReader 6.0 Sprint
05/06/2008 19:22:14 (DIR) 0 byte 13 days old -- epson
05/06/2008 19:42:56 (DIR) 0 byte 13 days old -- WinRAR
06/06/2008 08:31:58 (DIR) 0 byte 12 days old -- MSN Messenger
06/06/2008 08:31:58 (DIR) 0 byte 12 days old -- Windows Live
06/06/2008 08:31:58 (DIR) 0 byte 12 days old -- Messenger Plus! Live
06/06/2008 18:31:48 (DIR) 0 byte 12 days old -- Java
06/06/2008 18:51:26 (DIR) 0 byte 12 days old -- SystemRequirementsLab
06/06/2008 19:37:44 (DIR) 0 byte 12 days old -- DAEMON Tools Lite
07/06/2008 22:04:39 (DIR) 0 byte 11 days old -- BitComet
08/06/2008 11:28:13 (DIR) 0 byte 10 days old -- Acer GameZone
09/06/2008 12:13:47 (DIR) 0 byte 9 days old -- Adobe
11/06/2008 14:06:54 (DIR) 0 byte 7 days old -- Windows Mail
11/06/2008 15:08:29 (DIR) 0 byte 7 days old -- Common Files
11/06/2008 15:08:36 (DIR) 0 byte 7 days old -- DivX
13/06/2008 08:29:23 (DIR) 0 byte 5 days old -- SiteAdvisor
15/06/2008 22:30:00 (DIR) 0 byte 3 days old -- Paint.NET
16/06/2008 20:34:40 (DIR) 0 byte 2 days old -- Apple Software Update
16/06/2008 20:35:31 (DIR) 0 byte 2 days old -- QuickTime
16/06/2008 20:35:34 (DIR) 0 byte 2 days old -- Internet Explorer
17/06/2008 12:56:03 (DIR) 0 byte 1 days old -- InstallShield Installation Information
17/06/2008 18:54:54 (DIR) 0 byte 1 days old -- Microsoft Games
17/06/2008 20:28:30 (DIR) 0 byte 1 days old -- McAfee

----- recent files in C:\Program Files\Common Files\
05/06/2008 19:25:34 (DIR) 0 byte 13 days old -- InstallShield
05/06/2008 20:13:18 (DIR) 0 byte 13 days old -- WindowsLiveInstaller
06/06/2008 18:22:57 (DIR) 0 byte 12 days old -- Java
06/06/2008 20:28:24 (DIR) 0 byte 12 days old -- Microsoft Games
08/06/2008 11:13:33 (DIR) 0 byte 10 days old -- microsoft shared
09/06/2008 12:14:01 (DIR) 0 byte 9 days old -- Adobe
11/06/2008 15:08:29 (DIR) 0 byte 7 days old -- PX Storage Engine

----- recent files in C:\Users\Paul\AppData\Roaming\
05/06/2008 18:48:21 (DIR) 0 byte 13 days old -- Identities
05/06/2008 18:48:33 (DIR) 0 byte 13 days old -- ATI
05/06/2008 18:48:34 (DIR) 0 byte 13 days old -- Macromedia
05/06/2008 18:48:43 (DIR) 0 byte 13 days old -- SiteAdvisor
05/06/2008 19:03:13 (DIR) 0 byte 13 days old -- Mozilla
05/06/2008 19:03:51 (DIR) 0 byte 13 days old -- Talkback
05/06/2008 19:38:12 (DIR) 0 byte 13 days old -- CyberLink
05/06/2008 19:45:47 (DIR) 0 byte 13 days old -- WinRAR
05/06/2008 20:07:46 (DIR) 0 byte 13 days old -- Yahoo!
06/06/2008 18:50:55 (DIR) 0 byte 12 days old -- SystemRequirementsLab
06/06/2008 19:27:11 (DIR) 0 byte 12 days old -- DAEMON Tools
06/06/2008 22:46:27 (DIR) 0 byte 12 days old -- PeerNetworking
06/06/2008 22:46:27 27503 byte 12 days old -- UserTile.png
07/06/2008 11:09:21 (DIR) 0 byte 11 days old -- Adobe
07/06/2008 21:59:36 (DIR) 0 byte 11 days old -- eSobi
08/06/2008 11:28:26 22328 byte 10 days old -- PnkBstrK.sys
18/06/2008 19:15:58 (DIR) 0 byte 0 days old -- Microsoft

----- recent files in C:\Users\Paul\AppData\Local\Temp\
04/06/2008 19:37:00 8130528 byte 14 days old -- xpinstall.exe
06/06/2008 15:09:05 450000000 byte 12 days old -- 8kd63pb3.rar
06/06/2008 18:17:35 172948410 byte 12 days old -- 2g8ei4oj.rar
06/06/2008 18:19:20 8262 byte 12 days old -- jinstall.cfg
06/06/2008 18:20:34 1045 byte 12 days old -- java_install_sp.log
06/06/2008 18:31:29 0 byte 12 days old -- java_install.log
06/06/2008 18:31:51 (DIR) 0 byte 12 days old -- hsperfdata_Paul
06/06/2008 19:47:39 13592 byte 12 days old -- temp.ani
06/06/2008 20:11:24 77824 byte 12 days old -- 20fab.mst
06/06/2008 20:11:24 77824 byte 12 days old -- 76da88.mst
06/06/2008 20:28:38 (DIR) 0 byte 12 days old -- {0237C21E-509E-47C7-B59D-4FAF82259A42}
06/06/2008 20:28:51 72192 byte 12 days old -- ~e5.0001
06/06/2008 20:30:29 (DIR) 0 byte 12 days old -- UCDebugger
06/06/2008 22:13:36 3730 byte 12 days old -- SetupExe(20080606221336738).log
06/06/2008 22:13:42 17190 byte 12 days old -- UserInfoSetup(20080606221337738).log
07/06/2008 09:13:26 2729 byte 11 days old -- CdMkr70.ini
07/06/2008 09:13:27 1523712 byte 11 days old -- ~DF678D.tmp
07/06/2008 09:20:36 3065717 byte 11 days old -- gow_patch1_JeuxVideo.com_13496.zip
07/06/2008 11:09:09 (DIR) 0 byte 11 days old -- Adobe
07/06/2008 11:12:55 442424 byte 11 days old -- Gears_of_War_Patch_FR.rar
07/06/2008 13:26:01 (DIR) 0 byte 11 days old -- plugtmp
07/06/2008 16:43:54 31832 byte 11 days old -- Vezier.bmp
07/06/2008 16:43:54 49208 byte 11 days old -- Invité.bmp
07/06/2008 16:43:54 31832 byte 11 days old -- Clément.bmp
07/06/2008 19:02:18 1728 byte 11 days old -- help.txt
07/06/2008 19:02:18 3072 byte 11 days old -- CH.dll
07/06/2008 22:05:02 16384 byte 11 days old -- ~DF6571.tmp
08/06/2008 11:31:08 6515 byte 10 days old -- ASPNETSetup.log
08/06/2008 11:31:30 2737436 byte 10 days old -- netfx.log
08/06/2008 11:31:31 2276 byte 10 days old -- dotNetFx.log
08/06/2008 15:48:35 (DIR) 0 byte 10 days old -- bc_cache
08/06/2008 17:02:21 3734 byte 10 days old -- SetupExe(200806081702201A9C).log
08/06/2008 17:02:28 17192 byte 10 days old -- UserInfoSetup(200806081702211A9C).log
08/06/2008 17:19:08 (DIR) 0 byte 10 days old -- msohtmlclip
08/06/2008 18:35:18 3733 byte 10 days old -- SetupExe(20080608183518304).log
08/06/2008 18:35:24 17191 byte 10 days old -- UserInfoSetup(20080608183519304).log
08/06/2008 22:35:07 3737 byte 10 days old -- SetupExe(200806082235071DF0).log
08/06/2008 22:35:18 17193 byte 10 days old -- UserInfoSetup(200806082235081DF0).log
09/06/2008 12:13:24 16384 byte 9 days old -- ~DF8303.tmp
09/06/2008 12:13:27 642 byte 9 days old -- {AC76BA86-7AD7-1036-7B44-A81000000003}.ini
09/06/2008 12:13:41 531 byte 9 days old -- {AC76BA86-7AD7-1036-7B44-A81200000003}.ini
09/06/2008 12:16:46 3728 byte 9 days old -- SetupExe(2008060912164412A4).log
09/06/2008 12:16:53 17190 byte 9 days old -- UserInfoSetup(2008060912164712A4).log
09/06/2008 18:57:42 3733 byte 9 days old -- SetupExe(200806091857426DC).log
09/06/2008 18:57:48 17191 byte 9 days old -- UserInfoSetup(200806091857436DC).log
09/06/2008 20:12:38 3733 byte 9 days old -- SetupExe(20080609201238FF0).log
09/06/2008 20:13:45 17191 byte 9 days old -- UserInfoSetup(20080609201239FF0).log
09/06/2008 20:18:40 3733 byte 9 days old -- SetupExe(20080609201840480).log
09/06/2008 20:18:47 17191 byte 9 days old -- UserInfoSetup(20080609201840480).log
09/06/2008 21:49:02 3733 byte 9 days old -- SetupExe(20080609214902AC0).log
09/06/2008 21:49:07 17191 byte 9 days old -- UserInfoSetup(20080609214902AC0).log
09/06/2008 21:55:08 (DIR) 0 byte 9 days old -- msohtmlclip1
09/06/2008 21:58:16 3733 byte 9 days old -- SetupExe(20080609215816578).log
09/06/2008 21:58:21 17191 byte 9 days old -- UserInfoSetup(20080609215817578).log
09/06/2008 22:14:11 3734 byte 9 days old -- SetupExe(2008060922141010BC).log
09/06/2008 22:16:18 17192 byte 9 days old -- UserInfoSetup(2008060922141110BC).log
10/06/2008 13:20:13 3731 byte 8 days old -- SetupExe(2008061013201216C8).log
10/06/2008 13:20:19 17191 byte 8 days old -- UserInfoSetup(2008061013201316C8).log
10/06/2008 13:21:39 3731 byte 8 days old -- SetupExe(2008061013213916F4).log
10/06/2008 13:21:47 17365 byte 8 days old -- UserInfoSetup(2008061013213916F4).log
10/06/2008 19:25:45 3733 byte 8 days old -- SetupExe(20080610192545BF8).log
10/06/2008 19:25:57 17602 byte 8 days old -- UserInfoSetup(20080610192545BF8).log
11/06/2008 21:22:10 512 byte 7 days old -- ~DFF56E.tmp
11/06/2008 21:22:14 512 byte 7 days old -- ~DF386.tmp
11/06/2008 21:22:15 294912 byte 7 days old -- ~DFF552.tmp
11/06/2008 21:22:15 294912 byte 7 days old -- ~DF380.tmp
11/06/2008 21:33:59 4081834 byte 7 days old -- fla95AD.tmp
12/06/2008 18:55:40 3727 byte 6 days old -- SetupExe(20080612185539C34).log
12/06/2008 18:56:05 17189 byte 6 days old -- UserInfoSetup(20080612185540C34).log
13/06/2008 12:53:16 3733 byte 5 days old -- SetupExe(200806131253166C8).log
13/06/2008 12:53:22 17191 byte 5 days old -- UserInfoSetup(200806131253166C8).log
13/06/2008 17:37:41 (DIR) 0 byte 5 days old -- eDatasecurity
15/06/2008 16:09:23 491 byte 3 days old -- wmsetup.log
15/06/2008 22:29:24 (DIR) 0 byte 3 days old -- Rar$EX00.931
15/06/2008 22:29:56 123 byte 3 days old -- CFG3DBC.tmp
15/06/2008 22:30:05 190 byte 3 days old -- PdnMsiInstall.log
15/06/2008 22:30:05 6053 byte 3 days old -- PdnSetupNgenInstall.log
15/06/2008 22:30:24 (DIR) 0 byte 3 days old -- PdnSetup2
15/06/2008 22:49:50 (DIR) 0 byte 3 days old -- Rar$DR14.980
16/06/2008 20:35:34 4013 byte 2 days old -- qtplugin.log
16/06/2008 20:35:36 1316 byte 2 days old -- QTInstallCode.log
16/06/2008 21:18:49 (DIR) 0 byte 2 days old -- {c27573d3-3d04-4a48-9873-26b332d53e6f}
16/06/2008 21:35:16 (DIR) 0 byte 2 days old -- ConnectionManager_Pro_Corpo_FRA
16/06/2008 21:35:22 (DIR) 0 byte 2 days old -- ispA838.tmp
16/06/2008 21:36:00 107512 byte 2 days old -- Set5282.tmp
17/06/2008 12:56:01 87 byte 1 days old -- setup.log
17/06/2008 18:35:34 (DIR) 0 byte 1 days old -- plugtmp-1
18/06/2008 14:57:35 (DIR) 0 byte 0 days old -- bc_tmp
18/06/2008 15:06:14 (DIR) 0 byte 0 days old -- CDM
18/06/2008 15:53:57 1544 byte 0 days old -- java_install_reg.log
18/06/2008 19:16:18 512 byte 0 days old -- ~DF6F3B.tmp
18/06/2008 19:16:18 327680 byte 0 days old -- ~DF6F28.tmp
18/06/2008 19:16:21 327680 byte 0 days old -- ~DF9314.tmp
18/06/2008 19:16:21 512 byte 0 days old -- ~DF931A.tmp
18/06/2008 19:32:50 (DIR) 0 byte 0 days old -- plugtmp-2
18/06/2008 19:33:41 2814308 byte 0 days old -- fla73BC.tmp
18/06/2008 19:37:39 (DIR) 0 byte 0 days old -- WPDNSE
18/06/2008 19:42:35 4268 byte 0 days old -- jusched.log
18/06/2008 19:58:30 31832 byte 0 days old -- Paul.bmp
18/06/2008 20:33:58 (DIR) 0 byte 0 days old -- Low
18/06/2008 22:16:54 16384 byte 0 days old -- ~DF8D37.tmp
18/06/2008 22:16:55 16384 byte 0 days old -- ~DF85BD.tmp
18/06/2008 22:16:57 327680 byte 0 days old -- ~DF858B.tmp
18/06/2008 22:16:57 327680 byte 0 days old -- ~DF8D2C.tmp
18/06/2008 22:17:30 16384 byte 0 days old -- ~DF9073.tmp
18/06/2008 22:22:44 (DIR) 0 byte 0 days old -- nsuF2BB.tmp
18/06/2008 22:29:50 34 byte 0 days old -- systemscan.ini
18/06/2008 22:29:52 (DIR) 0 byte 0 days old -- MessengerCache
18/06/2008 22:29:52 (DIR) 0 byte 0 days old -- nst4434.tmp
18/06/2008 22:29:52 16384 byte 0 days old -- ~DFBFB3.tmp

===================== HIDDEN OBJECTS =====================

Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001583f14174]
"001e7dc907a3"=hex:e1,ac,39,29,e1,81,59,b6,63,f1,99,00,c7,95,e9,c7
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:e8,72,49,e1,f2,36,65,a4,61,4d,33,0b,07,01,01,f4,39,4d,0c,8d,cc,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,b7,c8,51,c8,ad,6f,ee,2c,43,ea,ac,d7,29,51,e1,c8,a9,..
"khjeh"=hex:05,9d,d0,87,54,3f,7c,9b,43,f3,0e,ea,60,df,0e,8d,e7,ca,d1,8b,1a,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:5c,12,1c,9b,6c,df,47,d9,73,0a,ce,49,ed,76,f9,2e,02,ea,88,58,c1,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001583f14174]
"001e7dc907a3"=hex:e1,ac,39,29,e1,81,59,b6,63,f1,99,00,c7,95,e9,c7
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:e8,72,49,e1,f2,36,65,a4,61,4d,33,0b,07,01,01,f4,39,4d,0c,8d,cc,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,b7,c8,51,c8,ad,6f,ee,2c,43,ea,ac,d7,29,51,e1,c8,a9,..
"khjeh"=hex:05,9d,d0,87,54,3f,7c,9b,43,f3,0e,ea,60,df,0e,8d,e7,ca,d1,8b,1a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:5c,12,1c,9b,6c,df,47,d9,73,0a,ce,49,ed,76,f9,2e,02,ea,88,58,c1,..

scanning hidden registry entries ...

scanning hidden files ...


scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 19


===================== RUSTOCK ROOTKIT DETECTION =====================


#### NOTHING FOUND ####

==========================================
Scan completed in 3,9 minutes
End of report


~~~~~~~~~~~~~~~~~~~~~-----CREDITS-----~~~~~~~~~~~~~~~~~~~~~
SystemScan uses some freeware tools that remain property of their authors:

* SteelWerX Registry Console Tool, Who Am I (Bobby Flekman: www.xs4all.nl/~fstaal01) --> "Registry scan", "PC accounts "
* dumphive (Markus Stephany)--> "Registry scan"
* Listdlls (M.Russinovich, B.Cogswell: www.sysinternals.com) --> "Loaded modules"
* Catchme & MBR Rootkit detector (gmer: www.gmer.net) --> "Hidden objects", "Alternate Data Streams" & "Master Boot Record"
---> NOTE: SystemScan integrates "The Avenger" from Swandog46 (http://swandog46.geekstogo.com) to allow you to remove malwares found in this log

Thanks to all of them for their hard work

P0oks
Profil : IDNaute
Plus d'informations
n°316478
18-06-2008 à 22:35:10

voila de la lecture ^^

Sham_Rock
<@_@>
Profil : Helper
Plus d'informations
n°316482
18-06-2008 à 22:42:53
Masquer