Sujet : Virus qui fait planter le pc dès que IE se lance ou je reboot
Dernière réponse : dans Sécurité
Bonsoir , hier soir j'ai choppé un virus sur internet je crois que c'est un trojan . il m'a été detecté par mon antivirus nod32 je l'ai supprimé depuis il n'est plus detecté mais jai pas mal de problème .
Mon pc qui plante que je veux redémarrer .
La restauration de système qui est impossible ( quand je clique sur suivant dans la troisième fenêtre rien ne se passe).
Ma connection internet qui est très loooooongue sur mozilla les 3/4 du temps que je clique sur un lien je suis redirigé sur un site de recherche ou de pub.....
Quand je veux lancer IE , mon pc freeze obligé de reboot brutalement .
J'ai fais un scan avec nod32/spybot/asquared/trojan remover/ccleaner et c'est toujours pareille rien à signaler pourtant les problèmes sont là.
Pouvez vous m'aider , je désespere
Rapport de démarrage hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 20:10:43, on 26/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\GnuTTer\Bureau\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://windowsisearch.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://windowsisearch.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://windowsisearch.com/ie6.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://windowsisearch.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://windowsisearch.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: (no name) - {144A6B24-0EBC-4D89-BF09-A06A718E57B5} - (no file)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - Global Startup: RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com [...] 0_4_12.cab
O17 - HKLM\System\CS5\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS6\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS7\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS8\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
Mon pc qui plante que je veux redémarrer .
La restauration de système qui est impossible ( quand je clique sur suivant dans la troisième fenêtre rien ne se passe).
Ma connection internet qui est très loooooongue sur mozilla les 3/4 du temps que je clique sur un lien je suis redirigé sur un site de recherche ou de pub.....
Quand je veux lancer IE , mon pc freeze obligé de reboot brutalement .
J'ai fais un scan avec nod32/spybot/asquared/trojan remover/ccleaner et c'est toujours pareille rien à signaler pourtant les problèmes sont là.
Pouvez vous m'aider , je désespere
Rapport de démarrage hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 20:10:43, on 26/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\GnuTTer\Bureau\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://windowsisearch.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://windowsisearch.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://windowsisearch.com/ie6.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://windowsisearch.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://windowsisearch.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: (no name) - {144A6B24-0EBC-4D89-BF09-A06A718E57B5} - (no file)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - Global Startup: RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com [...] 0_4_12.cab
O17 - HKLM\System\CS5\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS6\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS7\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS8\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
Autres pages sur : sujet virus fait planter lance reboot
Lassé par la pub ? Créez un compte
Bonjour,
Apparemment ok.
Télécharge Catchme ([#ff0000]Gmer[/#f]) sur ton Bureau.
Double clique sur catchme.exe (le .exe n'est pas forcément visible) afin de le lancer.
Lorsque la recherche sera terminée, poste le rapport catchme.log dans ta prochaine réponse.
Apparemment ok.
Re,
On va faire autrement.
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec
Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
Afin de lancer la recherche, clic sur"Rechercher".
Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]
AIDE : Tuto en images sur MBAM
On va faire autrement.
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]
AIDE : Tuto en images sur MBAM
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1211
Windows 5.1.2600 Service Pack 3
26/09/2008 22:32:25
mbam-log-2008-09-26 (22-32-25).txt
Type de recherche: Examen rapide
Eléments examinés: 43178
Temps écoulé: 6 minute(s), 27 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 10
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\smile (Trojan.Zlob) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\userinit.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: system32\userinit.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Hijack.Search) -> Bad: (http://windowsisearch.com/search?q={searchTerms}) Good: (http://www.google.com/) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\WINDOWS\system32\848700 (Trojan.BHO) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\tdssadw.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssl.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssserf.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssmain.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssinit.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdsslog.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssservers.dat (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\drivers\tdssserv.sys (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\All Users\Menu Démarrer\Antivirus Scan.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Online Spyware Test.url (Trojan.Zlob) -> Quarantined and deleted successfully.
Il a fallut reboot le pc pour terminer l'opération selon le logiciel , je n'ai vue aucune fenetre se lancer pour supprimer quoi que ce soit , mais j'arrive à utiliser internet explorer!.
Version de la base de données: 1211
Windows 5.1.2600 Service Pack 3
26/09/2008 22:32:25
mbam-log-2008-09-26 (22-32-25).txt
Type de recherche: Examen rapide
Eléments examinés: 43178
Temps écoulé: 6 minute(s), 27 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 10
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\smile (Trojan.Zlob) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\userinit.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: system32\userinit.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Hijack.Search) -> Bad: (http://windowsisearch.com/search?q={searchTerms}) Good: (http://www.google.com/) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\WINDOWS\system32\848700 (Trojan.BHO) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\tdssadw.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssl.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssserf.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssmain.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssinit.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdsslog.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssservers.dat (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\drivers\tdssserv.sys (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\All Users\Menu Démarrer\Antivirus Scan.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Online Spyware Test.url (Trojan.Zlob) -> Quarantined and deleted successfully.
Il a fallut reboot le pc pour terminer l'opération selon le logiciel , je n'ai vue aucune fenetre se lancer pour supprimer quoi que ce soit , mais j'arrive à utiliser internet explorer!.
la restauration de systeme fonctionne maintenant ! jai reboot deux fois mon pc pour test et IE marche !!! MERCI!!!
Par contre petit problème l'heure est toujours en décalage , elle m'indique 10:47h quand je clique dessus dans la fenêtre j'ai pourtant 22.47h , mais pas en bas à droite comment esce possible?
Par contre petit problème l'heure est toujours en décalage , elle m'indique 10:47h quand je clique dessus dans la fenêtre j'ai pourtant 22.47h , mais pas en bas à droite comment esce possible?
Re,
[#ff0000]Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]
Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
Double clique sur combofix.exe (le .exe n'est pas forcément visible) afin de le lancer.
Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.
AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer
[#ff0000]Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]
AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer
ComboFix 08-09-26.01 - GnuTTer 2008-09-27 14:06:48.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.2509 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\GnuTTer\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
* Resident AV is active
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\regedit.com
C:\WINDOWS\system32\taskmgr.com
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_TDSSSERV
-------\Service_TDSSserv
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-27 au 2008-09-27 ))))))))))))))))))))))))))))))))))))
.
2008-09-26 22:16 . 2008-09-26 22:16 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-26 22:16 . 2008-09-26 22:16 <REP> d-------- C:\Documents and Settings\GnuTTer\Application Data\Malwarebytes
2008-09-26 22:16 . 2008-09-26 22:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-26 22:16 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-26 22:16 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-26 21:44 . 2008-09-26 21:44 <REP> d-------- C:\Program Files\Trend Micro
2008-09-26 20:27 . 2008-09-26 22:37 <REP> d-------- C:\Program Files\Anti Trojan Elite
2008-09-26 20:19 . 2008-09-26 20:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-09-26 17:38 . 2008-09-26 18:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-09-26 17:00 . 2008-09-26 17:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-26 16:59 . 2008-09-26 17:21 <REP> d-------- C:\Program Files\Power IE
2008-09-26 13:02 . 2008-09-26 13:02 <REP> d-------- C:\Documents and Settings\GnuTTer\Application Data\Simply Super Software
2008-09-26 13:01 . 2008-09-26 13:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Trojan Remover
2008-09-26 13:00 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2008-09-26 13:00 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
2008-09-26 01:22 . 2008-09-26 01:22 694 --a------ C:\WINDOWS\wininit.ini
2008-09-26 00:49 . 2008-09-26 00:49 29,696 --a------ C:\WINDOWS\system32\tdssserf1.dll
2008-09-16 23:13 . 2008-04-14 04:34 26,624 --a------ C:\WINDOWS\system32\stus.exe
2008-09-14 11:46 . 2008-09-14 11:46 4,096 --a------ C:\WINDOWS\d3dx.dat
2008-09-11 21:20 . 2008-09-12 09:44 <REP> d-------- C:\Mumble
2008-09-10 16:42 . 2008-09-10 16:42 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-09-10 16:42 . 2008-09-10 16:42 <REP> d-------- C:\WINDOWS\system32\fr
2008-09-10 16:42 . 2008-09-10 16:42 <REP> d-------- C:\WINDOWS\system32\bits
2008-09-10 16:42 . 2008-09-10 16:42 <REP> d-------- C:\WINDOWS\l2schemas
2008-09-10 16:39 . 2008-09-10 16:39 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-09-09 17:32 . 2004-08-04 00:38 701,440 --------- C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-09-06 12:37 . 2008-09-26 00:57 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-09-06 12:37 . 2008-09-06 12:37 1,409 --a------ C:\WINDOWS\QTFont.for
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-27 10:55 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\GrabIt
2008-09-27 10:36 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\Free Download Manager
2008-09-27 09:19 --------- d-----w C:\Program Files\eMule
2008-09-26 21:00 138,784 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-09-26 19:57 --------- d-----w C:\Program Files\Vietcong
2008-09-26 19:15 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-26 19:14 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\Touchstone
2008-09-26 19:04 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\DeepBurner
2008-09-26 16:25 --------- d-----w C:\Program Files\Lavasoft
2008-09-26 16:25 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-09-26 16:25 --------- d-----w C:\Program Files\Advent Rising
2008-09-26 15:45 --------- d-----w C:\Program Files\ESET
2008-09-26 15:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-26 15:21 --------- d-----w C:\Program Files\4DiskcleanG
2008-09-26 09:20 --------- d-----w C:\Program Files\a-squared Free
2008-09-25 23:27 --------- d-----w C:\Program Files\Steam
2008-09-18 19:22 --------- d-----w C:\Program Files\mIRC
2008-09-17 15:36 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\teamspeak2
2008-09-14 13:08 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\dvdcss
2008-09-14 09:49 --------- d-----w C:\Program Files\ILLUSION
2008-09-13 20:51 --------- d-----w C:\Program Files\Teamspeak2_RC2
2008-09-10 10:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-09-06 12:27 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\OpenOffice.org2
2008-09-02 17:48 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-08-31 22:23 --------- d-----w C:\Program Files\Silkroad
2008-08-11 16:53 --------- d-----w C:\Program Files\adslTV
2008-08-07 19:48 --------- d-----w C:\Program Files\EA GAMES
2007-11-14 17:54 22,328 ----a-w C:\Documents and Settings\GnuTTer\Application Data\PnkBstrK.sys
.
------- Sigcheck -------
2004-08-05 14:00 25088 d6d65ea32b190401b57edb6706f29669 C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
2008-04-14 04:34 26624 e74ddb12188c2ff57a78624dbf7332fc C:\WINDOWS\ServicePackFiles\i386\userinit.exe
2008-09-16 23:13 8192 f9dd87cc7d77e5739abe5f8a30fcd1de C:\WINDOWS\system32\userinit.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"CursorXP"="C:\Program Files\CursorXP\CursorXP.exe" [2005-01-19 128000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-05-18 843776]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-08-30 949376]
"BootSkin Startup Jobs"="C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" [2004-04-26 270336]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 8523776]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 81920]
"nwiz"="nwiz.exe" [2007-12-05 C:\WINDOWS\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
2001-12-20 23:34 24576 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm
"vidc.mjpg"= JpegCode.dll
"VIDC.JPEG"= JpegCode.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^GnuTTer^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk]
path=C:\Documents and Settings\GnuTTer\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.3.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.3.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^GnuTTer^Menu Démarrer^Programmes^Démarrage^Xfire.lnk]
path=C:\Documents and Settings\GnuTTer\Menu Démarrer\Programmes\Démarrage\Xfire.lnk
backup=C:\WINDOWS\pss\Xfire.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
--a------ 2008-05-02 14:55 2091968 C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
--a------ 2007-08-16 13:24 167368 C:\Program Files\DAEMON Tools\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Uploader Oe Integration]
--a------ 2007-06-10 19:02 40960 C:\Program Files\Free Download Manager\FUM\fumoei.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-09-27 20:38 286720 C:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RivaTunerStartupDaemon]
--a------ 2007-09-15 17:40 2613248 C:\Program Files\RivaTuner v2.04\RivaTuner.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-08-18 18:41 1832272 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-06-14 19:32 132760 C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2007-12-05 02:41 1626112 C:\WINDOWS\system32\nwiz.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"C:\\Program Files\\adslTV\\adsltv.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\adslTV\\vlc.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Steam\\SteamApps\\dragoonss\\source sdk base\\hl2.exe"=
"C:\\Program Files\\id Software\\Enemy Territory - QUAKE Wars\\etqwded.exe"=
"C:\\Program Files\\Steam\\SteamApps\\dragoonss\\counter-strike source\\hl2.exe"=
"C:\\Codemasters\\Insane\\Game.exe"=
"C:\\WINDOWS\\system32\\dplaysvr.exe"=
"C:\\Program Files\\The All-Seeing Eye\\eye.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Sierra Online\\Battlestar Galactica\\BSG.exe"=
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic.exe"=
"C:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_online.exe"=
"C:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_ds.exe"=
"C:\\Program Files\\Sierra\\Homeworld2\\Bin\\Release\\Homeworld2.exe"=
"C:\\Program Files\\Xfire\\Xfire.exe"=
"C:\\Program Files\\id Software\\Enemy Territory - QUAKE Wars\\etqw.exe"=
"C:\\Program Files\\Steam\\SteamApps\\dragoonss\\counter-strike\\hl.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"C:\\Program Files\\Groove Games\\Land Of The Dead\\System\\LOTD.exe"=
"C:\\Program Files\\SEGA\\Universe At War Earth Assault\\UAWEA.exe"=
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"=
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe"=
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"=
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"=
"C:\\Program Files\\LucasArts\\Star Wars Jedi Knight Jedi Academy\\GameData\\jamp.exe"=
"C:\\Program Files\\Weezo\\bin\\Weezo.exe"=
"C:\\Program Files\\Unreal Tournament 3\\Binaries\\UT3.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8080:TCP"= 8080:TCP:8080
"57640:UDP"= 57640:UDP:57640
"7808:TCP"= 7808:TCP: 7808
"7808:UDP"= 7808:UDP: 7808 ù
"8090:UDP"= 8090:UDP:8090
R2 Vcs;Vcs support;C:\WINDOWS\system32\Drivers\Vcs.sys [2002-12-10 6852]
S3 ATE_PROCMON;ATE_PROCMON;C:\Program Files\Anti Trojan Elite\ATEPMon.sys [ ]
S3 PentaxUsb;PENTAX Optio 60 on USB;C:\WINDOWS\system32\DRIVERS\CoachUsb.sys [2004-03-17 46944]
S3 PentaxVc;PENTAX Optio 60 Video Capture;C:\WINDOWS\system32\DRIVERS\CoachVc.sys [2004-03-17 44256]
S3 SaiH0004;SaiH0004;C:\WINDOWS\system32\DRIVERS\SaiH0004.sys [2006-09-14 182528]
S3 SaiL0004;SaiL0004;C:\WINDOWS\system32\DRIVERS\SaiL0004.sys [2006-09-14 15104]
S3 SaiU0004;SaiU0004;C:\WINDOWS\system32\DRIVERS\SaiU0004.sys [2006-09-14 27392]
.
Contenu du dossier 'Tâches planifiées'
.
- - - - ORPHELINS SUPPRIMES - - - -
Toolbar-{144A6B24-0EBC-4D89-BF09-A06A718E57B5} - (no file)
HKU-Default-Run-wblogon - C:\WINDOWS\system32\algg.exe
MSConfigStartUp-SearchSettings - C:\Program Files\Search Settings\SearchSettings.exe
.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\GnuTTer\Application Data\Mozilla\Firefox\Profiles\wf5wdbk3.default\
FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\ma-config.com\nphardwaredetection.dll
FF -: plugin - C:\Program Files\Yahoo!\Common\npyaxmpb.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-27 14:23:12
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
PROCESSUS: C:\WINDOWS\system32\lsass.exe
-> C:\Program Files\Eset\pr_imon.dll
.
------------------------ Autres processus actifs ------------------------
.
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\ESET\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\rundll32.exe
C:\ComboFix\pv.cfexe
.
**************************************************************************
.
Heure de fin: 2008-09-27 14:29:40 - La machine a redémarré [GnuTTer]
ComboFix-quarantined-files.txt 2008-09-27 12:29:37
Avant-CF: 62ÿ074ÿ658ÿ816 octets libres
Après-CF: 62,033,571,840 octets libres
236 --- E O F --- 2008-09-11 17:52:40
Au début du scan , l'heure a été réparé j'avais 14h.00, j'ai quitté le pc après un reboot demandé par le logiciel à mon retour l'heure est redevenue décalée j'ai toujours l'heure bizarrz , là j'ai 05.00 au lieu de 17.00h
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.2509 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\GnuTTer\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
* Resident AV is active
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\regedit.com
C:\WINDOWS\system32\taskmgr.com
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_TDSSSERV
-------\Service_TDSSserv
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-27 au 2008-09-27 ))))))))))))))))))))))))))))))))))))
.
2008-09-26 22:16 . 2008-09-26 22:16 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-26 22:16 . 2008-09-26 22:16 <REP> d-------- C:\Documents and Settings\GnuTTer\Application Data\Malwarebytes
2008-09-26 22:16 . 2008-09-26 22:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-26 22:16 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-26 22:16 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-26 21:44 . 2008-09-26 21:44 <REP> d-------- C:\Program Files\Trend Micro
2008-09-26 20:27 . 2008-09-26 22:37 <REP> d-------- C:\Program Files\Anti Trojan Elite
2008-09-26 20:19 . 2008-09-26 20:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-09-26 17:38 . 2008-09-26 18:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-09-26 17:00 . 2008-09-26 17:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-26 16:59 . 2008-09-26 17:21 <REP> d-------- C:\Program Files\Power IE
2008-09-26 13:02 . 2008-09-26 13:02 <REP> d-------- C:\Documents and Settings\GnuTTer\Application Data\Simply Super Software
2008-09-26 13:01 . 2008-09-26 13:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Trojan Remover
2008-09-26 13:00 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2008-09-26 13:00 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
2008-09-26 01:22 . 2008-09-26 01:22 694 --a------ C:\WINDOWS\wininit.ini
2008-09-26 00:49 . 2008-09-26 00:49 29,696 --a------ C:\WINDOWS\system32\tdssserf1.dll
2008-09-16 23:13 . 2008-04-14 04:34 26,624 --a------ C:\WINDOWS\system32\stus.exe
2008-09-14 11:46 . 2008-09-14 11:46 4,096 --a------ C:\WINDOWS\d3dx.dat
2008-09-11 21:20 . 2008-09-12 09:44 <REP> d-------- C:\Mumble
2008-09-10 16:42 . 2008-09-10 16:42 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-09-10 16:42 . 2008-09-10 16:42 <REP> d-------- C:\WINDOWS\system32\fr
2008-09-10 16:42 . 2008-09-10 16:42 <REP> d-------- C:\WINDOWS\system32\bits
2008-09-10 16:42 . 2008-09-10 16:42 <REP> d-------- C:\WINDOWS\l2schemas
2008-09-10 16:39 . 2008-09-10 16:39 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-09-09 17:32 . 2004-08-04 00:38 701,440 --------- C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-09-06 12:37 . 2008-09-26 00:57 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-09-06 12:37 . 2008-09-06 12:37 1,409 --a------ C:\WINDOWS\QTFont.for
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-27 10:55 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\GrabIt
2008-09-27 10:36 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\Free Download Manager
2008-09-27 09:19 --------- d-----w C:\Program Files\eMule
2008-09-26 21:00 138,784 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-09-26 19:57 --------- d-----w C:\Program Files\Vietcong
2008-09-26 19:15 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-26 19:14 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\Touchstone
2008-09-26 19:04 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\DeepBurner
2008-09-26 16:25 --------- d-----w C:\Program Files\Lavasoft
2008-09-26 16:25 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-09-26 16:25 --------- d-----w C:\Program Files\Advent Rising
2008-09-26 15:45 --------- d-----w C:\Program Files\ESET
2008-09-26 15:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-26 15:21 --------- d-----w C:\Program Files\4DiskcleanG
2008-09-26 09:20 --------- d-----w C:\Program Files\a-squared Free
2008-09-25 23:27 --------- d-----w C:\Program Files\Steam
2008-09-18 19:22 --------- d-----w C:\Program Files\mIRC
2008-09-17 15:36 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\teamspeak2
2008-09-14 13:08 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\dvdcss
2008-09-14 09:49 --------- d-----w C:\Program Files\ILLUSION
2008-09-13 20:51 --------- d-----w C:\Program Files\Teamspeak2_RC2
2008-09-10 10:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-09-06 12:27 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\OpenOffice.org2
2008-09-02 17:48 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-08-31 22:23 --------- d-----w C:\Program Files\Silkroad
2008-08-11 16:53 --------- d-----w C:\Program Files\adslTV
2008-08-07 19:48 --------- d-----w C:\Program Files\EA GAMES
2007-11-14 17:54 22,328 ----a-w C:\Documents and Settings\GnuTTer\Application Data\PnkBstrK.sys
.
------- Sigcheck -------
2004-08-05 14:00 25088 d6d65ea32b190401b57edb6706f29669 C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
2008-04-14 04:34 26624 e74ddb12188c2ff57a78624dbf7332fc C:\WINDOWS\ServicePackFiles\i386\userinit.exe
2008-09-16 23:13 8192 f9dd87cc7d77e5739abe5f8a30fcd1de C:\WINDOWS\system32\userinit.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"CursorXP"="C:\Program Files\CursorXP\CursorXP.exe" [2005-01-19 128000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-05-18 843776]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-08-30 949376]
"BootSkin Startup Jobs"="C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" [2004-04-26 270336]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 8523776]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 81920]
"nwiz"="nwiz.exe" [2007-12-05 C:\WINDOWS\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
2001-12-20 23:34 24576 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm
"vidc.mjpg"= JpegCode.dll
"VIDC.JPEG"= JpegCode.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^GnuTTer^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk]
path=C:\Documents and Settings\GnuTTer\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.3.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.3.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^GnuTTer^Menu Démarrer^Programmes^Démarrage^Xfire.lnk]
path=C:\Documents and Settings\GnuTTer\Menu Démarrer\Programmes\Démarrage\Xfire.lnk
backup=C:\WINDOWS\pss\Xfire.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
--a------ 2008-05-02 14:55 2091968 C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
--a------ 2007-08-16 13:24 167368 C:\Program Files\DAEMON Tools\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Uploader Oe Integration]
--a------ 2007-06-10 19:02 40960 C:\Program Files\Free Download Manager\FUM\fumoei.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-09-27 20:38 286720 C:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RivaTunerStartupDaemon]
--a------ 2007-09-15 17:40 2613248 C:\Program Files\RivaTuner v2.04\RivaTuner.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-08-18 18:41 1832272 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-06-14 19:32 132760 C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2007-12-05 02:41 1626112 C:\WINDOWS\system32\nwiz.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"C:\\Program Files\\adslTV\\adsltv.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\adslTV\\vlc.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Steam\\SteamApps\\dragoonss\\source sdk base\\hl2.exe"=
"C:\\Program Files\\id Software\\Enemy Territory - QUAKE Wars\\etqwded.exe"=
"C:\\Program Files\\Steam\\SteamApps\\dragoonss\\counter-strike source\\hl2.exe"=
"C:\\Codemasters\\Insane\\Game.exe"=
"C:\\WINDOWS\\system32\\dplaysvr.exe"=
"C:\\Program Files\\The All-Seeing Eye\\eye.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Sierra Online\\Battlestar Galactica\\BSG.exe"=
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic.exe"=
"C:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_online.exe"=
"C:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_ds.exe"=
"C:\\Program Files\\Sierra\\Homeworld2\\Bin\\Release\\Homeworld2.exe"=
"C:\\Program Files\\Xfire\\Xfire.exe"=
"C:\\Program Files\\id Software\\Enemy Territory - QUAKE Wars\\etqw.exe"=
"C:\\Program Files\\Steam\\SteamApps\\dragoonss\\counter-strike\\hl.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"C:\\Program Files\\Groove Games\\Land Of The Dead\\System\\LOTD.exe"=
"C:\\Program Files\\SEGA\\Universe At War Earth Assault\\UAWEA.exe"=
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"=
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe"=
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"=
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"=
"C:\\Program Files\\LucasArts\\Star Wars Jedi Knight Jedi Academy\\GameData\\jamp.exe"=
"C:\\Program Files\\Weezo\\bin\\Weezo.exe"=
"C:\\Program Files\\Unreal Tournament 3\\Binaries\\UT3.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8080:TCP"= 8080:TCP:8080
"57640:UDP"= 57640:UDP:57640
"7808:TCP"= 7808:TCP: 7808
"7808:UDP"= 7808:UDP: 7808 ù
"8090:UDP"= 8090:UDP:8090
R2 Vcs;Vcs support;C:\WINDOWS\system32\Drivers\Vcs.sys [2002-12-10 6852]
S3 ATE_PROCMON;ATE_PROCMON;C:\Program Files\Anti Trojan Elite\ATEPMon.sys [ ]
S3 PentaxUsb;PENTAX Optio 60 on USB;C:\WINDOWS\system32\DRIVERS\CoachUsb.sys [2004-03-17 46944]
S3 PentaxVc;PENTAX Optio 60 Video Capture;C:\WINDOWS\system32\DRIVERS\CoachVc.sys [2004-03-17 44256]
S3 SaiH0004;SaiH0004;C:\WINDOWS\system32\DRIVERS\SaiH0004.sys [2006-09-14 182528]
S3 SaiL0004;SaiL0004;C:\WINDOWS\system32\DRIVERS\SaiL0004.sys [2006-09-14 15104]
S3 SaiU0004;SaiU0004;C:\WINDOWS\system32\DRIVERS\SaiU0004.sys [2006-09-14 27392]
.
Contenu du dossier 'Tâches planifiées'
.
- - - - ORPHELINS SUPPRIMES - - - -
Toolbar-{144A6B24-0EBC-4D89-BF09-A06A718E57B5} - (no file)
HKU-Default-Run-wblogon - C:\WINDOWS\system32\algg.exe
MSConfigStartUp-SearchSettings - C:\Program Files\Search Settings\SearchSettings.exe
.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\GnuTTer\Application Data\Mozilla\Firefox\Profiles\wf5wdbk3.default\
FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\ma-config.com\nphardwaredetection.dll
FF -: plugin - C:\Program Files\Yahoo!\Common\npyaxmpb.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-27 14:23:12
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
PROCESSUS: C:\WINDOWS\system32\lsass.exe
-> C:\Program Files\Eset\pr_imon.dll
.
------------------------ Autres processus actifs ------------------------
.
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\ESET\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\rundll32.exe
C:\ComboFix\pv.cfexe
.
**************************************************************************
.
Heure de fin: 2008-09-27 14:29:40 - La machine a redémarré [GnuTTer]
ComboFix-quarantined-files.txt 2008-09-27 12:29:37
Avant-CF: 62ÿ074ÿ658ÿ816 octets libres
Après-CF: 62,033,571,840 octets libres
236 --- E O F --- 2008-09-11 17:52:40
Au début du scan , l'heure a été réparé j'avais 14h.00, j'ai quitté le pc après un reboot demandé par le logiciel à mon retour l'heure est redevenue décalée j'ai toujours l'heure bizarrz , là j'ai 05.00 au lieu de 17.00h
Re,
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :
Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précédemment copié.
Sauvegarde ce fichier sous le nom de CFScript.txt.
Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :
![]()
Cela va relancer Combofix. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
[#ff0000]NOTE : S'il n'y a pas de redémarrage, poste quand même les rapports demandés.[/#f]
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :
File::
C:\WINDOWS\system32\tdssserf1.dll
C:\WINDOWS\system32\stus.exe
C:\WINDOWS\system32\tdssserf1.dll
C:\WINDOWS\system32\stus.exe
Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précédemment copié.
Sauvegarde ce fichier sous le nom de CFScript.txt.
Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :
Cela va relancer Combofix. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
[#ff0000]NOTE : S'il n'y a pas de redémarrage, poste quand même les rapports demandés.[/#f]
Problème reglé avec la réparation d'xp mais toujours le décalage bizarre de l'heure (07.45 h) .
edit: problème reglé via option régionales de windows xp , j'ai remplacé les hh par des HH ( am à pm ) . j'ai maintenant la bonne heure .
Merçi pour ton aide je n'ai pas eu besoin de formater grace à toi.![:)]( ":)")
.
edit: problème reglé via option régionales de windows xp , j'ai remplacé les hh par des HH ( am à pm ) . j'ai maintenant la bonne heure .
Merçi pour ton aide je n'ai pas eu besoin de formater grace à toi.
.
ComboFix 08-09-26.01 - GnuTTer 2008-09-29 10:07:11.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.2597 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\GnuTTer\Mes documents\ComboFix.exe
* Resident AV is active
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-28 au 2008-09-29 ))))))))))))))))))))))))))))))))))))
.
2008-09-28 13:29 . 2008-09-28 13:29 <REP> d-------- C:\WINDOWS\system32\_ssa_battlestar_work
2008-09-27 19:20 . 2002-08-30 14:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-09-27 19:19 . 2004-05-13 00:39 876,653 --a--c--- C:\WINDOWS\system32\dllcache\fp4awel.dll
2008-09-27 19:18 . 2002-08-30 14:00 16,384 --a--c--- C:\WINDOWS\system32\dllcache\isignup.exe
2008-09-27 19:18 . 2008-09-27 19:18 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-09-27 19:18 . 2008-09-27 19:18 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
2008-09-27 19:18 . 2008-09-27 19:18 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
2008-09-27 19:18 . 2008-09-27 19:18 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest
2008-09-27 19:18 . 2008-09-27 19:18 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
2008-09-27 19:18 . 2008-09-27 19:18 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
2008-09-27 19:12 . 2007-12-17 14:53 159,458 --a------ C:\WINDOWS\system32\nvapps.nvb
2008-09-27 19:07 . 2002-08-30 14:00 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2008-09-27 19:07 . 2002-08-30 14:00 24,661 --a--c--- C:\WINDOWS\system32\dllcache\spxcoins.dll
2008-09-27 19:07 . 2002-08-30 14:00 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2008-09-27 19:07 . 2002-08-30 14:00 13,312 --a--c--- C:\WINDOWS\system32\dllcache\irclass.dll
2008-09-26 22:16 . 2008-09-26 22:16 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-26 22:16 . 2008-09-26 22:16 <REP> d-------- C:\Documents and Settings\GnuTTer\Application Data\Malwarebytes
2008-09-26 22:16 . 2008-09-26 22:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-26 22:16 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-26 22:16 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-26 21:44 . 2008-09-26 21:44 <REP> d-------- C:\Program Files\Trend Micro
2008-09-26 20:27 . 2008-09-26 22:37 <REP> d-------- C:\Program Files\Anti Trojan Elite
2008-09-26 20:19 . 2008-09-26 20:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-09-26 17:38 . 2008-09-26 18:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-09-26 17:00 . 2008-09-26 17:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-26 16:59 . 2008-09-26 17:21 <REP> d-------- C:\Program Files\Power IE
2008-09-26 13:02 . 2008-09-26 13:02 <REP> d-------- C:\Documents and Settings\GnuTTer\Application Data\Simply Super Software
2008-09-26 13:01 . 2008-09-26 13:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Trojan Remover
2008-09-26 13:00 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2008-09-26 13:00 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
2008-09-26 01:22 . 2008-09-26 01:22 694 --a------ C:\WINDOWS\wininit.ini
2008-09-14 11:46 . 2008-09-14 11:46 4,096 --a------ C:\WINDOWS\d3dx.dat
2008-09-11 21:20 . 2008-09-12 09:44 <REP> d-------- C:\Mumble
2008-09-10 16:42 . 2008-09-10 16:42 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-09-10 16:42 . 2008-09-10 16:42 <REP> d-------- C:\WINDOWS\system32\fr
2008-09-10 16:42 . 2008-09-10 16:42 <REP> d-------- C:\WINDOWS\system32\bits
2008-09-10 16:42 . 2008-09-10 16:42 <REP> d-------- C:\WINDOWS\l2schemas
2008-09-10 16:39 . 2008-09-10 16:39 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-09-09 17:32 . 2004-08-04 00:38 701,440 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-09-06 12:37 . 2008-09-26 00:57 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-09-06 12:37 . 2008-09-06 12:37 1,409 --a------ C:\WINDOWS\QTFont.for
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-29 07:57 138,784 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-09-29 07:57 111,928 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-09-28 21:04 --------- d-----w C:\Program Files\adslTV
2008-09-28 20:30 --------- d-----w C:\Program Files\eMule
2008-09-28 18:51 --------- d-----w C:\Program Files\Teamspeak2_RC2
2008-09-28 14:11 --------- d-----w C:\Program Files\a-squared Free
2008-09-27 21:32 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\DeepBurner
2008-09-27 10:55 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\GrabIt
2008-09-27 10:36 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\Free Download Manager
2008-09-26 19:57 --------- d-----w C:\Program Files\Vietcong
2008-09-26 19:15 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-26 19:14 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\Touchstone
2008-09-26 16:25 --------- d-----w C:\Program Files\Lavasoft
2008-09-26 16:25 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-09-26 16:25 --------- d-----w C:\Program Files\Advent Rising
2008-09-26 15:45 --------- d-----w C:\Program Files\ESET
2008-09-26 15:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-26 15:21 --------- d-----w C:\Program Files\4DiskcleanG
2008-09-25 23:27 --------- d-----w C:\Program Files\Steam
2008-09-18 19:22 --------- d-----w C:\Program Files\mIRC
2008-09-17 15:36 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\teamspeak2
2008-09-14 13:08 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\dvdcss
2008-09-14 09:49 --------- d-----w C:\Program Files\ILLUSION
2008-09-10 10:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-09-06 12:27 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\OpenOffice.org2
2008-09-02 17:48 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-08-31 22:23 --------- d-----w C:\Program Files\Silkroad
2008-08-08 18:58 2,859,008 ----a-w C:\WINDOWS\system32\battlestar.scr
2008-08-08 18:55 29,184 ----a-w C:\WINDOWS\system32\sstunst2.exe
2008-08-07 19:48 --------- d-----w C:\Program Files\EA GAMES
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2007-11-14 17:54 22,328 ----a-w C:\Documents and Settings\GnuTTer\Application Data\PnkBstrK.sys
2006-06-23 06:48 32,768 ----a-r C:\WINDOWS\inf\UpdateUSB.exe
.
((((((((((((((((((((((((((((( snapshot@2008-09-27_14.29.24.79 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-14 02:33:18 1,852,928 ----a-w C:\WINDOWS\AppPatch\acgenral.dll
+ 2004-08-19 15:09:20 1,852,416 ----a-w C:\WINDOWS\AppPatch\AcGenral.dll
- 2008-04-14 02:33:18 451,072 ----a-w C:\WINDOWS\AppPatch\aclayers.dll
+ 2004-08-19 15:09:20 450,048 ----a-w C:\WINDOWS\AppPatch\AcLayers.dll
- 2008-04-14 02:33:18 141,312 ----a-w C:\WINDOWS\AppPatch\aclua.dll
+ 2004-08-19 15:09:20 137,728 ----a-w C:\WINDOWS\AppPatch\AcLua.dll
- 2008-04-14 02:33:18 245,248 ----a-w C:\WINDOWS\AppPatch\acspecfc.dll
+ 2004-08-19 15:09:20 244,736 ----a-w C:\WINDOWS\AppPatch\AcSpecfc.dll
- 2008-04-14 02:33:18 116,224 ----a-w C:\WINDOWS\AppPatch\acxtrnal.dll
+ 2004-08-19 15:09:20 116,224 ----a-w C:\WINDOWS\AppPatch\AcXtrnal.dll
- 2004-08-05 12:00:00 28,672 ----a-w C:\WINDOWS\ehome\custsat.dll
+ 2004-08-19 15:09:22 28,672 ----a-w C:\WINDOWS\ehome\custsat.dll
- 2008-04-14 02:34:03 1,037,824 ----a-w C:\WINDOWS\explorer.exe
+ 2004-08-19 15:09:54 1,036,288 ----a-w C:\WINDOWS\explorer.exe
- 2004-08-05 12:00:00 152,576 ----a-w C:\WINDOWS\Help\bnts.dll
+ 2002-08-30 12:00:00 152,576 ----a-w C:\WINDOWS\Help\bnts.dll
- 2008-04-14 02:33:41 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll
+ 2004-08-19 15:09:44 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll
- 2008-04-14 02:33:46 33,280 ----a-w C:\WINDOWS\Help\sstub.dll
+ 2004-08-19 15:09:46 33,280 ----a-w C:\WINDOWS\Help\sstub.dll
- 2004-08-05 12:00:00 3,374,512 ----a-w C:\WINDOWS\Help\Tours\mmTour\tour.exe
+ 2002-08-30 12:00:00 3,374,512 ----a-w C:\WINDOWS\Help\Tours\mmTour\tour.exe
- 2008-04-14 02:33:46 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll
+ 2004-08-19 15:09:48 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll
- 2008-04-14 02:34:06 10,752 ----a-w C:\WINDOWS\hh.exe
+ 2004-08-19 15:09:56 10,752 ----a-w C:\WINDOWS\hh.exe
- 2008-04-14 02:33:30 220,160 ----a-w C:\WINDOWS\ime\mscandui.dll
+ 2004-08-19 15:09:34 220,160 ----a-w C:\WINDOWS\ime\mscandui.dll
- 2008-04-14 02:33:41 130,048 ----a-w C:\WINDOWS\ime\softkbd.dll
+ 2004-08-19 15:09:44 130,048 ----a-w C:\WINDOWS\ime\SOFTKBD.DLL
- 2008-04-13 16:43:18 62,976 ----a-w C:\WINDOWS\ime\spgrmr.dll
+ 2004-08-19 15:08:56 62,976 ----a-w C:\WINDOWS\ime\SPGRMR.dll
- 2008-04-14 02:33:46 272,384 ----a-w C:\WINDOWS\ime\sptip.dll
+ 2004-08-19 15:09:44 272,384 ----a-w C:\WINDOWS\ime\SPTIP.dll
- 2007-06-29 10:59:14 318,976 ----a-w C:\WINDOWS\inf\unregmp2.exe
+ 2004-08-19 15:10:04 208,896 ----a-w C:\WINDOWS\inf\unregmp2.exe
- 2008-09-10 14:53:11 29,926 ----a-r C:\WINDOWS\Installer\{BADF6744-3787-48F6-B8C9-4C4995401D65}\MsblIco.Exe
+ 2008-09-27 17:28:25 29,926 ----a-r C:\WINDOWS\Installer\{BADF6744-3787-48F6-B8C9-4C4995401D65}\MsblIco.Exe
- 2008-04-14 02:33:18 24,064 ----a-w C:\WINDOWS\msagent\agentanm.dll
+ 2004-08-19 15:09:20 24,064 ----a-w C:\WINDOWS\msagent\agentanm.dll
- 2008-04-14 02:33:18 214,016 ----a-w C:\WINDOWS\msagent\agentctl.dll
+ 2004-08-19 15:09:20 214,016 ----a-w C:\WINDOWS\msagent\agentctl.dll
- 2008-04-14 02:33:18 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll
+ 2004-08-19 15:09:20 41,984 ----a-w C:\WINDOWS\msagent\agentdp2.dll
- 2008-04-14 02:33:18 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll
+ 2004-08-19 15:09:20 58,880 ----a-w C:\WINDOWS\msagent\agentdpv.dll
- 2008-04-14 02:33:18 49,152 ----a-w C:\WINDOWS\msagent\agentmpx.dll
+ 2004-08-19 15:09:20 49,152 ----a-w C:\WINDOWS\msagent\agentmpx.dll
- 2008-04-14 02:33:18 24,064 ----a-w C:\WINDOWS\msagent\agentpsh.dll
+ 2004-08-19 15:09:20 24,064 ----a-w C:\WINDOWS\msagent\agentpsh.dll
- 2008-04-14 02:33:18 44,032 ----a-w C:\WINDOWS\msagent\agentsr.dll
+ 2004-08-19 15:09:20 44,032 ----a-w C:\WINDOWS\msagent\agentsr.dll
- 2008-04-14 02:33:53 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
+ 2004-08-19 15:09:52 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
- 2008-04-14 02:33:19 24,064 ----a-w C:\WINDOWS\msagent\agtintl.dll
+ 2004-08-19 15:09:20 24,064 ----a-w C:\WINDOWS\msagent\agtintl.dll
- 2007-04-02 18:25:59 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0405.dll
+ 2002-08-30 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0405.dll
- 2007-04-02 18:25:59 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0406.dll
+ 2002-08-30 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0406.dll
- 2007-04-02 18:26:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt0407.dll
+ 2002-08-30 12:00:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt0407.dll
- 2007-04-02 18:26:00 22,016 ----a-w C:\WINDOWS\msagent\intl\agt0408.dll
+ 2002-08-30 12:00:00 22,016 ----a-w C:\WINDOWS\msagent\intl\agt0408.dll
- 2008-04-13 17:32:28 19,968 ----a-w C:\WINDOWS\msagent\intl\agt0409.dll
+ 2002-08-30 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0409.dll
- 2007-04-02 18:26:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt040b.dll
+ 2002-08-30 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt040b.dll
- 2007-04-02 18:26:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt040c.dll
+ 2002-08-30 12:00:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt040c.dll
- 2007-04-02 18:26:00 19,968 ----a-w C:\WINDOWS\msagent\intl\agt040e.dll
+ 2002-08-30 12:00:00 19,968 ----a-w C:\WINDOWS\msagent\intl\agt040e.dll
- 2007-04-02 18:26:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0410.dll
+ 2002-08-30 12:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0410.dll
- 2007-04-02 18:26:01 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0413.dll
+ 2002-08-30 12:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0413.dll
- 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0414.dll
+ 2002-08-30 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0414.dll
- 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0415.dll
+ 2002-08-30 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0415.dll
- 2007-04-02 18:26:01 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0416.dll
+ 2002-08-30 12:00:00 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0416.dll
- 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0419.dll
+ 2002-08-30 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0419.dll
- 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041d.dll
+ 2002-08-30 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041d.dll
- 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041f.dll
+ 2002-08-30 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041f.dll
- 2007-04-02 18:26:02 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0816.dll
+ 2002-08-30 12:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0816.dll
- 2007-04-02 18:26:02 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0c0a.dll
+ 2002-08-30 12:00:00 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0c0a.dll
- 2008-04-14 02:33:32 39,936 ----a-w C:\WINDOWS\msagent\mslwvtts.dll
+ 2004-08-19 15:09:34 39,936 ----a-w C:\WINDOWS\msagent\mslwvtts.dll
- 2008-04-14 02:34:15 70,656 ----a-w C:\WINDOWS\notepad.exe
+ 2004-08-19 15:10:00 70,656 ----a-w C:\WINDOWS\notepad.exe
- 2008-04-14 02:34:06 769,024 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe
+ 2004-08-19 15:09:56 768,512 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe
- 2008-04-14 02:34:06 744,448 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe
+ 2004-08-19 15:09:56 743,936 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpSvc.exe
- 2008-04-14 02:34:06 18,432 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\hscupd.exe
+ 2004-08-19 15:09:56 18,944 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HscUpd.exe
- 2008-04-14 02:34:12 172,544 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
+ 2004-08-19 15:10:00 160,768 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
- 2008-04-14 02:33:32 382,464 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msinfo.dll
+ 2004-08-19 15:09:34 381,952 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msinfo.dll
- 2008-04-14 02:33:38 102,912 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchshell.dll
+ 2004-08-19 15:09:38 102,400 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchshell.dll
- 2008-04-14 02:33:38 38,400 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
+ 2004-08-19 15:09:38 38,912 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
- 2008-04-14 02:34:26 151,040 ----a-w C:\WINDOWS\pchealth\UploadLB\Binaries\uploadm.exe
+ 2004-08-19 15:10:04 151,040 ----a-w C:\WINDOWS\pchealth\UploadLB\Binaries\UploadM.exe
- 2008-04-14 02:33:46 151,552 ----a-w C:\WINDOWS\PeerNet\sqldb20.dll
+ 2004-08-19 15:09:46 151,552 ----a-w C:\WINDOWS\PeerNet\sqldb20.dll
- 2008-04-14 02:33:46 462,848 ----a-w C:\WINDOWS\PeerNet\sqlqp20.dll
+ 2004-08-19 15:09:46 462,848 ----a-w C:\WINDOWS\PeerNet\sqlqp20.dll
- 2008-04-14 02:33:46 110,592 ----a-w C:\WINDOWS\PeerNet\sqlse20.dll
+ 2004-08-19 15:09:46 110,592 ----a-w C:\WINDOWS\PeerNet\sqlse20.dll
- 2008-04-14 02:34:19 153,088 ----a-w C:\WINDOWS\regedit.exe
+ 2004-08-19 15:10:04 153,088 ----a-w C:\WINDOWS\regedit.exe
- 2007-08-30 20:00:10 229,376 ---ha-w C:\WINDOWS\repair\ntuser.dat
+ 2008-09-27 17:19:46 307,200 ---ha-w C:\WINDOWS\repair\ntuser.dat
- 2004-08-05 12:00:00 362,496 ----a-w C:\WINDOWS\Resources\Themes\Luna\Shell\Homestead\shellstyle.dll
+ 2002-08-30 12:00:00 362,496 ----a-w C:\WINDOWS\Resources\Themes\Luna\Shell\Homestead\shellstyle.dll
- 2004-08-05 12:00:00 362,496 ----a-w C:\WINDOWS\Resources\Themes\Luna\Shell\Metallic\shellstyle.dll
+ 2002-08-30 12:00:00 362,496 ----a-w C:\WINDOWS\Resources\Themes\Luna\Shell\Metallic\shellstyle.dll
- 2004-08-05 12:00:00 361,472 ----a-w C:\WINDOWS\Resources\Themes\Luna\Shell\NormalColor\shellstyle.dll
+ 2002-08-30 12:00:00 361,472 ----a-w C:\WINDOWS\Resources\Themes\Luna\Shell\NormalColor\shellstyle.dll
- 2008-04-14 02:34:22 32,866 ------w C:\WINDOWS\slrundll.exe
+ 2004-08-19 14:10:04 32,866 ----a-w C:\WINDOWS\slrundll.exe
- 2008-04-14 02:33:31 3,166,208 ----a-w C:\WINDOWS\srchasst\msgr3en.dll
+ 2004-08-19 15:09:34 3,166,208 ----a-w C:\WINDOWS\srchasst\msgr3en.dll
- 2008-04-14 02:33:46 58,434 ----a-w C:\WINDOWS\srchasst\srchctls.dll
+ 2004-08-19 15:09:46 58,434 ----a-w C:\WINDOWS\srchasst\srchctls.dll
- 2008-04-14 02:33:46 727,102 ----a-w C:\WINDOWS\srchasst\srchui.dll
+ 2004-08-19 15:09:46 726,590 ----a-w C:\WINDOWS\srchasst\srchui.dll
- 2004-08-05 12:00:00 109,568 ----a-w C:\WINDOWS\system\AVIFILE.DLL
+ 2002-08-30 12:00:00 109,568 ----a-w C:\WINDOWS\system\AVIFILE.DLL
- 2004-08-05 12:00:00 33,904 ----a-w C:\WINDOWS\system\COMMDLG.DLL
+ 2002-08-30 12:00:00 33,904 ----a-w C:\WINDOWS\system\COMMDLG.DLL
- 2004-08-05 12:00:00 9,936 ----a-w C:\WINDOWS\system\LZEXPAND.DLL
+ 2002-08-30 12:00:00 9,936 ----a-w C:\WINDOWS\system\LZEXPAND.DLL
- 2004-08-05 12:00:00 73,680 ----a-w C:\WINDOWS\system\MCIAVI.DRV
+ 2002-08-30 12:00:00 73,680 ----a-w C:\WINDOWS\system\MCIAVI.DRV
- 2004-08-05 12:00:00 25,280 ----a-w C:\WINDOWS\system\MCISEQ.DRV
+ 2002-08-30 12:00:00 25,280 ----a-w C:\WINDOWS\system\MCISEQ.DRV
- 2004-08-05 12:00:00 28,160 ----a-w C:\WINDOWS\system\MCIWAVE.DRV
+ 2002-08-30 12:00:00 28,160 ----a-w C:\WINDOWS\system\MCIWAVE.DRV
- 2004-08-05 12:00:00 70,688 ----a-w C:\WINDOWS\system\MMSYSTEM.DLL
+ 2004-08-19 14:52:22 70,688 ----a-w C:\WINDOWS\system\MMSYSTEM.DLL
- 2004-08-05 12:00:00 127,168 ----a-w C:\WINDOWS\system\MSVIDEO.DLL
+ 2002-08-30 12:00:00 127,168 ----a-w C:\WINDOWS\system\MSVIDEO.DLL
- 2004-08-05 12:00:00 83,456 ----a-w C:\WINDOWS\system\OLECLI.DLL
+ 2002-08-30 12:00:00 83,456 ----a-w C:\WINDOWS\system\OLECLI.DLL
- 2004-08-05 12:00:00 24,064 ----a-w C:\WINDOWS\system\OLESVR.DLL
+ 2002-08-30 12:00:00 24,064 ----a-w C:\WINDOWS\system\OLESVR.DLL
- 2004-08-05 12:00:00 5,120 ----a-w C:\WINDOWS\system\SHELL.DLL
+ 2002-08-30 12:00:00 5,120 ----a-w C:\WINDOWS\system\SHELL.DLL
- 2004-08-05 12:00:00 19,200 ----a-w C:\WINDOWS\system\TAPI.DLL
+ 2002-08-30 12:00:00 19,200 ----a-w C:\WINDOWS\system\TAPI.DLL
- 2004-08-05 12:00:00 9,104 ----a-w C:\WINDOWS\system\VER.DLL
+ 2002-08-30 12:00:00 9,104 ----a-w C:\WINDOWS\system\VER.DLL
- 2008-04-14 02:34:34 146,944 ----a-w C:\WINDOWS\system\winspool.drv
+ 2004-08-19 15:10:10 146,944 ----a-w C:\WINDOWS\system\WINSPOOL.DRV
- 2004-08-05 12:00:00 55,632 ----a-w C:\WINDOWS\system32\1033\dwintl.dll
+ 2002-08-30 12:00:00 55,632 ----a-w C:\WINDOWS\system32\1033\dwintl.dll
- 2004-08-05 12:00:00 59,728 ----a-w C:\WINDOWS\system32\1036\dwintl.dll
+ 2002-08-30 12:00:00 59,728 ----a-w C:\WINDOWS\system32\1036\dwintl.dll
- 2008-04-14 02:33:18 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll
+ 2004-08-19 15:09:20 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll
- 2004-08-05 12:00:00 26,624 ----a-w C:\WINDOWS\system32\aaaamon.dll
+ 2002-08-30 12:00:00 26,624 ----a-w C:\WINDOWS\system32\aaaamon.dll
- 2008-04-14 02:33:53 190,464 ----a-w C:\WINDOWS\system32\accwiz.exe
+ 2004-08-19 15:09:52 189,952 ----a-w C:\WINDOWS\system32\accwiz.exe
- 2004-08-05 12:00:00 135,680 ----a-w C:\WINDOWS\system32\acledit.dll
+ 2002-08-30 12:00:00 135,680 ----a-w C:\WINDOWS\system32\acledit.dll
- 2008-04-14 02:33:18 120,320 ----a-w C:\WINDOWS\system32\aclui.dll
+ 2004-08-19 15:09:20 119,296 ----a-w C:\WINDOWS\system32\aclui.dll
- 2008-04-14 02:33:18 193,536 ----a-w C:\WINDOWS\system32\activeds.dll
+ 2004-08-19 15:09:20 194,048 ----a-w C:\WINDOWS\system32\activeds.dll
- 2008-04-14 02:33:53 4,096 ----a-w C:\WINDOWS\system32\actmovie.exe
+ 2004-08-19 15:09:52 4,096 ----a-w C:\WINDOWS\system32\actmovie.exe
- 2008-04-14 02:33:18 98,304 ----a-w C:\WINDOWS\system32\actxprxy.dll
+ 2004-08-19 15:09:20 101,888 ----a-w C:\WINDOWS\system32\actxprxy.dll
- 2008-04-14 02:33:18 61,440 ----a-w C:\WINDOWS\system32\admparse.dll
+ 2004-08-19 15:09:20 61,440 ----a-w C:\WINDOWS\system32\admparse.dll
- 2004-08-05 12:00:00 26,112 ----a-w C:\WINDOWS\system32\adptif.dll
+ 2002-08-30 12:00:00 26,112 ----a-w C:\WINDOWS\system32\adptif.dll
- 2008-04-14 02:33:18 175,616 ----a-w C:\WINDOWS\system32\adsldp.dll
+ 2004-08-19 15:09:20 175,616 ----a-w C:\WINDOWS\system32\adsldp.dll
- 2008-04-14 02:33:18 143,360 ----a-w C:\WINDOWS\system32\adsldpc.dll
+ 2004-08-19 15:09:20 143,360 ----a-w C:\WINDOWS\system32\adsldpc.dll
- 2008-04-14 02:33:18 68,096 ----a-w C:\WINDOWS\system32\adsmsext.dll
+ 2004-08-19 15:09:20 68,096 ----a-w C:\WINDOWS\system32\adsmsext.dll
- 2004-08-05 12:00:00 163,328 ----a-w C:\WINDOWS\system32\adsnds.dll
+ 2002-08-30 12:00:00 163,328 ----a-w C:\WINDOWS\system32\adsnds.dll
- 2008-04-14 02:33:18 263,680 ----a-w C:\WINDOWS\system32\adsnt.dll
+ 2004-08-19 15:09:20 263,680 ----a-w C:\WINDOWS\system32\adsnt.dll
- 2008-04-14 02:33:18 123,392 ----a-w C:\WINDOWS\system32\adsnw.dll
+ 2002-08-30 12:00:00 109,568 ----a-w C:\WINDOWS\system32\adsnw.dll
- 2008-04-14 02:33:18 685,568 ----a-w C:\WINDOWS\system32\advapi32.dll
+ 2004-08-19 15:09:20 685,056 ----a-w C:\WINDOWS\system32\advapi32.dll
- 2008-04-14 02:33:18 101,888 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2004-08-19 15:09:20 101,888 ----a-w C:\WINDOWS\system32\advpack.dll
- 2008-04-14 02:33:53 98,304 ----a-w C:\WINDOWS\system32\ahui.exe
+ 2004-08-19 15:09:52 98,304 ----a-w C:\WINDOWS\system32\ahui.exe
- 2008-04-14 02:33:53 44,544 ----a-w C:\WINDOWS\system32\alg.exe
+ 2004-08-19 15:09:52 44,544 ----a-w C:\WINDOWS\system32\alg.exe
- 2008-04-14 02:33:19 17,408 ----a-w C:\WINDOWS\system32\alrsvc.dll
+ 2004-08-19 15:09:20 17,408 ----a-w C:\WINDOWS\system32\alrsvc.dll
- 2008-04-14 02:33:19 70,656 ----a-w C:\WINDOWS\system32\amstream.dll
+ 2004-08-19 15:09:20 70,656 ----a-w C:\WINDOWS\system32\amstream.dll
- 2004-08-05 12:00:00 9,037 ----a-w C:\WINDOWS\system32\ansi.sys
+ 2002-08-30 12:00:00 9,037 ----a-w C:\WINDOWS\system32\ansi.sys
- 2004-08-05 12:00:00 102,912 ----a-w C:\WINDOWS\system32\apcups.dll
+ 2002-08-30 12:00:00 102,912 ----a-w C:\WINDOWS\system32\apcups.dll
- 2004-08-05 12:00:00 12,642 ----a-w C:\WINDOWS\system32\append.exe
+ 2002-08-30 12:00:00 12,642 ----a-w C:\WINDOWS\system32\append.exe
- 2008-04-14 02:33:19 125,952 ----a-w C:\WINDOWS\system32\apphelp.dll
+ 2004-08-19 15:09:20 126,976 ----a-w C:\WINDOWS\system32\apphelp.dll
- 2008-04-14 02:33:19 176,640 ----a-w C:\WINDOWS\system32\appmgmts.dll
+ 2004-08-19 15:09:20 176,640 ----a-w C:\WINDOWS\system32\appmgmts.dll
- 2008-04-14 02:33:19 302,592 ----a-w C:\WINDOWS\system32\appmgr.dll
+ 2004-08-19 15:09:20 302,592 ----a-w C:\WINDOWS\system32\appmgr.dll
- 2004-08-05 12:00:00 19,968 ----a-w C:\WINDOWS\system32\arp.exe
+ 2002-08-30 12:00:00 19,968 ----a-w C:\WINDOWS\system32\arp.exe
- 2006-11-03 08:56:54 7,680 ----a-w C:\WINDOWS\system32\asferror.dll
+ 2004-08-19 15:08:02 8,704 ----a-w C:\WINDOWS\system32\asferror.dll
- 2008-04-14 02:33:53 30,720 ----a-w C:\WINDOWS\system32\asr_fmt.exe
+ 2004-08-19 15:09:52 30,720 ----a-w C:\WINDOWS\system32\asr_fmt.exe
- 2004-08-05 12:00:00 37,888 ----a-w C:\WINDOWS\system32\asr_ldm.exe
+ 2002-08-30 12:00:00 37,888 ----a-w C:\WINDOWS\system32\asr_ldm.exe
- 2008-04-14 02:33:53 32,768 ----a-w C:\WINDOWS\system32\asr_pfu.exe
+ 2004-08-19 15:09:52 32,768 ----a-w C:\WINDOWS\system32\asr_pfu.exe
- 2008-04-14 02:33:19 65,024 ----a-w C:\WINDOWS\system32\asycfilt.dll
+ 2004-08-19 15:09:20 65,024 ----a-w C:\WINDOWS\system32\asycfilt.dll
- 2008-04-14 02:33:53 25,088 ----a-w C:\WINDOWS\system32\at.exe
+ 2004-08-19 15:09:52 25,088 ----a-w C:\WINDOWS\system32\at.exe
- 2008-04-14 02:33:19 229,376 ------w C:\WINDOWS\system32\ati2cqag.dll
+ 2004-08-19 14:09:20 229,376 ----a-w C:\WINDOWS\system32\ati2cqag.dll
- 2008-04-14 02:33:19 377,984 ------w C:\WINDOWS\system32\ati2dvaa.dll
+ 2004-08-19 14:09:20 377,984 ----a-w C:\WINDOWS\system32\ati2dvaa.dll
- 2008-04-14 02:33:19 201,728 ------w C:\WINDOWS\system32\ati2dvag.dll
+ 2004-08-19 14:09:20 201,728 ----a-w C:\WINDOWS\system32\ati2dvag.dll
- 2008-04-14 02:33:19 870,784 ------w C:\WINDOWS\system32\ati3d1ag.dll
+ 2004-08-19 14:09:20 870,784 ----a-w C:\WINDOWS\system32\ati3d1ag.dll
- 2008-04-14 02:33:19 1,888,992 ------w C:\WINDOWS\system32\ati3duag.dll
+ 2004-08-19 14:09:20 1,888,992 ----a-w C:\WINDOWS\system32\ati3duag.dll
- 2008-04-14 02:33:19 32,768 ------w C:\WINDOWS\system32\ativtmxx.dll
+ 2004-08-19 14:09:20 32,768 ----a-w C:\WINDOWS\system32\ativtmxx.dll
- 2008-04-14 02:33:19 516,768 ------w C:\WINDOWS\system32\ativvaxx.dll
+ 2004-08-19 14:09:20 516,768 ----a-w C:\WINDOWS\system32\ativvaxx.dll
- 2004-08-05 12:00:00 14,336 ----a-w C:\WINDOWS\system32\atkctrs.dll
+ 2002-08-30 12:00:00 14,336 ----a-w C:\WINDOWS\system32\atkctrs.dll
- 2008-04-14 02:33:19 58,880 ----a-w C:\WINDOWS\system32\atl.dll
+ 2004-08-19 15:09:20 58,880 ----a-w C:\WINDOWS\system32\atl.dll
- 2008-04-14 02:33:53 11,264 ----a-w C:\WINDOWS\system32\atmadm.exe
+ 2004-08-19 15:09:52 11,264 ----a-w C:\WINDOWS\system32\atmadm.exe
- 2008-04-14 02:31:00 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll
+ 2004-08-19 15:08:02 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll
- 2008-04-14 02:33:19 30,208 ----a-w C:\WINDOWS\system32\atmlib.dll
+ 2004-08-19 15:09:22 30,208 ----a-w C:\WINDOWS\system32\atmlib.dll
- 2004-08-05 12:00:00 34,816 ----a-w C:\WINDOWS\system32\atmpvcno.dll
+ 2002-08-30 12:00:00 34,816 ----a-w C:\WINDOWS\system32\atmpvcno.dll
- 2008-04-14 02:33:53 12,288 ----a-w C:\WINDOWS\system32\attrib.exe
+ 2002-08-30 12:00:00 11,264 ----a-w C:\WINDOWS\system32\attrib.exe
- 2008-04-14 02:33:19 42,496 ----a-w C:\WINDOWS\system32\audiosrv.dll
+ 2004-08-19 15:09:22 42,496 ----a-w C:\WINDOWS\system32\audiosrv.dll
- 2008-04-14 02:33:53 14,336 ----a-w C:\WINDOWS\system32\auditusr.exe
+ 2004-08-19 15:09:52 14,336 ----a-w C:\WINDOWS\system32\auditusr.exe
- 2008-04-14 02:33:19 62,464 ----a-w C:\WINDOWS\system32\authz.dll
+ 2004-08-19 15:09:22 56,832 ----a-w C:\WINDOWS\system32\authz.dll
- 2008-04-14 02:33:53 625,152 ----a-w C:\WINDOWS\system32\autochk.exe
+ 2004-08-19 15:09:52 625,152 ----a-w C:\WINDOWS\system32\autochk.exe
- 2008-04-14 02:33:53 638,976 ----a-w C:\WINDOWS\system32\autoconv.exe
+ 2004-08-19 15:09:52 638,976 ----a-w C:\WINDOWS\system32\autoconv.exe
- 2004-08-05 12:00:00 81,408 ----a-w C:\WINDOWS\system32\autodisc.dll
+ 2002-08-30 12:00:00 81,408 ----a-w C:\WINDOWS\system32\autodisc.dll
- 2008-04-14 02:33:54 616,960 ----a-w C:\WINDOWS\system32\autofmt.exe
+ 2004-08-19 15:09:52 616,960 ----a-w C:\WINDOWS\system32\autofmt.exe
- 2008-04-14 02:33:54 11,264 ----a-w C:\WINDOWS\system32\autolfn.exe
+ 2004-08-19 15:09:52 11,264 ----a-w C:\WINDOWS\system32\autolfn.exe
- 2004-08-05 12:00:00 70,352 ----a-w C:\WINDOWS\system32\avicap.dll
+ 2002-08-30 12:00:00 70,352 ----a-w C:\WINDOWS\system32\avicap.dll
- 2004-08-05 12:00:00 66,048 ----a-w C:\WINDOWS\system32\avicap32.dll
+ 2002-08-30 12:00:00 66,048 ----a-w C:\WINDOWS\system32\avicap32.dll
- 2008-04-14 02:33:19 85,504 ----a-w C:\WINDOWS\system32\avifil32.dll
+ 2004-08-19 15:09:22 85,504 ----a-w C:\WINDOWS\system32\avifil32.dll
- 2004-08-05 12:00:00 109,568 ----a-w C:\WINDOWS\system32\avifile.dll
+ 2002-08-30 12:00:00 109,568 ----a-w C:\WINDOWS\system32\avifile.dll
- 2008-04-14 02:33:19 52,736 ----a-w C:\WINDOWS\system32\basesrv.dll
+ 2004-08-19 15:09:22 52,736 ----a-w C:\WINDOWS\system32\basesrv.dll
- 2008-04-14 02:33:19 29,184 ----a-w C:\WINDOWS\system32\batmeter.dll
+ 2004-08-19 15:09:22 28,672 ----a-w C:\WINDOWS\system32\batmeter.dll
- 2008-04-14 02:33:19 8,704 ----a-w C:\WINDOWS\system32\batt.dll
+ 2004-08-19 15:09:22 8,704 ----a-w C:\WINDOWS\system32\batt.dll
- 2008-04-14 02:33:19 17,408 ----a-w C:\WINDOWS\system32\bidispl.dll
+ 2004-08-19 15:09:22 17,408 ----a-w C:\WINDOWS\system32\bidispl.dll
- 2008-04-14 02:33:19 8,192 ----a-w C:\WINDOWS\system32\bitsprx2.dll
+ 2004-08-19 15:09:22 8,192 ----a-w C:\WINDOWS\system32\bitsprx2.dll
- 2008-04-14 02:33:19 7,168 ----a-w C:\WINDOWS\system32\bitsprx3.dll
+ 2004-08-19 15:09:22 7,168 ----a-w C:\WINDOWS\system32\bitsprx3.dll
- 2006-10-18 20:47:10 542,720 ----a-w C:\WINDOWS\system32\blackbox.dll
+ 2004-08-19 15:09:22 286,208 ----a-w C:\WINDOWS\system32\blackbox.dll
- 2008-04-14 02:33:55 71,680 ----a-w C:\WINDOWS\system32\blastcln.exe
+ 2004-08-19 15:09:52 71,680 ----a-w C:\WINDOWS\system32\blastcln.exe
- 2008-04-14 02:33:55 158,208 ----a-w C:\WINDOWS\system32\bootcfg.exe
+ 2002-08-30 12:00:00 152,064 ----a-w C:\WINDOWS\system32\bootcfg.exe
- 2004-08-05 12:00:00 4,608 ----a-w C:\WINDOWS\system32\bootok.exe
+ 2002-08-30 12:00:00 4,608 ----a-w C:\WINDOWS\system32\bootok.exe
- 2004-08-05 12:00:00 12,288 ----a-w C:\WINDOWS\system32\bootvid.dll
+ 2002-08-30 12:00:00 12,288 ----a-w C:\WINDOWS\system32\bootvid.dll
- 2004-08-05 12:00:00 5,120 ----a-w C:\WINDOWS\system32\bootvrfy.exe
+ 2002-08-30 12:00:00 5,120 ----a-w C:\WINDOWS\system32\bootvrfy.exe
- 2008-04-14 01:57:48 70,144 ----a-w C:\WINDOWS\system32\browselc.dll
+ 2004-08-19 15:08:04 70,144 ----a-w C:\WINDOWS\system32\browselc.dll
- 2008-04-14 02:33:20 77,824 ----a-w C:\WINDOWS\system32\browser.dll
+ 2004-08-19 15:09:22 77,312 ----a-w C:\WINDOWS\system32\browser.dll
- 2008-04-14 02:33:20 1,025,024 ----a-w C:\WINDOWS\system32\browseui.dll
+ 2004-08-19 15:09:22 1,017,344 ----a-w C:\WINDOWS\system32\browseui.dll
- 2008-04-14 02:33:20 78,336 ----a-w C:\WINDOWS\system32\browsewm.dll
+ 2004-08-19 15:09:22 78,336 ----a-w C:\WINDOWS\system32\browsewm.dll
- 2008-04-14 02:33:20 20,992 ----a-w C:\WINDOWS\system32\bthci.dll
+ 2004-08-19 15:09:22 20,992 ----a-w C:\WINDOWS\system32\bthci.dll
- 2008-04-14 02:33:20 30,208 ----a-w C:\WINDOWS\system32\bthserv.dll
+ 2004-08-19 15:09:22 30,208 ----a-w C:\WINDOWS\system32\bthserv.dll
- 2008-04-14 02:33:20 50,688 ----a-w C:\WINDOWS\system32\btpanui.dll
+ 2004-08-19 15:09:22 50,688 ----a-w C:\WINDOWS\system32\btpanui.dll
- 2008-04-14 02:33:20 60,416 ----a-w C:\WINDOWS\system32\cabinet.dll
+ 2004-08-19 15:09:22 59,904 ----a-w C:\WINDOWS\system32\cabinet.dll
- 2008-04-14 02:33:20 85,504 ----a-w C:\WINDOWS\system32\cabview.dll
+ 2004-08-19 15:09:22 85,504 ----a-w C:\WINDOWS\system32\cabview.dll
- 2008-04-14 02:33:55 20,992 ----a-w C:\WINDOWS\system32\cacls.exe
+ 2002-08-30 12:00:00 19,456 ----a-w C:\WINDOWS\system32\cacls.exe
- 2008-04-14 02:33:20 50,688 ----a-w C:\WINDOWS\system32\camocx.dll
+ 2004-08-19 15:09:22 50,688 ----a-w C:\WINDOWS\system32\camocx.dll
- 2008-04-14 02:33:20 153,600 ----a-w C:\WINDOWS\system32\capesnpn.dll
+ 2002-08-30 12:00:00 146,432 ----a-w C:\WINDOWS\system32\capesnpn.dll
- 2004-08-05 12:00:00 359,936 ----a-w C:\WINDOWS\system32\cards.dll
+ 2002-08-30 12:00:00 359,936 ----a-w C:\WINDOWS\system32\cards.dll
- 2008-04-14 02:33:20 226,304 ----a-w C:\WINDOWS\system32\catsrv.dll
+ 2004-08-19 15:09:22 229,888 ----a-w C:\WINDOWS\system32\catsrv.dll
- 2008-04-14 02:33:20 85,504 ----a-w C:\WINDOWS\system32\catsrvps.dll
+ 2004-08-19 15:09:22 85,504 ----a-w C:\WINDOWS\system32\catsrvps.dll
- 2008-04-14 02:33:20 625,664 ----a-w C:\WINDOWS\system32\catsrvut.dll
+ 2004-08-19 15:09:22 628,224 ----a-w C:\WINDOWS\system32\catsrvut.dll
- 2004-08-05 12:00:00 27,648 ----a-w C:\WINDOWS\system32\ccfgnt.dll
+ 2002-08-30 12:00:00 27,648 ----a-w C:\WINDOWS\system32\ccfgnt.dll
- 2008-04-14 02:33:20 152,064 ----a-w C:\WINDOWS\system32\cdfview.dll
+ 2004-08-19 15:09:22 151,552 ----a-w C:\WINDOWS\system32\cdfview.dll
- 2008-07-18 20:10:48 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
+ 2004-08-19 15:09:22 66,560 ----a-w C:\WINDOWS\system32\cdm.dll
- 2008-04-14 02:33:20 2,091,520 ----a-w C:\WINDOWS\system32\cdosys.dll
+ 2004-08-19 15:09:22 2,067,968 ----a-w C:\WINDOWS\system32\cdosys.dll
- 2008-04-14 02:33:20 200,192 ----a-w C:\WINDOWS\system32\certcli.dll
+ 2004-08-19 15:09:22 200,192 ----a-w C:\WINDOWS\system32\certcli.dll
- 2008-04-14 02:33:20 467,968 ----a-w C:\WINDOWS\system32\certmgr.dll
+ 2004-08-19 15:09:22 467,968 ----a-w C:\WINDOWS\system32\certmgr.dll
- 2006-10-18 20:47:10 229,376 ----a-w C:\WINDOWS\system32\cewmdm.dll
+ 2004-08-19 15:09:22 159,232 ----a-w C:\WINDOWS\system32\cewmdm.dll
- 2008-04-14 02:33:20 39,424 ----a-w C:\WINDOWS\system32\cfgbkend.dll
+ 2004-08-19 15:09:22 39,424 ----a-w C:\WINDOWS\system32\cfgbkend.dll
- 2008-04-14 02:31:03 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll
+ 2004-08-19 15:08:04 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll
- 2004-08-05 12:00:00 7,680 ----a-w C:\WINDOWS\system32\chcp.com
+ 2002-08-30 12:00:00 7,680 ----a-w C:\WINDOWS\system32\chcp.com
- 2004-08-05 12:00:00 11,776 ----a-w C:\WINDOWS\system32\chkdsk.exe
+ 2002-08-30 12:00:00 11,776 ----a-w C:\WINDOWS\system32\chkdsk.exe
- 2004-08-05 12:00:00 11,264 ----a-w C:\WINDOWS\system32\chkntfs.exe
+ 2002-08-30 12:00:00 11,264 ----a-w C:\WINDOWS\system32\chkntfs.exe
- 2004-08-05 12:00:00 166,400 ----a-w C:\WINDOWS\system32\ciadmin.dll
+ 2002-08-30 12:00:00 166,400 ----a-w C:\WINDOWS\system32\ciadmin.dll
- 2008-04-14 02:33:20 148,480 ----a-w C:\WINDOWS\system32\cic.dll
+ 2002-08-30 12:00:00 109,568 ----a-w C:\WINDOWS\system32\cic.dll
- 2004-08-05 12:00:00 8,192 ----a-w C:\WINDOWS\system32\cidaemon.exe
+ 2002-08-30 12:00:00 8,192 ----a-w C:\WINDOWS\system32\cidaemon.exe
- 2008-04-14 02:33:20 69,120 ----a-w C:\WINDOWS\system32\ciodm.dll
+ 2004-08-19 15:09:22 69,120 ----a-w C:\WINDOWS\system32\ciodm.dll
- 2008-04-14 02:33:57 57,344 ----a-w C:\WINDOWS\system32\cipher.exe
+ 2004-08-19 15:09:52 56,832 ----a-w C:\WINDOWS\system32\cipher.exe
- 2008-04-14 02:33:57 5,632 ----a-w C:\WINDOWS\system32\cisvc.exe
+ 2004-08-19 15:09:52 5,632 ----a-w C:\WINDOWS\system32\cisvc.exe
- 2004-08-05 12:00:00 7,680 ----a-w C:\WINDOWS\system32\ckcnv.exe
+ 2002-08-30 12:00:00 7,680 ----a-w C:\WINDOWS\system32\ckcnv.exe
- 2004-08-05 12:00:00 11,264 ----a-w C:\WINDOWS\system32\clb.dll
+ 2002-08-30 12:00:00 11,264 ----a-w C:\WINDOWS\system32\clb.dll
- 2008-04-14 02:33:21 110,592 ----a-w C:\WINDOWS\system32\clbcatex.dll
+ 2004-08-19 15:09:22 110,080 ----a-w C:\WINDOWS\system32\clbcatex.dll
- 2008-04-14 02:33:21 498,688 ----a-w C:\WINDOWS\system32\clbcatq.dll
+ 2004-08-19 15:09:22 501,248 ----a-w C:\WINDOWS\system32\clbcatq.dll
- 2008-04-14 02:33:57 65,536 ----a-w C:\WINDOWS\system32\cleanmgr.exe
+ 2004-08-19 15:09:52 65,536 ----a-w C:\WINDOWS\system32\cleanmgr.exe
- 2008-04-14 02:33:21 77,824 ----a-w C:\WINDOWS\system32\cliconfg.dll
+ 2004-08-19 15:09:22 77,824 ----a-w C:\WINDOWS\system32\cliconfg.dll
- 2008-04-14 02:33:57 20,480 ----a-w C:\WINDOWS\system32\cliconfg.exe
+ 2004-08-19 15:09:52 20,480 ----a-w C:\WINDOWS\system32\cliconfg.exe
- 2008-04-14 02:33:57 104,448 ----a-w C:\WINDOWS\system32\clipbrd.exe
+ 2004-08-19 15:09:52 104,448 ----a-w C:\WINDOWS\system32\clipbrd.exe
- 2008-04-14 02:33:57 33,280 ----a-w C:\WINDOWS\system32\clipsrv.exe
+ 2004-08-19 15:09:52 33,280 ----a-w C:\WINDOWS\system32\clipsrv.exe
- 2008-04-14 02:33:21 58,368 ----a-w C:\WINDOWS\system32\clusapi.dll
+ 2004-08-19 15:09:22 57,856 ----a-w C:\WINDOWS\system32\clusapi.dll
- 2008-04-14 02:33:21 15,872 ----a-w C:\WINDOWS\system32\cmcfg32.dll
+ 2004-08-19 15:09:22 15,872 ----a-w C:\WINDOWS\system32\cmcfg32.dll
- 2008-04-14 02:33:57 401,408 ----a-w C:\WINDOWS\system32\cmd.exe
+ 2004-08-19 15:09:52 400,896 ----a-w C:\WINDOWS\system32\cmd.exe
- 2008-04-14 02:33:21 353,280 ----a-w C:\WINDOWS\system32\cmdial32.dll
+ 2004-08-19 15:09:22 352,256 ----a-w C:\WINDOWS\system32\cmdial32.dll
- 2008-04-14 02:33:57 25,600 ----a-w C:\WINDOWS\system32\cmdl32.exe
+ 2004-08-19 15:09:52 47,104 ----a-w C:\WINDOWS\system32\cmdl32.exe
- 2008-04-14 02:33:57 39,936 ----a-w C:\WINDOWS\system32\cmmon32.exe
+ 2004-08-19 15:09:52 40,448 ----a-w C:\WINDOWS\system32\cmmon32.exe
- 2004-08-05 12:00:00 14,336 ----a-w C:\WINDOWS\system32\cmpbk32.dll
+ 2002-08-30 12:00:00 14,336 ----a-w C:\WINDOWS\system32\cmpbk32.dll
- 2008-04-14 02:33:21 191,488 ----a-w C:\WINDOWS\system32\cmprops.dll
+ 2004-08-19 15:09:22 191,488 ----a-w C:\WINDOWS\system32\cmprops.dll
- 2008-04-14 02:33:21 13,312 ----a-w C:\WINDOWS\system32\cmsetacl.dll
+ 2004-08-19 15:09:22 13,824 ----a-w C:\WINDOWS\system32\cmsetACL.dll
- 2008-04-14 02:33:57 65,536 ----a-w C:\WINDOWS\system32\cmstp.exe
+ 2004-08-19 15:09:52 65,536 ----a-w C:\WINDOWS\system32\cmstp.exe
- 2008-04-14 02:33:21 40,960 ----a-w C:\WINDOWS\system32\cmutil.dll
+ 2004-08-19 15:09:22 40,960 ----a-w C:\WINDOWS\system32\cmutil.dll
- 2008-04-14 02:33:21 50,688 ----a-w C:\WINDOWS\system32\cnbjmon.dll
+ 2004-08-19 15:20:54 50,688 ----a-w C:\WINDOWS\system32\cnbjmon.dll
- 2004-08-05 12:00:00 32,768 ----a-w C:\WINDOWS\system32\cnetcfg.dll
+ 2002-08-30 12:00:00 32,768 ----a-w C:\WINDOWS\system32\cnetcfg.dll
- 2004-08-05 12:00:00 26,624 ----a-w C:\WINDOWS\system32\cnvfat.dll
+ 2002-08-30 12:00:00 26,624 ----a-w C:\WINDOWS\system32\cnvfat.dll
- 2008-04-14 02:33:21 60,416 ----a-w C:\WINDOWS\system32\colbact.dll
+ 2004-08-19 15:09:22 62,464 ----a-w C:\WINDOWS\system32\colbact.dll
- 2008-04-14 02:33:21 195,072 ----a-w C:\WINDOWS\system32\Com\comadmin.dll
+ 2004-08-19 15:09:22 195,584 ----a-w C:\WINDOWS\system32\Com\comadmin.dll
- 2008-04-14 02:33:57 9,728 ----a-w C:\WINDOWS\system32\Com\comrepl.exe
+ 2004-08-19 15:09:52 9,728 ----a-w C:\WINDOWS\system32\Com\comrepl.exe
- 2008-04-14 02:33:57 6,144 ----a-w C:\WINDOWS\system32\Com\comrereg.exe
+ 2002-08-30 12:00:00 5,120 ----a-w C:\WINDOWS\system32\Com\comrereg.exe
- 2008-04-14 02:33:21 28,160 ----a-w C:\WINDOWS\system32\comaddin.dll
+ 2002-08-30 12:00:00 25,600 ----a-w C:\WINDOWS\system32\comaddin.dll
- 2004-08-05 12:00:00 3,584 ----a-w C:\WINDOWS\system32\comcat.dll
+ 2002-08-30 12:00:00 3,584 ----a-w C:\WINDOWS\system32\comcat.dll
- 2008-04-14 02:33:21 617,472 ----a-w C:\WINDOWS\system32\comctl32.dll
+ 2004-08-19 15:09:22 611,328 ----a-w C:\WINDOWS\system32\comctl32.dll
- 2008-04-14 02:33:21 281,600 ----a-w C:\WINDOWS\system32\comdlg32.dll
+ 2004-08-19 15:09:22 281,088 ----a-w C:\WINDOWS\system32\comdlg32.dll
- 2004-08-05 12:00:00 10,544 ----a-w C:\WINDOWS\system32\comm.drv
+ 2002-08-30 12:00:00 10,544 ----a-w C:\WINDOWS\system32\comm.drv
- 2004-08-05 12:00:00 52,103 ----a-w C:\WINDOWS\system32\command.com
+ 2002-08-30 12:00:00 52,103 ----a-w C:\WINDOWS\system32\command.com
- 2004-08-05 12:00:00 33,904 ----a-w C:\WINDOWS\system32\commdlg.dll
+ 2002-08-30 12:00:00 33,904 ----a-w C:\WINDOWS\system32\commdlg.dll
- 2004-08-05 12:00:00 15,872 ----a-w C:\WINDOWS\system32\comp.exe
+ 2002-08-30 12:00:00 15,872 ----a-w C:\WINDOWS\system32\comp.exe
- 2004-08-05 12:00:00 18,432 ----a-w C:\WINDOWS\system32\compact.exe
+ 2002-08-30 12:00:00 18,432 ----a-w C:\WINDOWS\system32\compact.exe
- 2008-04-14 02:33:21 253,440 ----a-w C:\WINDOWS\system32\compatui.dll
+ 2004-08-19 15:09:22 253,440 ----a-w C:\WINDOWS\system32\compatUI.dll
- 2004-08-05 12:00:00 30,160 ----a-w C:\WINDOWS\system32\compobj.dll
+ 2002-08-30 12:00:00 30,160 ----a-w C:\WINDOWS\system32\compobj.dll
- 2008-04-14 02:33:21 230,912 ----a-w C:\WINDOWS\system32\compstui.dll
+ 2004-08-19 15:09:22 230,912 ----a-w C:\WINDOWS\system32\compstui.dll
- 2008-04-14 02:33:21 97,792 ----a-w C:\WINDOWS\system32\comrepl.dll
+ 2002-08-30 12:00:00 82,432 ----a-w C:\WINDOWS\system32\comrepl.dll
- 2008-04-14 02:33:21 851,968 ----a-w C:\WINDOWS\system32\comres.dll
+ 2004-08-19 15:09:22 851,968 ----a-w C:\WINDOWS\system32\comres.dll
- 2008-04-14 02:33:21 167,424 ----a-w C:\WINDOWS\system32\comsnap.dll
+ 2002-08-30 12:00:00 147,456 ----a-w C:\WINDOWS\system32\comsnap.dll
- 2008-04-14 02:33:21 1,267,200 ----a-w C:\WINDOWS\system32\comsvcs.dll
+ 2004-08-19 15:09:22 1,251,840 ----a-w C:\WINDOWS\system32\comsvcs.dll
- 2008-04-14 02:33:21 539,648 ----a-w C:\WINDOWS\system32\comuid.dll
+ 2004-08-19 15:09:22 540,160 ----a-w C:\WINDOWS\system32\comuid.dll
- 2008-09-26 20:24:24 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-09-27 17:23:59 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2008-09-26 20:24:24 49,152 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2008-09-27 17:23:59 49,152 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2008-09-27 17:23:58 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008092720080928\index.dat
- 2008-04-14 02:33:21 358,400 ----a-w C:\WINDOWS\system32\confmsp.dll
+ 2002-08-30 12:00:00 346,112 ----a-w C:\WINDOWS\system32\confmsp.dll
- 2008-04-14 02:33:59 27,648 ----a-w C:\WINDOWS\system32\conime.exe
+ 2004-08-19 15:09:52 27,648 ----a-w C:\WINDOWS\system32\conime.exe
- 2004-08-05 12:00:00 67,072 ----a-w C:\WINDOWS\system32\console.dll
+ 2002-08-30 12:00:00 67,072 ----a-w C:\WINDOWS\system32\console.dll
- 2004-08-05 12:00:00 8,192 ----a-w C:\WINDOWS\system32\control.exe
+ 2002-08-30 12:00:00 8,192 ----a-w C:\WINDOWS\system32\control.exe
- 2004-08-05 12:00:00 13,824 ----a-w C:\WINDOWS\system32\convert.exe
+ 2002-08-30 12:00:00 13,824 ----a-w C:\WINDOWS\system32\convert.exe
- 2008-04-14 02:33:21 35,328 ----a-w C:\WINDOWS\system32\corpol.dll
+ 2004-08-19 15:09:22 35,328 ----a-w C:\WINDOWS\system32\corpol.dll
- 2004-08-05 12:00:00 27,097 ----a-w C:\WINDOWS\system32\country.sys
+ 2002-08-30 12:00:00 27,097 ----a-w C:\WINDOWS\system32\country.sys
- 2008-04-14 02:33:21 165,888 ----a-w C:\WINDOWS\system32\credui.dll
+ 2004-08-19 15:09:22 165,888 ----a-w C:\WINDOWS\system32\credui.dll
- 2004-08-05 12:00:00 149,019 ----a-w C:\WINDOWS\system32\crtdll.dll
+ 2002-08-30 12:00:00 149,019 ----a-w C:\WINDOWS\system32\crtdll.dll
- 2008-04-14 02:33:21 606,208 ----a-w C:\WINDOWS\system32\crypt32.dll
+ 2004-08-19 15:09:22 604,672 ----a-w C:\WINDOWS\system32\crypt32.dll
- 2008-04-14 02:33:21 75,776 ----a-w C:\WINDOWS\system32\cryptdlg.dll
+ 2004-08-19 15:09:22 75,776 ----a-w C:\WINDOWS\system32\cryptdlg.dll
- 2008-04-14 02:33:21 33,280 ----a-w C:\WINDOWS\system32\cryptdll.dll
+ 2004-08-19 15:09:22 33,280 ----a-w C:\WINDOWS\system32\cryptdll.dll
- 2008-04-14 02:33:21 54,784 ----a-w C:\WINDOWS\system32\cryptext.dll
+ 2004-08-19 15:09:22 54,784 ----a-w C:\WINDOWS\system32\cryptext.dll
- 2008-04-14 02:33:21 64,512 ----a-w C:\WINDOWS\system32\cryptnet.dll
+ 2004-08-19 15:09:22 63,488 ----a-w C:\WINDOWS\system32\cryptnet.dll
- 2008-04-14 02:33:21 62,464 ----a-w C:\WINDOWS\system32\cryptsvc.dll
+ 2004-08-19 15:09:22 60,416 ----a-w C:\WINDOWS\system32\cryptsvc.dll
- 2008-04-14 02:33:21 530,432 ----a-w C:\WINDOWS\system32\cryptui.dll
+ 2004-08-19 15:09:22 530,432 ----a-w C:\WINDOWS\system32\cryptui.dll
- 2008-04-14 02:33:21 102,912 ----a-w C:\WINDOWS\system32\cscdll.dll
+ 2004-08-19 15:09:22 102,912 ----a-w C:\WINDOWS\system32\cscdll.dll
- 2008-05-07 09:07:23 135,168 ----a-w C:\WINDOWS\system32\cscript.exe
+ 2004-08-19 15:09:52 98,304 ----a-w C:\WINDOWS\system32\cscript.exe
- 2008-04-14 02:33:21 337,920 ----a-w C:\WINDOWS\system32\cscui.dll
+ 2004-08-19 15:09:22 337,920 ----a-w C:\WINDOWS\system32\cscui.dll
- 2008-04-14 02:33:22 32,256 ----a-w C:\WINDOWS\system32\csrsrv.dll
+ 2004-08-19 15:09:22 32,768 ----a-w C:\WINDOWS\system32\csrsrv.dll
- 2008-04-14 02:33:59 6,144 ----a-w C:\WINDOWS\system32\csrss.exe
+ 2004-08-19 15:09:52 6,144 ----a-w C:\WINDOWS\system32\csrss.exe
- 2004-08-05 12:00:00 73,728 ----a-w C:\WINDOWS\system32\csseqchk.dll
+ 2002-08-30 12:00:00 73,728 ----a-w C:\WINDOWS\system32\csseqchk.dll
- 2008-04-14 02:33:59 15,360 ----a-w C:\WINDOWS\system32\ctfmon.exe
+ 2004-08-19 15:09:52 15,360 ----a-w C:\WINDOWS\system32\ctfmon.exe
- 2004-08-05 12:00:00 27,136 ----a-w C:\WINDOWS\system32\ctl3d32.dll
+ 2002-08-30 12:00:00 27,136 ----a-w C:\WINDOWS\system32\ctl3d32.dll
- 2004-08-05 12:00:00 27,200 ----a-w C:\WINDOWS\system32\ctl3dv2.dll
+ 2002-08-30 12:00:00 27,200 ----a-w C:\WINDOWS\system32\ctl3dv2.dll
- 2008-04-14 02:33:22 1,179,648 ----a-w C:\WINDOWS\system32\d3d8.dll
+ 2004-08-19 15:09:22 1,179,648 ----a-w C:\WINDOWS\system32\d3d8.dll
- 2008-04-14 02:33:22 8,192 ----a-w C:\WINDOWS\system32\d3d8thk.dll
+ 2004-08-19 15:09:22 8,192 ----a-w C:\WINDOWS\system32\d3d8thk.dll
- 2008-04-14 02:33:22 1,689,088 ----a-w C:\WINDOWS\system32\d3d9.dll
+ 2004-08-19 15:09:22 1,689,088 ----a-w C:\WINDOWS\system32\d3d9.dll
- 2004-08-05 12:00:00 436,224 ----a-w C:\WINDOWS\system32\d3dim.dll
+ 2002-08-30 12:00:00 436,224 ----a-w C:\WINDOWS\system32\d3dim.dll
- 2008-04-14 02:33:22 824,320 ----a-w C:\WINDOWS\system32\d3dim700.dll
+ 2004-08-19 15:09:24 825,344 ----a-w C:\WINDOWS\system32\d3dim700.dll
- 2004-08-05 12:00:00 34,816 ----a-w C:\WINDOWS\system32\d3dpmesh.dll
+ 2002-08-30 12:00:00 34,816 ----a-w C:\WINDOWS\system32\d3dpmesh.dll
- 2004-08-05 12:00:00 590,336 ----a-w C:\WINDOWS\system32\d3dramp.dll
+ 2002-08-30 12:00:00 590,336 ----a-w C:\WINDOWS\system32\d3dramp.dll
- 2004-08-05 12:00:00 350,208 ----a-w C:\WINDOWS\system32\d3drm.dll
+ 2002-08-30 12:00:00 350,208 ----a-w C:\WINDOWS\system32\d3drm.dll
- 2004-08-05 12:00:00 47,616 ----a-w C:\WINDOWS\system32\d3dxof.dll
+ 2002-08-30 12:00:00 47,616 ----a-w C:\WINDOWS\system32\d3dxof.dll
- 2008-04-14 02:33:22 1,056,768 ----a-w C:\WINDOWS\system32\danim.dll
+ 2004-08-19 15:09:24 1,056,256 ----a-w C:\WINDOWS\system32\danim.dll
- 2008-04-14 02:33:22 55,296 ----a-w C:\WINDOWS\system32\dataclen.dll
+ 2004-08-19 15:09:24 55,296 ----a-w C:\WINDOWS\system32\dataclen.dll
- 2008-04-14 02:33:22 165,376 ----a-w C:\WINDOWS\system32\datime.dll
+ 2002-08-30 12:00:00 152,064 ----a-w C:\WINDOWS\system32\datime.dll
- 2008-04-14 02:33:22 25,600 ----a-w C:\WINDOWS\system32\davclnt.dll
+ 2004-08-19 15:09:24 25,088 ----a-w C:\WINDOWS\system32\davclnt.dll
- 2004-08-05 12:00:00 847,872 ----a-w C:\WINDOWS\system32\dbgeng.dll
+ 2002-08-30 12:00:00 847,872 ----a-w C:\WINDOWS\system32\dbgeng.dll
- 2008-04-14 02:33:22 640,000 ----a-w C:\WINDOWS\system32\dbghelp.dll
+ 2004-08-19 15:09:24 640,000 ----a-w C:\WINDOWS\system32\dbghelp.dll
- 2008-04-14 02:33:22 24,576 ----a-w C:\WINDOWS\system32\dbmsrpcn.dll
+ 2004-08-19 15:09:24 24,576 ----a-w C:\WINDOWS\system32\dbmsrpcn.dll
- 2008-04-14 02:33:22 110,592 ----a-w C:\WINDOWS\system32\dbnetlib.dll
+ 2004-08-19 15:09:24 110,592 ----a-w C:\WINDOWS\system32\dbnetlib.dll
- 2008-04-14 02:33:22 28,672 ----a-w C:\WINDOWS\system32\dbnmpntw.dll
+ 2004-08-19 15:09:24 28,672 ----a-w C:\WINDOWS\system32\dbnmpntw.dll
- 2008-04-14 02:50:20 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
+ 2004-08-19 15:23:26 1,788 ----a-w C:\WINDOWS\system32\Dcache.bin
- 2008-04-14 02:33:22 8,704 ----a-w C:\WINDOWS\system32\dciman32.dll
+ 2004-08-19 15:09:24 8,704 ----a-w C:\WINDOWS\system32\dciman32.dll
- 2008-04-14 02:33:59 6,144 ----a-w C:\WINDOWS\system32\dcomcnfg.exe
+ 2002-08-30 12:00:00 5,120 ----a-w C:\WINDOWS\system32\dcomcnfg.exe
- 2004-08-05 12:00:00 39,424 ----a-w C:\WINDOWS\system32\ddeml.dll
+ 2002-08-30 12:00:00 39,424 ----a-w C:\WINDOWS\system32\ddeml.dll
- 2008-04-14 02:33:59 31,744 ----a-w C:\WINDOWS\system32\ddeshare.exe
+ 2004-08-19 15:09:52 31,744 ----a-w C:\WINDOWS\system32\ddeshare.exe
- 2008-04-14 02:33:22 279,552 ----a-w C:\WINDOWS\system32\ddraw.dll
+ 2004-08-19 15:09:24 266,240 ----a-w C:\WINDOWS\system32\ddraw.dll
- 2008-04-14 02:33:22 27,136 ----a-w C:\WINDOWS\system32\ddrawex.dll
+ 2004-08-19 15:09:24 27,136 ----a-w C:\WINDOWS\system32\ddrawex.dll
- 2004-08-05 12:00:00 21,162 ----a-w C:\WINDOWS\system32\debug.exe
+ 2002-08-30 12:00:00 21,162 ----a-w C:\WINDOWS\system32\debug.exe
- 2008-04-14 02:33:59 25,088 ----a-w C:\WINDOWS\system32\defrag.exe
+ 2004-08-19 15:09:52 25,088 ----a-w C:\WINDOWS\system32\defrag.exe
- 2004-08-05 12:00:00 16,896 ----a-w C:\WINDOWS\system32\deskadp.dll
+ 2002-08-30 12:00:00 16,896 ----a-w C:\WINDOWS\system32\deskadp.dll
- 2004-08-05 12:00:00 16,896 ----a-w C:\WINDOWS\system32\deskmon.dll
+ 2002-08-30 12:00:00 16,896 ----a-w C:\WINDOWS\system32\deskmon.dll
- 2004-08-05 12:00:00 18,944 ----a-w C:\WINDOWS\system32\deskperf.dll
+ 2002-08-30 12:00:00 18,944 ----a-w C:\WINDOWS\system32\deskperf.dll
- 2008-04-14 02:33:22 59,904 ----a-w C:\WINDOWS\system32\devenum.dll
+ 2004-08-19 15:09:24 59,904 ----a-w C:\WINDOWS\system32\devenum.dll
- 2008-04-14 02:33:22 290,816 ----a-w C:\WINDOWS\system32\devmgr.dll
+ 2004-08-19 15:09:24 290,816 ----a-w C:\WINDOWS\system32\devmgr.dll
- 2008-04-14 02:33:59 82,944 ----a-w C:\WINDOWS\system32\dfrgfat.exe
+ 2004-08-19 15:09:52 82,432 ----a-w C:\WINDOWS\system32\dfrgfat.exe
- 2008-04-14 02:33:59 105,472 ----a-w C:\WINDOWS\system32\dfrgntfs.exe
+ 2004-08-19 15:09:52 104,960 ----a-w C:\WINDOWS\system32\dfrgntfs.exe
- 2004-08-05 12:00:00 55,808 ----a-w C:\WINDOWS\system32\dfrgres.dll
+ 2002-08-30 12:00:00 55,808 ----a-w C:\WINDOWS\system32\dfrgres.dll
- 2008-04-14 02:33:22 39,936 ----a-w C:\WINDOWS\system32\dfrgsnap.dll
+ 2004-08-19 15:09:24 39,424 ----a-w C:\WINDOWS\system32\dfrgsnap.dll
- 2008-04-14 02:33:22 124,416 ----a-w C:\WINDOWS\system32\dfrgui.dll
+ 2004-08-19 15:09:24 123,904 ----a-w C:\WINDOWS\system32\dfrgui.dll
- 2008-04-14 02:33:22 28,672 ----a-w C:\WINDOWS\system32\dfsshlex.dll
+ 2004-08-19 15:09:24 28,672 ----a-w C:\WINDOWS\system32\dfsshlex.dll
- 2008-04-14 02:33:22 115,200 ----a-w C:\WINDOWS\system32\dgnet.dll
+ 2004-08-19 15:09:24 115,200 ----a-w C:\WINDOWS\system32\dgnet.dll
- 2004-08-05 12:00:00 86,044 ----a-w C:\WINDOWS\system32\dgsetup.dll
+ 2002-08-30 12:00:00 86,044 ----a-w C:\WINDOWS\system32\dgsetup.dll
- 2008-04-14 02:33:22 127,488 ----a-w C:\WINDOWS\system32\dhcpcsvc.dll
+ 2004-08-19 15:09:24 111,616 ----a-w C:\WINDOWS\system32\dhcpcsvc.dll
- 2008-04-14 02:33:22 411,136 ----a-w C:\WINDOWS\system32\dhcpmon.dll
+ 2002-08-30 12:00:00 401,408 ----a-w C:\WINDOWS\system32\dhcpmon.dll
- 2004-08-05 12:00:00 78,848 ----a-w C:\WINDOWS\system32\dhcpsapi.dll
+ 2002-08-30 12:00:00 78,848 ----a-w C:\WINDOWS\system32\dhcpsapi.dll
- 2004-08-05 12:00:00 395,264 ----a-w C:\WINDOWS\system32\diactfrm.dll
+ 2002-08-30 12:00:00 395,264 ----a-w C:\WINDOWS\system32\diactfrm.dll
- 2008-04-14 02:34:00 87,040 ----a-w C:\WINDOWS\system32\diantz.exe
+ 2004-08-19 15:09:52 85,504 ----a-w C:\WINDOWS\system32\diantz.exe
- 2008-04-14 02:33:22 68,608 ----a-w C:\WINDOWS\system32\digest.dll
+ 2004-08-19 15:09:24 68,608 ----a-w C:\WINDOWS\system32\digest.dll
- 2004-08-05 12:00:00 44,032 ----a-w C:\WINDOWS\system32\dimap.dll
+ 2002-08-30 12:00:00 44,032 ----a-w C:\WINDOWS\system32\dimap.dll
- 2008-04-14 02:33:22 165,376 ----a-w C:\WINDOWS\system32\dinput.dll
+ 2004-08-19 15:09:24 165,376 ----a-w C:\WINDOWS\system32\dinput.dll
- 2008-04-14 02:33:22 187,904 ----a-w C:\WINDOWS\system32\dinput8.dll
+ 2004-08-19 15:09:24 187,904 ----a-w C:\WINDOWS\system32\dinput8.dll
- 2004-08-05 12:00:00 9,216 ----a-w C:\WINDOWS\system32\diskcomp.com
+ 2002-08-30 12:00:00 9,216 ----a-w C:\WINDOWS\system32\diskcomp.com
- 2004-08-05 12:00:00 7,168 ----a-w C:\WINDOWS\system32\diskcopy.com
+ 2002-08-30 12:00:00 7,168 ----a-w C:\WINDOWS\system32\diskcopy.com
- 2008-04-14 02:33:22 1,504,768 ----a-w C:\WINDOWS\system32\diskcopy.dll
+ 2002-08-30 12:00:00 1,502,208 ----a-w C:\WINDOWS\system32\diskcopy.dll
- 2008-04-14 02:34:00 167,936 ----a-w C:\WINDOWS\system32\diskpart.exe
+ 2004-08-19 15:09:52 167,936 ----a-w C:\WINDOWS\system32\diskpart.exe
- 2004-08-05 12:00:00 19,456 ----a-w C:\WINDOWS\system32\diskperf.exe
+ 2002-08-30 12:00:00 19,456 ----a-w C:\WINDOWS\system32\diskperf.exe
- 2008-04-14 02:33:22 32,768 ----a-w C:\WINDOWS\system32\dispex.dll
+ 2002-08-30 12:00:00 45,083 ----a-w C:\WINDOWS\system32\dispex.dll
+ 2004-08-19 15:09:20 100,352 -c--a-w C:\WINDOWS\system32\dllcache\6to4svc.dll
- 2004-08-05 12:00:00 26,624 -c--a-w C:\WINDOWS\system32\dllcache\aaaamon.dll
+ 2002-08-30 12:00:00 26,624 -c--a-w C:\WINDOWS\system32\dllcache\aaaamon.dll
+ 2004-08-19 15:09:52 189,952 -c--a-w C:\WINDOWS\system32\dllcache\accwiz.exe
+ 2004-08-19 15:09:20 1,852,416 -c--a-w C:\WINDOWS\system32\dllcache\acgenral.dll
+ 2004-08-19 15:09:20 450,048 -c--a-w C:\WINDOWS\system32\dllcache\aclayers.dll
- 2004-08-05 12:00:00 135,680 -c--a-w C:\WINDOWS\system32\dllcache\acledit.dll
+ 2002-08-30 12:00:00 135,680 -c--a-w C:\WINDOWS\system32\dllcache\acledit.dll
+ 2004-08-19 15:09:20 137,728 -c--a-w C:\WINDOWS\system32\dllcache\aclua.dll
+ 2004-08-19 15:09:20 119,296 -c--a-w C:\WINDOWS\system32\dllcache\aclui.dll
+ 2004-08-19 15:09:20 244,736 -c--a-w C:\WINDOWS\system32\dllcache\acspecfc.dll
+ 2004-08-19 15:09:20 194,048 -c--a-w C:\WINDOWS\system32\dllcache\activeds.dll
+ 2004-08-19 15:09:52 4,096 -c--a-w C:\WINDOWS\system32\dllcache\actmovie.exe
+ 2004-08-19 15:09:20 101,888 -c--a-w C:\WINDOWS\system32\dllcache\actxprxy.dll
+ 2004-08-19 15:09:20 116,224 -c--a-w C:\WINDOWS\system32\dllcache\acxtrnal.dll
+ 2004-08-19 15:09:20 29,696 -c--a-w C:\WINDOWS\system32\dllcache\admexs.dll
+ 2003-03-24 13:52:04 20,540 -c--a-w C:\WINDOWS\system32\dllcache\admin.dll
+ 2003-03-24 13:52:04 16,439 -c--a-w C:\WINDOWS\system32\dllcache\admin.exe
+ 2004-08-19 15:09:20 61,440 -c--a-w C:\WINDOWS\system32\dllcache\admparse.dll
+ 2004-08-19 15:09:20 43,520 -c--a-w C:\WINDOWS\system32\dllcache\admwprox.dll
- 2004-08-05 12:00:00 6,144 -c--a-w C:\WINDOWS\system32\dllcache\admxprox.dll
+ 2002-08-30 12:00:00 6,144 -c--a-w C:\WINDOWS\system32\dllcache\admxprox.dll
- 2004-08-05 12:00:00 26,112 -c--a-w C:\WINDOWS\system32\dllcache\adptif.dll
+ 2002-08-30 12:00:00 26,112 -c--a-w C:\WINDOWS\system32\dllcache\adptif.dll
- 2004-08-05 12:00:00 50,176 -c--a-w C:\WINDOWS\system32\dllcache\adrot.dll
+ 2002-08-30 12:00:00 50,176 -c--a-w C:\WINDOWS\system32\dllcache\adrot.dll
+ 2004-08-19 15:09:20 290,816 -c--a-w C:\WINDOWS\system32\dllcache\adsiis51.dll
+ 2004-08-19 15:09:20 175,616 -c--a-w C:\WINDOWS\system32\dllcache\adsldp.dll
+ 2004-08-19 15:09:20 143,360 -c--a-w C:\WINDOWS\system32\dllcache\adsldpc.dll
+ 2004-08-19 15:09:20 68,096 -c--a-w C:\WINDOWS\system32\dllcache\adsmsext.dll
- 2004-08-05 12:00:00 163,328 -c--a-w C:\WINDOWS\system32\dllcache\adsnds.dll
+ 2002-08-30 12:00:00 163,328 -c--a-w C:\WINDOWS\system32\dllcache\adsnds.dll
+ 2004-08-19 15:09:20 263,680 -c--a-w C:\WINDOWS\system32\dllcache\adsnt.dll
+ 2002-08-30 12:00:00 109,568 -c--a-w C:\WINDOWS\system32\dllcache\adsnw.dll
+ 2004-08-19 15:09:20 685,056 -c--a-w C:\WINDOWS\system32\dllcache\advapi32.dll
+ 2004-08-19 15:09:20 101,888 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
- 2008-06-20 11:40:08 138,496 -c----w C:\WINDOWS\system32\dllcache\afd.sys
+ 2004-08-03 22:14:16 138,496 -c--a-w C:\WINDOWS\system32\dllcache\afd.sys
+ 2004-08-19 15:09:20 24,064 -c--a-w C:\WINDOWS\system32\dllcache\agentanm.dll
+ 2004-08-19 15:09:20 214,016 -c--a-w C:\WINDOWS\system32\dllcache\agentctl.dll
+ 2004-08-19 15:09:20 41,984 -c--a-w C:\WINDOWS\system32\dllcache\agentdp2.dll
+ 2004-08-19 15:09:20 58,880 -c--a-w C:\WINDOWS\system32\dllcache\agentdpv.dll
+ 2004-08-19 15:09:20 49,152 -c--a-w C:\WINDOWS\system32\dllcache\agentmpx.dll
+ 2004-08-19 15:09:20 24,064 -c--a-w C:\WINDOWS\system32\dllcache\agentpsh.dll
+ 2004-08-19 15:09:20 44,032 -c--a-w C:\WINDOWS\system32\dllcache\agentsr.dll
+ 2004-08-19 15:09:52 256,512 -c--a-w C:\WINDOWS\system32\dllcache\agentsvr.exe
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0401.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0404.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0405.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0406.dll
+ 2002-08-30 12:00:00 21,504 -c--a-w C:\WINDOWS\system32\dllcache\agt0407.dll
+ 2002-08-30 12:00:00 22,016 -c--a-w C:\WINDOWS\system32\dllcache\agt0408.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0409.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt040b.dll
+ 2002-08-30 12:00:00 21,504 -c--a-w C:\WINDOWS\system32\dllcache\agt040c.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt040d.dll
+ 2002-08-30 12:00:00 19,968 -c--a-w C:\WINDOWS\system32\dllcache\agt040e.dll
+ 2002-08-30 12:00:00 20,992 -c--a-w C:\WINDOWS\system32\dllcache\agt0410.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0411.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0412.dll
+ 2002-08-30 12:00:00 20,992 -c--a-w C:\WINDOWS\system32\dllcache\agt0413.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0414.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0415.dll
+ 2002-08-30 12:00:00 20,480 -c--a-w C:\WINDOWS\system32\dllcache\agt0416.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0419.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt041d.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt041f.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0804.dll
+ 2002-08-30 12:00:00 20,992 -c--a-w C:\WINDOWS\system32\dllcache\agt0816.dll
+ 2002-08-30 12:00:00 20,480 -c--a-w C:\WINDOWS\system32\dllcache\agt0c0a.dll
+ 2004-08-19 15:09:20 24,064 -c--a-w C:\WINDOWS\system32\dllcache\agtintl.dll
+ 2004-08-19 15:09:52 98,304 -c--a-w C:\WINDOWS\system32\dllcache\ahui.exe
+ 2004-08-19 15:09:52 44,544 -c--a-w C:\WINDOWS\system32\dllcache\alg.exe
+ 2004-08-19 15:09:20 17,408 -c--a-w C:\WINDOWS\system32\dllcache\alrsvc.dll
+ 2004-08-19 15:09:20 70,656 -c--a-w C:\WINDOWS\system32\dllcache\amstream.dll
- 2004-08-05 12:00:00 9,037 -c--a-w C:\WINDOWS\system32\dllcache\ansi.sys
+ 2002-08-30 12:00:00 9,037 -c--a-w C:\WINDOWS\system32\dllcache\ansi.sys
- 2004-08-05 12:00:00 102,912 -c--a-w C:\WINDOWS\system32\dllcache\apcups.dll
+ 2002-08-30 12:00:00 102,912 -c--a-w C:\WINDOWS\system32\dllcache\apcups.dll
+ 2004-08-19 15:09:20 110,080 -c--a-w C:\WINDOWS\system32\dllcache\appconf.dll
- 2004-08-05 12:00:00 12,642 -c--a-w C:\WINDOWS\system32\dllcache\append.exe
+ 2002-08-30 12:00:00 12,642 -c--a-w C:\WINDOWS\system32\dllcache\append.exe
+ 2004-08-19 15:09:20 126,976 -c--a-w C:\WINDOWS\system32\dllcache\apphelp.dll
+ 2004-08-19 15:09:20 176,640 -c--a-w C:\WINDOWS\system32\dllcache\appmgmts.dll
+ 2004-08-19 15:09:20 302,592 -c--a-w C:\WINDOWS\system32\dllcache\appmgr.dll
+ 2004-08-19 15:09:20 334,336 -c--a-w C:\WINDOWS\system32\dllcache\aqueue.dll
- 2004-08-05 12:00:00 19,968 -c--a-w C:\WINDOWS\system32\dllcache\arp.exe
+ 2002-08-30 12:00:00 19,968 -c--a-w C:\WINDOWS\system32\dllcache\arp.exe
- 2006-11-03 08:56:54 7,680 -c--a-w C:\WINDOWS\system32\dllcache\asferror.dll
+ 2004-08-19 15:08:02 8,704 -c--a-w C:\WINDOWS\system32\dllcache\asferror.dll
+ 2004-08-19 15:09:20 377,344 -c--a-w C:\WINDOWS\system32\dllcache\asp51.dll
- 2004-08-05 12:00:00 10,240 -c--a-w C:\WINDOWS\system32\dllcache\aspperf.dll
+ 2002-08-30 12:00:00 10,240 -c--a-w C:\WINDOWS\system32\dllcache\aspperf.dll
- 2004-08-05 12:00:00 29,184 -c--a-w C:\WINDOWS\system32\dllcache\asptxn.dll
+ 2002-08-30 12:00:00 29,184 -c--a-w C:\WINDOWS\system32\dllcache\asptxn.dll
+ 2004-08-19 15:09:52 30,720 -c--a-w C:\WINDOWS\system32\dllcache\asr_fmt.exe
- 2004-08-05 12:00:00 37,888 -c--a-w C:\WINDOWS\system32\dllcache\asr_ldm.exe
+ 2002-08-30 12:00:00 37,888 -c--a-w C:\WINDOWS\system32\dllcache\asr_ldm.exe
+ 2004-08-19 15:09:52 32,768 -c--a-w C:\WINDOWS\system32\dllcache\asr_pfu.exe
+ 2004-08-19 15:09:20 65,024 -c--a-w C:\WINDOWS\system32\dllcache\asycfilt.dll
+ 2004-08-03 22:05:04 14,336 -c--a-w C:\WINDOWS\system32\dllcache\asyncmac.sys
+ 2004-08-19 15:09:52 25,088 -c--a-w C:\WINDOWS\system32\dllcache\at.exe
- 2004-08-05 12:00:00 14,336 -c--a-w C:\WINDOWS\system32\dllcache\atkctrs.dll
+ 2002-08-30 12:00:00 14,336 -c--a-w C:\WINDOWS\system32\dllcache\atkctrs.dll
+ 2004-08-19 15:09:20 58,880 -c--a-w C:\WINDOWS\system32\dllcache\atl.dll
+ 2004-08-19 15:09:52 11,264 -c--a-w C:\WINDOWS\system32\dllcache\atmadm.exe
+ 2004-08-03 21:58:32 59,904 -c--a-w C:\WINDOWS\system32\dllcache\atmarpc.sys
- 2004-08-05 12:00:00 31,360 -c--a-w C:\WINDOWS\system32\dllcache\atmepvc.sys
+ 2002-08-30 12:00:00 31,360 -c--a-w C:\WINDOWS\system32\dllcache\atmepvc.sys
+ 2004-08-19 15:08:02 285,696 -c--a-w C:\WINDOWS\system32\dllcache\atmfd.dll
+ 2004-08-03 21:58:36 55,936 -c--a-w C:\WINDOWS\system32\dllcache\atmlane.sys
+ 2004-08-19 15:09:22 30,208 -c--a-w C:\WINDOWS\system32\dllcache\atmlib.dll
- 2004-08-05 12:00:00 34,816 -c--a-w C:\WINDOWS\system32\dllcache\atmpvcno.dll
+ 2002-08-30 12:00:00 34,816 -c--a-w C:\WINDOWS\system32\dllcache\atmpvcno.dll
- 2004-08-05 12:00:00 352,256 -c--a-w C:\WINDOWS\system32\dllcache\atmuni.sys
+ 2002-08-30 12:00:00 352,256 -c--a-w C:\WINDOWS\system32\dllcache\atmuni.sys
+ 2002-08-30 12:00:00 11,264 -c--a-w C:\WINDOWS\system32\dllcache\attrib.exe
+ 2004-08-19 15:09:22 42,496 -c--a-w C:\WINDOWS\system32\dllcache\audiosrv.dll
+ 2004-08-19 15:09:52 14,336 -c--a-w C:\WINDOWS\system32\dllcache\auditusr.exe
- 2004-08-05 12:00:00 9,216 -c--a-w C:\WINDOWS\system32\dllcache\authfilt.dll
+ 2002-08-30 12:00:00 9,216 -c--a-w C:\WINDOWS\system32\dllcache\authfilt.dll
+ 2003-03-24 13:52:04 20,540 -c--a-w C:\WINDOWS\system32\dllcache\author.dll
+ 2003-03-24 13:52:04 16,439 -c--a-w C:\WINDOWS\system32\dllcache\author.exe
+ 2004-08-19 15:09:22 56,832 -c--a-w C:\WINDOWS\system32\dllcache\authz.dll
+ 2004-08-19 15:09:52 625,152 -c--a-w C:\WINDOWS\system32\dllcache\autochk.exe
+ 2004-08-19 15:09:52 638,976 -c--a-w C:\WINDOWS\system32\dllcache\autoconv.exe
- 2004-08-05 12:00:00 81,408 -c--a-w C:\WINDOWS\system32\dllcache\autodisc.dll
+ 2002-08-30 12:00:00 81,408 -c--a-w C:\WINDOWS\system32\dllcache\autodisc.dll
+ 2004-08-19 15:09:52 616,960 -c--a-w C:\WINDOWS\system32\dllcache\autofmt.exe
+ 2004-08-19 15:09:52 11,264 -c--a-w C:\WINDOWS\system32\dllcache\autolfn.exe
- 2004-08-05 12:00:00 70,352 -c--a-w C:\WINDOWS\system32\dllcache\avicap.dll
+ 2002-08-30 12:00:00 70,352 -c--a-w C:\WINDOWS\system32\dllcache\avicap.dll
- 2004-08-05 12:00:00 66,048 -c--a-w C:\WINDOWS\system32\dllcache\avicap32.dll
+ 2002-08-30 12:00:00 66,048 -c--a-w C:\WINDOWS\system32\dllcache\avicap32.dll
+ 2004-08-19 15:09:22 85,504 -c--a-w C:\WINDOWS\system32\dllcache\avifil32.dll
- 2004-08-05 12:00:00 109,568 -c--a-w C:\WINDOWS\system32\dllcache\avifile.dll
+ 2002-08-30 12:00:00 109,568 -c--a-w C:\WINDOWS\system32\dllcache\avifile.dll
+ 2004-08-19 15:09:22 52,736 -c--a-w C:\WINDOWS\system32\dllcache\basesrv.dll
+ 2004-08-19 15:09:22 28,672 -c--a-w C:\WINDOWS\system32\dllcache\batmeter.dll
+ 2004-08-19 15:09:22 8,704 -c--a-w C:\WINDOWS\system32\dllcache\batt.dll
- 2004-08-05 12:00:00 4,224 -c--a-w C:\WINDOWS\system32\dllcache\beep.sys
+ 2002-08-30 12:00:00 4,224 -c--a-w C:\WINDOWS\system32\dllcache\beep.sys
+ 2004-08-19 15:09:22 17,408 -c--a-w C:\WINDOWS\system32\dllcache\bidispl.dll
+ 2004-08-19 15:09:22 8,192 -c--a-w C:\WINDOWS\system32\dllcache\bitsprx2.dll
+ 2004-08-19 15:09:22 7,168 -c--a-w C:\WINDOWS\system32\dllcache\bitsprx3.dll
- 2006-10-18 20:47:10 542,720 -c--a-w C:\WINDOWS\system32\dllcache\blackbox.dll
+ 2004-08-19 15:09:22 286,208 -c--a-w C:\WINDOWS\system32\dllcache\blackbox.dll
+ 2004-08-19 15:09:52 71,680 -c--a-w C:\WINDOWS\system32\dllcache\blastcln.exe
- 2004-08-05 12:00:00 361,472 -c--a-w C:\WINDOWS\system32\dllcache\blue_ss.dll
+ 2002-08-30 12:00:00 361,472 -c--a-w C:\WINDOWS\system32\dllcache\blue_ss.dll
- 2004-08-05 12:00:00 152,576 -c--a-w C:\WINDOWS\system32\dllcache\bnts.dll
+ 2002-08-30 12:00:00 152,576 -c--a-w C:\WINDOWS\system32\dllcache\bnts.dll
+ 2002-08-30 12:00:00 152,064 -c--a-w C:\WINDOWS\system32\dllcache\bootcfg.exe
- 2004-08-05 12:00:00 4,608 -c--a-w C:\WINDOWS\system32\dllcache\bootok.exe
+ 2002-08-30 12:00:00 4,608 -c--a-w C:\WINDOWS\system32\dllcache\bootok.exe
- 2004-08-05 12:00:00 12,288 -c--a-w C:\WINDOWS\system32\dllcache\bootvid.dll
+ 2002-08-30 12:00:00 12,288 -c--a-w C:\WINDOWS\system32\dllcache\bootvid.dll
- 2004-08-05 12:00:00 5,120 -c--a-w C:\WINDOWS\system32\dllcache\bootvrfy.exe
+ 2002-08-30 12:00:00 5,120 -c--a-w C:\WINDOWS\system32\dllcache\bootvrfy.exe
+ 2004-08-03 21:59:58 71,552 -c--a-w C:\WINDOWS\system32\dllcache\bridge.sys
- 2004-08-05 12:00:00 45,568 -c--a-w C:\WINDOWS\system32\dllcache\browscap.dll
+ 2002-08-30 12:00:00 45,568 -c--a-w C:\WINDOWS\system32\dllcache\browscap.dll
+ 2004-08-19 15:08:04 70,144 -c--a-w C:\WINDOWS\system32\dllcache\browselc.dll
+ 2004-08-19 15:09:22 77,312 -c--a-w C:\WINDOWS\system32\dllcache\browser.dll
+ 2004-08-19 15:09:22 1,017,344 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
+ 2004-08-19 15:09:22 78,336 -c--a-w C:\WINDOWS\system32\dllcache\browsewm.dll
+ 2004-08-19
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.2597 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\GnuTTer\Mes documents\ComboFix.exe
* Resident AV is active
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-28 au 2008-09-29 ))))))))))))))))))))))))))))))))))))
.
2008-09-28 13:29 . 2008-09-28 13:29 <REP> d-------- C:\WINDOWS\system32\_ssa_battlestar_work
2008-09-27 19:20 . 2002-08-30 14:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-09-27 19:19 . 2004-05-13 00:39 876,653 --a--c--- C:\WINDOWS\system32\dllcache\fp4awel.dll
2008-09-27 19:18 . 2002-08-30 14:00 16,384 --a--c--- C:\WINDOWS\system32\dllcache\isignup.exe
2008-09-27 19:18 . 2008-09-27 19:18 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-09-27 19:18 . 2008-09-27 19:18 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
2008-09-27 19:18 . 2008-09-27 19:18 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
2008-09-27 19:18 . 2008-09-27 19:18 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest
2008-09-27 19:18 . 2008-09-27 19:18 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
2008-09-27 19:18 . 2008-09-27 19:18 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
2008-09-27 19:12 . 2007-12-17 14:53 159,458 --a------ C:\WINDOWS\system32\nvapps.nvb
2008-09-27 19:07 . 2002-08-30 14:00 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2008-09-27 19:07 . 2002-08-30 14:00 24,661 --a--c--- C:\WINDOWS\system32\dllcache\spxcoins.dll
2008-09-27 19:07 . 2002-08-30 14:00 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2008-09-27 19:07 . 2002-08-30 14:00 13,312 --a--c--- C:\WINDOWS\system32\dllcache\irclass.dll
2008-09-26 22:16 . 2008-09-26 22:16 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-26 22:16 . 2008-09-26 22:16 <REP> d-------- C:\Documents and Settings\GnuTTer\Application Data\Malwarebytes
2008-09-26 22:16 . 2008-09-26 22:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-26 22:16 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-26 22:16 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-26 21:44 . 2008-09-26 21:44 <REP> d-------- C:\Program Files\Trend Micro
2008-09-26 20:27 . 2008-09-26 22:37 <REP> d-------- C:\Program Files\Anti Trojan Elite
2008-09-26 20:19 . 2008-09-26 20:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-09-26 17:38 . 2008-09-26 18:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-09-26 17:00 . 2008-09-26 17:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-26 16:59 . 2008-09-26 17:21 <REP> d-------- C:\Program Files\Power IE
2008-09-26 13:02 . 2008-09-26 13:02 <REP> d-------- C:\Documents and Settings\GnuTTer\Application Data\Simply Super Software
2008-09-26 13:01 . 2008-09-26 13:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Trojan Remover
2008-09-26 13:00 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2008-09-26 13:00 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
2008-09-26 01:22 . 2008-09-26 01:22 694 --a------ C:\WINDOWS\wininit.ini
2008-09-14 11:46 . 2008-09-14 11:46 4,096 --a------ C:\WINDOWS\d3dx.dat
2008-09-11 21:20 . 2008-09-12 09:44 <REP> d-------- C:\Mumble
2008-09-10 16:42 . 2008-09-10 16:42 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-09-10 16:42 . 2008-09-10 16:42 <REP> d-------- C:\WINDOWS\system32\fr
2008-09-10 16:42 . 2008-09-10 16:42 <REP> d-------- C:\WINDOWS\system32\bits
2008-09-10 16:42 . 2008-09-10 16:42 <REP> d-------- C:\WINDOWS\l2schemas
2008-09-10 16:39 . 2008-09-10 16:39 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-09-09 17:32 . 2004-08-04 00:38 701,440 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-09-06 12:37 . 2008-09-26 00:57 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-09-06 12:37 . 2008-09-06 12:37 1,409 --a------ C:\WINDOWS\QTFont.for
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-29 07:57 138,784 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-09-29 07:57 111,928 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-09-28 21:04 --------- d-----w C:\Program Files\adslTV
2008-09-28 20:30 --------- d-----w C:\Program Files\eMule
2008-09-28 18:51 --------- d-----w C:\Program Files\Teamspeak2_RC2
2008-09-28 14:11 --------- d-----w C:\Program Files\a-squared Free
2008-09-27 21:32 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\DeepBurner
2008-09-27 10:55 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\GrabIt
2008-09-27 10:36 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\Free Download Manager
2008-09-26 19:57 --------- d-----w C:\Program Files\Vietcong
2008-09-26 19:15 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-26 19:14 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\Touchstone
2008-09-26 16:25 --------- d-----w C:\Program Files\Lavasoft
2008-09-26 16:25 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-09-26 16:25 --------- d-----w C:\Program Files\Advent Rising
2008-09-26 15:45 --------- d-----w C:\Program Files\ESET
2008-09-26 15:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-26 15:21 --------- d-----w C:\Program Files\4DiskcleanG
2008-09-25 23:27 --------- d-----w C:\Program Files\Steam
2008-09-18 19:22 --------- d-----w C:\Program Files\mIRC
2008-09-17 15:36 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\teamspeak2
2008-09-14 13:08 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\dvdcss
2008-09-14 09:49 --------- d-----w C:\Program Files\ILLUSION
2008-09-10 10:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-09-06 12:27 --------- d-----w C:\Documents and Settings\GnuTTer\Application Data\OpenOffice.org2
2008-09-02 17:48 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-08-31 22:23 --------- d-----w C:\Program Files\Silkroad
2008-08-08 18:58 2,859,008 ----a-w C:\WINDOWS\system32\battlestar.scr
2008-08-08 18:55 29,184 ----a-w C:\WINDOWS\system32\sstunst2.exe
2008-08-07 19:48 --------- d-----w C:\Program Files\EA GAMES
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2007-11-14 17:54 22,328 ----a-w C:\Documents and Settings\GnuTTer\Application Data\PnkBstrK.sys
2006-06-23 06:48 32,768 ----a-r C:\WINDOWS\inf\UpdateUSB.exe
.
((((((((((((((((((((((((((((( snapshot@2008-09-27_14.29.24.79 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-14 02:33:18 1,852,928 ----a-w C:\WINDOWS\AppPatch\acgenral.dll
+ 2004-08-19 15:09:20 1,852,416 ----a-w C:\WINDOWS\AppPatch\AcGenral.dll
- 2008-04-14 02:33:18 451,072 ----a-w C:\WINDOWS\AppPatch\aclayers.dll
+ 2004-08-19 15:09:20 450,048 ----a-w C:\WINDOWS\AppPatch\AcLayers.dll
- 2008-04-14 02:33:18 141,312 ----a-w C:\WINDOWS\AppPatch\aclua.dll
+ 2004-08-19 15:09:20 137,728 ----a-w C:\WINDOWS\AppPatch\AcLua.dll
- 2008-04-14 02:33:18 245,248 ----a-w C:\WINDOWS\AppPatch\acspecfc.dll
+ 2004-08-19 15:09:20 244,736 ----a-w C:\WINDOWS\AppPatch\AcSpecfc.dll
- 2008-04-14 02:33:18 116,224 ----a-w C:\WINDOWS\AppPatch\acxtrnal.dll
+ 2004-08-19 15:09:20 116,224 ----a-w C:\WINDOWS\AppPatch\AcXtrnal.dll
- 2004-08-05 12:00:00 28,672 ----a-w C:\WINDOWS\ehome\custsat.dll
+ 2004-08-19 15:09:22 28,672 ----a-w C:\WINDOWS\ehome\custsat.dll
- 2008-04-14 02:34:03 1,037,824 ----a-w C:\WINDOWS\explorer.exe
+ 2004-08-19 15:09:54 1,036,288 ----a-w C:\WINDOWS\explorer.exe
- 2004-08-05 12:00:00 152,576 ----a-w C:\WINDOWS\Help\bnts.dll
+ 2002-08-30 12:00:00 152,576 ----a-w C:\WINDOWS\Help\bnts.dll
- 2008-04-14 02:33:41 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll
+ 2004-08-19 15:09:44 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll
- 2008-04-14 02:33:46 33,280 ----a-w C:\WINDOWS\Help\sstub.dll
+ 2004-08-19 15:09:46 33,280 ----a-w C:\WINDOWS\Help\sstub.dll
- 2004-08-05 12:00:00 3,374,512 ----a-w C:\WINDOWS\Help\Tours\mmTour\tour.exe
+ 2002-08-30 12:00:00 3,374,512 ----a-w C:\WINDOWS\Help\Tours\mmTour\tour.exe
- 2008-04-14 02:33:46 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll
+ 2004-08-19 15:09:48 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll
- 2008-04-14 02:34:06 10,752 ----a-w C:\WINDOWS\hh.exe
+ 2004-08-19 15:09:56 10,752 ----a-w C:\WINDOWS\hh.exe
- 2008-04-14 02:33:30 220,160 ----a-w C:\WINDOWS\ime\mscandui.dll
+ 2004-08-19 15:09:34 220,160 ----a-w C:\WINDOWS\ime\mscandui.dll
- 2008-04-14 02:33:41 130,048 ----a-w C:\WINDOWS\ime\softkbd.dll
+ 2004-08-19 15:09:44 130,048 ----a-w C:\WINDOWS\ime\SOFTKBD.DLL
- 2008-04-13 16:43:18 62,976 ----a-w C:\WINDOWS\ime\spgrmr.dll
+ 2004-08-19 15:08:56 62,976 ----a-w C:\WINDOWS\ime\SPGRMR.dll
- 2008-04-14 02:33:46 272,384 ----a-w C:\WINDOWS\ime\sptip.dll
+ 2004-08-19 15:09:44 272,384 ----a-w C:\WINDOWS\ime\SPTIP.dll
- 2007-06-29 10:59:14 318,976 ----a-w C:\WINDOWS\inf\unregmp2.exe
+ 2004-08-19 15:10:04 208,896 ----a-w C:\WINDOWS\inf\unregmp2.exe
- 2008-09-10 14:53:11 29,926 ----a-r C:\WINDOWS\Installer\{BADF6744-3787-48F6-B8C9-4C4995401D65}\MsblIco.Exe
+ 2008-09-27 17:28:25 29,926 ----a-r C:\WINDOWS\Installer\{BADF6744-3787-48F6-B8C9-4C4995401D65}\MsblIco.Exe
- 2008-04-14 02:33:18 24,064 ----a-w C:\WINDOWS\msagent\agentanm.dll
+ 2004-08-19 15:09:20 24,064 ----a-w C:\WINDOWS\msagent\agentanm.dll
- 2008-04-14 02:33:18 214,016 ----a-w C:\WINDOWS\msagent\agentctl.dll
+ 2004-08-19 15:09:20 214,016 ----a-w C:\WINDOWS\msagent\agentctl.dll
- 2008-04-14 02:33:18 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll
+ 2004-08-19 15:09:20 41,984 ----a-w C:\WINDOWS\msagent\agentdp2.dll
- 2008-04-14 02:33:18 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll
+ 2004-08-19 15:09:20 58,880 ----a-w C:\WINDOWS\msagent\agentdpv.dll
- 2008-04-14 02:33:18 49,152 ----a-w C:\WINDOWS\msagent\agentmpx.dll
+ 2004-08-19 15:09:20 49,152 ----a-w C:\WINDOWS\msagent\agentmpx.dll
- 2008-04-14 02:33:18 24,064 ----a-w C:\WINDOWS\msagent\agentpsh.dll
+ 2004-08-19 15:09:20 24,064 ----a-w C:\WINDOWS\msagent\agentpsh.dll
- 2008-04-14 02:33:18 44,032 ----a-w C:\WINDOWS\msagent\agentsr.dll
+ 2004-08-19 15:09:20 44,032 ----a-w C:\WINDOWS\msagent\agentsr.dll
- 2008-04-14 02:33:53 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
+ 2004-08-19 15:09:52 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
- 2008-04-14 02:33:19 24,064 ----a-w C:\WINDOWS\msagent\agtintl.dll
+ 2004-08-19 15:09:20 24,064 ----a-w C:\WINDOWS\msagent\agtintl.dll
- 2007-04-02 18:25:59 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0405.dll
+ 2002-08-30 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0405.dll
- 2007-04-02 18:25:59 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0406.dll
+ 2002-08-30 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0406.dll
- 2007-04-02 18:26:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt0407.dll
+ 2002-08-30 12:00:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt0407.dll
- 2007-04-02 18:26:00 22,016 ----a-w C:\WINDOWS\msagent\intl\agt0408.dll
+ 2002-08-30 12:00:00 22,016 ----a-w C:\WINDOWS\msagent\intl\agt0408.dll
- 2008-04-13 17:32:28 19,968 ----a-w C:\WINDOWS\msagent\intl\agt0409.dll
+ 2002-08-30 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0409.dll
- 2007-04-02 18:26:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt040b.dll
+ 2002-08-30 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt040b.dll
- 2007-04-02 18:26:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt040c.dll
+ 2002-08-30 12:00:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt040c.dll
- 2007-04-02 18:26:00 19,968 ----a-w C:\WINDOWS\msagent\intl\agt040e.dll
+ 2002-08-30 12:00:00 19,968 ----a-w C:\WINDOWS\msagent\intl\agt040e.dll
- 2007-04-02 18:26:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0410.dll
+ 2002-08-30 12:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0410.dll
- 2007-04-02 18:26:01 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0413.dll
+ 2002-08-30 12:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0413.dll
- 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0414.dll
+ 2002-08-30 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0414.dll
- 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0415.dll
+ 2002-08-30 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0415.dll
- 2007-04-02 18:26:01 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0416.dll
+ 2002-08-30 12:00:00 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0416.dll
- 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0419.dll
+ 2002-08-30 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0419.dll
- 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041d.dll
+ 2002-08-30 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041d.dll
- 2007-04-02 18:26:01 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041f.dll
+ 2002-08-30 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041f.dll
- 2007-04-02 18:26:02 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0816.dll
+ 2002-08-30 12:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0816.dll
- 2007-04-02 18:26:02 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0c0a.dll
+ 2002-08-30 12:00:00 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0c0a.dll
- 2008-04-14 02:33:32 39,936 ----a-w C:\WINDOWS\msagent\mslwvtts.dll
+ 2004-08-19 15:09:34 39,936 ----a-w C:\WINDOWS\msagent\mslwvtts.dll
- 2008-04-14 02:34:15 70,656 ----a-w C:\WINDOWS\notepad.exe
+ 2004-08-19 15:10:00 70,656 ----a-w C:\WINDOWS\notepad.exe
- 2008-04-14 02:34:06 769,024 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe
+ 2004-08-19 15:09:56 768,512 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe
- 2008-04-14 02:34:06 744,448 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe
+ 2004-08-19 15:09:56 743,936 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpSvc.exe
- 2008-04-14 02:34:06 18,432 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\hscupd.exe
+ 2004-08-19 15:09:56 18,944 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HscUpd.exe
- 2008-04-14 02:34:12 172,544 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
+ 2004-08-19 15:10:00 160,768 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
- 2008-04-14 02:33:32 382,464 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msinfo.dll
+ 2004-08-19 15:09:34 381,952 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msinfo.dll
- 2008-04-14 02:33:38 102,912 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchshell.dll
+ 2004-08-19 15:09:38 102,400 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchshell.dll
- 2008-04-14 02:33:38 38,400 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
+ 2004-08-19 15:09:38 38,912 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
- 2008-04-14 02:34:26 151,040 ----a-w C:\WINDOWS\pchealth\UploadLB\Binaries\uploadm.exe
+ 2004-08-19 15:10:04 151,040 ----a-w C:\WINDOWS\pchealth\UploadLB\Binaries\UploadM.exe
- 2008-04-14 02:33:46 151,552 ----a-w C:\WINDOWS\PeerNet\sqldb20.dll
+ 2004-08-19 15:09:46 151,552 ----a-w C:\WINDOWS\PeerNet\sqldb20.dll
- 2008-04-14 02:33:46 462,848 ----a-w C:\WINDOWS\PeerNet\sqlqp20.dll
+ 2004-08-19 15:09:46 462,848 ----a-w C:\WINDOWS\PeerNet\sqlqp20.dll
- 2008-04-14 02:33:46 110,592 ----a-w C:\WINDOWS\PeerNet\sqlse20.dll
+ 2004-08-19 15:09:46 110,592 ----a-w C:\WINDOWS\PeerNet\sqlse20.dll
- 2008-04-14 02:34:19 153,088 ----a-w C:\WINDOWS\regedit.exe
+ 2004-08-19 15:10:04 153,088 ----a-w C:\WINDOWS\regedit.exe
- 2007-08-30 20:00:10 229,376 ---ha-w C:\WINDOWS\repair\ntuser.dat
+ 2008-09-27 17:19:46 307,200 ---ha-w C:\WINDOWS\repair\ntuser.dat
- 2004-08-05 12:00:00 362,496 ----a-w C:\WINDOWS\Resources\Themes\Luna\Shell\Homestead\shellstyle.dll
+ 2002-08-30 12:00:00 362,496 ----a-w C:\WINDOWS\Resources\Themes\Luna\Shell\Homestead\shellstyle.dll
- 2004-08-05 12:00:00 362,496 ----a-w C:\WINDOWS\Resources\Themes\Luna\Shell\Metallic\shellstyle.dll
+ 2002-08-30 12:00:00 362,496 ----a-w C:\WINDOWS\Resources\Themes\Luna\Shell\Metallic\shellstyle.dll
- 2004-08-05 12:00:00 361,472 ----a-w C:\WINDOWS\Resources\Themes\Luna\Shell\NormalColor\shellstyle.dll
+ 2002-08-30 12:00:00 361,472 ----a-w C:\WINDOWS\Resources\Themes\Luna\Shell\NormalColor\shellstyle.dll
- 2008-04-14 02:34:22 32,866 ------w C:\WINDOWS\slrundll.exe
+ 2004-08-19 14:10:04 32,866 ----a-w C:\WINDOWS\slrundll.exe
- 2008-04-14 02:33:31 3,166,208 ----a-w C:\WINDOWS\srchasst\msgr3en.dll
+ 2004-08-19 15:09:34 3,166,208 ----a-w C:\WINDOWS\srchasst\msgr3en.dll
- 2008-04-14 02:33:46 58,434 ----a-w C:\WINDOWS\srchasst\srchctls.dll
+ 2004-08-19 15:09:46 58,434 ----a-w C:\WINDOWS\srchasst\srchctls.dll
- 2008-04-14 02:33:46 727,102 ----a-w C:\WINDOWS\srchasst\srchui.dll
+ 2004-08-19 15:09:46 726,590 ----a-w C:\WINDOWS\srchasst\srchui.dll
- 2004-08-05 12:00:00 109,568 ----a-w C:\WINDOWS\system\AVIFILE.DLL
+ 2002-08-30 12:00:00 109,568 ----a-w C:\WINDOWS\system\AVIFILE.DLL
- 2004-08-05 12:00:00 33,904 ----a-w C:\WINDOWS\system\COMMDLG.DLL
+ 2002-08-30 12:00:00 33,904 ----a-w C:\WINDOWS\system\COMMDLG.DLL
- 2004-08-05 12:00:00 9,936 ----a-w C:\WINDOWS\system\LZEXPAND.DLL
+ 2002-08-30 12:00:00 9,936 ----a-w C:\WINDOWS\system\LZEXPAND.DLL
- 2004-08-05 12:00:00 73,680 ----a-w C:\WINDOWS\system\MCIAVI.DRV
+ 2002-08-30 12:00:00 73,680 ----a-w C:\WINDOWS\system\MCIAVI.DRV
- 2004-08-05 12:00:00 25,280 ----a-w C:\WINDOWS\system\MCISEQ.DRV
+ 2002-08-30 12:00:00 25,280 ----a-w C:\WINDOWS\system\MCISEQ.DRV
- 2004-08-05 12:00:00 28,160 ----a-w C:\WINDOWS\system\MCIWAVE.DRV
+ 2002-08-30 12:00:00 28,160 ----a-w C:\WINDOWS\system\MCIWAVE.DRV
- 2004-08-05 12:00:00 70,688 ----a-w C:\WINDOWS\system\MMSYSTEM.DLL
+ 2004-08-19 14:52:22 70,688 ----a-w C:\WINDOWS\system\MMSYSTEM.DLL
- 2004-08-05 12:00:00 127,168 ----a-w C:\WINDOWS\system\MSVIDEO.DLL
+ 2002-08-30 12:00:00 127,168 ----a-w C:\WINDOWS\system\MSVIDEO.DLL
- 2004-08-05 12:00:00 83,456 ----a-w C:\WINDOWS\system\OLECLI.DLL
+ 2002-08-30 12:00:00 83,456 ----a-w C:\WINDOWS\system\OLECLI.DLL
- 2004-08-05 12:00:00 24,064 ----a-w C:\WINDOWS\system\OLESVR.DLL
+ 2002-08-30 12:00:00 24,064 ----a-w C:\WINDOWS\system\OLESVR.DLL
- 2004-08-05 12:00:00 5,120 ----a-w C:\WINDOWS\system\SHELL.DLL
+ 2002-08-30 12:00:00 5,120 ----a-w C:\WINDOWS\system\SHELL.DLL
- 2004-08-05 12:00:00 19,200 ----a-w C:\WINDOWS\system\TAPI.DLL
+ 2002-08-30 12:00:00 19,200 ----a-w C:\WINDOWS\system\TAPI.DLL
- 2004-08-05 12:00:00 9,104 ----a-w C:\WINDOWS\system\VER.DLL
+ 2002-08-30 12:00:00 9,104 ----a-w C:\WINDOWS\system\VER.DLL
- 2008-04-14 02:34:34 146,944 ----a-w C:\WINDOWS\system\winspool.drv
+ 2004-08-19 15:10:10 146,944 ----a-w C:\WINDOWS\system\WINSPOOL.DRV
- 2004-08-05 12:00:00 55,632 ----a-w C:\WINDOWS\system32\1033\dwintl.dll
+ 2002-08-30 12:00:00 55,632 ----a-w C:\WINDOWS\system32\1033\dwintl.dll
- 2004-08-05 12:00:00 59,728 ----a-w C:\WINDOWS\system32\1036\dwintl.dll
+ 2002-08-30 12:00:00 59,728 ----a-w C:\WINDOWS\system32\1036\dwintl.dll
- 2008-04-14 02:33:18 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll
+ 2004-08-19 15:09:20 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll
- 2004-08-05 12:00:00 26,624 ----a-w C:\WINDOWS\system32\aaaamon.dll
+ 2002-08-30 12:00:00 26,624 ----a-w C:\WINDOWS\system32\aaaamon.dll
- 2008-04-14 02:33:53 190,464 ----a-w C:\WINDOWS\system32\accwiz.exe
+ 2004-08-19 15:09:52 189,952 ----a-w C:\WINDOWS\system32\accwiz.exe
- 2004-08-05 12:00:00 135,680 ----a-w C:\WINDOWS\system32\acledit.dll
+ 2002-08-30 12:00:00 135,680 ----a-w C:\WINDOWS\system32\acledit.dll
- 2008-04-14 02:33:18 120,320 ----a-w C:\WINDOWS\system32\aclui.dll
+ 2004-08-19 15:09:20 119,296 ----a-w C:\WINDOWS\system32\aclui.dll
- 2008-04-14 02:33:18 193,536 ----a-w C:\WINDOWS\system32\activeds.dll
+ 2004-08-19 15:09:20 194,048 ----a-w C:\WINDOWS\system32\activeds.dll
- 2008-04-14 02:33:53 4,096 ----a-w C:\WINDOWS\system32\actmovie.exe
+ 2004-08-19 15:09:52 4,096 ----a-w C:\WINDOWS\system32\actmovie.exe
- 2008-04-14 02:33:18 98,304 ----a-w C:\WINDOWS\system32\actxprxy.dll
+ 2004-08-19 15:09:20 101,888 ----a-w C:\WINDOWS\system32\actxprxy.dll
- 2008-04-14 02:33:18 61,440 ----a-w C:\WINDOWS\system32\admparse.dll
+ 2004-08-19 15:09:20 61,440 ----a-w C:\WINDOWS\system32\admparse.dll
- 2004-08-05 12:00:00 26,112 ----a-w C:\WINDOWS\system32\adptif.dll
+ 2002-08-30 12:00:00 26,112 ----a-w C:\WINDOWS\system32\adptif.dll
- 2008-04-14 02:33:18 175,616 ----a-w C:\WINDOWS\system32\adsldp.dll
+ 2004-08-19 15:09:20 175,616 ----a-w C:\WINDOWS\system32\adsldp.dll
- 2008-04-14 02:33:18 143,360 ----a-w C:\WINDOWS\system32\adsldpc.dll
+ 2004-08-19 15:09:20 143,360 ----a-w C:\WINDOWS\system32\adsldpc.dll
- 2008-04-14 02:33:18 68,096 ----a-w C:\WINDOWS\system32\adsmsext.dll
+ 2004-08-19 15:09:20 68,096 ----a-w C:\WINDOWS\system32\adsmsext.dll
- 2004-08-05 12:00:00 163,328 ----a-w C:\WINDOWS\system32\adsnds.dll
+ 2002-08-30 12:00:00 163,328 ----a-w C:\WINDOWS\system32\adsnds.dll
- 2008-04-14 02:33:18 263,680 ----a-w C:\WINDOWS\system32\adsnt.dll
+ 2004-08-19 15:09:20 263,680 ----a-w C:\WINDOWS\system32\adsnt.dll
- 2008-04-14 02:33:18 123,392 ----a-w C:\WINDOWS\system32\adsnw.dll
+ 2002-08-30 12:00:00 109,568 ----a-w C:\WINDOWS\system32\adsnw.dll
- 2008-04-14 02:33:18 685,568 ----a-w C:\WINDOWS\system32\advapi32.dll
+ 2004-08-19 15:09:20 685,056 ----a-w C:\WINDOWS\system32\advapi32.dll
- 2008-04-14 02:33:18 101,888 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2004-08-19 15:09:20 101,888 ----a-w C:\WINDOWS\system32\advpack.dll
- 2008-04-14 02:33:53 98,304 ----a-w C:\WINDOWS\system32\ahui.exe
+ 2004-08-19 15:09:52 98,304 ----a-w C:\WINDOWS\system32\ahui.exe
- 2008-04-14 02:33:53 44,544 ----a-w C:\WINDOWS\system32\alg.exe
+ 2004-08-19 15:09:52 44,544 ----a-w C:\WINDOWS\system32\alg.exe
- 2008-04-14 02:33:19 17,408 ----a-w C:\WINDOWS\system32\alrsvc.dll
+ 2004-08-19 15:09:20 17,408 ----a-w C:\WINDOWS\system32\alrsvc.dll
- 2008-04-14 02:33:19 70,656 ----a-w C:\WINDOWS\system32\amstream.dll
+ 2004-08-19 15:09:20 70,656 ----a-w C:\WINDOWS\system32\amstream.dll
- 2004-08-05 12:00:00 9,037 ----a-w C:\WINDOWS\system32\ansi.sys
+ 2002-08-30 12:00:00 9,037 ----a-w C:\WINDOWS\system32\ansi.sys
- 2004-08-05 12:00:00 102,912 ----a-w C:\WINDOWS\system32\apcups.dll
+ 2002-08-30 12:00:00 102,912 ----a-w C:\WINDOWS\system32\apcups.dll
- 2004-08-05 12:00:00 12,642 ----a-w C:\WINDOWS\system32\append.exe
+ 2002-08-30 12:00:00 12,642 ----a-w C:\WINDOWS\system32\append.exe
- 2008-04-14 02:33:19 125,952 ----a-w C:\WINDOWS\system32\apphelp.dll
+ 2004-08-19 15:09:20 126,976 ----a-w C:\WINDOWS\system32\apphelp.dll
- 2008-04-14 02:33:19 176,640 ----a-w C:\WINDOWS\system32\appmgmts.dll
+ 2004-08-19 15:09:20 176,640 ----a-w C:\WINDOWS\system32\appmgmts.dll
- 2008-04-14 02:33:19 302,592 ----a-w C:\WINDOWS\system32\appmgr.dll
+ 2004-08-19 15:09:20 302,592 ----a-w C:\WINDOWS\system32\appmgr.dll
- 2004-08-05 12:00:00 19,968 ----a-w C:\WINDOWS\system32\arp.exe
+ 2002-08-30 12:00:00 19,968 ----a-w C:\WINDOWS\system32\arp.exe
- 2006-11-03 08:56:54 7,680 ----a-w C:\WINDOWS\system32\asferror.dll
+ 2004-08-19 15:08:02 8,704 ----a-w C:\WINDOWS\system32\asferror.dll
- 2008-04-14 02:33:53 30,720 ----a-w C:\WINDOWS\system32\asr_fmt.exe
+ 2004-08-19 15:09:52 30,720 ----a-w C:\WINDOWS\system32\asr_fmt.exe
- 2004-08-05 12:00:00 37,888 ----a-w C:\WINDOWS\system32\asr_ldm.exe
+ 2002-08-30 12:00:00 37,888 ----a-w C:\WINDOWS\system32\asr_ldm.exe
- 2008-04-14 02:33:53 32,768 ----a-w C:\WINDOWS\system32\asr_pfu.exe
+ 2004-08-19 15:09:52 32,768 ----a-w C:\WINDOWS\system32\asr_pfu.exe
- 2008-04-14 02:33:19 65,024 ----a-w C:\WINDOWS\system32\asycfilt.dll
+ 2004-08-19 15:09:20 65,024 ----a-w C:\WINDOWS\system32\asycfilt.dll
- 2008-04-14 02:33:53 25,088 ----a-w C:\WINDOWS\system32\at.exe
+ 2004-08-19 15:09:52 25,088 ----a-w C:\WINDOWS\system32\at.exe
- 2008-04-14 02:33:19 229,376 ------w C:\WINDOWS\system32\ati2cqag.dll
+ 2004-08-19 14:09:20 229,376 ----a-w C:\WINDOWS\system32\ati2cqag.dll
- 2008-04-14 02:33:19 377,984 ------w C:\WINDOWS\system32\ati2dvaa.dll
+ 2004-08-19 14:09:20 377,984 ----a-w C:\WINDOWS\system32\ati2dvaa.dll
- 2008-04-14 02:33:19 201,728 ------w C:\WINDOWS\system32\ati2dvag.dll
+ 2004-08-19 14:09:20 201,728 ----a-w C:\WINDOWS\system32\ati2dvag.dll
- 2008-04-14 02:33:19 870,784 ------w C:\WINDOWS\system32\ati3d1ag.dll
+ 2004-08-19 14:09:20 870,784 ----a-w C:\WINDOWS\system32\ati3d1ag.dll
- 2008-04-14 02:33:19 1,888,992 ------w C:\WINDOWS\system32\ati3duag.dll
+ 2004-08-19 14:09:20 1,888,992 ----a-w C:\WINDOWS\system32\ati3duag.dll
- 2008-04-14 02:33:19 32,768 ------w C:\WINDOWS\system32\ativtmxx.dll
+ 2004-08-19 14:09:20 32,768 ----a-w C:\WINDOWS\system32\ativtmxx.dll
- 2008-04-14 02:33:19 516,768 ------w C:\WINDOWS\system32\ativvaxx.dll
+ 2004-08-19 14:09:20 516,768 ----a-w C:\WINDOWS\system32\ativvaxx.dll
- 2004-08-05 12:00:00 14,336 ----a-w C:\WINDOWS\system32\atkctrs.dll
+ 2002-08-30 12:00:00 14,336 ----a-w C:\WINDOWS\system32\atkctrs.dll
- 2008-04-14 02:33:19 58,880 ----a-w C:\WINDOWS\system32\atl.dll
+ 2004-08-19 15:09:20 58,880 ----a-w C:\WINDOWS\system32\atl.dll
- 2008-04-14 02:33:53 11,264 ----a-w C:\WINDOWS\system32\atmadm.exe
+ 2004-08-19 15:09:52 11,264 ----a-w C:\WINDOWS\system32\atmadm.exe
- 2008-04-14 02:31:00 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll
+ 2004-08-19 15:08:02 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll
- 2008-04-14 02:33:19 30,208 ----a-w C:\WINDOWS\system32\atmlib.dll
+ 2004-08-19 15:09:22 30,208 ----a-w C:\WINDOWS\system32\atmlib.dll
- 2004-08-05 12:00:00 34,816 ----a-w C:\WINDOWS\system32\atmpvcno.dll
+ 2002-08-30 12:00:00 34,816 ----a-w C:\WINDOWS\system32\atmpvcno.dll
- 2008-04-14 02:33:53 12,288 ----a-w C:\WINDOWS\system32\attrib.exe
+ 2002-08-30 12:00:00 11,264 ----a-w C:\WINDOWS\system32\attrib.exe
- 2008-04-14 02:33:19 42,496 ----a-w C:\WINDOWS\system32\audiosrv.dll
+ 2004-08-19 15:09:22 42,496 ----a-w C:\WINDOWS\system32\audiosrv.dll
- 2008-04-14 02:33:53 14,336 ----a-w C:\WINDOWS\system32\auditusr.exe
+ 2004-08-19 15:09:52 14,336 ----a-w C:\WINDOWS\system32\auditusr.exe
- 2008-04-14 02:33:19 62,464 ----a-w C:\WINDOWS\system32\authz.dll
+ 2004-08-19 15:09:22 56,832 ----a-w C:\WINDOWS\system32\authz.dll
- 2008-04-14 02:33:53 625,152 ----a-w C:\WINDOWS\system32\autochk.exe
+ 2004-08-19 15:09:52 625,152 ----a-w C:\WINDOWS\system32\autochk.exe
- 2008-04-14 02:33:53 638,976 ----a-w C:\WINDOWS\system32\autoconv.exe
+ 2004-08-19 15:09:52 638,976 ----a-w C:\WINDOWS\system32\autoconv.exe
- 2004-08-05 12:00:00 81,408 ----a-w C:\WINDOWS\system32\autodisc.dll
+ 2002-08-30 12:00:00 81,408 ----a-w C:\WINDOWS\system32\autodisc.dll
- 2008-04-14 02:33:54 616,960 ----a-w C:\WINDOWS\system32\autofmt.exe
+ 2004-08-19 15:09:52 616,960 ----a-w C:\WINDOWS\system32\autofmt.exe
- 2008-04-14 02:33:54 11,264 ----a-w C:\WINDOWS\system32\autolfn.exe
+ 2004-08-19 15:09:52 11,264 ----a-w C:\WINDOWS\system32\autolfn.exe
- 2004-08-05 12:00:00 70,352 ----a-w C:\WINDOWS\system32\avicap.dll
+ 2002-08-30 12:00:00 70,352 ----a-w C:\WINDOWS\system32\avicap.dll
- 2004-08-05 12:00:00 66,048 ----a-w C:\WINDOWS\system32\avicap32.dll
+ 2002-08-30 12:00:00 66,048 ----a-w C:\WINDOWS\system32\avicap32.dll
- 2008-04-14 02:33:19 85,504 ----a-w C:\WINDOWS\system32\avifil32.dll
+ 2004-08-19 15:09:22 85,504 ----a-w C:\WINDOWS\system32\avifil32.dll
- 2004-08-05 12:00:00 109,568 ----a-w C:\WINDOWS\system32\avifile.dll
+ 2002-08-30 12:00:00 109,568 ----a-w C:\WINDOWS\system32\avifile.dll
- 2008-04-14 02:33:19 52,736 ----a-w C:\WINDOWS\system32\basesrv.dll
+ 2004-08-19 15:09:22 52,736 ----a-w C:\WINDOWS\system32\basesrv.dll
- 2008-04-14 02:33:19 29,184 ----a-w C:\WINDOWS\system32\batmeter.dll
+ 2004-08-19 15:09:22 28,672 ----a-w C:\WINDOWS\system32\batmeter.dll
- 2008-04-14 02:33:19 8,704 ----a-w C:\WINDOWS\system32\batt.dll
+ 2004-08-19 15:09:22 8,704 ----a-w C:\WINDOWS\system32\batt.dll
- 2008-04-14 02:33:19 17,408 ----a-w C:\WINDOWS\system32\bidispl.dll
+ 2004-08-19 15:09:22 17,408 ----a-w C:\WINDOWS\system32\bidispl.dll
- 2008-04-14 02:33:19 8,192 ----a-w C:\WINDOWS\system32\bitsprx2.dll
+ 2004-08-19 15:09:22 8,192 ----a-w C:\WINDOWS\system32\bitsprx2.dll
- 2008-04-14 02:33:19 7,168 ----a-w C:\WINDOWS\system32\bitsprx3.dll
+ 2004-08-19 15:09:22 7,168 ----a-w C:\WINDOWS\system32\bitsprx3.dll
- 2006-10-18 20:47:10 542,720 ----a-w C:\WINDOWS\system32\blackbox.dll
+ 2004-08-19 15:09:22 286,208 ----a-w C:\WINDOWS\system32\blackbox.dll
- 2008-04-14 02:33:55 71,680 ----a-w C:\WINDOWS\system32\blastcln.exe
+ 2004-08-19 15:09:52 71,680 ----a-w C:\WINDOWS\system32\blastcln.exe
- 2008-04-14 02:33:55 158,208 ----a-w C:\WINDOWS\system32\bootcfg.exe
+ 2002-08-30 12:00:00 152,064 ----a-w C:\WINDOWS\system32\bootcfg.exe
- 2004-08-05 12:00:00 4,608 ----a-w C:\WINDOWS\system32\bootok.exe
+ 2002-08-30 12:00:00 4,608 ----a-w C:\WINDOWS\system32\bootok.exe
- 2004-08-05 12:00:00 12,288 ----a-w C:\WINDOWS\system32\bootvid.dll
+ 2002-08-30 12:00:00 12,288 ----a-w C:\WINDOWS\system32\bootvid.dll
- 2004-08-05 12:00:00 5,120 ----a-w C:\WINDOWS\system32\bootvrfy.exe
+ 2002-08-30 12:00:00 5,120 ----a-w C:\WINDOWS\system32\bootvrfy.exe
- 2008-04-14 01:57:48 70,144 ----a-w C:\WINDOWS\system32\browselc.dll
+ 2004-08-19 15:08:04 70,144 ----a-w C:\WINDOWS\system32\browselc.dll
- 2008-04-14 02:33:20 77,824 ----a-w C:\WINDOWS\system32\browser.dll
+ 2004-08-19 15:09:22 77,312 ----a-w C:\WINDOWS\system32\browser.dll
- 2008-04-14 02:33:20 1,025,024 ----a-w C:\WINDOWS\system32\browseui.dll
+ 2004-08-19 15:09:22 1,017,344 ----a-w C:\WINDOWS\system32\browseui.dll
- 2008-04-14 02:33:20 78,336 ----a-w C:\WINDOWS\system32\browsewm.dll
+ 2004-08-19 15:09:22 78,336 ----a-w C:\WINDOWS\system32\browsewm.dll
- 2008-04-14 02:33:20 20,992 ----a-w C:\WINDOWS\system32\bthci.dll
+ 2004-08-19 15:09:22 20,992 ----a-w C:\WINDOWS\system32\bthci.dll
- 2008-04-14 02:33:20 30,208 ----a-w C:\WINDOWS\system32\bthserv.dll
+ 2004-08-19 15:09:22 30,208 ----a-w C:\WINDOWS\system32\bthserv.dll
- 2008-04-14 02:33:20 50,688 ----a-w C:\WINDOWS\system32\btpanui.dll
+ 2004-08-19 15:09:22 50,688 ----a-w C:\WINDOWS\system32\btpanui.dll
- 2008-04-14 02:33:20 60,416 ----a-w C:\WINDOWS\system32\cabinet.dll
+ 2004-08-19 15:09:22 59,904 ----a-w C:\WINDOWS\system32\cabinet.dll
- 2008-04-14 02:33:20 85,504 ----a-w C:\WINDOWS\system32\cabview.dll
+ 2004-08-19 15:09:22 85,504 ----a-w C:\WINDOWS\system32\cabview.dll
- 2008-04-14 02:33:55 20,992 ----a-w C:\WINDOWS\system32\cacls.exe
+ 2002-08-30 12:00:00 19,456 ----a-w C:\WINDOWS\system32\cacls.exe
- 2008-04-14 02:33:20 50,688 ----a-w C:\WINDOWS\system32\camocx.dll
+ 2004-08-19 15:09:22 50,688 ----a-w C:\WINDOWS\system32\camocx.dll
- 2008-04-14 02:33:20 153,600 ----a-w C:\WINDOWS\system32\capesnpn.dll
+ 2002-08-30 12:00:00 146,432 ----a-w C:\WINDOWS\system32\capesnpn.dll
- 2004-08-05 12:00:00 359,936 ----a-w C:\WINDOWS\system32\cards.dll
+ 2002-08-30 12:00:00 359,936 ----a-w C:\WINDOWS\system32\cards.dll
- 2008-04-14 02:33:20 226,304 ----a-w C:\WINDOWS\system32\catsrv.dll
+ 2004-08-19 15:09:22 229,888 ----a-w C:\WINDOWS\system32\catsrv.dll
- 2008-04-14 02:33:20 85,504 ----a-w C:\WINDOWS\system32\catsrvps.dll
+ 2004-08-19 15:09:22 85,504 ----a-w C:\WINDOWS\system32\catsrvps.dll
- 2008-04-14 02:33:20 625,664 ----a-w C:\WINDOWS\system32\catsrvut.dll
+ 2004-08-19 15:09:22 628,224 ----a-w C:\WINDOWS\system32\catsrvut.dll
- 2004-08-05 12:00:00 27,648 ----a-w C:\WINDOWS\system32\ccfgnt.dll
+ 2002-08-30 12:00:00 27,648 ----a-w C:\WINDOWS\system32\ccfgnt.dll
- 2008-04-14 02:33:20 152,064 ----a-w C:\WINDOWS\system32\cdfview.dll
+ 2004-08-19 15:09:22 151,552 ----a-w C:\WINDOWS\system32\cdfview.dll
- 2008-07-18 20:10:48 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
+ 2004-08-19 15:09:22 66,560 ----a-w C:\WINDOWS\system32\cdm.dll
- 2008-04-14 02:33:20 2,091,520 ----a-w C:\WINDOWS\system32\cdosys.dll
+ 2004-08-19 15:09:22 2,067,968 ----a-w C:\WINDOWS\system32\cdosys.dll
- 2008-04-14 02:33:20 200,192 ----a-w C:\WINDOWS\system32\certcli.dll
+ 2004-08-19 15:09:22 200,192 ----a-w C:\WINDOWS\system32\certcli.dll
- 2008-04-14 02:33:20 467,968 ----a-w C:\WINDOWS\system32\certmgr.dll
+ 2004-08-19 15:09:22 467,968 ----a-w C:\WINDOWS\system32\certmgr.dll
- 2006-10-18 20:47:10 229,376 ----a-w C:\WINDOWS\system32\cewmdm.dll
+ 2004-08-19 15:09:22 159,232 ----a-w C:\WINDOWS\system32\cewmdm.dll
- 2008-04-14 02:33:20 39,424 ----a-w C:\WINDOWS\system32\cfgbkend.dll
+ 2004-08-19 15:09:22 39,424 ----a-w C:\WINDOWS\system32\cfgbkend.dll
- 2008-04-14 02:31:03 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll
+ 2004-08-19 15:08:04 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll
- 2004-08-05 12:00:00 7,680 ----a-w C:\WINDOWS\system32\chcp.com
+ 2002-08-30 12:00:00 7,680 ----a-w C:\WINDOWS\system32\chcp.com
- 2004-08-05 12:00:00 11,776 ----a-w C:\WINDOWS\system32\chkdsk.exe
+ 2002-08-30 12:00:00 11,776 ----a-w C:\WINDOWS\system32\chkdsk.exe
- 2004-08-05 12:00:00 11,264 ----a-w C:\WINDOWS\system32\chkntfs.exe
+ 2002-08-30 12:00:00 11,264 ----a-w C:\WINDOWS\system32\chkntfs.exe
- 2004-08-05 12:00:00 166,400 ----a-w C:\WINDOWS\system32\ciadmin.dll
+ 2002-08-30 12:00:00 166,400 ----a-w C:\WINDOWS\system32\ciadmin.dll
- 2008-04-14 02:33:20 148,480 ----a-w C:\WINDOWS\system32\cic.dll
+ 2002-08-30 12:00:00 109,568 ----a-w C:\WINDOWS\system32\cic.dll
- 2004-08-05 12:00:00 8,192 ----a-w C:\WINDOWS\system32\cidaemon.exe
+ 2002-08-30 12:00:00 8,192 ----a-w C:\WINDOWS\system32\cidaemon.exe
- 2008-04-14 02:33:20 69,120 ----a-w C:\WINDOWS\system32\ciodm.dll
+ 2004-08-19 15:09:22 69,120 ----a-w C:\WINDOWS\system32\ciodm.dll
- 2008-04-14 02:33:57 57,344 ----a-w C:\WINDOWS\system32\cipher.exe
+ 2004-08-19 15:09:52 56,832 ----a-w C:\WINDOWS\system32\cipher.exe
- 2008-04-14 02:33:57 5,632 ----a-w C:\WINDOWS\system32\cisvc.exe
+ 2004-08-19 15:09:52 5,632 ----a-w C:\WINDOWS\system32\cisvc.exe
- 2004-08-05 12:00:00 7,680 ----a-w C:\WINDOWS\system32\ckcnv.exe
+ 2002-08-30 12:00:00 7,680 ----a-w C:\WINDOWS\system32\ckcnv.exe
- 2004-08-05 12:00:00 11,264 ----a-w C:\WINDOWS\system32\clb.dll
+ 2002-08-30 12:00:00 11,264 ----a-w C:\WINDOWS\system32\clb.dll
- 2008-04-14 02:33:21 110,592 ----a-w C:\WINDOWS\system32\clbcatex.dll
+ 2004-08-19 15:09:22 110,080 ----a-w C:\WINDOWS\system32\clbcatex.dll
- 2008-04-14 02:33:21 498,688 ----a-w C:\WINDOWS\system32\clbcatq.dll
+ 2004-08-19 15:09:22 501,248 ----a-w C:\WINDOWS\system32\clbcatq.dll
- 2008-04-14 02:33:57 65,536 ----a-w C:\WINDOWS\system32\cleanmgr.exe
+ 2004-08-19 15:09:52 65,536 ----a-w C:\WINDOWS\system32\cleanmgr.exe
- 2008-04-14 02:33:21 77,824 ----a-w C:\WINDOWS\system32\cliconfg.dll
+ 2004-08-19 15:09:22 77,824 ----a-w C:\WINDOWS\system32\cliconfg.dll
- 2008-04-14 02:33:57 20,480 ----a-w C:\WINDOWS\system32\cliconfg.exe
+ 2004-08-19 15:09:52 20,480 ----a-w C:\WINDOWS\system32\cliconfg.exe
- 2008-04-14 02:33:57 104,448 ----a-w C:\WINDOWS\system32\clipbrd.exe
+ 2004-08-19 15:09:52 104,448 ----a-w C:\WINDOWS\system32\clipbrd.exe
- 2008-04-14 02:33:57 33,280 ----a-w C:\WINDOWS\system32\clipsrv.exe
+ 2004-08-19 15:09:52 33,280 ----a-w C:\WINDOWS\system32\clipsrv.exe
- 2008-04-14 02:33:21 58,368 ----a-w C:\WINDOWS\system32\clusapi.dll
+ 2004-08-19 15:09:22 57,856 ----a-w C:\WINDOWS\system32\clusapi.dll
- 2008-04-14 02:33:21 15,872 ----a-w C:\WINDOWS\system32\cmcfg32.dll
+ 2004-08-19 15:09:22 15,872 ----a-w C:\WINDOWS\system32\cmcfg32.dll
- 2008-04-14 02:33:57 401,408 ----a-w C:\WINDOWS\system32\cmd.exe
+ 2004-08-19 15:09:52 400,896 ----a-w C:\WINDOWS\system32\cmd.exe
- 2008-04-14 02:33:21 353,280 ----a-w C:\WINDOWS\system32\cmdial32.dll
+ 2004-08-19 15:09:22 352,256 ----a-w C:\WINDOWS\system32\cmdial32.dll
- 2008-04-14 02:33:57 25,600 ----a-w C:\WINDOWS\system32\cmdl32.exe
+ 2004-08-19 15:09:52 47,104 ----a-w C:\WINDOWS\system32\cmdl32.exe
- 2008-04-14 02:33:57 39,936 ----a-w C:\WINDOWS\system32\cmmon32.exe
+ 2004-08-19 15:09:52 40,448 ----a-w C:\WINDOWS\system32\cmmon32.exe
- 2004-08-05 12:00:00 14,336 ----a-w C:\WINDOWS\system32\cmpbk32.dll
+ 2002-08-30 12:00:00 14,336 ----a-w C:\WINDOWS\system32\cmpbk32.dll
- 2008-04-14 02:33:21 191,488 ----a-w C:\WINDOWS\system32\cmprops.dll
+ 2004-08-19 15:09:22 191,488 ----a-w C:\WINDOWS\system32\cmprops.dll
- 2008-04-14 02:33:21 13,312 ----a-w C:\WINDOWS\system32\cmsetacl.dll
+ 2004-08-19 15:09:22 13,824 ----a-w C:\WINDOWS\system32\cmsetACL.dll
- 2008-04-14 02:33:57 65,536 ----a-w C:\WINDOWS\system32\cmstp.exe
+ 2004-08-19 15:09:52 65,536 ----a-w C:\WINDOWS\system32\cmstp.exe
- 2008-04-14 02:33:21 40,960 ----a-w C:\WINDOWS\system32\cmutil.dll
+ 2004-08-19 15:09:22 40,960 ----a-w C:\WINDOWS\system32\cmutil.dll
- 2008-04-14 02:33:21 50,688 ----a-w C:\WINDOWS\system32\cnbjmon.dll
+ 2004-08-19 15:20:54 50,688 ----a-w C:\WINDOWS\system32\cnbjmon.dll
- 2004-08-05 12:00:00 32,768 ----a-w C:\WINDOWS\system32\cnetcfg.dll
+ 2002-08-30 12:00:00 32,768 ----a-w C:\WINDOWS\system32\cnetcfg.dll
- 2004-08-05 12:00:00 26,624 ----a-w C:\WINDOWS\system32\cnvfat.dll
+ 2002-08-30 12:00:00 26,624 ----a-w C:\WINDOWS\system32\cnvfat.dll
- 2008-04-14 02:33:21 60,416 ----a-w C:\WINDOWS\system32\colbact.dll
+ 2004-08-19 15:09:22 62,464 ----a-w C:\WINDOWS\system32\colbact.dll
- 2008-04-14 02:33:21 195,072 ----a-w C:\WINDOWS\system32\Com\comadmin.dll
+ 2004-08-19 15:09:22 195,584 ----a-w C:\WINDOWS\system32\Com\comadmin.dll
- 2008-04-14 02:33:57 9,728 ----a-w C:\WINDOWS\system32\Com\comrepl.exe
+ 2004-08-19 15:09:52 9,728 ----a-w C:\WINDOWS\system32\Com\comrepl.exe
- 2008-04-14 02:33:57 6,144 ----a-w C:\WINDOWS\system32\Com\comrereg.exe
+ 2002-08-30 12:00:00 5,120 ----a-w C:\WINDOWS\system32\Com\comrereg.exe
- 2008-04-14 02:33:21 28,160 ----a-w C:\WINDOWS\system32\comaddin.dll
+ 2002-08-30 12:00:00 25,600 ----a-w C:\WINDOWS\system32\comaddin.dll
- 2004-08-05 12:00:00 3,584 ----a-w C:\WINDOWS\system32\comcat.dll
+ 2002-08-30 12:00:00 3,584 ----a-w C:\WINDOWS\system32\comcat.dll
- 2008-04-14 02:33:21 617,472 ----a-w C:\WINDOWS\system32\comctl32.dll
+ 2004-08-19 15:09:22 611,328 ----a-w C:\WINDOWS\system32\comctl32.dll
- 2008-04-14 02:33:21 281,600 ----a-w C:\WINDOWS\system32\comdlg32.dll
+ 2004-08-19 15:09:22 281,088 ----a-w C:\WINDOWS\system32\comdlg32.dll
- 2004-08-05 12:00:00 10,544 ----a-w C:\WINDOWS\system32\comm.drv
+ 2002-08-30 12:00:00 10,544 ----a-w C:\WINDOWS\system32\comm.drv
- 2004-08-05 12:00:00 52,103 ----a-w C:\WINDOWS\system32\command.com
+ 2002-08-30 12:00:00 52,103 ----a-w C:\WINDOWS\system32\command.com
- 2004-08-05 12:00:00 33,904 ----a-w C:\WINDOWS\system32\commdlg.dll
+ 2002-08-30 12:00:00 33,904 ----a-w C:\WINDOWS\system32\commdlg.dll
- 2004-08-05 12:00:00 15,872 ----a-w C:\WINDOWS\system32\comp.exe
+ 2002-08-30 12:00:00 15,872 ----a-w C:\WINDOWS\system32\comp.exe
- 2004-08-05 12:00:00 18,432 ----a-w C:\WINDOWS\system32\compact.exe
+ 2002-08-30 12:00:00 18,432 ----a-w C:\WINDOWS\system32\compact.exe
- 2008-04-14 02:33:21 253,440 ----a-w C:\WINDOWS\system32\compatui.dll
+ 2004-08-19 15:09:22 253,440 ----a-w C:\WINDOWS\system32\compatUI.dll
- 2004-08-05 12:00:00 30,160 ----a-w C:\WINDOWS\system32\compobj.dll
+ 2002-08-30 12:00:00 30,160 ----a-w C:\WINDOWS\system32\compobj.dll
- 2008-04-14 02:33:21 230,912 ----a-w C:\WINDOWS\system32\compstui.dll
+ 2004-08-19 15:09:22 230,912 ----a-w C:\WINDOWS\system32\compstui.dll
- 2008-04-14 02:33:21 97,792 ----a-w C:\WINDOWS\system32\comrepl.dll
+ 2002-08-30 12:00:00 82,432 ----a-w C:\WINDOWS\system32\comrepl.dll
- 2008-04-14 02:33:21 851,968 ----a-w C:\WINDOWS\system32\comres.dll
+ 2004-08-19 15:09:22 851,968 ----a-w C:\WINDOWS\system32\comres.dll
- 2008-04-14 02:33:21 167,424 ----a-w C:\WINDOWS\system32\comsnap.dll
+ 2002-08-30 12:00:00 147,456 ----a-w C:\WINDOWS\system32\comsnap.dll
- 2008-04-14 02:33:21 1,267,200 ----a-w C:\WINDOWS\system32\comsvcs.dll
+ 2004-08-19 15:09:22 1,251,840 ----a-w C:\WINDOWS\system32\comsvcs.dll
- 2008-04-14 02:33:21 539,648 ----a-w C:\WINDOWS\system32\comuid.dll
+ 2004-08-19 15:09:22 540,160 ----a-w C:\WINDOWS\system32\comuid.dll
- 2008-09-26 20:24:24 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-09-27 17:23:59 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2008-09-26 20:24:24 49,152 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2008-09-27 17:23:59 49,152 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2008-09-27 17:23:58 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008092720080928\index.dat
- 2008-04-14 02:33:21 358,400 ----a-w C:\WINDOWS\system32\confmsp.dll
+ 2002-08-30 12:00:00 346,112 ----a-w C:\WINDOWS\system32\confmsp.dll
- 2008-04-14 02:33:59 27,648 ----a-w C:\WINDOWS\system32\conime.exe
+ 2004-08-19 15:09:52 27,648 ----a-w C:\WINDOWS\system32\conime.exe
- 2004-08-05 12:00:00 67,072 ----a-w C:\WINDOWS\system32\console.dll
+ 2002-08-30 12:00:00 67,072 ----a-w C:\WINDOWS\system32\console.dll
- 2004-08-05 12:00:00 8,192 ----a-w C:\WINDOWS\system32\control.exe
+ 2002-08-30 12:00:00 8,192 ----a-w C:\WINDOWS\system32\control.exe
- 2004-08-05 12:00:00 13,824 ----a-w C:\WINDOWS\system32\convert.exe
+ 2002-08-30 12:00:00 13,824 ----a-w C:\WINDOWS\system32\convert.exe
- 2008-04-14 02:33:21 35,328 ----a-w C:\WINDOWS\system32\corpol.dll
+ 2004-08-19 15:09:22 35,328 ----a-w C:\WINDOWS\system32\corpol.dll
- 2004-08-05 12:00:00 27,097 ----a-w C:\WINDOWS\system32\country.sys
+ 2002-08-30 12:00:00 27,097 ----a-w C:\WINDOWS\system32\country.sys
- 2008-04-14 02:33:21 165,888 ----a-w C:\WINDOWS\system32\credui.dll
+ 2004-08-19 15:09:22 165,888 ----a-w C:\WINDOWS\system32\credui.dll
- 2004-08-05 12:00:00 149,019 ----a-w C:\WINDOWS\system32\crtdll.dll
+ 2002-08-30 12:00:00 149,019 ----a-w C:\WINDOWS\system32\crtdll.dll
- 2008-04-14 02:33:21 606,208 ----a-w C:\WINDOWS\system32\crypt32.dll
+ 2004-08-19 15:09:22 604,672 ----a-w C:\WINDOWS\system32\crypt32.dll
- 2008-04-14 02:33:21 75,776 ----a-w C:\WINDOWS\system32\cryptdlg.dll
+ 2004-08-19 15:09:22 75,776 ----a-w C:\WINDOWS\system32\cryptdlg.dll
- 2008-04-14 02:33:21 33,280 ----a-w C:\WINDOWS\system32\cryptdll.dll
+ 2004-08-19 15:09:22 33,280 ----a-w C:\WINDOWS\system32\cryptdll.dll
- 2008-04-14 02:33:21 54,784 ----a-w C:\WINDOWS\system32\cryptext.dll
+ 2004-08-19 15:09:22 54,784 ----a-w C:\WINDOWS\system32\cryptext.dll
- 2008-04-14 02:33:21 64,512 ----a-w C:\WINDOWS\system32\cryptnet.dll
+ 2004-08-19 15:09:22 63,488 ----a-w C:\WINDOWS\system32\cryptnet.dll
- 2008-04-14 02:33:21 62,464 ----a-w C:\WINDOWS\system32\cryptsvc.dll
+ 2004-08-19 15:09:22 60,416 ----a-w C:\WINDOWS\system32\cryptsvc.dll
- 2008-04-14 02:33:21 530,432 ----a-w C:\WINDOWS\system32\cryptui.dll
+ 2004-08-19 15:09:22 530,432 ----a-w C:\WINDOWS\system32\cryptui.dll
- 2008-04-14 02:33:21 102,912 ----a-w C:\WINDOWS\system32\cscdll.dll
+ 2004-08-19 15:09:22 102,912 ----a-w C:\WINDOWS\system32\cscdll.dll
- 2008-05-07 09:07:23 135,168 ----a-w C:\WINDOWS\system32\cscript.exe
+ 2004-08-19 15:09:52 98,304 ----a-w C:\WINDOWS\system32\cscript.exe
- 2008-04-14 02:33:21 337,920 ----a-w C:\WINDOWS\system32\cscui.dll
+ 2004-08-19 15:09:22 337,920 ----a-w C:\WINDOWS\system32\cscui.dll
- 2008-04-14 02:33:22 32,256 ----a-w C:\WINDOWS\system32\csrsrv.dll
+ 2004-08-19 15:09:22 32,768 ----a-w C:\WINDOWS\system32\csrsrv.dll
- 2008-04-14 02:33:59 6,144 ----a-w C:\WINDOWS\system32\csrss.exe
+ 2004-08-19 15:09:52 6,144 ----a-w C:\WINDOWS\system32\csrss.exe
- 2004-08-05 12:00:00 73,728 ----a-w C:\WINDOWS\system32\csseqchk.dll
+ 2002-08-30 12:00:00 73,728 ----a-w C:\WINDOWS\system32\csseqchk.dll
- 2008-04-14 02:33:59 15,360 ----a-w C:\WINDOWS\system32\ctfmon.exe
+ 2004-08-19 15:09:52 15,360 ----a-w C:\WINDOWS\system32\ctfmon.exe
- 2004-08-05 12:00:00 27,136 ----a-w C:\WINDOWS\system32\ctl3d32.dll
+ 2002-08-30 12:00:00 27,136 ----a-w C:\WINDOWS\system32\ctl3d32.dll
- 2004-08-05 12:00:00 27,200 ----a-w C:\WINDOWS\system32\ctl3dv2.dll
+ 2002-08-30 12:00:00 27,200 ----a-w C:\WINDOWS\system32\ctl3dv2.dll
- 2008-04-14 02:33:22 1,179,648 ----a-w C:\WINDOWS\system32\d3d8.dll
+ 2004-08-19 15:09:22 1,179,648 ----a-w C:\WINDOWS\system32\d3d8.dll
- 2008-04-14 02:33:22 8,192 ----a-w C:\WINDOWS\system32\d3d8thk.dll
+ 2004-08-19 15:09:22 8,192 ----a-w C:\WINDOWS\system32\d3d8thk.dll
- 2008-04-14 02:33:22 1,689,088 ----a-w C:\WINDOWS\system32\d3d9.dll
+ 2004-08-19 15:09:22 1,689,088 ----a-w C:\WINDOWS\system32\d3d9.dll
- 2004-08-05 12:00:00 436,224 ----a-w C:\WINDOWS\system32\d3dim.dll
+ 2002-08-30 12:00:00 436,224 ----a-w C:\WINDOWS\system32\d3dim.dll
- 2008-04-14 02:33:22 824,320 ----a-w C:\WINDOWS\system32\d3dim700.dll
+ 2004-08-19 15:09:24 825,344 ----a-w C:\WINDOWS\system32\d3dim700.dll
- 2004-08-05 12:00:00 34,816 ----a-w C:\WINDOWS\system32\d3dpmesh.dll
+ 2002-08-30 12:00:00 34,816 ----a-w C:\WINDOWS\system32\d3dpmesh.dll
- 2004-08-05 12:00:00 590,336 ----a-w C:\WINDOWS\system32\d3dramp.dll
+ 2002-08-30 12:00:00 590,336 ----a-w C:\WINDOWS\system32\d3dramp.dll
- 2004-08-05 12:00:00 350,208 ----a-w C:\WINDOWS\system32\d3drm.dll
+ 2002-08-30 12:00:00 350,208 ----a-w C:\WINDOWS\system32\d3drm.dll
- 2004-08-05 12:00:00 47,616 ----a-w C:\WINDOWS\system32\d3dxof.dll
+ 2002-08-30 12:00:00 47,616 ----a-w C:\WINDOWS\system32\d3dxof.dll
- 2008-04-14 02:33:22 1,056,768 ----a-w C:\WINDOWS\system32\danim.dll
+ 2004-08-19 15:09:24 1,056,256 ----a-w C:\WINDOWS\system32\danim.dll
- 2008-04-14 02:33:22 55,296 ----a-w C:\WINDOWS\system32\dataclen.dll
+ 2004-08-19 15:09:24 55,296 ----a-w C:\WINDOWS\system32\dataclen.dll
- 2008-04-14 02:33:22 165,376 ----a-w C:\WINDOWS\system32\datime.dll
+ 2002-08-30 12:00:00 152,064 ----a-w C:\WINDOWS\system32\datime.dll
- 2008-04-14 02:33:22 25,600 ----a-w C:\WINDOWS\system32\davclnt.dll
+ 2004-08-19 15:09:24 25,088 ----a-w C:\WINDOWS\system32\davclnt.dll
- 2004-08-05 12:00:00 847,872 ----a-w C:\WINDOWS\system32\dbgeng.dll
+ 2002-08-30 12:00:00 847,872 ----a-w C:\WINDOWS\system32\dbgeng.dll
- 2008-04-14 02:33:22 640,000 ----a-w C:\WINDOWS\system32\dbghelp.dll
+ 2004-08-19 15:09:24 640,000 ----a-w C:\WINDOWS\system32\dbghelp.dll
- 2008-04-14 02:33:22 24,576 ----a-w C:\WINDOWS\system32\dbmsrpcn.dll
+ 2004-08-19 15:09:24 24,576 ----a-w C:\WINDOWS\system32\dbmsrpcn.dll
- 2008-04-14 02:33:22 110,592 ----a-w C:\WINDOWS\system32\dbnetlib.dll
+ 2004-08-19 15:09:24 110,592 ----a-w C:\WINDOWS\system32\dbnetlib.dll
- 2008-04-14 02:33:22 28,672 ----a-w C:\WINDOWS\system32\dbnmpntw.dll
+ 2004-08-19 15:09:24 28,672 ----a-w C:\WINDOWS\system32\dbnmpntw.dll
- 2008-04-14 02:50:20 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
+ 2004-08-19 15:23:26 1,788 ----a-w C:\WINDOWS\system32\Dcache.bin
- 2008-04-14 02:33:22 8,704 ----a-w C:\WINDOWS\system32\dciman32.dll
+ 2004-08-19 15:09:24 8,704 ----a-w C:\WINDOWS\system32\dciman32.dll
- 2008-04-14 02:33:59 6,144 ----a-w C:\WINDOWS\system32\dcomcnfg.exe
+ 2002-08-30 12:00:00 5,120 ----a-w C:\WINDOWS\system32\dcomcnfg.exe
- 2004-08-05 12:00:00 39,424 ----a-w C:\WINDOWS\system32\ddeml.dll
+ 2002-08-30 12:00:00 39,424 ----a-w C:\WINDOWS\system32\ddeml.dll
- 2008-04-14 02:33:59 31,744 ----a-w C:\WINDOWS\system32\ddeshare.exe
+ 2004-08-19 15:09:52 31,744 ----a-w C:\WINDOWS\system32\ddeshare.exe
- 2008-04-14 02:33:22 279,552 ----a-w C:\WINDOWS\system32\ddraw.dll
+ 2004-08-19 15:09:24 266,240 ----a-w C:\WINDOWS\system32\ddraw.dll
- 2008-04-14 02:33:22 27,136 ----a-w C:\WINDOWS\system32\ddrawex.dll
+ 2004-08-19 15:09:24 27,136 ----a-w C:\WINDOWS\system32\ddrawex.dll
- 2004-08-05 12:00:00 21,162 ----a-w C:\WINDOWS\system32\debug.exe
+ 2002-08-30 12:00:00 21,162 ----a-w C:\WINDOWS\system32\debug.exe
- 2008-04-14 02:33:59 25,088 ----a-w C:\WINDOWS\system32\defrag.exe
+ 2004-08-19 15:09:52 25,088 ----a-w C:\WINDOWS\system32\defrag.exe
- 2004-08-05 12:00:00 16,896 ----a-w C:\WINDOWS\system32\deskadp.dll
+ 2002-08-30 12:00:00 16,896 ----a-w C:\WINDOWS\system32\deskadp.dll
- 2004-08-05 12:00:00 16,896 ----a-w C:\WINDOWS\system32\deskmon.dll
+ 2002-08-30 12:00:00 16,896 ----a-w C:\WINDOWS\system32\deskmon.dll
- 2004-08-05 12:00:00 18,944 ----a-w C:\WINDOWS\system32\deskperf.dll
+ 2002-08-30 12:00:00 18,944 ----a-w C:\WINDOWS\system32\deskperf.dll
- 2008-04-14 02:33:22 59,904 ----a-w C:\WINDOWS\system32\devenum.dll
+ 2004-08-19 15:09:24 59,904 ----a-w C:\WINDOWS\system32\devenum.dll
- 2008-04-14 02:33:22 290,816 ----a-w C:\WINDOWS\system32\devmgr.dll
+ 2004-08-19 15:09:24 290,816 ----a-w C:\WINDOWS\system32\devmgr.dll
- 2008-04-14 02:33:59 82,944 ----a-w C:\WINDOWS\system32\dfrgfat.exe
+ 2004-08-19 15:09:52 82,432 ----a-w C:\WINDOWS\system32\dfrgfat.exe
- 2008-04-14 02:33:59 105,472 ----a-w C:\WINDOWS\system32\dfrgntfs.exe
+ 2004-08-19 15:09:52 104,960 ----a-w C:\WINDOWS\system32\dfrgntfs.exe
- 2004-08-05 12:00:00 55,808 ----a-w C:\WINDOWS\system32\dfrgres.dll
+ 2002-08-30 12:00:00 55,808 ----a-w C:\WINDOWS\system32\dfrgres.dll
- 2008-04-14 02:33:22 39,936 ----a-w C:\WINDOWS\system32\dfrgsnap.dll
+ 2004-08-19 15:09:24 39,424 ----a-w C:\WINDOWS\system32\dfrgsnap.dll
- 2008-04-14 02:33:22 124,416 ----a-w C:\WINDOWS\system32\dfrgui.dll
+ 2004-08-19 15:09:24 123,904 ----a-w C:\WINDOWS\system32\dfrgui.dll
- 2008-04-14 02:33:22 28,672 ----a-w C:\WINDOWS\system32\dfsshlex.dll
+ 2004-08-19 15:09:24 28,672 ----a-w C:\WINDOWS\system32\dfsshlex.dll
- 2008-04-14 02:33:22 115,200 ----a-w C:\WINDOWS\system32\dgnet.dll
+ 2004-08-19 15:09:24 115,200 ----a-w C:\WINDOWS\system32\dgnet.dll
- 2004-08-05 12:00:00 86,044 ----a-w C:\WINDOWS\system32\dgsetup.dll
+ 2002-08-30 12:00:00 86,044 ----a-w C:\WINDOWS\system32\dgsetup.dll
- 2008-04-14 02:33:22 127,488 ----a-w C:\WINDOWS\system32\dhcpcsvc.dll
+ 2004-08-19 15:09:24 111,616 ----a-w C:\WINDOWS\system32\dhcpcsvc.dll
- 2008-04-14 02:33:22 411,136 ----a-w C:\WINDOWS\system32\dhcpmon.dll
+ 2002-08-30 12:00:00 401,408 ----a-w C:\WINDOWS\system32\dhcpmon.dll
- 2004-08-05 12:00:00 78,848 ----a-w C:\WINDOWS\system32\dhcpsapi.dll
+ 2002-08-30 12:00:00 78,848 ----a-w C:\WINDOWS\system32\dhcpsapi.dll
- 2004-08-05 12:00:00 395,264 ----a-w C:\WINDOWS\system32\diactfrm.dll
+ 2002-08-30 12:00:00 395,264 ----a-w C:\WINDOWS\system32\diactfrm.dll
- 2008-04-14 02:34:00 87,040 ----a-w C:\WINDOWS\system32\diantz.exe
+ 2004-08-19 15:09:52 85,504 ----a-w C:\WINDOWS\system32\diantz.exe
- 2008-04-14 02:33:22 68,608 ----a-w C:\WINDOWS\system32\digest.dll
+ 2004-08-19 15:09:24 68,608 ----a-w C:\WINDOWS\system32\digest.dll
- 2004-08-05 12:00:00 44,032 ----a-w C:\WINDOWS\system32\dimap.dll
+ 2002-08-30 12:00:00 44,032 ----a-w C:\WINDOWS\system32\dimap.dll
- 2008-04-14 02:33:22 165,376 ----a-w C:\WINDOWS\system32\dinput.dll
+ 2004-08-19 15:09:24 165,376 ----a-w C:\WINDOWS\system32\dinput.dll
- 2008-04-14 02:33:22 187,904 ----a-w C:\WINDOWS\system32\dinput8.dll
+ 2004-08-19 15:09:24 187,904 ----a-w C:\WINDOWS\system32\dinput8.dll
- 2004-08-05 12:00:00 9,216 ----a-w C:\WINDOWS\system32\diskcomp.com
+ 2002-08-30 12:00:00 9,216 ----a-w C:\WINDOWS\system32\diskcomp.com
- 2004-08-05 12:00:00 7,168 ----a-w C:\WINDOWS\system32\diskcopy.com
+ 2002-08-30 12:00:00 7,168 ----a-w C:\WINDOWS\system32\diskcopy.com
- 2008-04-14 02:33:22 1,504,768 ----a-w C:\WINDOWS\system32\diskcopy.dll
+ 2002-08-30 12:00:00 1,502,208 ----a-w C:\WINDOWS\system32\diskcopy.dll
- 2008-04-14 02:34:00 167,936 ----a-w C:\WINDOWS\system32\diskpart.exe
+ 2004-08-19 15:09:52 167,936 ----a-w C:\WINDOWS\system32\diskpart.exe
- 2004-08-05 12:00:00 19,456 ----a-w C:\WINDOWS\system32\diskperf.exe
+ 2002-08-30 12:00:00 19,456 ----a-w C:\WINDOWS\system32\diskperf.exe
- 2008-04-14 02:33:22 32,768 ----a-w C:\WINDOWS\system32\dispex.dll
+ 2002-08-30 12:00:00 45,083 ----a-w C:\WINDOWS\system32\dispex.dll
+ 2004-08-19 15:09:20 100,352 -c--a-w C:\WINDOWS\system32\dllcache\6to4svc.dll
- 2004-08-05 12:00:00 26,624 -c--a-w C:\WINDOWS\system32\dllcache\aaaamon.dll
+ 2002-08-30 12:00:00 26,624 -c--a-w C:\WINDOWS\system32\dllcache\aaaamon.dll
+ 2004-08-19 15:09:52 189,952 -c--a-w C:\WINDOWS\system32\dllcache\accwiz.exe
+ 2004-08-19 15:09:20 1,852,416 -c--a-w C:\WINDOWS\system32\dllcache\acgenral.dll
+ 2004-08-19 15:09:20 450,048 -c--a-w C:\WINDOWS\system32\dllcache\aclayers.dll
- 2004-08-05 12:00:00 135,680 -c--a-w C:\WINDOWS\system32\dllcache\acledit.dll
+ 2002-08-30 12:00:00 135,680 -c--a-w C:\WINDOWS\system32\dllcache\acledit.dll
+ 2004-08-19 15:09:20 137,728 -c--a-w C:\WINDOWS\system32\dllcache\aclua.dll
+ 2004-08-19 15:09:20 119,296 -c--a-w C:\WINDOWS\system32\dllcache\aclui.dll
+ 2004-08-19 15:09:20 244,736 -c--a-w C:\WINDOWS\system32\dllcache\acspecfc.dll
+ 2004-08-19 15:09:20 194,048 -c--a-w C:\WINDOWS\system32\dllcache\activeds.dll
+ 2004-08-19 15:09:52 4,096 -c--a-w C:\WINDOWS\system32\dllcache\actmovie.exe
+ 2004-08-19 15:09:20 101,888 -c--a-w C:\WINDOWS\system32\dllcache\actxprxy.dll
+ 2004-08-19 15:09:20 116,224 -c--a-w C:\WINDOWS\system32\dllcache\acxtrnal.dll
+ 2004-08-19 15:09:20 29,696 -c--a-w C:\WINDOWS\system32\dllcache\admexs.dll
+ 2003-03-24 13:52:04 20,540 -c--a-w C:\WINDOWS\system32\dllcache\admin.dll
+ 2003-03-24 13:52:04 16,439 -c--a-w C:\WINDOWS\system32\dllcache\admin.exe
+ 2004-08-19 15:09:20 61,440 -c--a-w C:\WINDOWS\system32\dllcache\admparse.dll
+ 2004-08-19 15:09:20 43,520 -c--a-w C:\WINDOWS\system32\dllcache\admwprox.dll
- 2004-08-05 12:00:00 6,144 -c--a-w C:\WINDOWS\system32\dllcache\admxprox.dll
+ 2002-08-30 12:00:00 6,144 -c--a-w C:\WINDOWS\system32\dllcache\admxprox.dll
- 2004-08-05 12:00:00 26,112 -c--a-w C:\WINDOWS\system32\dllcache\adptif.dll
+ 2002-08-30 12:00:00 26,112 -c--a-w C:\WINDOWS\system32\dllcache\adptif.dll
- 2004-08-05 12:00:00 50,176 -c--a-w C:\WINDOWS\system32\dllcache\adrot.dll
+ 2002-08-30 12:00:00 50,176 -c--a-w C:\WINDOWS\system32\dllcache\adrot.dll
+ 2004-08-19 15:09:20 290,816 -c--a-w C:\WINDOWS\system32\dllcache\adsiis51.dll
+ 2004-08-19 15:09:20 175,616 -c--a-w C:\WINDOWS\system32\dllcache\adsldp.dll
+ 2004-08-19 15:09:20 143,360 -c--a-w C:\WINDOWS\system32\dllcache\adsldpc.dll
+ 2004-08-19 15:09:20 68,096 -c--a-w C:\WINDOWS\system32\dllcache\adsmsext.dll
- 2004-08-05 12:00:00 163,328 -c--a-w C:\WINDOWS\system32\dllcache\adsnds.dll
+ 2002-08-30 12:00:00 163,328 -c--a-w C:\WINDOWS\system32\dllcache\adsnds.dll
+ 2004-08-19 15:09:20 263,680 -c--a-w C:\WINDOWS\system32\dllcache\adsnt.dll
+ 2002-08-30 12:00:00 109,568 -c--a-w C:\WINDOWS\system32\dllcache\adsnw.dll
+ 2004-08-19 15:09:20 685,056 -c--a-w C:\WINDOWS\system32\dllcache\advapi32.dll
+ 2004-08-19 15:09:20 101,888 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
- 2008-06-20 11:40:08 138,496 -c----w C:\WINDOWS\system32\dllcache\afd.sys
+ 2004-08-03 22:14:16 138,496 -c--a-w C:\WINDOWS\system32\dllcache\afd.sys
+ 2004-08-19 15:09:20 24,064 -c--a-w C:\WINDOWS\system32\dllcache\agentanm.dll
+ 2004-08-19 15:09:20 214,016 -c--a-w C:\WINDOWS\system32\dllcache\agentctl.dll
+ 2004-08-19 15:09:20 41,984 -c--a-w C:\WINDOWS\system32\dllcache\agentdp2.dll
+ 2004-08-19 15:09:20 58,880 -c--a-w C:\WINDOWS\system32\dllcache\agentdpv.dll
+ 2004-08-19 15:09:20 49,152 -c--a-w C:\WINDOWS\system32\dllcache\agentmpx.dll
+ 2004-08-19 15:09:20 24,064 -c--a-w C:\WINDOWS\system32\dllcache\agentpsh.dll
+ 2004-08-19 15:09:20 44,032 -c--a-w C:\WINDOWS\system32\dllcache\agentsr.dll
+ 2004-08-19 15:09:52 256,512 -c--a-w C:\WINDOWS\system32\dllcache\agentsvr.exe
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0401.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0404.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0405.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0406.dll
+ 2002-08-30 12:00:00 21,504 -c--a-w C:\WINDOWS\system32\dllcache\agt0407.dll
+ 2002-08-30 12:00:00 22,016 -c--a-w C:\WINDOWS\system32\dllcache\agt0408.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0409.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt040b.dll
+ 2002-08-30 12:00:00 21,504 -c--a-w C:\WINDOWS\system32\dllcache\agt040c.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt040d.dll
+ 2002-08-30 12:00:00 19,968 -c--a-w C:\WINDOWS\system32\dllcache\agt040e.dll
+ 2002-08-30 12:00:00 20,992 -c--a-w C:\WINDOWS\system32\dllcache\agt0410.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0411.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0412.dll
+ 2002-08-30 12:00:00 20,992 -c--a-w C:\WINDOWS\system32\dllcache\agt0413.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0414.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0415.dll
+ 2002-08-30 12:00:00 20,480 -c--a-w C:\WINDOWS\system32\dllcache\agt0416.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0419.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt041d.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt041f.dll
+ 2002-08-30 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0804.dll
+ 2002-08-30 12:00:00 20,992 -c--a-w C:\WINDOWS\system32\dllcache\agt0816.dll
+ 2002-08-30 12:00:00 20,480 -c--a-w C:\WINDOWS\system32\dllcache\agt0c0a.dll
+ 2004-08-19 15:09:20 24,064 -c--a-w C:\WINDOWS\system32\dllcache\agtintl.dll
+ 2004-08-19 15:09:52 98,304 -c--a-w C:\WINDOWS\system32\dllcache\ahui.exe
+ 2004-08-19 15:09:52 44,544 -c--a-w C:\WINDOWS\system32\dllcache\alg.exe
+ 2004-08-19 15:09:20 17,408 -c--a-w C:\WINDOWS\system32\dllcache\alrsvc.dll
+ 2004-08-19 15:09:20 70,656 -c--a-w C:\WINDOWS\system32\dllcache\amstream.dll
- 2004-08-05 12:00:00 9,037 -c--a-w C:\WINDOWS\system32\dllcache\ansi.sys
+ 2002-08-30 12:00:00 9,037 -c--a-w C:\WINDOWS\system32\dllcache\ansi.sys
- 2004-08-05 12:00:00 102,912 -c--a-w C:\WINDOWS\system32\dllcache\apcups.dll
+ 2002-08-30 12:00:00 102,912 -c--a-w C:\WINDOWS\system32\dllcache\apcups.dll
+ 2004-08-19 15:09:20 110,080 -c--a-w C:\WINDOWS\system32\dllcache\appconf.dll
- 2004-08-05 12:00:00 12,642 -c--a-w C:\WINDOWS\system32\dllcache\append.exe
+ 2002-08-30 12:00:00 12,642 -c--a-w C:\WINDOWS\system32\dllcache\append.exe
+ 2004-08-19 15:09:20 126,976 -c--a-w C:\WINDOWS\system32\dllcache\apphelp.dll
+ 2004-08-19 15:09:20 176,640 -c--a-w C:\WINDOWS\system32\dllcache\appmgmts.dll
+ 2004-08-19 15:09:20 302,592 -c--a-w C:\WINDOWS\system32\dllcache\appmgr.dll
+ 2004-08-19 15:09:20 334,336 -c--a-w C:\WINDOWS\system32\dllcache\aqueue.dll
- 2004-08-05 12:00:00 19,968 -c--a-w C:\WINDOWS\system32\dllcache\arp.exe
+ 2002-08-30 12:00:00 19,968 -c--a-w C:\WINDOWS\system32\dllcache\arp.exe
- 2006-11-03 08:56:54 7,680 -c--a-w C:\WINDOWS\system32\dllcache\asferror.dll
+ 2004-08-19 15:08:02 8,704 -c--a-w C:\WINDOWS\system32\dllcache\asferror.dll
+ 2004-08-19 15:09:20 377,344 -c--a-w C:\WINDOWS\system32\dllcache\asp51.dll
- 2004-08-05 12:00:00 10,240 -c--a-w C:\WINDOWS\system32\dllcache\aspperf.dll
+ 2002-08-30 12:00:00 10,240 -c--a-w C:\WINDOWS\system32\dllcache\aspperf.dll
- 2004-08-05 12:00:00 29,184 -c--a-w C:\WINDOWS\system32\dllcache\asptxn.dll
+ 2002-08-30 12:00:00 29,184 -c--a-w C:\WINDOWS\system32\dllcache\asptxn.dll
+ 2004-08-19 15:09:52 30,720 -c--a-w C:\WINDOWS\system32\dllcache\asr_fmt.exe
- 2004-08-05 12:00:00 37,888 -c--a-w C:\WINDOWS\system32\dllcache\asr_ldm.exe
+ 2002-08-30 12:00:00 37,888 -c--a-w C:\WINDOWS\system32\dllcache\asr_ldm.exe
+ 2004-08-19 15:09:52 32,768 -c--a-w C:\WINDOWS\system32\dllcache\asr_pfu.exe
+ 2004-08-19 15:09:20 65,024 -c--a-w C:\WINDOWS\system32\dllcache\asycfilt.dll
+ 2004-08-03 22:05:04 14,336 -c--a-w C:\WINDOWS\system32\dllcache\asyncmac.sys
+ 2004-08-19 15:09:52 25,088 -c--a-w C:\WINDOWS\system32\dllcache\at.exe
- 2004-08-05 12:00:00 14,336 -c--a-w C:\WINDOWS\system32\dllcache\atkctrs.dll
+ 2002-08-30 12:00:00 14,336 -c--a-w C:\WINDOWS\system32\dllcache\atkctrs.dll
+ 2004-08-19 15:09:20 58,880 -c--a-w C:\WINDOWS\system32\dllcache\atl.dll
+ 2004-08-19 15:09:52 11,264 -c--a-w C:\WINDOWS\system32\dllcache\atmadm.exe
+ 2004-08-03 21:58:32 59,904 -c--a-w C:\WINDOWS\system32\dllcache\atmarpc.sys
- 2004-08-05 12:00:00 31,360 -c--a-w C:\WINDOWS\system32\dllcache\atmepvc.sys
+ 2002-08-30 12:00:00 31,360 -c--a-w C:\WINDOWS\system32\dllcache\atmepvc.sys
+ 2004-08-19 15:08:02 285,696 -c--a-w C:\WINDOWS\system32\dllcache\atmfd.dll
+ 2004-08-03 21:58:36 55,936 -c--a-w C:\WINDOWS\system32\dllcache\atmlane.sys
+ 2004-08-19 15:09:22 30,208 -c--a-w C:\WINDOWS\system32\dllcache\atmlib.dll
- 2004-08-05 12:00:00 34,816 -c--a-w C:\WINDOWS\system32\dllcache\atmpvcno.dll
+ 2002-08-30 12:00:00 34,816 -c--a-w C:\WINDOWS\system32\dllcache\atmpvcno.dll
- 2004-08-05 12:00:00 352,256 -c--a-w C:\WINDOWS\system32\dllcache\atmuni.sys
+ 2002-08-30 12:00:00 352,256 -c--a-w C:\WINDOWS\system32\dllcache\atmuni.sys
+ 2002-08-30 12:00:00 11,264 -c--a-w C:\WINDOWS\system32\dllcache\attrib.exe
+ 2004-08-19 15:09:22 42,496 -c--a-w C:\WINDOWS\system32\dllcache\audiosrv.dll
+ 2004-08-19 15:09:52 14,336 -c--a-w C:\WINDOWS\system32\dllcache\auditusr.exe
- 2004-08-05 12:00:00 9,216 -c--a-w C:\WINDOWS\system32\dllcache\authfilt.dll
+ 2002-08-30 12:00:00 9,216 -c--a-w C:\WINDOWS\system32\dllcache\authfilt.dll
+ 2003-03-24 13:52:04 20,540 -c--a-w C:\WINDOWS\system32\dllcache\author.dll
+ 2003-03-24 13:52:04 16,439 -c--a-w C:\WINDOWS\system32\dllcache\author.exe
+ 2004-08-19 15:09:22 56,832 -c--a-w C:\WINDOWS\system32\dllcache\authz.dll
+ 2004-08-19 15:09:52 625,152 -c--a-w C:\WINDOWS\system32\dllcache\autochk.exe
+ 2004-08-19 15:09:52 638,976 -c--a-w C:\WINDOWS\system32\dllcache\autoconv.exe
- 2004-08-05 12:00:00 81,408 -c--a-w C:\WINDOWS\system32\dllcache\autodisc.dll
+ 2002-08-30 12:00:00 81,408 -c--a-w C:\WINDOWS\system32\dllcache\autodisc.dll
+ 2004-08-19 15:09:52 616,960 -c--a-w C:\WINDOWS\system32\dllcache\autofmt.exe
+ 2004-08-19 15:09:52 11,264 -c--a-w C:\WINDOWS\system32\dllcache\autolfn.exe
- 2004-08-05 12:00:00 70,352 -c--a-w C:\WINDOWS\system32\dllcache\avicap.dll
+ 2002-08-30 12:00:00 70,352 -c--a-w C:\WINDOWS\system32\dllcache\avicap.dll
- 2004-08-05 12:00:00 66,048 -c--a-w C:\WINDOWS\system32\dllcache\avicap32.dll
+ 2002-08-30 12:00:00 66,048 -c--a-w C:\WINDOWS\system32\dllcache\avicap32.dll
+ 2004-08-19 15:09:22 85,504 -c--a-w C:\WINDOWS\system32\dllcache\avifil32.dll
- 2004-08-05 12:00:00 109,568 -c--a-w C:\WINDOWS\system32\dllcache\avifile.dll
+ 2002-08-30 12:00:00 109,568 -c--a-w C:\WINDOWS\system32\dllcache\avifile.dll
+ 2004-08-19 15:09:22 52,736 -c--a-w C:\WINDOWS\system32\dllcache\basesrv.dll
+ 2004-08-19 15:09:22 28,672 -c--a-w C:\WINDOWS\system32\dllcache\batmeter.dll
+ 2004-08-19 15:09:22 8,704 -c--a-w C:\WINDOWS\system32\dllcache\batt.dll
- 2004-08-05 12:00:00 4,224 -c--a-w C:\WINDOWS\system32\dllcache\beep.sys
+ 2002-08-30 12:00:00 4,224 -c--a-w C:\WINDOWS\system32\dllcache\beep.sys
+ 2004-08-19 15:09:22 17,408 -c--a-w C:\WINDOWS\system32\dllcache\bidispl.dll
+ 2004-08-19 15:09:22 8,192 -c--a-w C:\WINDOWS\system32\dllcache\bitsprx2.dll
+ 2004-08-19 15:09:22 7,168 -c--a-w C:\WINDOWS\system32\dllcache\bitsprx3.dll
- 2006-10-18 20:47:10 542,720 -c--a-w C:\WINDOWS\system32\dllcache\blackbox.dll
+ 2004-08-19 15:09:22 286,208 -c--a-w C:\WINDOWS\system32\dllcache\blackbox.dll
+ 2004-08-19 15:09:52 71,680 -c--a-w C:\WINDOWS\system32\dllcache\blastcln.exe
- 2004-08-05 12:00:00 361,472 -c--a-w C:\WINDOWS\system32\dllcache\blue_ss.dll
+ 2002-08-30 12:00:00 361,472 -c--a-w C:\WINDOWS\system32\dllcache\blue_ss.dll
- 2004-08-05 12:00:00 152,576 -c--a-w C:\WINDOWS\system32\dllcache\bnts.dll
+ 2002-08-30 12:00:00 152,576 -c--a-w C:\WINDOWS\system32\dllcache\bnts.dll
+ 2002-08-30 12:00:00 152,064 -c--a-w C:\WINDOWS\system32\dllcache\bootcfg.exe
- 2004-08-05 12:00:00 4,608 -c--a-w C:\WINDOWS\system32\dllcache\bootok.exe
+ 2002-08-30 12:00:00 4,608 -c--a-w C:\WINDOWS\system32\dllcache\bootok.exe
- 2004-08-05 12:00:00 12,288 -c--a-w C:\WINDOWS\system32\dllcache\bootvid.dll
+ 2002-08-30 12:00:00 12,288 -c--a-w C:\WINDOWS\system32\dllcache\bootvid.dll
- 2004-08-05 12:00:00 5,120 -c--a-w C:\WINDOWS\system32\dllcache\bootvrfy.exe
+ 2002-08-30 12:00:00 5,120 -c--a-w C:\WINDOWS\system32\dllcache\bootvrfy.exe
+ 2004-08-03 21:59:58 71,552 -c--a-w C:\WINDOWS\system32\dllcache\bridge.sys
- 2004-08-05 12:00:00 45,568 -c--a-w C:\WINDOWS\system32\dllcache\browscap.dll
+ 2002-08-30 12:00:00 45,568 -c--a-w C:\WINDOWS\system32\dllcache\browscap.dll
+ 2004-08-19 15:08:04 70,144 -c--a-w C:\WINDOWS\system32\dllcache\browselc.dll
+ 2004-08-19 15:09:22 77,312 -c--a-w C:\WINDOWS\system32\dllcache\browser.dll
+ 2004-08-19 15:09:22 1,017,344 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
+ 2004-08-19 15:09:22 78,336 -c--a-w C:\WINDOWS\system32\dllcache\browsewm.dll
+ 2004-08-19
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"CursorXP"="C:\Program Files\CursorXP\CursorXP.exe" [2005-01-19 128000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-05-18 843776]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-08-30 949376]
"BootSkin Startup Jobs"="C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" [2004-04-26 270336]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 8523776]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 81920]
"nwiz"="nwiz.exe" [2007-12-05 C:\WINDOWS\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-05 44544]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
2001-12-20 23:34 24576 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm
"vidc.mjpg"= JpegCode.dll
"VIDC.JPEG"= JpegCode.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^GnuTTer^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk]
path=C:\Documents and Settings\GnuTTer\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.3.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.3.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^GnuTTer^Menu Démarrer^Programmes^Démarrage^Xfire.lnk]
path=C:\Documents and Settings\GnuTTer\Menu Démarrer\Programmes\Démarrage\Xfire.lnk
backup=C:\WINDOWS\pss\Xfire.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
--a------ 2008-05-02 14:55 2091968 C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
--a------ 2007-08-16 13:24 167368 C:\Program Files\DAEMON Tools\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Uploader Oe Integration]
--a------ 2007-06-10 19:02 40960 C:\Program Files\Free Download Manager\FUM\fumoei.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-09-27 20:38 286720 C:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RivaTunerStartupDaemon]
--a------ 2007-09-15 17:40 2613248 C:\Program Files\RivaTuner v2.04\RivaTuner.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-08-18 18:41 1832272 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-06-14 19:32 132760 C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2007-12-05 02:41 1626112 C:\WINDOWS\system32\nwiz.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"C:\\Program Files\\adslTV\\adsltv.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\adslTV\\vlc.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Steam\\SteamApps\\dragoonss\\source sdk base\\hl2.exe"=
"C:\\Program Files\\id Software\\Enemy Territory - QUAKE Wars\\etqwded.exe"=
"C:\\Program Files\\Steam\\SteamApps\\dragoonss\\counter-strike source\\hl2.exe"=
"C:\\Codemasters\\Insane\\Game.exe"=
"C:\\WINDOWS\\system32\\dplaysvr.exe"=
"C:\\Program Files\\The All-Seeing Eye\\eye.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Sierra Online\\Battlestar Galactica\\BSG.exe"=
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic.exe"=
"C:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_online.exe"=
"C:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_ds.exe"=
"C:\\Program Files\\Sierra\\Homeworld2\\Bin\\Release\\Homeworld2.exe"=
"C:\\Program Files\\Xfire\\Xfire.exe"=
"C:\\Program Files\\id Software\\Enemy Territory - QUAKE Wars\\etqw.exe"=
"C:\\Program Files\\Steam\\SteamApps\\dragoonss\\counter-strike\\hl.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"C:\\Program Files\\Groove Games\\Land Of The Dead\\System\\LOTD.exe"=
"C:\\Program Files\\SEGA\\Universe At War Earth Assault\\UAWEA.exe"=
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"=
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe"=
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"=
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"=
"C:\\Program Files\\LucasArts\\Star Wars Jedi Knight Jedi Academy\\GameData\\jamp.exe"=
"C:\\Program Files\\Weezo\\bin\\Weezo.exe"=
"C:\\Program Files\\Unreal Tournament 3\\Binaries\\UT3.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8080:TCP"= 8080:TCP:8080
"57640:UDP"= 57640:UDP:57640
"7808:TCP"= 7808:TCP: 7808
"7808:UDP"= 7808:UDP: 7808 ù
"8090:UDP"= 8090:UDP:8090
R2 Vcs;Vcs support;C:\WINDOWS\system32\Drivers\Vcs.sys [2002-12-10 6852]
S3 ATE_PROCMON;ATE_PROCMON;C:\Program Files\Anti Trojan Elite\ATEPMon.sys [ ]
S3 PentaxUsb;PENTAX Optio 60 on USB;C:\WINDOWS\system32\DRIVERS\CoachUsb.sys [2004-03-17 46944]
S3 PentaxVc;PENTAX Optio 60 Video Capture;C:\WINDOWS\system32\DRIVERS\CoachVc.sys [2004-03-17 44256]
S3 SaiH0004;SaiH0004;C:\WINDOWS\system32\DRIVERS\SaiH0004.sys [2006-09-14 182528]
S3 SaiL0004;SaiL0004;C:\WINDOWS\system32\DRIVERS\SaiL0004.sys [2006-09-14 15104]
S3 SaiU0004;SaiU0004;C:\WINDOWS\system32\DRIVERS\SaiU0004.sys [2006-09-14 27392]
.
Contenu du dossier 'Tâches planifiées'
.
.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\GnuTTer\Application Data\Mozilla\Firefox\Profiles\wf5wdbk3.default\
FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\ma-config.com\nphardwaredetection.dll
FF -: plugin - C:\Program Files\Yahoo!\Common\npyaxmpb.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-29 10:10:25
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet008\Services\PnkBstrB]
"ImagePath"="C:\WINDOWS\system32\PnkBstrB.exe"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
PROCESSUS: C:\WINDOWS\system32\lsass.exe
-> C:\Program Files\Eset\pr_imon.dll
.
Heure de fin: 2008-09-29 10:13:58
ComboFix-quarantined-files.txt 2008-09-29 08:13:41
ComboFix2.txt 2008-09-27 16:26:11
ComboFix3.txt 2008-09-27 12:29:41
Avant-CF: 68ÿ905ÿ807ÿ872 octets libres
Après-CF: 68,896,673,792 octets libres
6934 --- E O F --- 2008-09-11 17:52:40
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"CursorXP"="C:\Program Files\CursorXP\CursorXP.exe" [2005-01-19 128000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-05-18 843776]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-08-30 949376]
"BootSkin Startup Jobs"="C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" [2004-04-26 270336]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 8523776]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 81920]
"nwiz"="nwiz.exe" [2007-12-05 C:\WINDOWS\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-05 44544]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
2001-12-20 23:34 24576 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm
"vidc.mjpg"= JpegCode.dll
"VIDC.JPEG"= JpegCode.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^GnuTTer^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk]
path=C:\Documents and Settings\GnuTTer\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.3.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.3.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^GnuTTer^Menu Démarrer^Programmes^Démarrage^Xfire.lnk]
path=C:\Documents and Settings\GnuTTer\Menu Démarrer\Programmes\Démarrage\Xfire.lnk
backup=C:\WINDOWS\pss\Xfire.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
--a------ 2008-05-02 14:55 2091968 C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
--a------ 2007-08-16 13:24 167368 C:\Program Files\DAEMON Tools\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Uploader Oe Integration]
--a------ 2007-06-10 19:02 40960 C:\Program Files\Free Download Manager\FUM\fumoei.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-09-27 20:38 286720 C:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RivaTunerStartupDaemon]
--a------ 2007-09-15 17:40 2613248 C:\Program Files\RivaTuner v2.04\RivaTuner.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-08-18 18:41 1832272 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-06-14 19:32 132760 C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2007-12-05 02:41 1626112 C:\WINDOWS\system32\nwiz.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"C:\\Program Files\\adslTV\\adsltv.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\adslTV\\vlc.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Steam\\SteamApps\\dragoonss\\source sdk base\\hl2.exe"=
"C:\\Program Files\\id Software\\Enemy Territory - QUAKE Wars\\etqwded.exe"=
"C:\\Program Files\\Steam\\SteamApps\\dragoonss\\counter-strike source\\hl2.exe"=
"C:\\Codemasters\\Insane\\Game.exe"=
"C:\\WINDOWS\\system32\\dplaysvr.exe"=
"C:\\Program Files\\The All-Seeing Eye\\eye.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Sierra Online\\Battlestar Galactica\\BSG.exe"=
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic.exe"=
"C:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_online.exe"=
"C:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_ds.exe"=
"C:\\Program Files\\Sierra\\Homeworld2\\Bin\\Release\\Homeworld2.exe"=
"C:\\Program Files\\Xfire\\Xfire.exe"=
"C:\\Program Files\\id Software\\Enemy Territory - QUAKE Wars\\etqw.exe"=
"C:\\Program Files\\Steam\\SteamApps\\dragoonss\\counter-strike\\hl.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"C:\\Program Files\\Groove Games\\Land Of The Dead\\System\\LOTD.exe"=
"C:\\Program Files\\SEGA\\Universe At War Earth Assault\\UAWEA.exe"=
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"=
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe"=
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"=
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"=
"C:\\Program Files\\LucasArts\\Star Wars Jedi Knight Jedi Academy\\GameData\\jamp.exe"=
"C:\\Program Files\\Weezo\\bin\\Weezo.exe"=
"C:\\Program Files\\Unreal Tournament 3\\Binaries\\UT3.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8080:TCP"= 8080:TCP:8080
"57640:UDP"= 57640:UDP:57640
"7808:TCP"= 7808:TCP: 7808
"7808:UDP"= 7808:UDP: 7808 ù
"8090:UDP"= 8090:UDP:8090
R2 Vcs;Vcs support;C:\WINDOWS\system32\Drivers\Vcs.sys [2002-12-10 6852]
S3 ATE_PROCMON;ATE_PROCMON;C:\Program Files\Anti Trojan Elite\ATEPMon.sys [ ]
S3 PentaxUsb;PENTAX Optio 60 on USB;C:\WINDOWS\system32\DRIVERS\CoachUsb.sys [2004-03-17 46944]
S3 PentaxVc;PENTAX Optio 60 Video Capture;C:\WINDOWS\system32\DRIVERS\CoachVc.sys [2004-03-17 44256]
S3 SaiH0004;SaiH0004;C:\WINDOWS\system32\DRIVERS\SaiH0004.sys [2006-09-14 182528]
S3 SaiL0004;SaiL0004;C:\WINDOWS\system32\DRIVERS\SaiL0004.sys [2006-09-14 15104]
S3 SaiU0004;SaiU0004;C:\WINDOWS\system32\DRIVERS\SaiU0004.sys [2006-09-14 27392]
.
Contenu du dossier 'Tâches planifiées'
.
.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\GnuTTer\Application Data\Mozilla\Firefox\Profiles\wf5wdbk3.default\
FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\ma-config.com\nphardwaredetection.dll
FF -: plugin - C:\Program Files\Yahoo!\Common\npyaxmpb.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-29 10:10:25
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet008\Services\PnkBstrB]
"ImagePath"="C:\WINDOWS\system32\PnkBstrB.exe"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
PROCESSUS: C:\WINDOWS\system32\lsass.exe
-> C:\Program Files\Eset\pr_imon.dll
.
Heure de fin: 2008-09-29 10:13:58
ComboFix-quarantined-files.txt 2008-09-29 08:13:41
ComboFix2.txt 2008-09-27 16:26:11
ComboFix3.txt 2008-09-27 12:29:41
Avant-CF: 68ÿ905ÿ807ÿ872 octets libres
Après-CF: 68,896,673,792 octets libres
6934 --- E O F --- 2008-09-11 17:52:40
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:44, on 29/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Mumble\mumble.exe
C:\Mumble\bin\dbus-daemon.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\GnuTTer\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O17 - HKLM\System\CS5\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS6\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
--
End of file - 7255 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:44, on 29/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Mumble\mumble.exe
C:\Mumble\bin\dbus-daemon.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\GnuTTer\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O17 - HKLM\System\CS5\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS6\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
--
End of file - 7255 bytes
Scan saved at 21:44, on 29/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Mumble\mumble.exe
C:\Mumble\bin\dbus-daemon.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\GnuTTer\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O17 - HKLM\System\CS5\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS6\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
--
End of file - 7255 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:44, on 29/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Mumble\mumble.exe
C:\Mumble\bin\dbus-daemon.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\GnuTTer\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O17 - HKLM\System\CS5\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS6\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
--
End of file - 7255 bytes
Lassé par la pub ? Créez un compte
