( résolu )aide pour virus backdoor trojan et w32 spybot worm

Bienvenue invité ( Connexion | Inscription )

Vous êtes étudiant ? Téléchargez gratuitement et légalement des logiciels Microsoft !

Forums Zebulon.fr > Forums de Zebulon.fr > Sécurité > Analyse rapports HijackThis, Eradication malwares

2 Pages

1 2 >

( résolu )aide pour virus backdoor trojan et w32 spybot worm

Options

tdanny6 Voir le profil	dimanche 21 janvier 2007 à 23h17 Message #1
Member Groupe : Membres Messages : 69 Inscrit : 21/01/2007 Membre n^o 180991 Mes langues: français	Bonjour , voila je suis nouveau sur le forum ,en informatique aussi , un vrai débutant !! ( soyez indulgent SVP , merci ). Bon voila mon problème ; il ya trois jours ,norton me signale un virus W32 spybot.worm et comme quoi il n'a pas été transmis .La même annonce est revenue plusieur fois, après recherches et différent logiciel plus rien pour l'instant ( détruit ou ??) mais aujourd'hui vlan rebelote norton me signal un virus bakdoor trojan , 18 fois sur cet après midi. J' ai de nouveau testé avec quelques logiciels mais la rien a faire!! d'ou mon appel a l'aide .J'ai pu voir que l'on demandais souvent un rapport hijackhis, j'ai donc charger le programme ( j'espére ne pas avoir déjà fais une bêtise ? ) et analysé mon ordinateur , voici le résultat: Logfile of HijackThis v1.99.1 Scan saved at 22:21:11, on 21/01/2007 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\ezNTSvc.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\WgaTray.exe C:\WINDOWS\htpatch.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\WINDOWS\TEMP\B8CF.tmp C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe C:\WINDOWS\System32\cmd.exe C:\WINDOWS\System32\prodsrvs.exe C:\Program Files\Messenger\msmsgs.exe C:\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://be.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.skynet.be R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par Belgacom Skynet R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497}_ - (no file) R3 - URLSearchHook: nuls Toolbar - {4acca1a7-ecc8-4c89-be52-b11919042bbf} - C:\Program Files\nuls\tbnuls.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\userinit.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr-be\msntb.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr-be\msntb.dll O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O3 - Toolbar: nuls Toolbar - {4acca1a7-ecc8-4c89-be52-b11919042bbf} - C:\Program Files\nuls\tbnuls.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe" O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [SDR6V_Check] "C:\Documents and Settings\ok\Mes documents\SDRmon.exe" O4 - HKCU\..\Run: [System Soap Pro] C:\PROGRA~1\SYSTEM~1\soap.exe min O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\System32\prodsrvs.exe /res O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=http://www.skynet.be O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://cdn.drivecleaner.com/installdrivecleanerstart_fr.cab O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/...trolLite_EN.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} (KooPlayer Control) - http://www.euchannels.net/update/KooPlayer.ocx O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientIn...2/OCI/setup.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1137956595296 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1127471785543 O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://ftp.hp.com/pub/automatic/player/isetupML.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version= O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {92ABACFE-EF6E-42C7-A824-D50A914B5B70} (MastaCash Loader Class) - http://dx.mastacash.com/loader.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab O16 - DPF: {AA59202C-5E41-48FC-AF7D-324F5FD6A9F1} - http://scripts.dlv4.com/binaries/egaccess4..._1070_em_XP.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/6712/2.0.0....0/Installer.exe O16 - DPF: {C771B05E-E725-4516-97A5-4CE5EB163CFB} - http://www.asian-x.org/acces/237/asian-x_an.exe O16 - DPF: {D1B80EBF-1A26-4FEC-B0B9-DCB934C6507E} - http://dialup.carpediem.fr/CABS/cd/1,0,3,8...AccesMembre.cab O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab O16 - DPF: {E15111B0-95AE-4C05-B91F-F4564057990C} (MovieSystem WAY) - http://services.moviesystem.com/cabs/msway.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?326 O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...942/mcfscan.cab O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) - http://www2.incredimail.com/contents/setup...er/imloader.cab O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by16fd.bay16.hotmail.msn.com/activex/HMAtchmt.ocx O17 - HKLM\System\CCS\Services\Tcpip\..\{12C8F930-42F1-4562-B0BE-78A1B34985C6}: NameServer = 195.238.2.22 195.238.2.21 O17 - HKLM\System\CS1\Services\Tcpip\..\{12C8F930-42F1-4562-B0BE-78A1B34985C6}: NameServer = 195.238.2.22 195.238.2.21 O17 - HKLM\System\CS2\Services\Tcpip\..\{12C8F930-42F1-4562-B0BE-78A1B34985C6}: NameServer = 195.238.2.22 195.238.2.21 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: EasyBits Magic Desktop Services for Windows NT (ezntsvc) - EasyBits Software Corp. - C:\WINDOWS\System32\ezNTSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ieupdater (Microsoft IE Updater) - Unknown owner - C:\DOCUME~1\ok\LOCALS~1\Temp\ieupdate.exe (file missing) O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: NeroNET - Unknown owner - C:\Program Files\Ahead\NeroNET\NeroNET.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe Voila si quelqu'un pouvais m'aidé car moi j'y comprend absolument rien. En remerciant déjà toutes personne qui pourrais m'éclairez dans tous sa. Merci. Danny Ce message a été modifié par tdanny6 - mardi 23 janvier 2007 à 00h18.

Thanos Voir le profil	dimanche 21 janvier 2007 à 23h24 Message #2
Devil Member ! Groupe : Equipe Sécurité+ Messages : 14513 Inscrit : 24/02/2005 Membre n^o 152504	salut et bienvenue * Télécharge DiagHelp.exe sur ton bureau quitte toutes les applications en cours, il va y avoir un redémarrage de ton pc. Double-clique sur DiagHelp.exe : une fenêtre cmd va s'ouvrir, choisis l'option 1 On te demandera d'appuyer sur une touche lorsque le scan est terminé: le pc va alors redémarrer. au redémarrage du pc copie/colle le contenu du bloc-note qui vient de s'ouvrir, dans ton prochain post. Télécharge Blacklight (de F-Secure); clique sur "I ACCEPT" au bas de la page. Sauvegarde le sur ton Bureau. Double-clique blbeta.exe et accepte la licence; clique Scan puis Next Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres). Copie et colle le contenu de ce rapport dans ta prochaine réponse. NE PAS choisir l'option "Rename" de suite : nous devons analyser le rapport, car des fichiers légitimes peuvent être présents, tel wbemtest.exe Le pc est infecté par Magic Control Agent entre autres. Poste stp ces rapports -------------------- Fournir de l'aide en désinfection (par ipl_001) - Procédure de demande d'aide et désinfection (par Falkra) - Guide sécurisation Windows face aux menaces infectieuses USB (par Gof) Je ne réponds à aucune demande d'aide via mp, merci.

tdanny6 Voir le profil	lundi 22 janvier 2007 à 00h14 Message #3
Member Groupe : Membres Messages : 69 Inscrit : 21/01/2007 Membre n^o 180991 Mes langues: français	Un grand merci pour l'aide et surtout pour la rapidité. Voila pour diaghelp.exe pas de redémarrage mais ouverture du bloc note, voici le contenu; C:\WINDOWS\System32\nvapps.xml -->21/01/2007 23:40:24 C:\WINDOWS\System32\wpa.dbl -->21/01/2007 20:25:03 C:\WINDOWS\System32\i -->19/01/2007 21:56:24 C:\WINDOWS\System32\Uninstall.ico -->19/01/2007 16:02:50 C:\WINDOWS\System32\pavas.ico -->19/01/2007 16:02:50 C:\WINDOWS\System32\Help.ico -->19/01/2007 16:02:50 C:\WINDOWS\System32\update77526596.exe -->19/01/2007 0:06:30 C:\WINDOWS\System32\RunOnce.t__ -->19/01/2007 0:06:30 C:\WINDOWS\System32\crypts.dll -->19/01/2007 0:06:27 C:\WINDOWS\System32\update00822631.exe -->19/01/2007 0:06:24 C:\WINDOWS\System32\RunOnce.tm_ -->19/01/2007 0:06:15 C:\WINDOWS\System32\nvs2.inf -->17/01/2007 15:27:32 C:\WINDOWS\System32\prodsrvs.exe -->10/01/2007 10:35:26 C:\WINDOWS\System32\mmc.exe.config -->9/01/2007 14:13:32 C:\WINDOWS\System32\MRT.exe -->3/01/2007 0:19:44 C:\WINDOWS\System32\ElbyCDIO.dll -->13/12/2006 21:24:42 C:\WINDOWS\System32\WgaTray.exe -->17/11/2006 21:08:28 C:\WINDOWS\System32\WgaLogon.dll -->17/11/2006 21:08:28 C:\WINDOWS\System32\LegitCheckControl.DLL -->30/10/2006 11:25:08 C:\WINDOWS\System32\PerfStringBackup.INI -->29/10/2006 12:02:47 C:\WINDOWS\System32\perfh00C.dat -->29/10/2006 12:02:47 C:\WINDOWS\System32\perfh009.dat -->29/10/2006 12:02:47 C:\WINDOWS\System32\perfc00C.dat -->29/10/2006 12:02:47 C:\WINDOWS\System32\perfc009.dat -->29/10/2006 12:02:47 C:\WINDOWS\System32\QuickTimeVR.qtx -->25/10/2006 19:15:06 C:\WINDOWS.log -->21/01/2007 23:39:31 C:\WINDOWS\WindowsUpdate.log -->21/01/2007 23:39:29 C:\WINDOWS\wiadebug.log -->21/01/2007 23:39:28 C:\WINDOWS\wiaservc.log -->21/01/2007 23:39:27 C:\WINDOWS\bootstat.dat -->21/01/2007 23:39:24 C:\WINDOWS\tmlpcert2007 -->21/01/2007 21:15:40 C:\WINDOWS\setupapi.log -->21/01/2007 21:06:16 C:\WINDOWS\NeroDigital.ini -->21/01/2007 20:52:49 C:\WINDOWS\SchedLgU.Txt -->21/01/2007 20:23:43 C:\WINDOWS\AUTOLNCH.REG -->21/01/2007 18:32:12 C:\WINDOWS\MEMORY.DMP -->19/01/2007 21:43:16 C:\WINDOWS\pavsig.txt -->19/01/2007 16:02:56 C:\WINDOWS\9129837.exe -->19/01/2007 0:06:28 C:\WINDOWS\pack.epk -->17/01/2007 15:27:19 C:\WINDOWS\Ulead32.ini -->17/01/2007 1:05:28 C:\WINDOWS\9129837.exe \|19/01/2007 00:06:35 C:\WINDOWS\htpatch.exe \|02/09/2003 15:11:48 C:\WINDOWS\InstIt.exe \|13/10/2004 10:35:41 C:\WINDOWS\IsUn040c.exe \|02/09/2003 15:11:18 C:\WINDOWS\IsUninst.exe \|11/09/2003 20:27:33 C:\WINDOWS\mHotkey.exe \|13/10/2004 10:35:41 C:\WINDOWS\NuNinst.exe \|27/11/2003 13:11:25 C:\WINDOWS\PATCH.EXE \|08/06/2004 23:30:51 C:\WINDOWS\runtsckl.exe \|24/03/2004 17:22:16 C:\WINDOWS\SkyCancel.exe \|09/09/2004 23:16:22 C:\WINDOWS\SkyEnd.exe \|09/09/2004 23:16:21 C:\WINDOWS\SkyEnd2.exe \|09/09/2004 23:16:21 C:\WINDOWS\SkyGoOn.exe \|09/09/2004 23:16:20 C:\WINDOWS\SynCor.exe \|02/09/2003 15:12:08 C:\WINDOWS\tsc.exe \|08/06/2004 23:31:19 C:\WINDOWS\twunk_16.exe \|30/09/2001 11:49:06 C:\WINDOWS\twunk_32.exe \|30/09/2001 11:49:06 C:\WINDOWS\UNIDRV.exe \|28/12/2003 19:01:30 C:\WINDOWS\unin040c.exe \|05/09/2003 08:16:01 C:\WINDOWS\uninst.exe \|02/09/2003 22:00:44 C:\WINDOWS\UNNERO.exe \|28/12/2003 18:53:07 C:\WINDOWS\UNNeroNET.exe \|27/11/2003 14:33:14 C:\WINDOWS\UNNeroVision.exe \|25/11/2005 05:33:14 C:\WINDOWS\UNNMIX.exe \|12/11/2006 22:20:23 C:\WINDOWS\UNNMP.exe \|08/01/2005 12:58:47 C:\WINDOWS\UNNVEContent.exe \|21/10/2006 22:39:16 C:\WINDOWS\UnSiSUSB.exe \|07/04/2004 21:06:17 C:\WINDOWS\unvise32.exe \|02/12/2003 10:56:02 C:\WINDOWS\AuHCcup1.dll \|23/07/1999 10:53:20 C:\WINDOWS\BPMNT.dll \|08/06/2004 23:31:19 C:\WINDOWS\HCExtOutput.dll \|08/06/2004 23:31:19 C:\WINDOWS\HIDMNT.dll \|13/10/2004 10:35:41 C:\WINDOWS\loadhttp.dll \|15/10/2002 13:29:40 C:\WINDOWS\patchw32.dll \|14/12/2001 13:34:46 C:\WINDOWS\SynthCoreA.Dll \|02/09/2003 15:12:08 C:\WINDOWS\TMUPDATE.DLL \|08/06/2004 23:30:52 C:\WINDOWS\twain.dll \|30/09/2001 11:49:06 C:\WINDOWS\twain_32.dll \|30/09/2001 11:49:06 C:\WINDOWS\UNZIP.DLL \|08/06/2004 23:30:51 C:\WINDOWS\vsapi32.dll \|08/06/2004 23:31:19 C:\WINDOWS\winio.dll \|02/09/2003 15:11:48 C:\WINDOWS\system32\append.exe \|30/09/2001 11:47:50 C:\WINDOWS\system32\asuninst.exe \|19/01/2007 15:36:17 C:\WINDOWS\system32\CleanUp.exe \|02/09/2003 15:12:03 C:\WINDOWS\system32\debug.exe \|30/09/2001 11:47:58 C:\WINDOWS\system32\DivXsm.exe \|23/11/2005 05:00:00 C:\WINDOWS\system32\dms4UVCon.exe \|20/08/2005 12:49:48 C:\WINDOWS\system32\dosx.exe \|30/09/2001 11:48:00 C:\WINDOWS\system32\DSndUp.exe \|02/09/2003 15:12:03 C:\WINDOWS\system32\dvdplay.exe \|23/08/2001 18:47:34 C:\WINDOWS\system32\edlin.exe \|30/09/2001 11:48:12 C:\WINDOWS\system32\exe2bin.exe \|30/09/2001 11:48:14 C:\WINDOWS\system32\ezMAPIHelper.exe \|06/07/2005 20:55:30 C:\WINDOWS\system32\ezntsvc.exe \|06/07/2005 20:55:30 C:\WINDOWS\system32\ezSetup.exe \|06/07/2005 20:55:30 C:\WINDOWS\system32\ezShellStart.exe \|06/07/2005 20:55:29 C:\WINDOWS\system32\ezUninst.exe \|06/07/2005 20:55:30 C:\WINDOWS\system32\fastopen.exe \|30/09/2001 11:48:14 C:\WINDOWS\system32\keystone.exe \|20/09/2006 16:25:00 C:\WINDOWS\system32\mem.exe \|30/09/2001 11:48:26 C:\WINDOWS\system32\mscdexnt.exe \|30/09/2001 11:48:30 C:\WINDOWS\system32\NeroCheck.exe \|11/11/2003 13:28:12 C:\WINDOWS\system32\nlsfunc.exe \|30/09/2001 11:48:40 C:\WINDOWS\system32\nvappbar.exe \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvcolor.exe \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvcplui.exe \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvdspsch.exe \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvsvc32(2).exe \|02/09/2003 15:15:40 C:\WINDOWS\system32\nvsvc32(4).exe \|06/10/2003 14:16:00 C:\WINDOWS\system32\nvsvc32.exe \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvudisp.exe \|08/12/2003 02:07:00 C:\WINDOWS\system32\NVUNINST.EXE \|16/11/2006 08:48:43 C:\WINDOWS\system32\nwiz.exe \|20/09/2006 16:25:00 C:\WINDOWS\system32\prodsrvs.exe \|21/01/2007 21:06:15 C:\WINDOWS\system32\redir.exe \|30/09/2001 11:48:54 C:\WINDOWS\system32\setver.exe \|30/09/2001 11:48:58 C:\WINDOWS\system32\share.exe \|30/09/2001 11:48:58 C:\WINDOWS\system32\SymTdiRg.exe \|07/09/2003 14:54:44 C:\WINDOWS\system32\update00822631.exe \|19/01/2007 00:06:21 C:\WINDOWS\system32\update77526596.exe \|19/01/2007 00:06:30 C:\WINDOWS\system32\usrmlnka.exe \|23/08/2001 18:47:48 C:\WINDOWS\system32\usrprbda.exe \|23/08/2001 18:47:48 C:\WINDOWS\system32\usrshuta.exe \|23/08/2001 18:47:48 C:\WINDOWS\system32\a3d.dll \|02/09/2003 15:12:04 C:\WINDOWS\system32\AcubeStrE.dll \|20/08/2005 12:49:48 C:\WINDOWS\system32\AcubeStrK.dll \|20/08/2005 12:49:48 C:\WINDOWS\system32\amstream.dll \|10/11/2003 01:11:02 C:\WINDOWS\system32\atmfd.dll \|30/09/2001 11:47:52 C:\WINDOWS\system32\atmlib.dll \|30/09/2001 11:47:52 C:\WINDOWS\system32\Audio3d.dll \|02/09/2003 15:12:05 C:\WINDOWS\system32\Camext30.dll \|26/11/2003 20:28:17 C:\WINDOWS\system32\CamUsd30.dll \|13/11/2003 20:52:24 C:\WINDOWS\system32\CCPASSWD.DLL \|07/09/2003 22:14:59 C:\WINDOWS\system32\CCTRUST.DLL \|07/09/2003 22:14:59 C:\WINDOWS\system32\compatUI.dll \|30/09/2001 11:47:56 C:\WINDOWS\system32\CryptoSeed.dll \|20/08/2005 12:49:48 C:\WINDOWS\system32\crypts.dll \|19/01/2007 00:06:27 C:\WINDOWS\system32\dgrpsetu.dll \|02/09/2003 14:36:23 C:\WINDOWS\system32\dgsetup.dll \|02/09/2003 14:36:23 C:\WINDOWS\system32\DivX.dll \|07/12/2005 18:05:50 C:\WINDOWS\system32\DivXc32.dll \|01/04/2000 04:35:00 C:\WINDOWS\system32\DivXc32f.dll \|01/04/2000 04:35:00 C:\WINDOWS\system32\divxdec_0407.dll \|26/10/2004 23:38:18 C:\WINDOWS\system32\divxdec_040c.dll \|26/10/2004 23:38:18 C:\WINDOWS\system32\divxdec_0411.dll \|26/10/2004 23:38:18 C:\WINDOWS\system32\divx_xx07.dll \|07/12/2005 18:05:49 C:\WINDOWS\system32\divx_xx0c.dll \|07/12/2005 18:05:49 C:\WINDOWS\system32\divx_xx11.dll \|07/12/2005 18:05:48 C:\WINDOWS\system32\dpl100.dll \|27/10/2005 20:37:44 C:\WINDOWS\system32\dpu10.dll \|27/10/2005 20:37:43 C:\WINDOWS\system32\dpu11.dll \|27/10/2005 20:37:43 C:\WINDOWS\system32\dpuGUI10.dll \|27/10/2005 20:37:47 C:\WINDOWS\system32\dpuGUI11.dll \|27/10/2005 20:37:44 C:\WINDOWS\system32\dpus10.dll \|13/08/2004 23:24:57 C:\WINDOWS\system32\dpus11.dll \|27/10/2005 20:37:43 C:\WINDOWS\system32\dpv10.dll \|13/08/2004 23:24:57 C:\WINDOWS\system32\dpv11.dll \|27/10/2005 20:37:43 C:\WINDOWS\system32\dtu100.dll \|27/10/2005 20:37:43 C:\WINDOWS\system32\dunzip32.dll \|13/11/2005 06:47:54 C:\WINDOWS\system32\dzip32.dll \|13/11/2005 06:47:54 C:\WINDOWS\system32\EDCode.dll \|20/08/2005 12:49:48 C:\WINDOWS\system32\EDCodeCom.dll \|20/08/2005 12:49:49 C:\WINDOWS\system32\EGDHTML_1024.dll \|13/11/2003 11:54:08 C:\WINDOWS\system32\ElbyCDIO.dll \|13/12/2006 21:24:42 C:\WINDOWS\system32\EqnClass.Dll \|02/09/2003 14:36:22 C:\WINDOWS\system32\ezBook.dll \|13/06/2005 11:00:00 C:\WINDOWS\system32\ezEMail.dll \|13/06/2005 11:00:00 C:\WINDOWS\system32\ezFileImport.dll \|13/06/2005 11:00:00 C:\WINDOWS\system32\ezHints.dll \|13/06/2005 11:00:00 C:\WINDOWS\system32\ezLicPrompt.dll \|13/06/2005 11:00:00 C:\WINDOWS\system32\ezMenu.dll \|13/06/2005 11:00:00 C:\WINDOWS\system32\ezPrint.dll \|13/06/2005 11:00:00 C:\WINDOWS\system32\ezRas.dll \|13/06/2005 11:00:00 C:\WINDOWS\system32\ezScore.dll \|13/06/2005 11:00:00 C:\WINDOWS\system32\ezShell.dll \|13/06/2005 11:00:00 C:\WINDOWS\system32\ezSubs.dll \|13/06/2005 11:00:00 C:\WINDOWS\system32\ezUPBHook.dll \|06/07/2005 20:55:29 C:\WINDOWS\system32\ezUtils.dll \|13/06/2005 11:00:00 C:\WINDOWS\system32\ezWizard.dll \|13/06/2005 11:00:00 C:\WINDOWS\system32\GEARAspi.dll \|19/09/2006 15:43:58 C:\WINDOWS\system32\GZIPLibMinorEx.dll \|20/08/2005 12:49:48 C:\WINDOWS\system32\hpfinst.dll \|12/09/2001 17:46:47 C:\WINDOWS\system32\hpgmastr.dll \|03/09/2003 19:31:02 C:\WINDOWS\system32\hpgmatk.dll \|03/09/2003 19:31:02 C:\WINDOWS\system32\hpgmausd.dll \|03/09/2003 19:31:01 C:\WINDOWS\system32\hpgreg32.dll \|03/09/2003 19:31:53 C:\WINDOWS\system32\HPODXPAT.DLL \|27/05/2004 15:00:52 C:\WINDOWS\system32\HPptp02.dll \|07/11/2003 13:54:51 C:\WINDOWS\system32\HPptp03.dll \|20/03/2003 10:57:22 C:\WINDOWS\system32\hpsj32.dll \|03/09/2003 19:31:53 C:\WINDOWS\system32\hpsjvset.dll \|03/09/2003 19:31:01 C:\WINDOWS\system32\hpzcoi03.dll \|23/07/2001 19:01:39 C:\WINDOWS\system32\hpzcoi04.dll \|12/09/2001 17:47:20 C:\WINDOWS\system32\hpzcon03.dll \|23/07/2001 19:01:40 C:\WINDOWS\system32\hpzcon04.dll \|12/09/2001 17:47:20 C:\WINDOWS\system32\hpzlnt03.dll \|25/10/2003 01:25:39 C:\WINDOWS\system32\hpzlnt04.dll \|12/09/2001 17:47:22 C:\WINDOWS\system32\hticons.dll \|02/09/2003 08:03:37 C:\WINDOWS\system32\hypertrm.dll \|02/09/2003 08:03:37 C:\WINDOWS\system32\ic32.dll \|05/09/2003 08:10:21 C:\WINDOWS\system32\iccvid.dll \|30/09/2001 11:48:20 C:\WINDOWS\system32\IDEproperty.dll \|02/09/2003 15:11:29 C:\WINDOWS\system32\imagr5.dll \|28/10/2003 22:47:27 C:\WINDOWS\system32\imagx5.dll \|28/10/2003 22:47:27 C:\WINDOWS\system32\ImagX7.dll \|08/01/2005 12:52:03 C:\WINDOWS\system32\ImagXpr5.dll \|28/10/2003 22:47:27 C:\WINDOWS\system32\ImagXpr7.dll \|08/01/2005 12:52:04 C:\WINDOWS\system32\ImagXR7.dll \|08/01/2005 12:52:05 C:\WINDOWS\system32\ImagXRA7.dll \|08/01/2005 12:52:06 C:\WINDOWS\system32\ipeapi12.dll \|03/09/2003 19:31:53 C:\WINDOWS\system32\ipebase12.dll \|03/09/2003 19:31:53 C:\WINDOWS\system32\ipeistor12.dll \|03/09/2003 19:31:53 C:\WINDOWS\system32\ir32_32.dll \|30/09/2001 11:48:22 C:\WINDOWS\system32\ir41_qc.dll \|30/09/2001 11:48:22 C:\WINDOWS\system32\ir41_qcx.dll \|30/09/2001 11:48:22 C:\WINDOWS\system32\ir50_32.dll \|30/09/2001 11:48:22 C:\WINDOWS\system32\ir50_qc.dll \|30/09/2001 11:48:22 C:\WINDOWS\system32\ir50_qcx.dll \|30/09/2001 11:48:22 C:\WINDOWS\system32\isrdbg32.dll \|02/09/2003 08:05:08 C:\WINDOWS\system32\Iticheck.dll \|10/10/1998 23:07:38 C:\WINDOWS\system32\itidat.dll \|21/05/1999 21:37:16 C:\WINDOWS\system32\itidib.dll \|21/05/1999 21:37:28 C:\WINDOWS\system32\itiimg2.dll \|15/07/1998 20:40:50 C:\WINDOWS\system32\Jgar500.dll \|07/11/2003 13:56:39 C:\WINDOWS\system32\jgaw400.dll \|30/09/2001 11:48:22 C:\WINDOWS\system32\jgdw400.dll \|30/09/2001 11:48:22 C:\WINDOWS\system32\Jgdw500.dll \|07/11/2003 13:56:39 C:\WINDOWS\system32\Jgid500.dll \|07/11/2003 13:56:39 C:\WINDOWS\system32\jgmd400.dll \|30/09/2001 11:48:22 C:\WINDOWS\system32\Jgme500.dll \|07/11/2003 13:56:39 C:\WINDOWS\system32\jgpl400.dll \|30/09/2001 11:48:22 C:\WINDOWS\system32\Jgpl500.dll \|07/11/2003 13:56:39 C:\WINDOWS\system32\jgsd400.dll \|30/09/2001 11:48:22 C:\WINDOWS\system32\jgsh400.dll \|30/09/2001 11:48:22 C:\WINDOWS\system32\Jgst500.dll \|07/11/2003 13:56:39 C:\WINDOWS\system32\LCodcCMP.dll \|07/11/2003 13:54:29 C:\WINDOWS\system32\ldf252.dll \|07/11/2003 13:56:40 C:\WINDOWS\system32\lfavi11n.dll \|26/11/2003 20:42:38 C:\WINDOWS\system32\lfbmp11n.dll \|26/11/2003 20:29:19 C:\WINDOWS\system32\lfbmp13n.dll \|14/01/2005 15:41:59 C:\WINDOWS\system32\LFCMP11n.DLL \|26/11/2003 20:29:19 C:\WINDOWS\system32\lfcmp13n.dll \|14/01/2005 15:41:59 C:\WINDOWS\system32\LFCMP70n.DLL \|03/09/2003 19:31:53 C:\WINDOWS\system32\lffax11n.dll \|26/11/2003 20:29:19 C:\WINDOWS\system32\lffax70n.dll \|03/09/2003 19:31:53 C:\WINDOWS\system32\lffpx11n.dll \|26/11/2003 20:29:19 C:\WINDOWS\system32\Lffpx7.dll \|03/09/2003 19:31:53 C:\WINDOWS\system32\lffpx70n.dll \|03/09/2003 19:31:53 C:\WINDOWS\system32\lfgif13n.dll \|14/01/2005 15:42:00 C:\WINDOWS\system32\lfgif70n.dll \|03/09/2003 19:31:53 C:\WINDOWS\system32\Lfkodak.dll \|03/09/2003 19:31:53 C:\WINDOWS\system32\lfpct11n.dll \|26/11/2003 20:42:36 C:\WINDOWS\system32\lfpcx11n.dll \|26/11/2003 20:42:36 C:\WINDOWS\system32\lfpcx70n.dll \|03/09/2003 19:31:53 C:\WINDOWS\system32\Lfpng11n.dll \|26/11/2003 20:42:36 C:\WINDOWS\system32\lfpng70n.dll \|03/09/2003 19:31:53 C:\WINDOWS\system32\lfpsd11n.dll \|26/11/2003 20:42:36 C:\WINDOWS\system32\lftga11n.dll \|26/11/2003 20:42:36 C:\WINDOWS\system32\lftif11n.dll \|26/11/2003 20:42:36 C:\WINDOWS\system32\lftif70n.dll \|03/09/2003 19:31:53 C:\WINDOWS\system32\lfwfx11n.dll \|26/11/2003 20:42:36 C:\WINDOWS\system32\libdivx.dll \|28/09/2005 19:50:04 C:\WINDOWS\system32\LTDIS11n.dll \|26/11/2003 20:42:36 C:\WINDOWS\system32\ltdis13n.dll \|14/01/2005 15:41:59 C:\WINDOWS\system32\ltefx11n.dll \|26/11/2003 20:42:38 C:\WINDOWS\system32\ltefx13n.dll \|14/01/2005 15:41:59 C:\WINDOWS\system32\ltfil11n.DLL \|26/11/2003 20:29:19 C:\WINDOWS\system32\ltfil13n.dll \|14/01/2005 15:41:59 C:\WINDOWS\system32\ltfil70n.DLL \|03/09/2003 19:31:53 C:\WINDOWS\system32\ltimg11n.dll \|26/11/2003 20:42:38 C:\WINDOWS\system32\ltimg13n.dll \|14/01/2005 15:41:59 C:\WINDOWS\system32\ltkrn11n.dll \|26/11/2003 20:42:38 C:\WINDOWS\system32\ltkrn13n.dll \|14/01/2005 15:41:59 C:\WINDOWS\system32\ltkrn70n.dll \|03/09/2003 19:31:53 C:\WINDOWS\system32\lttwn11n.dll \|26/11/2003 20:42:38 C:\WINDOWS\system32\lwf214p.dll \|07/11/2003 13:56:40 C:\WINDOWS\system32\lyc_language.dll \|29/09/2004 19:57:20 C:\WINDOWS\system32\mciqtz32.dll \|10/11/2003 01:11:02 C:\WINDOWS\system32\mdwmdmsp.dll \|23/08/2001 18:47:06 C:\WINDOWS\system32\msdmo.dll \|02/09/2003 15:16:35 C:\WINDOWS\system32\msencode.dll \|30/08/2002 18:24:06 C:\WINDOWS\system32\msssc.dll \|02/09/2003 15:12:01 C:\WINDOWS\system32\nv4_disp(3).dll \|02/09/2003 15:15:40 C:\WINDOWS\system32\nv4_disp(4).dll \|06/10/2003 14:16:00 C:\WINDOWS\system32\nv4_disp.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvapi.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvcod(3).dll \|06/10/2003 14:16:00 C:\WINDOWS\system32\nvcod.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvcodins.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvcpl.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvcpluir.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvdisps.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvdispsr.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvexpbar.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvgames.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvgamesr.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvhwvid.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nview.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvmccs.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvmccsrs.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvmccss.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvmccssr.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvmctray.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvmobls.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvmoblsr.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvnt4cpl.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvoglnt.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvrsar.dll \|28/10/2003 22:57:16 C:\WINDOWS\system32\nvrscs.dll \|28/10/2003 22:57:19 C:\WINDOWS\system32\nvrsda.dll \|28/10/2003 22:57:20 C:\WINDOWS\system32\nvrsde.dll \|28/10/2003 22:57:21 C:\WINDOWS\system32\nvrsel.dll \|28/10/2003 22:57:22 C:\WINDOWS\system32\nvrseng.dll \|28/10/2003 22:57:23 C:\WINDOWS\system32\nvrses.dll \|28/10/2003 22:57:23 C:\WINDOWS\system32\nvrsesm.dll \|28/10/2003 22:57:24 C:\WINDOWS\system32\nvrsfi.dll \|28/10/2003 22:57:25 C:\WINDOWS\system32\nvrsfr.dll \|28/10/2003 22:57:26 C:\WINDOWS\system32\nvrshe.dll \|28/10/2003 22:57:27 C:\WINDOWS\system32\nvrshu.dll \|28/10/2003 22:57:30 C:\WINDOWS\system32\nvrsit.dll \|28/10/2003 22:57:31 C:\WINDOWS\system32\nvrsja.dll \|28/10/2003 22:57:32 C:\WINDOWS\system32\nvrsko.dll \|28/10/2003 22:57:34 C:\WINDOWS\system32\nvrsnl.dll \|28/10/2003 22:57:37 C:\WINDOWS\system32\nvrsno.dll \|28/10/2003 22:57:38 C:\WINDOWS\system32\nvrspl.dll \|28/10/2003 22:57:39 C:\WINDOWS\system32\nvrspt.dll \|28/10/2003 22:57:40 C:\WINDOWS\system32\nvrsptb.dll \|28/10/2003 22:57:40 C:\WINDOWS\system32\nvrsru.dll \|28/10/2003 22:57:41 C:\WINDOWS\system32\nvrssk.dll \|28/10/2003 22:57:42 C:\WINDOWS\system32\nvrssl.dll \|28/10/2003 22:57:43 C:\WINDOWS\system32\nvrssv.dll \|28/10/2003 22:57:44 C:\WINDOWS\system32\nvrstr.dll \|28/10/2003 22:57:45 C:\WINDOWS\system32\nvrszhc.dll \|28/10/2003 22:57:46 C:\WINDOWS\system32\nvrszht.dll \|28/10/2003 22:57:47 C:\WINDOWS\system32\nvshell.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvvitvs.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvvitvsr.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvwddi.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvwdmcpl.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvwimg.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvwrsar.dll \|28/10/2003 22:57:19 C:\WINDOWS\system32\nvwrscs.dll \|28/10/2003 22:57:19 C:\WINDOWS\system32\nvwrsda.dll \|28/10/2003 22:57:20 C:\WINDOWS\system32\nvwrsde.dll \|28/10/2003 22:57:21 C:\WINDOWS\system32\nvwrsel.dll \|28/10/2003 22:57:22 C:\WINDOWS\system32\nvwrseng.dll \|28/10/2003 22:57:23 C:\WINDOWS\system32\nvwrses.dll \|28/10/2003 22:57:24 C:\WINDOWS\system32\nvwrsesm.dll \|28/10/2003 22:57:25 C:\WINDOWS\system32\nvwrsfi.dll \|28/10/2003 22:57:26 C:\WINDOWS\system32\nvwrsfr.dll \|28/10/2003 22:57:27 C:\WINDOWS\system32\nvwrshe.dll \|28/10/2003 22:57:29 C:\WINDOWS\system32\nvwrshu.dll \|28/10/2003 22:57:30 C:\WINDOWS\system32\nvwrsit.dll \|28/10/2003 22:57:31 C:\WINDOWS\system32\nvwrsja.dll \|28/10/2003 22:57:34 C:\WINDOWS\system32\nvwrsko.dll \|28/10/2003 22:57:36 C:\WINDOWS\system32\nvwrsnl.dll \|28/10/2003 22:57:37 C:\WINDOWS\system32\nvwrsno.dll \|28/10/2003 22:57:38 C:\WINDOWS\system32\nvwrspl.dll \|28/10/2003 22:57:39 C:\WINDOWS\system32\nvwrspt.dll \|28/10/2003 22:57:40 C:\WINDOWS\system32\nvwrsptb.dll \|28/10/2003 22:57:41 C:\WINDOWS\system32\nvwrsru.dll \|28/10/2003 22:57:42 C:\WINDOWS\system32\nvwrssk.dll \|28/10/2003 22:57:43 C:\WINDOWS\system32\nvwrssl.dll \|28/10/2003 22:57:44 C:\WINDOWS\system32\nvwrssv.dll \|28/10/2003 22:57:45 C:\WINDOWS\system32\nvwrstr.dll \|28/10/2003 22:57:45 C:\WINDOWS\system32\nvwrszhc.dll \|28/10/2003 22:57:46 C:\WINDOWS\system32\nvwrszht.dll \|28/10/2003 22:57:47 C:\WINDOWS\system32\nvwss.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\nvwssr.dll \|20/09/2006 16:25:00 C:\WINDOWS\system32\ODBCSTF.DLL \|05/09/2003 08:11:44 C:\WINDOWS\system32\ogg.dll \|14/12/2002 21:46:04 C:\WINDOWS\system32\oggDS.dll \|14/12/2002 21:46:04 C:\WINDOWS\system32\paqsp.dll \|23/08/2001 18:47:16 C:\WINDOWS\system32\PCDLIB32.DLL \|31/01/1998 23:00:00 C:\WINDOWS\system32\picn20.dll \|28/10/2003 22:47:27 C:\WINDOWS\system32\pncrt.dll \|24/07/2002 18:34:55 C:\WINDOWS\system32\PSIKey.dll \|26/10/2004 23:38:24 C:\WINDOWS\system32\psisdecd.dll \|10/11/2003 01:11:04 C:\WINDOWS\system32\qedwipes.dll \|10/11/2003 01:11:02 C:\WINDOWS\system32\qt-dx331.dll \|12/08/2005 22:57:09 C:\WINDOWS\system32\qt-mt331.dll \|13/08/2004 23:24:57 C:\WINDOWS\system32\Roboex32.dll \|07/11/2003 13:56:39 C:\WINDOWS\system32\S11thk32.dll \|02/09/2003 15:12:07 C:\WINDOWS\system32\S32EVNT1.DLL \|07/09/2003 14:53:24 C:\WINDOWS\system32\SftpApi.dll \|20/08/2005 12:49:48 C:\WINDOWS\system32\ShttpApi.dll \|20/08/2005 12:49:48 C:\WINDOWS\system32\SIMONW32.dll \|05/08/2002 19:22:18 C:\WINDOWS\system32\slbcsp.dll \|30/09/2001 11:48:58 C:\WINDOWS\system32\slbiop.dll \|30/09/2001 11:48:58 C:\WINDOWS\system32\slbrccsp.dll \|30/09/2001 11:48:58 C:\WINDOWS\system32\SMMedia.dll \|02/09/2003 15:12:09 C:\WINDOWS\system32\spnike.dll \|23/08/2001 18:47:18 C:\WINDOWS\system32\sprio600.dll \|23/08/2001 18:47:18 C:\WINDOWS\system32\sprio800.dll \|23/08/2001 18:47:18 C:\WINDOWS\system32\spxcoins.dll \|02/09/2003 14:36:22 C:\WINDOWS\system32\ssldivx.dll \|28/09/2005 19:50:03 C:\WINDOWS\system32\stci.dll \|11/11/2003 18:37:01 C:\WINDOWS\system32\SymNeti.dll \|05/04/2005 10:17:04 C:\WINDOWS\system32\SymRedir.dll \|05/04/2005 10:17:04 C:\WINDOWS\system32\SymStore.dll \|22/08/2004 18:01:55 C:\WINDOWS\system32\Syncor11.dll \|02/09/2003 15:12:07 C:\WINDOWS\system32\SynthCore11Resources.dll \|02/09/2003 15:12:07 C:\WINDOWS\system32\tsd32.dll \|30/09/2001 11:49:06 C:\WINDOWS\system32\TwnLib20.dll \|29/10/2003 19:06:58 C:\WINDOWS\system32\TwnLib4.dll \|08/01/2005 12:52:07 C:\WINDOWS\system32\Tx32.dll \|05/09/2003 08:10:21 C:\WINDOWS\system32\txobj32.dll \|05/09/2003 08:10:21 C:\WINDOWS\system32\txtls32.dll \|05/09/2003 08:10:21 C:\WINDOWS\system32\tx_htm32.dll \|05/09/2003 08:10:21 C:\WINDOWS\system32\tx_rtf32.dll \|05/09/2003 08:10:21 C:\WINDOWS\system32\tx_word.dll \|05/09/2003 08:10:21 C:\WINDOWS\system32\unzip32.dll \|15/07/2005 00:20:09 C:\WINDOWS\system32\usrcntra.dll \|23/08/2001 18:47:20 C:\WINDOWS\system32\usrcoina.dll \|23/08/2001 18:47:20 C:\WINDOWS\system32\usrdpa.dll \|23/08/2001 18:47:20 C:\WINDOWS\system32\usrdtea.dll \|23/08/2001 18:47:20 C:\WINDOWS\system32\usrfaxa.dll \|23/08/2001 18:47:20 C:\WINDOWS\system32\usrlbva.dll \|23/08/2001 18:47:20 C:\WINDOWS\system32\usrrtosa.dll \|23/08/2001 18:47:20 C:\WINDOWS\system32\usrsdpia.dll \|23/08/2001 18:47:20 C:\WINDOWS\system32\usrsvpia.dll \|23/08/2001 18:47:20 C:\WINDOWS\system32\usrv42a.dll \|23/08/2001 18:47:20 C:\WINDOWS\system32\usrv80a.dll \|23/08/2001 18:47:20 C:\WINDOWS\system32\usrvoica.dll \|23/08/2001 18:47:20 C:\WINDOWS\system32\usrvpa.dll \|23/08/2001 18:47:20 C:\WINDOWS\system32\virtear.dll \|02/09/2003 15:12:05 C:\WINDOWS\system32\vorbis.dll \|14/12/2002 21:46:04 C:\WINDOWS\system32\vorbisenc.dll \|14/12/2002 21:46:04 C:\WINDOWS\system32\wdmioctl.dll \|02/09/2003 15:12:09 C:\WINDOWS\system32\win87em.dll \|30/09/2001 11:49:12 C:\WINDOWS\system32\WNASPI32.DLL \|10/09/1999 12:06:00 C:\WINDOWS\system32\wndtls32.dll \|05/09/2003 08:10:21 C:\WINDOWS\system32\xvid.dll \|05/04/2003 17:17:52 C:\WINDOWS\system32\ZPORT4AS.dll \|19/01/2007 15:36:17 Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 70B9-610B Répertoire de C:\WINDOWS\system 10/09/1999 12:06 4.672 WOWPOST.EXE 1 fichier(s) 4.672 octets 0 Rép(s) 67.471.908.864 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 70B9-610B Répertoire de C:\WINDOWS\system32 30/09/2001 11:47 4.096 csrss.exe 1 fichier(s) 4.096 octets 0 Rép(s) 67.471.908.864 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 70B9-610B Répertoire de C:\WINDOWS\Downloaded Program Files 21/01/2007 21:06 <REP> . 21/01/2007 21:06 <REP> .. 02/07/2003 18:17 244 AccesMembre.inf 24/08/2006 08:28 141.424 asinst.dll 22/08/2006 09:06 537 asinst.inf 17/05/2006 13:32 231.072 avsniff.dll 17/05/2006 14:29 878 avsniff.inf 23/08/2005 09:39 198.256 avsniffdlgs.dll 17/05/2006 13:26 537.704 AXXPEE.dll 17/05/2006 13:29 241 CabSA.inf 12/01/2007 01:00 2.504 catalog.dat 19/01/2007 19:19 <REP> CONFLICT.1 13/12/2003 06:59 <REP> CONFLICT.2 20/03/2005 16:48 65 desktop.ini 28/10/2003 08:51 7.424 DjVuLite.inf 09/11/2006 11:01 227 driveragent.inf 09/11/2006 11:01 428.032 driveragent.ocx 12/01/2007 01:00 6.899 ecbootil.vxd 23/08/2005 09:32 42.112 ecmldr32.dll 12/01/2007 01:00 272.040 ecmsvr32.dll 15/06/2006 18:33 1.132.192 EPUWALcontrol.dll 28/03/2002 15:05 1.268 erma.inf 08/08/2006 13:28 1.563 hardwaredetection.inf 11/11/2004 21:52 113.408 HMAtchmt.ocx 23/10/2005 01:11 88.136 HPGetDownloadManager.ocx 20/10/2005 16:02 671.336 hpobjinstaller_gmn.dll 30/09/2005 11:04 714 hpobjinstaller_gmn.inf 16/05/2006 09:14 248 IaLdr32.inf 03/03/2004 14:59 393.216 imloader.exe 10/04/2001 14:25 24.576 iSetupML.dll 10/04/2001 14:24 356.352 iSetupML.exe 10/04/2001 14:25 423 isetupML.inf 25/08/2003 18:12 1.096 iuctl.inf 08/08/2006 11:45 576 kavwebscan.inf 30/12/2006 00:25 284.488 KooPlayer.ocx 24/10/2006 17:15 367 LegitCheckControl.inf 09/10/2003 18:25 225 loader.inf 18/12/2006 10:02 882 mcfscan.inf 29/05/2003 14:00 160.864 messengerstatsclient.dll 20/01/2000 15:25 1.162 Microsoft XML Parser for Java.osd 01/09/2003 11:10 2.295 MSC3.inf 29/05/2003 14:00 77.408 msgrchkr.dll 30/06/2005 14:19 227 MsnMessengerSetupDownloader.inf 13/08/2005 23:26 113.664 MsnMessengerSetupDownloader.ocx 08/10/2004 16:01 372.736 MsnPUpld.dll 17/03/2003 10:57 90.112 msway.dll 23/09/2002 14:06 304 msway.inf 26/05/2005 03:19 293 muweb.inf 11/08/2004 18:20 6.854 navapi.vxd 11/08/2004 18:20 208.896 navapi32.dll 12/01/2007 01:00 124.584 naveng32.dll 12/01/2007 01:00 882.344 navex32a.dll 17/05/2005 16:27 300.032 npwwg.dll 27/06/2001 09:37 220 npwwg.inf 29/06/2005 16:17 227 opuc.inf 17/05/2004 15:26 35.584 ProductIDGatherer.dll 25/05/2004 10:05 2.735 ProductIDGatherer.INF 22/09/2004 15:59 110.592 PURen-us.dll 31/05/2002 08:20 117.328 PURfr-be.dll 15/10/2004 07:59 110.592 PURfr-xx.dll 30/07/2003 03:45 728 qdiagh.inf 08/03/2005 15:29 <REP> rave 18/04/2003 20:11 6.638 ravllio.vxd 04/09/2003 15:00 200.704 ravonline.dll 04/09/2003 15:02 583 ravonline.inf 04/09/2003 14:33 167.936 ravscan.dll 04/09/2003 14:34 290.816 ravupdt.dll 05/03/2003 20:27 381 ravupdt.ini 17/05/2006 13:32 161.480 rufsi.dll 03/05/2004 14:39 118.784 SassCln.dll 03/05/2004 14:40 306 SASSCLN.INF 12/01/2007 01:00 97.712 scrauth.dat 06/12/2004 17:01 116.880 setup.exe 24/07/2005 18:16 16 speedup.fic 26/09/2003 10:31 53.784 SSCHECK.DLL 28/09/2003 23:33 60.072 SublimAnal.exe 27/08/2005 13:30 5.065 swflash.inf 12/01/2007 01:00 9.237 symaveng.cat 12/01/2007 01:00 1.061 symaveng.inf 07/08/2003 14:00 266 systemsoappro.inf 12/01/2007 01:00 187.905 tcdefs.dat 12/01/2007 01:00 1.196.629 tcscan7.dat 12/01/2007 01:00 325.348 tcscan8.dat 12/01/2007 01:00 736.279 tcscan9.dat 02/08/2000 12:33 224 tdserver.inf 02/08/2000 12:26 372.736 tdserver.ocx 12/01/2007 01:00 453 tinf.dat 12/01/2007 01:00 148 tinfidx.dat 12/01/2007 01:00 1.957 tinfl.dat 12/01/2007 01:00 64.232 tscan1.dat 12/01/2007 01:00 3.072 tscan1hd.dat 19/11/2006 17:24 23.600 tvichw32.sys 07/09/2006 12:15 142.848 UDC6V_0001_D19M0709NetInstaller.exe 07/09/2006 12:15 227 UDC6V_0001_D19M0709NetInstaller.inf 15/10/2005 09:28 44.137 update.log 12/01/2007 01:00 4.778 v.grd 12/01/2007 01:00 2.269 v.sig 24/07/2005 18:16 16 validate.rdb 12/01/2007 01:00 106.244 virscan.inf 12/01/2007 01:00 975.798 virscan1.dat 12/01/2007 01:00 570.042 virscan2.dat 12/01/2007 01:00 147.512 virscan3.dat 12/01/2007 01:00 320.186 virscan4.dat 12/01/2007 01:00 3.179.218 virscan5.dat 12/01/2007 01:00 390.197 virscan6.dat 12/01/2007 01:00 5.890.358 virscan7.dat 12/01/2007 01:00 1.662.499 virscan8.dat 12/01/2007 01:00 4.008.519 virscan9.dat 12/01/2007 01:00 32 virscant.dat 19/01/2007 19:35 2.072 vscanmsx.dat 06/04/2006 11:48 3.748.256 WebCleaner.dll 06/04/2006 14:44 318 WebCleaner.inf 02/03/2001 13:43 2.244 wmv8dmo.inf 27/10/2002 18:32 3.036 wmv9dmo.inf 30/06/2003 21:41 1.689 WMV9VCM.inf 26/05/2005 04:19 291 wuweb.inf 24/03/2004 17:17 1.777 xscan.inf 24/03/2004 17:22 435.712 xscan53.ocx 15/05/2002 02:25 538 Yahoo! Blackjack.osd 17/12/2004 09:55 530 Yahoo! Poker.osd 12/01/2007 01:00 224 zdone.dat 116 fichier(s) 33.506.377 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1 19/01/2007 19:19 <REP> . 19/01/2007 19:19 <REP> .. 31/03/2004 15:40 393.216 imloader.exe 15/07/2005 00:19 116.880 setup.exe 2 fichier(s) 510.096 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.2 13/12/2003 06:59 <REP> . 13/12/2003 06:59 <REP> .. 0 fichier(s) 0 octets Répertoire de C:\WINDOWS\Downloaded Program Files\rave 08/03/2005 15:29 <REP> . 08/03/2005 15:29 <REP> .. 30/03/2005 17:08 305.189 avirexe.vdm 17/06/2003 18:31 119.120 avirscr.vdm 06/05/2003 17:51 98.350 base.vdm 11/06/2005 18:50 214.150 daily.vdm 11/06/2005 18:50 42.893 daily.vdt 25/02/2003 16:54 19.135 filters.vdm 24/06/2003 09:34 49.628 kernel.vdk 30/10/2002 17:35 265 keyring.vdk 25/02/2003 16:54 1.956 mapi_vdm.vdm 30/10/2002 17:35 265 modules.vdk 17/05/2005 13:35 1.959.486 rav8def.vdm 06/12/2004 20:18 22.482 rufs.vdm 04/06/2003 17:24 64.967 rufsplg.vdm 06/05/2003 13:01 112.783 unarch.vdm 24/06/2003 09:34 45.209 unmail.vdm 07/05/2004 12:50 158.229 unpack.vdm 16 fichier(s) 3.214.107 octets Total des fichiers listés : 134 fichier(s) 37.230.580 octets 11 Rép(s) 67.471.900.672 octets libres Recherche de rootkit! (Merci S!Ri) infection possible Magic.Control : un scan F-Secure BlackLight est recommandé Recherche d'infections connues Liste des programmes installes [ KKE+ - Ver:1.0 ] a-squared Free 2.1 ACDSee Ad-Aware SE Personal Adobe Acrobat 5.0 Adobe Flash Player 9 ActiveX Adobe Photoshop Album 2.0 Edition Découverte Adobe Reader 7.0.9 - Français Ahead NeroMIX Ahead NeroNET Alien Sky AnyDVD Apple Software Update Archiveur WinRAR Assistant Publication de sites Web 1.52 de Microsoft AutoUpdate Barre d'outils MSN CleanUp! CloneDVD CloneDVD2 Compel Adaptec WinASPI Complément MSN pour Windows Messenger Correctif pour DirectX 9 - KB839643 Correctif pour le Lecteur Windows Media [Voir Q828026 pour plus d'informations] Correctif Windows XP - Article Base de Connaissances 834707 Correctif Windows XP - KB823559 Correctif Windows XP - KB824141 Correctif Windows XP - KB824146 Correctif Windows XP - KB825119 Correctif Windows XP - KB828028 Correctif Windows XP - KB828035 Correctif Windows XP - KB828741 Correctif Windows XP - KB829558 Correctif Windows XP - KB833987 Correctif Windows XP - KB835732 Correctif Windows XP - KB837001 Correctif Windows XP - KB839645 Correctif Windows XP - KB840315 Correctif Windows XP - KB840374 Correctif Windows XP - KB840987 Correctif Windows XP - KB841356 Correctif Windows XP - KB841533 Correctif Windows XP - KB841873 Correctif Windows XP - KB842773 Correctif Windows XP - KB873376 Correctif Windows XP - KB883357 Correctif Windows XP - KB887822 Disque de souvenirs HP DivX DivX Player DVD Shrink 3.2 eMule EVEREST Home Edition v2.20 Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP Futuremark Measurement Services Client Google Toolbar for Internet Explorer HardwareDetection HijackThis 1.99.1 hp deskjet 920c series hp deskjet 920c series (Supprimer uniquement) HP Photo and Imaging 2.0 - Photosmart Cameras HP Photo and Imaging 2.0 - Photosmart Cameras HP Photosmart Essential HP PrecisionScan LTX HP Software Update ImageDrive (Ahead Software) IncrediMail Xe Instant Access iTunes Java 2 Runtime Environment, SE v1.4.2_01 Kaspersky Online Scanner Language pack for Ad-Aware SE Lecteur Windows Media 10 LiveReg (Symantec Corporation) LiveUpdate 2.6 (Symantec Corporation) Logitech Gaming Software Macromedia Shockwave Player Media Library Management Wizard Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft Data Access Components KB870669 Microsoft IntelliPoint 6.01 Microsoft IntelliType Pro 6.01 Microsoft Internet Explorer 6 SP1 Microsoft Office PowerPoint Viewer 2003 Mise à jour de licences personnelles Movie Maker Background Music Files Movie Maker Sound Effects Movie Maker Title Images MSN Messenger 7.5 Music Manager Nero Digital Nero Suite NeroVision Express Content Norton AntiVirus 2003 Norton WMI Update nuls Toolbar NVIDIA Drivers Outlook Express Q823353 Package du correctif Windows XP [voir Q329115 pour plus de détails] Panda ActiveScan PCFriendly Personal License Update Wizard for Windows Media Player Plus! MP3 Audio Converter LE PowerDVD QuickTime SafeCast Shared Components Shockwave SiS 900 PCI Fast Ethernet Adapter Driver Skype 3.0 Skype Plugin Manager SLD CODEC PACK 1.5.3 SoundMAX SpeedTouch USB Software SpotLife Spybot - Search & Destroy 1.4 Symantec Network Drivers Update TomTom HOME Ulead Photo Express 3.0 SE USB EHCI Driver USB Multimedia keyboard driver Ver1.02 VideoLink Mail Visionneuse Journal Windows Microsoft Weather tool WebFldrs XP Windows Genuine Advantage Notifications (KB905474) Windows Media Bonus Pack for Windows XP Windows Media Format Runtime Windows Media Player Playlist Import to Excel Wizard Windows Media Player Skin Importer Windows Media Player Tray Control Windows XP Application Compatibility Update[Q319580] Windows XP Hotfix - KB821253 Windows XP Hotfix - KB821557 Windows XP Hotfix - KB823182 Windows XP Hotfix - KB823980 Windows XP Hotfix - KB824105 Windows XP Hotfix (SP1) [See Q307869 for more information] Windows XP Hotfix (SP1) [See Q308210 for more information] Windows XP Hotfix (SP1) [See Q309521 for more information] Windows XP Hotfix (SP1) [See Q310437 for more information] Windows XP Hotfix (SP1) [See Q310510 for more information] Windows XP Hotfix (SP1) [See Q311542 for more information] Windows XP Hotfix (SP1) [See Q311889 for more information] Windows XP Hotfix (SP1) [See Q311967 for more information] Windows XP Hotfix (SP1) [See Q313450 for more information] Windows XP Hotfix (SP1) [See Q314862 for more information] Windows XP Hotfix (SP1) [See Q315000 for more information] Windows XP Hotfix (SP1) [See Q315403 for more information] Windows XP Hotfix (SP1) [See Q316397 for more information] Windows XP Hotfix (SP1) [See Q317277 for more information] Windows XP Hotfix (SP1) [See Q318138 for more information] Windows XP Hotfix (SP1) [See Q318388 for more information] Windows XP Hotfix (SP1) [See Q318966 for more information] Windows XP Hotfix (SP1) [See Q319322 for more information] Windows XP Hotfix (SP1) [See Q320174 for more information] Windows XP Hotfix (SP1) [See Q320552 for more information] Windows XP Hotfix (SP1) [See Q320678 for more information] Windows XP Hotfix (SP1) [See Q320914 for more information] Windows XP Hotfix (SP1) [See Q323172 for more information] Windows XP Hotfix (SP1) [See Q323322 for more information] Windows XP Hotfix (SP1) [See Q324096 for more information] Windows XP Hotfix (SP1) [See Q324380 for more information] Windows XP Hotfix (SP1) [See Q326830 for more information] Windows XP Hotfix (SP1) [See Q328940 for more information] Windows XP Hotfix (SP1) [See Q329048 for more information] Windows XP Hotfix (SP1) [See Q329390 for more information] Windows XP Hotfix (SP1) [See Q329441 for more information] Windows XP Hotfix (SP1) [See Q329834 for more information] Windows XP Hotfix (SP1) Q328310 Windows XP Hotfix (SP1) Q329170 Windows XP Hotfix (SP1) Q331953 Windows XP Hotfix (SP1) Q810577 Windows XP Hotfix (SP1) Q810833 Windows XP Hotfix (SP1) Q811493 Windows XP Hotfix (SP1) Q815021 Windows XP Hotfix (SP1) Q817606 WinISO 5.3 WOWpapers utility Yahoo! Toolbar Yahoo! Toolbar Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 70B9-610B Répertoire de C:\Program Files 21/01/2007 23:43 <REP> . 21/01/2007 23:43 <REP> .. 08/03/2005 20:14 <REP> a2 10/11/2003 01:00 <REP> ACD Systems 29/11/2006 21:59 <REP> Adobe 12/11/2006 22:20 <REP> Ahead 07/09/2003 14:43 <REP> Alcatel 02/09/2003 15:12 <REP> Analog Devices 02/01/2007 16:54 <REP> Apple Software Update 19/01/2007 19:18 <REP> a-squared Free 19/01/2007 21:57 <REP> AxBx 24/09/2006 09:34 <REP> CartaGoGo 09/10/2006 00:46 <REP> ChEditorII(Flash2M,4000CH,Favorite4) 12/09/2005 01:32 <REP> CleanUp! 27/10/2003 20:41 <REP> Common Files 02/09/2003 08:04 <REP> ComPlus Applications 02/09/2003 15:37 <REP> CyberLink 05/09/2003 08:09 <REP> directx 21/01/2006 11:42 <REP> DivX 29/05/2006 18:19 <REP> DVD Shrink 15/02/2006 08:08 <REP> EasyBits For Kids 19/09/2005 18:13 <REP> eBay 21/01/2006 08:33 <REP> Elaborate Bytes 21/01/2007 18:46 <REP> eMule 26/10/2003 20:21 <REP> EuroTool 21/01/2007 23:40 <REP> Fichiers communs 19/01/2007 16:18 <REP> Google 10/11/2003 02:20 <REP> Grisoft 15/11/2006 20:15 <REP> HardwareDetection 17/11/2006 23:17 <REP> Hewlett-Packard 19/01/2007 15:39 <REP> HighMAT CD Writing Wizard 17/11/2006 23:17 <REP> HP 13/11/2005 07:55 <REP> hp deskjet 920c series 21/11/2005 23:52 <REP> IncrediMail 21/01/2007 21:06 <REP> Instant Access 17/12/2005 17:04 <REP> InstantTouch 30/12/2005 14:22 <REP> InterActual 19/01/2007 16:20 <REP> Internet Explorer 02/01/2007 16:57 <REP> iPod 19/01/2007 15:39 <REP> iTunes 15/09/2003 21:43 <REP> Java 29/11/2006 21:47 <REP> KKE+ 13/10/2004 10:35 <REP> KYE 17/11/2006 22:50 <REP> Lavalys 13/09/2006 07:29 <REP> Lavasoft 14/02/2005 00:46 <REP> LizardTech 15/11/2006 20:17 <REP> Logitech 19/01/2007 16:20 <REP> Messenger 19/01/2007 22:03 <REP> MessengerSkinner 26/09/2006 08:13 <REP> Micro Application 02/09/2003 08:07 <REP> microsoft frontpage 19/01/2007 16:20 <REP> Microsoft IntelliPoint 26/12/2006 01:37 <REP> Microsoft IntelliPoint 5.5 21/01/2007 17:17 <REP> Microsoft IntelliType Pro 06/04/2005 19:43 <REP> Microsoft Office 18/11/2003 00:19 <REP> Movie Maker 02/03/2004 16:10 <REP> MSN 03/08/2004 07:26 <REP> MSN Apps 02/09/2003 08:03 <REP> MSN Gaming Zone 19/01/2007 16:21 <REP> MSN Messenger 15/07/2005 00:20 <REP> Music Manager 14/04/2004 12:06 <REP> NetMeeting 19/01/2007 22:07 <REP> Norton AntiVirus 10/11/2006 20:35 <REP> nuls 16/09/2006 12:15 <REP> OfficeUpdate11 25/04/2005 21:29 <REP> Outlook Express 16/01/2006 00:25 <REP> PCFriendly 14/09/2003 18:11 <REP> Publication Web 03/01/2007 20:11 <REP> QuickTime 15/09/2006 22:37 <REP> QuickZip4 23/10/2006 17:20 <REP> Radiac Tools 19/09/2005 21:33 <REP> ReflexiveArcade 13/09/2006 08:24 <REP> RegCleaner 20/08/2005 12:49 <REP> SAMSUNG SDS 20/03/2006 22:13 <REP> SereneScreen 02/09/2003 08:06 <REP> Services en ligne 20/10/2006 21:27 <REP> SetEditKaon 10/11/2003 02:20 226.067 setup.lns 07/04/2004 21:11 <REP> SiSLan 26/12/2006 01:14 <REP> Skype 28/11/2003 03:56 <REP> SLD CODEC PACK 1.5.3 25/04/2005 09:23 <REP> SlySoft 19/01/2007 16:22 <REP> Spybot - Search & Destroy 26/09/2006 06:43 <REP> Sybex 18/09/2006 20:19 <REP> Symantec 27/02/2005 02:54 <REP> SymNetDrv 22/11/2006 20:39 <REP> TomTom DesktopSuite 18/11/2006 10:18 <REP> TomTom HOME 29/05/2006 18:16 <REP> tradfr.com 16/01/2006 00:25 <REP> Ubi Soft 29/05/2006 17:20 <REP> Ulead Systems 26/09/2006 07:37 <REP> Uninstall Information 30/12/2003 22:24 <REP> video 12/12/2006 20:47 <REP> VideoLAN 26/11/2003 20:45 <REP> VideoLink Mail 05/12/2003 21:08 <REP> Virtools Web Player 2.0 29/12/2003 18:58 <REP> WinASPI 14/11/2003 19:41 <REP> Windows Journal Viewer 13/11/2005 06:47 <REP> Windows Media Bonus Pack for Windows XP 19/01/2007 16:24 <REP> Windows Media Player 24/09/2006 11:22 <REP> Windows NT 22/01/2006 20:06 <REP> WindowsUpdate 21/10/2006 22:17 <REP> WinISO 19/01/2007 15:39 <REP> WinRAR 13/11/2005 05:55 <REP> WMV9_VCM 02/09/2003 08:07 <REP> xerox 1 fichier(s) 226.067 octets 105 Rép(s) 67.472.793.600 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 70B9-610B Répertoire de C:\Program Files\fichiers communs 21/01/2007 23:40 <REP> . 21/01/2007 23:40 <REP> .. 11/12/2006 13:57 <REP> Adobe 08/01/2005 12:57 <REP> Ahead 17/11/2006 23:06 <REP> HP 15/07/2005 00:19 <REP> InstallShield 15/09/2003 21:42 <REP> Java 16/11/2006 08:51 <REP> Logitech 15/10/2005 02:22 <REP> Macrovision Shared 26/09/2006 07:37 <REP> Microsoft Shared 02/09/2003 08:04 <REP> MSSoap 18/12/2004 11:53 <REP> Oberon Media 02/09/2003 14:36 <REP> ODBC 02/12/2003 10:55 <REP> Real 20/03/2005 16:48 <REP> Services 26/12/2006 01:14 <REP> Skype 26/11/2003 20:44 <REP> Smith Micro Shared 02/09/2003 14:36 <REP> SpeechEngines 21/01/2007 23:41 <REP> Symantec Shared 13/12/2005 00:02 <REP> System 0 fichier(s) 0 octets 20 Rép(s) 67.472.793.600 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 70B9-610B Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 02/09/2003 08:16 <REP> . 02/09/2003 08:16 <REP> .. 18/05/2001 16:57 561.209 MSONSEXT.DLL 03/06/1999 13:09 122.937 MSOWS409.DLL 07/03/2001 08:00 127.033 MSOWS40c.DLL 3 fichier(s) 811.179 octets 2 Rép(s) 67.472.789.504 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 70B9-610B Répertoire de C:\Program Files\common files 27/10/2003 20:41 <REP> . 27/10/2003 20:41 <REP> .. 27/10/2003 20:41 <REP> Microsoft Shared 03/08/2004 07:42 <REP> System 0 fichier(s) 0 octets 4 Rép(s) 67.472.789.504 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 70B9-610B Répertoire de C:\ 11/11/2001 00:00 68.096 diff.exe 27/08/2006 14:10 103.424 grep.exe 2 fichier(s) 171.520 octets 0 Rép(s) 67.472.789.504 octets libres c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\iTunesSetupAdmin.exe c:\Documents and Settings\All Users\Menu Démarrer\Programmes\IDEUtil\SISIDE.exe c:\Documents and Settings\ok\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_fr_FR.exe c:\Documents and Settings\ok\Application Data\Dossier de téléchargement Share-to-Web \eMule0.30c-Installer.exe c:\Documents and Settings\ok\Application Data\Image Zone Express\HPSoftwareUpdate.exe c:\Documents and Settings\ok\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe c:\Documents and Settings\ok\Bureau\DiagHelp.exe c:\Documents and Settings\ok\Bureau\diff.exe c:\Documents and Settings\ok\Bureau\FilesInfoCmd.exe c:\Documents and Settings\ok\Bureau\Fport.exe c:\Documents and Settings\ok\Bureau\grep.exe c:\Documents and Settings\ok\Bureau\LFiles.exe c:\Documents and Settings\ok\Bureau\LISTDLLS.exe c:\Documents and Settings\ok\Bureau\pslist.exe c:\Documents and Settings\ok\Bureau\streams.exe c:\Documents and Settings\ok\Bureau\swreg.exe c:\Documents and Settings\ok\Mes documents\divers fichier\AUTORUN.EXE c:\Documents and Settings\ok\Mes documents\divers fichier\msjavx86.exe c:\Documents and Settings\ok\Mes documents\divers fichier\PPVIEWER.EXE c:\Documents and Settings\ok\Mes documents\divers fichier\winaspi.exe c:\Documents and Settings\ok\Mes documents\divers fichier\WindowsXP-KB823980-x86-FRA.exe c:\Documents and Settings\ok\Mes documents\GetA3S_v2.0\GetA3S.exe c:\Documents and Settings\ok\Mes documents\GetA3S_v2.0\KeyLoader.exe c:\Documents and Settings\ok\Mes documents\GetA3S_v2.0\KeyLoader1341.exe c:\Documents and Settings\ok\Mes documents\GetA3S_v2.0\MSoftcam_575.exe c:\Documents and Settings\ok\Mes documents\GetA3S_v2.0\vbrun60sp6.exe c:\Documents and Settings\ok\Mes documents\kaon\Kaon - BOOT - 2.1.9.V4.exe c:\Documents and Settings\ok\Mes documents\kaon\convertiseur firm\BinUpdate.exe c:\Documents and Settings\ok\Mes documents\kaon\convertiseur firm\fichier conversion\awk.exe c:\Documents and Settings\ok\Mes documents\kaon\firm desat.fr\Kup V3.1XP - Kaon Upgrade - Engineer Patch FR -- SatelliteFR.com.exe c:\Documents and Settings\ok\Mes documents\kaon\generateur de code kkk\KKEditor_kaon_instuctie_filmpje.exe c:\Documents and Settings\ok\Mes documents\kaon\pour les stream ,classement a jour\Chaines Editeur - V3.0 - FR.exe c:\Documents and Settings\ok\Mes documents\kaon\pour les stream ,classement a jour\Install\_ISDEL.EXE c:\Documents and Settings\ok\Mes documents\kaon\pour les stream ,classement a jour\Install\Chaines Editeur - V3.0 - FR.exe c:\Documents and Settings\ok\Mes documents\kaon\pour les stream ,classement a jour\Install\ChEditorII.exe c:\Documents and Settings\ok\Mes documents\kaon\pour les stream ,classement a jour\Install\Install - SETUP.EXE c:\Documents and Settings\ok\Mes documents\Languages\French.exe c:\Documents and Settings\ok\Mes documents\Languages\German.exe c:\Documents and Settings\ok\Mes documents\Languages\Italian.exe c:\Documents and Settings\ok\Mes documents\Languages\Japanese.exe c:\Documents and Settings\ok\Mes documents\Languages\Korean.exe c:\Documents and Settings\ok\Mes documents\Languages\Simplified Chinese.exe c:\Documents and Settings\ok\Mes documents\Languages\Spanish.exe c:\Documents and Settings\ok\Mes documents\Languages\Traditional Chinese.exe c:\Documents and Settings\ok\Mes documents\Mes fichiers reçus\eMule0.30c-Installer.exe c:\Documents and Settings\ok\Mes documents\Mes photos\redeye.exe c:\Documents and Settings\ok\Mes documents\nero 6.30\NBR6300fra.exe c:\Documents and Settings\ok\Mes documents\nero 6.30\nero6300.exe c:\Documents and Settings\ok\Mes documents\Readme\Skins\_ISDel.exe c:\Documents and Settings\ok\Mes documents\Readme\Skins\Setup.exe c:\Documents and Settings\ok\Mes documents\Super cartes de visite 2003.fr\Visiten.exe c:\Documents and Settings\ok\Mes documents\TomTom\copie tomtom original\InstallTomTomHOME.exe c:\Documents and Settings\ok\Mes documents\TomTom\HOME\Backups\GO\Backup03\Storage\installtomtomhome.exe c:\Documents and Settings\ok\Mes documents\TomTom\HOME\Downloads\Download Cache\v1_3_308_win.exe c:\Documents and Settings\ok\Mes documents\win2k_xp\autorun.exe c:\Documents and Settings\ok\Mes documents\win2k_xp\hpzglu04.exe c:\Documents and Settings\ok\Mes documents\win2k_xp\setup.exe c:\Documents and Settings\ok\Mes documents\win2k_xp\fra\nt4\Disk1\setup.exe c:\Documents and Settings\ok\Mes documents\win2k_xp\fra\nt4\Disk1\nt4\hpfinstx.exe c:\Documents and Settings\ok\Mes documents\win2k_xp\fra\nt4\Disk1\nt4\hpfldr.exe c:\Documents and Settings\ok\Mes documents\win2k_xp\fra\nt4\Disk1\nt4\hpfsplsh.exe c:\Documents and Settings\ok\Mes documents\win2k_xp\util\common\hpfpdi04.exe c:\Documents and Settings\ok\Mes documents\win2k_xp\util\common\hpzghl04.exe c:\Documents and Settings\ok\Mes documents\win2k_xp\util\common\hpzpin04.exe c:\Documents and Settings\ok\WINDOWS\system\dxwebsetup.exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\USMT\iconlib.dll c:\Documents and Settings\ok\Application Data\Adobe\Acrobat\Whapi\WHA Library.dll c:\Documents and Settings\ok\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll Pour le second blacklight , voici. 01/21/07 23:56:59 [Info]: BlackLight Engine 1.0.55 initialized 01/21/07 23:56:59 [Info]: OS: 5.1 build 2600 () 01/21/07 23:57:00 [Note]: 7019 4 01/21/07 23:57:00 [Note]: 7005 0 01/21/07 23:57:05 [Note]: 7006 0 01/21/07 23:57:06 [Note]: 7011 1904 01/21/07 23:57:06 [Note]: 7026 0 01/21/07 23:57:06 [Note]: 7026 0 01/21/07 23:57:06 [Note]: 7024 3 01/21/07 23:57:06 [Info]: Hidden process: C:\windows\system32\erixmcyhdt.exe 01/21/07 23:57:20 [Note]: FSRAW library version 1.7.1021 01/22/07 00:03:04 [Info]: Hidden file: c:\WINDOWS\system32\erixmcyhdt.dat 01/22/07 00:03:04 [Note]: 10002 1 01/22/07 00:03:04 [Info]: Hidden file: C:\windows\system32\erixmcyhdt.exe 01/22/07 00:03:04 [Note]: 10002 1 01/22/07 00:03:05 [Info]: Hidden file: c:\WINDOWS\system32\erixmcyhdt_nav.dat 01/22/07 00:03:05 [Note]: 10002 1 01/22/07 00:03:05 [Info]: Hidden file: c:\WINDOWS\system32\erixmcyhdt_navps.dat 01/22/07 00:03:05 [Note]: 10002 1 01/22/07 00:05:41 [Note]: 7007 0 Voila j'espére que tu y vera un peut plus clair. Merci

Thanos Voir le profil	lundi 22 janvier 2007 à 00h59 Message #4
Devil Member ! Groupe : Equipe Sécurité+ Messages : 14513 Inscrit : 24/02/2005 Membre n^o 152504	ok on va procéder par ordre! Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau. Double clique sur SDFix.exe et choisis Install pour l'extraire dans le dossier C:\SDFix. Fermer la fenêtre du Bloc-notes qui s'est ouverte. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici : Redémarre ton ordinateur Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde). A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître. Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée". Choisis ton compte. Déroule la liste des instructions ci-dessous : Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script. Appuie sur Y pour commencer le processus de nettoyage. Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer. Appuie sur une touche pour redémarrer le PC. Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers. Après le chargement du Bureau, l'outil terminera son travail et affichera Finished. Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau. Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt. Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis ! Ce message a été modifié par charles ingals - lundi 22 janvier 2007 à 01h08. -------------------- Fournir de l'aide en désinfection (par ipl_001) - Procédure de demande d'aide et désinfection (par Falkra) - Guide sécurisation Windows face aux menaces infectieuses USB (par Gof) Je ne réponds à aucune demande d'aide via mp, merci.

Thanos Voir le profil	lundi 22 janvier 2007 à 01h31 Message #5
Devil Member ! Groupe : Equipe Sécurité+ Messages : 14513 Inscrit : 24/02/2005 Membre n^o 152504	tdanny6 : si tu rencontres des problèmes, n'hésite pas à me le dire -------------------- Fournir de l'aide en désinfection (par ipl_001) - Procédure de demande d'aide et désinfection (par Falkra) - Guide sécurisation Windows face aux menaces infectieuses USB (par Gof) Je ne réponds à aucune demande d'aide via mp, merci.

tdanny6 Voir le profil	lundi 22 janvier 2007 à 01h57 Message #6
Member Groupe : Membres Messages : 69 Inscrit : 21/01/2007 Membre n^o 180991 Mes langues: français	voila c'est fait peut être un peu plus long que prevu. Pour sdfix contenu: SDFix: Version 1.60 lun. 22/01/2007 - 1:45:31,84 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Safe Mode: Checking Services: Name: Microsoft IE Updater new_drv Path: C:\DOCUME~1\ok\LOCALS~1\Temp\ieupdate.exe /start \??\C:\WINDOWS\new_drv.sys Microsoft IE Updater Deleted new_drv Deleted Restoring Windows Registry Entries Restoring Default Hosts File Rebooting... Normal Mode: Checking Files: Files will be copied to Backups folder and removed: C:\WINDOWS\9129837.exe - Deleted C:\WINDOWS\system32\i - Deleted Alternate Streams Check: C:\WINDOWS\system32 No streams found. Final Check: Remaining Services: ------------------ Remaining Files: --------------- Backups Folder: - C:\SDFix\backups\backups.zip Checking For Files with Hidden Attributes : C:\NTDETECT.COM C:\Program Files\Fichiers communs\Ahead\AudioPlugins\lpaccodec.dll C:\Program Files\Fichiers communs\Ahead\AudioPlugins\lpac_codec_api.dll C:\Program Files\Fichiers communs\Ahead\AudioPlugins\PNCRT.dll C:\Program Files\Fichiers communs\Ahead\AudioPlugins\PsyTEL\IA32MATH.DLL C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Shorten\CYGWIN1.DLL C:\Program Files\Fichiers communs\MSSoap\Binaries\wisc10.dll C:\WINDOWS\twain.dll C:\WINDOWS\twain_32.dll C:\WINDOWS\LastGood\System32\OLEPRO32.DLL C:\WINDOWS\system32\olepro32.dll C:\Program Files\Fichiers communs\Ahead\AudioPlugins\AACMP4.EXE C:\Program Files\Fichiers communs\Ahead\AudioPlugins\OFR.EXE C:\Program Files\Fichiers communs\Ahead\AudioPlugins\RMADEC.EXE C:\Program Files\Fichiers communs\Ahead\AudioPlugins\MusePack\MPPDEC.EXE C:\Program Files\Fichiers communs\Ahead\AudioPlugins\MusePack\MPPENC.EXE C:\Program Files\Fichiers communs\Ahead\AudioPlugins\PsyTEL\AACENC.EXE C:\Program Files\Fichiers communs\Ahead\AudioPlugins\PsyTEL\AACMP4.EXE C:\Program Files\Fichiers communs\Ahead\AudioPlugins\PsyTEL\FASTENC.EXE C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Shorten\SHORTEN.EXE C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Speex\SPEEXDEC.EXE C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Speex\SPEEXENC.EXE C:\Program Files\Fichiers communs\Ahead\AudioPlugins\WavPack\WAVPACK.EXE C:\Program Files\Fichiers communs\Ahead\AudioPlugins\WavPack\WVUNPACK.EXE C:\WINDOWS\system32\cdplayer.exe.manifest C:\WINDOWS\system32\logonui.exe.manifest C:\IO.SYS C:\MSDOS.SYS C:\pagefile.sys C:\WINDOWS\LastGood.Tmp\INF\oem13.inf C:\WINDOWS\LastGood.Tmp\INF\oem13.PNF Finished et pour hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 1:52:34, on 22/01/2007 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\ezNTSvc.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\WgaTray.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\htpatch.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Messenger\msmsgs.exe C:\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://be.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.skynet.be R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par Belgacom Skynet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.skynet.be:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497}_ - (no file) R3 - URLSearchHook: nuls Toolbar - {4acca1a7-ecc8-4c89-be52-b11919042bbf} - C:\Program Files\nuls\tbnuls.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr-be\msntb.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr-be\msntb.dll O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O3 - Toolbar: nuls Toolbar - {4acca1a7-ecc8-4c89-be52-b11919042bbf} - C:\Program Files\nuls\tbnuls.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe" O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [SDR6V_Check] "C:\Documents and Settings\ok\Mes documents\SDRmon.exe" O4 - HKCU\..\Run: [System Soap Pro] C:\PROGRA~1\SYSTEM~1\soap.exe min O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\System32\prodsrvs.exe /res O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=http://www.skynet.be O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://cdn.drivecleaner.com/installdrivecleanerstart_fr.cab O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/...trolLite_EN.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} (KooPlayer Control) - http://www.euchannels.net/update/KooPlayer.ocx O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientIn...2/OCI/setup.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1137956595296 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1127471785543 O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://ftp.hp.com/pub/automatic/player/isetupML.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version= O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {92ABACFE-EF6E-42C7-A824-D50A914B5B70} (MastaCash Loader Class) - http://dx.mastacash.com/loader.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab O16 - DPF: {AA59202C-5E41-48FC-AF7D-324F5FD6A9F1} - http://scripts.dlv4.com/binaries/egaccess4..._1070_em_XP.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/6712/2.0.0....0/Installer.exe O16 - DPF: {C771B05E-E725-4516-97A5-4CE5EB163CFB} - http://www.asian-x.org/acces/237/asian-x_an.exe O16 - DPF: {D1B80EBF-1A26-4FEC-B0B9-DCB934C6507E} - http://dialup.carpediem.fr/CABS/cd/1,0,3,8...AccesMembre.cab O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab O16 - DPF: {E15111B0-95AE-4C05-B91F-F4564057990C} (MovieSystem WAY) - http://services.moviesystem.com/cabs/msway.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?326 O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...942/mcfscan.cab O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) - http://www2.incredimail.com/contents/setup...er/imloader.cab O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by16fd.bay16.hotmail.msn.com/activex/HMAtchmt.ocx O17 - HKLM\System\CS1\Services\Tcpip\..\{12C8F930-42F1-4562-B0BE-78A1B34985C6}: NameServer = 195.238.2.22 195.238.2.21 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: EasyBits Magic Desktop Services for Windows NT (ezntsvc) - EasyBits Software Corp. - C:\WINDOWS\System32\ezNTSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: NeroNET - Unknown owner - C:\Program Files\Ahead\NeroNET\NeroNET.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe voila encore merci de ta patience.

tdanny6 Voir le profil	lundi 22 janvier 2007 à 02h10 Message #7
Member Groupe : Membres Messages : 69 Inscrit : 21/01/2007 Membre n^o 180991 Mes langues: français	ce qui freine également ma connection, c'est une ou deux page du centre de sécurité d'internet - microsoft internet explorer qui s'ouvre sans raison pour me proposé win anti spyware 2006 et anti virus 2006.

Thanos Voir le profil	lundi 22 janvier 2007 à 02h16 Message #8
Devil Member ! Groupe : Equipe Sécurité+ Messages : 14513 Inscrit : 24/02/2005 Membre n^o 152504	Oui: ces messages sont affichés par le spyware Magic Control Agent, une fois l'infection éliminée, la connexion sera plus rapide! Très bien!SDFix a fait son nettoyage! On va a présent utiliser un programme très simple pour éliminer les infections > Télécharge WinPFind3U.exesur ton bureau. Double clique sur le fichier téléchargé : un dossier nommé WinPFind3U va apparaitre sur ton bureau. Ouvre le dossier et double clique sur le fichier WinPFind3U.exe pour lancer le programme. Sous le groupe Files Created Within sélectionne 30 days Sous le groupe Files Modified Within sélectionne 30 days Sous le groupe String Search sélectionne Non-Microsoft A présent clique sur le bouton Run Scan dans la barre d'outils Lorsque le scan est terminé,le bloc-notes s'ouvre et affiche le rapport. Clique sur le menu "Format" et assure toi que la case "Retour automatique à la ligne" ne soit pas cochée. Copie/Colle le contenu du rapport dans ta prochaine réponse. -------------------- Fournir de l'aide en désinfection (par ipl_001) - Procédure de demande d'aide et désinfection (par Falkra) - Guide sécurisation Windows face aux menaces infectieuses USB (par Gof) Je ne réponds à aucune demande d'aide via mp, merci.

tdanny6 Voir le profil	lundi 22 janvier 2007 à 02h46 Message #9
Member Groupe : Membres Messages : 69 Inscrit : 21/01/2007 Membre n^o 180991 Mes langues: français	Voila , j'ai du recommancer 4 fois deux fois bloqué sur scanning schell extensions... une fois sur scanning file c:/windows/systeme32/nvwrsno.dll et enfin la 4éme la bonne : WinPFind3 logfile created on: 22/01/2007 2:34:05 WinPFind3U by OldTimer - Version 1.0.11 Folder = C:\Documents and Settings\ok\Bureau\WinPFind3u\ Microsoft Windows XP (Version = 5.1.2600) Internet Explorer (Version = 6.0.2800.1106) 523808 Kb Total Physical Memory \| 195552 Kb Available Physical Memory \| 37,33% Memory free 1280560 Kb Paging File \| 986120 Kb Available in Paging File \| 77,01% Paging File free Paging file location(s): C:\pagefile.sys 768 1536; %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 80027764 Kb Total Space \| 65877384 Kb Free Space \| 82,32% Space Free D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded [Processes - Non-Microsoft Only] 549b.tmp -> %SystemRoot%\Temp\549B.tmp -> [Ver = \| Size = 70144 bytes \| Modified Date = 22/01/2007 2:14:02 \| Attr = ] ccapp.exe -> %CommonProgramFiles%\Symantec Shared\CCAPP.EXE -> Symantec Corporation [Ver = 1.08.01 \| Size = 54512 bytes \| Modified Date = 15/07/2003 13:36:36 \| Attr = ] ccevtmgr.exe -> %CommonProgramFiles%\Symantec Shared\CCEVTMGR.EXE -> Symantec Corporation [Ver = 1.03.4 \| Size = 317128 bytes \| Modified Date = 13/11/2002 15:44:02 \| Attr = ] cdac11ba.exe -> %System32%\drivers\CDAC11BA.EXE -> Macrovision [Ver = 4.20.0 \| Size = 54784 bytes \| Modified Date = 15/10/2005 2:22:50 \| Attr = ] ebaytbdaemon.exe -> %ProgramFiles%\eBay\eBay Toolbar2\eBayTBDaemon.exe -> eBay [Ver = 2, 4000, 0, 0 \| Size = 497144 bytes \| Modified Date = 10/01/2007 21:06:54 \| Attr = ] ezntsvc.exe -> %System32%\ezntsvc.exe -> EasyBits Software Corp. [Ver = 2.0.0.101 \| Size = 32768 bytes \| Modified Date = 6/07/2005 20:55:32 \| Attr = ] googletoolbarnotifier.exe -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 1, 2, 908, 5008 \| Size = 163576 bytes \| Modified Date = 28/10/2006 15:17:16 \| Attr = ] hpgs2wnd.exe -> %ProgramFiles%\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe -> Hewlett-Packard [Ver = 2,3,0,0\ 162 \| Size = 69632 bytes \| Modified Date = 17/04/2002 9:42:56 \| Attr = ] hpgs2wnf.exe -> %ProgramFiles%\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe -> [Ver = 2, 6, 0, 162 \| Size = 77824 bytes \| Modified Date = 17/04/2002 9:49:16 \| Attr = ] hpqcmon.exe -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe -> [Ver = 2.0.0.133 \| Size = 90112 bytes \| Modified Date = 6/10/2002 23:23:20 \| Attr = ] hpwuschd2.exe -> %ProgramFiles%\HP\HP Software Update\HPWuSchd2.exe -> Hewlett-Packard Co. [Ver = 50.0.146.000 \| Size = 49152 bytes \| Modified Date = 16/02/2005 23:11:42 \| Attr = ] hpztsb04.exe -> %System32%\spool\drivers\w32x86\3\hpztsb04.exe -> HP [Ver = 2,80,0,0 \| Size = 196608 bytes \| Modified Date = 19/11/2001 15:37:36 \| Attr = ] htpatch.exe -> %SystemRoot%\htpatch.exe -> [Ver = \| Size = 28672 bytes \| Modified Date = 30/10/2002 10:40:34 \| Attr = R ] imapp.exe -> %ProgramFiles%\IncrediMail\bin\IMApp.exe -> IncrediMail, Ltd. [Ver = 4, 0, 0, 1930 \| Size = 131113 bytes \| Modified Date = 25/05/2005 12:07:46 \| Attr = ] navapsvc.exe -> %ProgramFiles%\Norton AntiVirus\NAVAPSVC.EXE -> Symantec Corporation [Ver = 9.05.1015 \| Size = 116320 bytes \| Modified Date = 19/11/2002 13:09:48 \| Attr = ] nvsvc32.exe -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9597 \| Size = 168003 bytes \| Modified Date = 20/09/2006 16:25:00 \| Attr = ] smagent.exe -> %ProgramFiles%\Analog Devices\SoundMAX\SMAgent.exe -> Analog Devices, Inc. [Ver = 3, 2, 6, 0 \| Size = 45056 bytes \| Modified Date = 20/09/2002 14:50:10 \| Attr = ] winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.11.0 \| Size = 306176 bytes \| Modified Date = 18/01/2007 18:01:14 \| Attr = ] [Win32 Services - Non-Microsoft Only] (C-DillaCdaC11BA) C-DillaCdaC11BA [Win32_Own \| Auto \| Running] -> %System32%\drivers\CDAC11BA.EXE -> Macrovision [Ver = 4.20.0 \| Size = 54784 bytes \| Modified Date = 15/10/2005 2:22:50 \| Attr = ] (ccEvtMgr) Symantec Event Manager [Win32_Own \| Auto \| Running] -> %CommonProgramFiles%\Symantec Shared\CCEVTMGR.EXE -> Symantec Corporation [Ver = 1.03.4 \| Size = 317128 bytes \| Modified Date = 13/11/2002 15:44:02 \| Attr = ] (ccPwdSvc) Symantec Password Validation Service [Win32_Own \| On_Demand \| Stopped] -> %CommonProgramFiles%\Symantec Shared\CCPWDSVC.EXE -> Symantec Corporation [Ver = 1.08.01 \| Size = 99568 bytes \| Modified Date = 15/07/2003 13:37:18 \| Attr = ] (dmadmin) Service d'administration du Gestionnaire de disque logique [Win32_Shared \| On_Demand \| Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.0.503.0 \| Size = 205312 bytes \| Modified Date = 30/09/2001 11:47:58 \| Attr = ] (ezntsvc) EasyBits Magic Desktop Services for Windows NT [Win32_Own \| Auto \| Running] -> %System32%\ezntsvc.exe -> EasyBits Software Corp. [Ver = 2.0.0.101 \| Size = 32768 bytes \| Modified Date = 6/07/2005 20:55:32 \| Attr = ] (IDriverT) InstallDriver Table Manager [Win32_Own \| On_Demand \| Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 \| Size = 69632 bytes \| Modified Date = 4/04/2005 0:41:10 \| Attr = ] (iPod Service) iPod Service [Win32_Own \| On_Demand \| Stopped] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 \| Size = 492608 bytes \| Modified Date = 30/10/2006 9:36:32 \| Attr = ] (navapsvc) Service Norton AntiVirus Auto-Protect [Win32_Own \| Auto \| Running] -> %ProgramFiles%\Norton AntiVirus\NAVAPSVC.EXE -> Symantec Corporation [Ver = 9.05.1015 \| Size = 116320 bytes \| Modified Date = 19/11/2002 13:09:48 \| Attr = ] (NeroNET) NeroNET [Win32_Own \| Auto \| Stopped] -> %ProgramFiles%\Ahead\NeroNET\NeroNET.exe -> File not found (NVSvc) NVIDIA Display Driver Service [Win32_Own \| Auto \| Running] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9597 \| Size = 168003 bytes \| Modified Date = 20/09/2006 16:25:00 \| Attr = ] (SBService) ScriptBlocking Service [Win32_Own \| Auto \| Stopped] -> %CommonProgramFiles%\Symantec Shared\Script Blocking\SBServ.exe -> Symantec Corporation [Ver = 1, 1, 0, 126 \| Size = 54408 bytes \| Modified Date = 13/08/2001 22:18:36 \| Attr = ] (SNDSrvc) Symantec Network Drivers Service [Win32_Own \| On_Demand \| Stopped] -> %CommonProgramFiles%\Symantec Shared\SNDSrvc.exe -> Symantec Corporation [Ver = 5.5.1.6 \| Size = 206552 bytes \| Modified Date = 5/04/2005 10:17:22 \| Attr = ] (SoundMAX Agent Service (default)) SoundMAX Agent Service [Win32_Own \| Auto \| Running] -> %ProgramFiles%\Analog Devices\SoundMAX\SMAgent.exe -> Analog Devices, Inc. [Ver = 3, 2, 6, 0 \| Size = 45056 bytes \| Modified Date = 20/09/2002 14:50:10 \| Attr = ] (SymWSC) SymWMI Service [Win32_Own \| Auto \| Stopped] -> %CommonProgramFiles%\Symantec Shared\Security Center\SymWSC.exe -> Symantec Corporation [Ver = 2005.1.2.20 \| Size = 316544 bytes \| Modified Date = 2/11/2004 16:59:50 \| Attr = ] [Registry - Non-Microsoft Only] < Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run CamMonitor -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe -> [Ver = 2.0.0.133 \| Size = 90112 bytes \| Modified Date = 6/10/2002 23:23:20 \| Attr = ] ccApp -> %CommonProgramFiles%\Symantec Shared\CCAPP.EXE -> Symantec Corporation [Ver = 1.08.01 \| Size = 54512 bytes \| Modified Date = 15/07/2003 13:36:36 \| Attr = ] ccRegVfy -> %CommonProgramFiles%\Symantec Shared\CCREGVFY.EXE -> Symantec Corporation [Ver = 1.08.01 \| Size = 60344 bytes \| Modified Date = 15/07/2003 13:42:36 \| Attr = ] HP Software Update -> %ProgramFiles%\HP\HP Software Update\HPWuSchd2.exe -> Hewlett-Packard Co. [Ver = 50.0.146.000 \| Size = 49152 bytes \| Modified Date = 16/02/2005 23:11:42 \| Attr = ] HPDJ Taskbar Utility -> %System32%\spool\drivers\w32x86\3\hpztsb04.exe -> HP [Ver = 2,80,0,0 \| Size = 196608 bytes \| Modified Date = 19/11/2001 15:37:36 \| Attr = ] HTpatch -> %SystemRoot%\htpatch.exe -> [Ver = \| Size = 28672 bytes \| Modified Date = 30/10/2002 10:40:34 \| Attr = R ] NeroFilterCheck -> %System32%\NeroCheck.exe -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 \| Size = 155648 bytes \| Modified Date = 9/07/2001 11:50:42 \| Attr = ] NvCplDaemon -> %System32%\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.10.9597 \| Size = 7680000 bytes \| Modified Date = 20/09/2006 16:25:00 \| Attr = ] NvMediaCenter -> %System32%\nvmctray.dll [RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 6.14.10.9597 \| Size = 86016 bytes \| Modified Date = 20/09/2006 16:25:00 \| Attr = ] nwiz -> %System32%\nwiz.exe -> [Ver = \| Size = 1617920 bytes \| Modified Date = 20/09/2006 16:25:00 \| Attr = ] SDR6V_Check -> %UserDocuments%\SDRmon.exe -> File not found Share-to-Web Namespace Daemon -> %ProgramFiles%\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe -> Hewlett-Packard [Ver = 2,3,0,0\ 162 \| Size = 69632 bytes \| Modified Date = 17/04/2002 9:42:56 \| Attr = ] SpeedTouch USB Diagnostics -> %ProgramFiles%\Alcatel\SpeedTouch USB\dragdiag.exe -> THOMSON [Ver = 300.7.0.2 \| Size = 878080 bytes \| Modified Date = 5/09/2003 6:59:20 \| Attr = ] SSC_UserPrompt -> %CommonProgramFiles%\Symantec Shared\Security Center\UsrPrmpt.exe -> Symantec Corporation [Ver = 2005.1.2.20 \| Size = 218240 bytes \| Modified Date = 10/11/2004 11:57:02 \| Attr = ] Symantec NetDriver Monitor -> %ProgramFiles%\SymNetDrv\SNDMon.exe -> Symantec Corporation [Ver = 5.5.1.6 \| Size = 100056 bytes \| Modified Date = 7/06/2005 22:47:10 \| Attr = ] < Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run IncrediMail -> %ProgramFiles%\IncrediMail\bin\IncMail.exe -> IncrediMail, Ltd. [Ver = 4, 0, 0, 1930 \| Size = 188459 bytes \| Modified Date = 25/05/2005 12:07:56 \| Attr = ] Instant Access -> %System32%\prodsrvs.exe -> [Ver = 1, 0, 0, 1 \| Size = 144896 bytes \| Modified Date = 10/01/2007 10:35:26 \| Attr = ] NBJ -> %ProgramFiles%\Ahead\Nero BackItUp\NBJ.exe -> Ahead Software AG [Ver = 1, 2, 0, 25 \| Size = 1871872 bytes \| Modified Date = 7/09/2004 12:55:20 \| Attr = ] swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe -> File not found System Soap Pro -> %SystemDrive%\PROGRA~1\SYSTEM~1\soap.exe -> File not found < Common Startup > -> C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage %AllUsersStartup%\Lancement rapide d'Adobe Reader.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 \| Size = 29696 bytes \| Modified Date = 23/09/2005 22:05:26 \| Attr = ] < Disabled MSConfig Registry Items [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ AnyDVD -> %SystemDrive%\DOCUME~1\ok\LOCALS~1\Temp\Rar$EX02.031\Crack\AnyDVD.exe -> File not found CHotkey -> %SystemRoot%\mHotkey.exe -> Chicony [Ver = 2, 0, 3, 0 \| Size = 493056 bytes \| Modified Date = 9/10/2002 10:56:56 \| Attr = ] eBayToolbar -> %ProgramFiles%\eBay\eBay Toolbar2\eBayTBDaemon.exe -> eBay [Ver = 2, 4000, 0, 0 \| Size = 497144 bytes \| Modified Date = 10/01/2007 21:06:54 \| Attr = ] lycosInside -> %ProgramFiles%\lycos\Lyc_SysTray.exe -> File not found seekmo -> %ProgramFiles%\seekmo\seekmo.exe -> File not found < SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders < Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon VMApplet -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> Control_RunDLL -> -> File not found < Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon < Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ < Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> < Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoLogoff -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableLockWorkstation -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableChangePassword -> 0 -> -> HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer not found. -> < Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\ 0 -> [Key] -> 0 -> FriendlyName = Ma page d'accueil -> 0 -> Source = About:Home -> 0 -> SubscribedURL = About:Home -> < HOSTS File > -> C:\WINDOWS\System32\drivers\etc\Hosts < Internet Explorer Settings > -> HKLM: Default_Page_URL -> http://www.skynet.be -> HKLM: Main\\Default_Search_URL -> http://www.google.com/ie -> HKLM: Local Page -> %SystemRoot%\system32\blank.htm -> HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch -> HKLM: Start Page -> http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home -> HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKLM: Search\\Default_Search_URL -> http://www.google.com/ie -> HKLM: SearchAssistant -> http://www.google.com/ie -> HKCU: Local Page -> C:\WINDOWS\System32\blank.htm -> HKCU: Search Bar -> http://www.google.com/ie -> HKCU: Search Page -> http://www.google.com -> HKCU: Start Page -> http://be.msn.com/ -> HKCU: SearchAssistant -> http://www.google.com/ie -> HKCU: URLSearchHooks\\{4acca1a7-ecc8-4c89-be52-b11919042bbf} [HKLM] -> %ProgramFiles%\nuls\tbnuls.dll [nuls Toolbar] -> Conduit Ltd. [Ver = 4, 5, 125, 0 \| Size = 1182744 bytes \| Modified Date = 2/11/2006 11:12:24 \| Attr = ] HKCU: URLSearchHooks\\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}_ [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found HKCU: ProxyEnable -> 0 -> < BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.9.2006121800 \| Size = 59032 bytes \| Modified Date = 18/12/2006 4:16:42 \| Attr = ] {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} [HKLM] -> %ProgramFiles%\eBay\eBay Toolbar2\eBayTb.dll [eBay Toolbar Helper] -> [Ver = 2, 4000, 0, 0 \| Size = 497144 bytes \| Modified Date = 10/01/2007 21:06:46 \| Attr = ] {53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [] -> Safer Networking Limited [Ver = 1, 4, 0, 0 \| Size = 853672 bytes \| Modified Date = 31/05/2005 1:04:00 \| Attr = ] {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\googletoolbar4.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1020, 3054 \| Size = 2153536 bytes \| Modified Date = 17/10/2006 14:04:36 \| Attr = R ] {BDF3E430-B101-42AD-A544-FADC6B084872} [HKLM] -> %ProgramFiles%\Norton AntiVirus\NAVSHEXT.DLL [CNavExtBho Class] -> Symantec Corporation [Ver = 9.05.15 \| Size = 112224 bytes \| Modified Date = 20/11/2002 13:11:54 \| Attr = ] < Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar {2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar4.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 3054 \| Size = 2153536 bytes \| Modified Date = 17/10/2006 14:04:36 \| Attr = R ] {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> %ProgramFiles%\Norton AntiVirus\NAVSHEXT.DLL [Norton AntiVirus] -> Symantec Corporation [Ver = 9.05.15 \| Size = 112224 bytes \| Modified Date = 20/11/2002 13:11:54 \| Attr = ] {4acca1a7-ecc8-4c89-be52-b11919042bbf} [HKLM] -> %ProgramFiles%\nuls\tbnuls.dll [nuls Toolbar] -> Conduit Ltd. [Ver = 4, 5, 125, 0 \| Size = 1182744 bytes \| Modified Date = 2/11/2006 11:12:24 \| Attr = ] {92085AD4-F48A-450D-BD93-B28CC7DF67CE} [HKLM] -> %ProgramFiles%\eBay\eBay Toolbar2\eBayTb.dll [eBay Toolbar] -> [Ver = 2, 4000, 0, 0 \| Size = 497144 bytes \| Modified Date = 10/01/2007 21:06:46 \| Attr = ] {EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> File not found < Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ShellBrowser\\{319A68DB-06D0-46DA-9F93-A810D5A70836} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> %ProgramFiles%\Norton AntiVirus\NAVSHEXT.DLL [Norton AntiVirus] -> Symantec Corporation [Ver = 9.05.15 \| Size = 112224 bytes \| Modified Date = 20/11/2002 13:11:54 \| Attr = ] WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar4.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 3054 \| Size = 2153536 bytes \| Modified Date = 17/10/2006 14:04:36 \| Attr = R ] WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> %ProgramFiles%\Norton AntiVirus\NAVSHEXT.DLL [Norton AntiVirus] -> Symantec Corporation [Ver = 9.05.15 \| Size = 112224 bytes \| Modified Date = 20/11/2002 13:11:54 \| Attr = ] WebBrowser\\{4ACCA1A7-ECC8-4C89-BE52-B11919042BBF} [HKLM] -> %ProgramFiles%\nuls\tbnuls.dll [nuls Toolbar] -> Conduit Ltd. [Ver = 4, 5, 125, 0 \| Size = 1182744 bytes \| Modified Date = 2/11/2006 11:12:24 \| Attr = ] WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> File not found < Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping {77BF5300-1474-4EC7-9980-D32B190E9B07} -> 8196 - Reg Data - Key not found -> {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -> 8194 - Reg Data - Value does not exist -> {FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8193 - Windows Messenger -> NextId -> 8197 -> < Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} [HKLM] -> Reg Data - Key not found [MenuText: Reg Data - Value does not exist] -> File not found < Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ &Add animation to IncrediMail Style Box -> %ProgramFiles%\IncrediMail\bin\resources\WebMenuImg.htm -> [Ver = \| Size = 591 bytes \| Modified Date = 5/01/2005 15:28:04 \| Attr = ] &eBay Search -> %ProgramFiles%\eBay\eBay Toolbar2\eBayTb.dll\RCSearch.htm -> File not found < Internet Explorer Plugins [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension\ .spop -> %ProgramFiles%\Internet Explorer\PLUGINS\NPDocBox.dll [Reg Data - Value does not exist] -> InterTrust Technologies Corporation, Inc. [Ver = 1.0.30.95 \| Size = 225280 bytes \| Modified Date = 30/01/2001 12:56:24 \| Attr = ] < Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved [HKLM] -> Reg Data - Key not found [] -> File not found {0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [Barre des tâches et menu Démarrer] -> File not found {1CDB2949-8F65-4355-8456-263E7C208A5D} [HKLM] -> %System32%\nvshell.dll [Desktop Explorer] -> [Ver = \| Size = 466944 bytes \| Modified Date = 20/09/2006 16:25:00 \| Attr = ] {1E9B04FB-F9E5-4718-997B-B8DA88302A47} [HKLM] -> %System32%\nvshell.dll [Desktop Explorer Menu] -> [Ver = \| Size = 466944 bytes \| Modified Date = 20/09/2006 16:25:00 \| Attr = ] {1E9B04FB-F9E5-4718-997B-B8DA88302A48} [HKLM] -> %System32%\nvshell.dll [nView Desktop Context Menu] -> [Ver = \| Size = 466944 bytes \| Modified Date = 20/09/2006 16:25:00 \| Attr = ] {42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> deskpan.dll [Extension Affichage Panorama du Panneau de configuration] -> File not found {764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Extensions de l'environnement de compression de fichiers] -> File not found {7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [Comptes d'utilisateurs] -> File not found {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Menu contextuel de cryptage] -> File not found {88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> %System32%\hticons.dll [Extension icône HyperTerminal] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 \| Size = 44544 bytes \| Modified Date = 30/09/2001 11:48:18 \| Attr = ] {92085AD4-F48A-450D-BD93-B28CC7DF67CE} [HKLM] -> %ProgramFiles%\eBay\eBay Toolbar2\eBayTb.dll [eBay Toolbar] -> [Ver = 2, 4000, 0, 0 \| Size = 497144 bytes \| Modified Date = 10/01/2007 21:06:46 \| Attr = ] {A155339D-CCCD-4714-85EB-3754B804C9DF} [HKLM] -> %ProgramFiles%\a-squared Free\a2freecontmenu.dll [a-squared Free Context Menu Shell Extension] -> Emsi Software GmbH [Ver = 2.0.0.48 \| Size = 508928 bytes \| Modified Date = 18/07/2006 12:32:50 \| Attr = ] {A4DF5659-0801-4A60-9607-1C48695EFDA9} [HKLM] -> %ProgramFiles%\Hewlett-Packard\HP Share-to-Web\hpgs2wns.dll [Dossier de téléchargement Share-to-Web ] -> Hewlett-Packard [Ver = 2, 6, 0, 162 \| Size = 147456 bytes \| Modified Date = 17/04/2002 9:40:36 \| Attr = ] {A70C977A-BF00-412C-90B7-034C51DA2439} [HKLM] -> %System32%\nvcpl.dll [NvCpl DesktopContext Class] -> NVIDIA Corporation [Ver = 6.14.10.9597 \| Size = 7680000 bytes \| Modified Date = 20/09/2006 16:25:00 \| Attr = ] {AB77609F-2178-4E6F-9C4B-44AC179D937A} [HKLM] -> Reg Data - Key not found [a² Context Menu Shell Extension] -> File not found {B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR shell extension] -> [Ver = \| Size = 118784 bytes \| Modified Date = 17/01/2003 23:00:00 \| Attr = ] {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} [HKLM] -> %ProgramFiles%\iTunes\iTunesMiniPlayer.dll [iTunes] -> Apple Computer, Inc. [Ver = 7.0.2.16 \| Size = 132672 bytes \| Modified Date = 30/10/2006 9:36:36 \| Attr = ] {FFB699E0-306A-11d3-8BD1-00104B6F7516} [HKLM] -> %System32%\nvcpl.dll [Play on my TV helper] -> NVIDIA Corporation [Ver = 6.14.10.9597 \| Size = 7680000 bytes \| Modified Date = 20/09/2006 16:25:00 \| Attr = ] < ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\ {F8984111-38B6-11D5-8725-0050DA2761C4} [HKLM] -> %ProgramFiles%\IncrediMail\bin\IMShExt.dll [IMMenuShellExt] -> IncrediMail, Ltd. [Ver = 2, 0, 0, 0 \| Size = 61440 bytes \| Modified Date = 25/05/2005 12:08:52 \| Attr = ] {5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} [HKLM] -> %ProgramFiles%\Norton AntiVirus\NAVSHEXT.DLL [Symantec.Norton.Antivirus.IEContextMenu] -> Symantec Corporation [Ver = 9.05.15 \| Size = 112224 bytes \| Modified Date = 20/11/2002 13:11:54 \| Attr = ] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = \| Size = 118784 bytes \| Modified Date = 17/01/2003 23:00:00 \| Attr = ] < ContextMenuHandlers - AllFilesystemObjects [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ {A155339D-CCCD-4714-85EB-3754B804C9DF} [HKLM] -> %ProgramFiles%\a-squared Free\a2freecontmenu.dll [a2FreeContMenu] -> Emsi Software GmbH [Ver = 2.0.0.48 \| Size = 508928 bytes \| Modified Date = 18/07/2006 12:32:50 \| Attr = ] < ContextMenuHandlers - Directory [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\ {B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = \| Size = 118784 bytes \| Modified Date = 17/01/2003 23:00:00 \| Attr = ] < ContextMenuHandlers - Directory\Background [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\ {1E9B04FB-F9E5-4718-997B-B8DA88302A48} [HKLM] -> %System32%\nvshell.dll [00nView] -> [Ver = \| Size = 466944 bytes \| Modified Date = 20/09/2006 16:25:00 \| Attr = ] {950FF917-7A57-46BC-8017-59D9BF474000} [HKLM] -> Reg Data - Key not found [InCDMenu] -> File not found {A70C977A-BF00-412C-90B7-034C51DA2439} [HKLM] -> %System32%\nvcpl.dll [NvCplDesktopContext] -> NVIDIA Corporation [Ver = 6.14.10.9597 \| Size = 7680000 bytes \| Modified Date = 20/09/2006 16:25:00 \| Attr = ] < ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\ {A155339D-CCCD-4714-85EB-3754B804C9DF} [HKLM] -> %ProgramFiles%\a-squared Free\a2freecontmenu.dll [a2FreeContMenu] -> Emsi Software GmbH [Ver = 2.0.0.48 \| Size = 508928 bytes \| Modified Date = 18/07/2006 12:32:50 \| Attr = ] {5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} [HKLM] -> %ProgramFiles%\Norton AntiVirus\NAVSHEXT.DLL [Symantec.Norton.Antivirus.IEContextMenu] -> Symantec Corporation [Ver = 9.05.15 \| Size = 112224 bytes \| Modified Date = 20/11/2002 13:11:54 \| Attr = ] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = \| Size = 118784 bytes \| Modified Date = 17/01/2003 23:00:00 \| Attr = ] < ColumnHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\ {F9DB5320-233E-11D1-9F84-707F02C10627} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll [PDF Shell Extension] -> Adobe Systems, Inc. [Ver = 7.0.0.0 \| Size = 110592 bytes \| Modified Date = 14/12/2004 2:20:02 \| Attr = ] < User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform SKY13 -> IEAK -> < DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ {E07A05DF-641D-418A-9A2D-15D22E2B554F} -> (SiS 900-Based PCI Fast Ethernet Adapter) -> < Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ipp -> Reg Data - Key not found -> File not found msdaipp -> Reg Data - Key not found -> File not found skype4com -> %CommonProgramFiles%\Skype\Skype4COM.dll -> Skype Technologies [Ver = 1, 0, 26, 0 \| Size = 1783384 bytes \| Modified Date = 1/11/2006 15:21:20 \| Attr = R ] < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ {00B71CFB-6864-4346-A978-C0A14556272C} -> Checkers Class - CodeBase = http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab -> {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} -> TDServer Control - CodeBase = http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab -> {084DAC27-6FA3-4F55-9005-033F2F102F5C} -> ITPPDiagIE Class - CodeBase = http://data.jeuxclassiques.com/npwwg.cab -> {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} -> - CodeBase = http://cdn.drivecleaner.com/installdrivecleanerstart_fr.cab -> {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} -> DjVuCtl Class - CodeBase = http://downloadcenter.samsung.com/content/...trolLite_EN.cab -> {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -> CKAVWebScan Object - CodeBase = http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab -> {166B1BCA-3F9C-11CF-8075-444553540000} -> Shockwave ActiveX Control - CodeBase = http://fpdownload.macromedia.com/get/shock...director/sw.cab -> {17492023-C23A-453E-A040-C7C580BBF700} -> Windows Genuine Advantage Validation Tool - CodeBase = http://go.microsoft.com/fwlink/?linkid=39204 -> {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} -> VerifyGMN Class - CodeBase = http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab -> {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} -> Symantec AntiVirus scanner - CodeBase = http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab -> {32564D57-9980-0010-8000-00AA00389B71} -> - CodeBase = http://codecs.microsoft.com/codecs/i386/wmv8dmo.cab -> {33564D57-0000-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/F/6...922/wmv9VCM.CAB -> {33564D57-9980-0010-8000-00AA00389B71} -> - CodeBase = http://codecs.microsoft.com/codecs/i386/wmv9dmo.cab -> {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} -> KooPlayer Control - CodeBase = http://www.euchannels.net/update/KooPlayer.ocx -> {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} -> Office Update Installation Engine - CodeBase = http://office.microsoft.com/officeupdate/content/opuc3.cab -> {4B48D5DF-9021-45F7-A240-60304302A215} -> Malicious Software Removal Tool - CodeBase = http://download.microsoft.com/download/5/c.../WebCleaner.cab -> {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} -> - CodeBase = http://sib1.od2.com/common/Member/ClientIn...2/OCI/setup.exe -> {6414512B-B978-451D-A0D8-FCFDF33E833C} -> WUWebControl Class - CodeBase = http://update.microsoft.com/windowsupdate/...b?1137956595296 -> {644E432F-49D3-41A1-8DD5-E099162EEEC5} -> Symantec RuFSI Utility Class - CodeBase = http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab -> {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> MUWebControl Class - CodeBase = http://update.microsoft.com/microsoftupdat...b?1127471785543 -> {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} -> InstallShield International Setup Player - CodeBase = http://ftp.hp.com/pub/automatic/player/isetupML.cab -> {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -> HouseCall Control - CodeBase = http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab -> {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} -> HardwareDetection Control - CodeBase = http://drivers1.free.fr/telecharger.php?id=2&version= -> {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} -> MessengerStatsClient Class - CodeBase = http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab -> {92ABACFE-EF6E-42C7-A824-D50A914B5B70} -> MastaCash Loader Class - CodeBase = http://dx.mastacash.com/loader.cab -> {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -> ActiveScan Installer Class - CodeBase = http://acs.pandasoftware.com/activescan/as5free/asinst.cab -> {9F1C11AA-197B-4942-BA54-47A8489BB47F} -> Update Class - CodeBase = http://v4.windowsupdate.microsoft.com/CAB/...8739.4624537037 -> {A3009861-330C-4E10-822B-39D16EC8829D} -> CRAVOnline Object - CodeBase = http://www.ravantivirus.com/scan/ravonline.cab -> {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} -> SassCln Object - CodeBase = http://www.microsoft.com/security/controls/SassCln.CAB -> {AA59202C-5E41-48FC-AF7D-324F5FD6A9F1} -> - CodeBase = http://scripts.dlv4.com/binaries/egaccess4..._1070_em_XP.cab -> {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} -> Get_ActiveX Control - CodeBase = https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx -> {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} -> MsnMessengerSetupDownloadControl Class - CodeBase = http://messenger.msn.com/download/msnmesse...pdownloader.cab -> {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} -> Virtools WebPlayer Class - CodeBase = http://a532.g.akamai.net/7/532/6712/2.0.0....0/Installer.exe -> {C771B05E-E725-4516-97A5-4CE5EB163CFB} -> - CodeBase = http://www.asian-x.org/acces/237/asian-x_an.exe -> {D1B80EBF-1A26-4FEC-B0B9-DCB934C6507E} -> - CodeBase = http://dialup.carpediem.fr/CABS/cd/1,0,3,8...AccesMembre.cab -> {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} -> Measurement Service Client v.3.4 - CodeBase = http://ccon.futuremark.com/global/msc34.cab -> {D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://download.macromedia.com/pub/shockwa...ash/swflash.cab -> {E15111B0-95AE-4C05-B91F-F4564057990C} -> MovieSystem WAY - CodeBase = http://services.moviesystem.com/cabs/msway.cab -> {E2F9D054-D2B5-4CE8-9BDF-8BF3A81DB7E9} -> ProductIDGatherer.WindowsGatherer - CodeBase = http://download.microsoft.com/download/a/3...tIDGatherer.CAB -> {EB387D2F-E27B-4D36-979E-847D1036C65D} -> QDiagHUpdateObj Class - CodeBase = http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?326 -> {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} -> McFreeScan Class - CodeBase = http://download.mcafee.com/molbin/iss-loc/...942/mcfscan.cab -> {F00F4763-7355-4725-82F7-0DA94A256D46} -> IncrediMail - CodeBase = http://www2.incredimail.com/contents/setup...er/imloader.cab -> {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} -> Hotmail Attachments Control - CodeBase = http://by16fd.bay16.hotmail.msn.com/activex/HMAtchmt.ocx -> Microsoft XML Parser for Java -> - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab -> [Files - Created Within 30 days] diff.exe -> %SystemDrive%\diff.exe -> [Ver = \| Size = 68096 bytes \| Created Date = 21/01/2007 23:47:51 \| Attr = ] grep.exe -> %SystemDrive%\grep.exe -> [Ver = \| Size = 103424 bytes \| Created Date = 21/01/2007 23:47:51 \| Attr = ] reboot.cmd -> %SystemDrive%\reboot.cmd -> [Ver = \| Size = 853 bytes \| Created Date = 21/01/2007 23:47:51 \| Attr = ] ccReg.dat -> %CommonProgramFiles%\Symantec Shared\ccReg.dat -> [Ver = \| Size = 1206 bytes \| Created Date = 21/01/2007 23:41:04 \| Attr = RH ] CommonClient.dat -> %CommonProgramFiles%\Symantec Shared\CommonClient.dat -> [Ver = \| Size = 13990 bytes \| Created Date = 19/01/2007 11:05:47 \| Attr = RH ] MyAuth.dat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\MyAuth.dat -> [Ver = \| Size = 384 bytes \| Created Date = 19/01/2007 0:06:06 \| Attr = ] CATALOG.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\CATALOG.DAT -> [Ver = \| Size = 2504 bytes \| Created Date = 13/01/2007 5:25:34 \| Attr = ] ECBOOTIL.VXD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\ECBOOTIL.VXD -> [Ver = \| Size = 6899 bytes \| Created Date = 13/01/2007 5:25:35 \| Attr = ] ECMSVR32.DLL -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\ECMSVR32.DLL -> Symantec Corporation [Ver = 61.3.0.18 \| Size = 272040 bytes \| Created Date = 13/01/2007 5:25:35 \| Attr = ] naveng.exp -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\naveng.exp -> [Ver = \| Size = 13040 bytes \| Created Date = 13/01/2007 5:25:36 \| Attr = ] naveng.sys -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\naveng.sys -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 80408 bytes \| Created Date = 13/01/2007 5:25:36 \| Attr = ] naveng.vxd -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\naveng.vxd -> [Ver = \| Size = 89674 bytes \| Created Date = 13/01/2007 5:25:36 \| Attr = ] naveng32.dll -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\naveng32.dll -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 124584 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] navex15.exp -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\navex15.exp -> [Ver = \| Size = 13232 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] navex15.sys -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\navex15.sys -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 833048 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] navex15.vxd -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\navex15.vxd -> [Ver = \| Size = 994379 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] navex32a.dll -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\navex32a.dll -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 882344 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] Raccourci vers scrauth.lnk -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\Raccourci vers scrauth.lnk -> [Ver = \| Size = 956 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] SCRAUTH.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\SCRAUTH.DAT -> [Ver = \| Size = 97712 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] symaveng.cat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\symaveng.cat -> [Ver = \| Size = 9237 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] symaveng.inf -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\symaveng.inf -> [Ver = \| Size = 1061 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] TCDEFS.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TCDEFS.DAT -> [Ver = \| Size = 187905 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] TCSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TCSCAN7.DAT -> [Ver = \| Size = 1196629 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] TCSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TCSCAN8.DAT -> [Ver = \| Size = 325348 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] TCSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TCSCAN9.DAT -> [Ver = \| Size = 736279 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] TINF.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TINF.DAT -> [Ver = \| Size = 453 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] TINFIDX.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TINFIDX.DAT -> [Ver = \| Size = 148 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] TINFL.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TINFL.DAT -> [Ver = \| Size = 1957 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] TSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TSCAN1.DAT -> [Ver = \| Size = 64232 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] TSCAN1HD.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TSCAN1HD.DAT -> [Ver = \| Size = 3072 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] V.GRD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\V.GRD -> [Ver = \| Size = 4778 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] V.SIG -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\V.SIG -> [Ver = \| Size = 2269 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] virscan.inf -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\virscan.inf -> [Ver = \| Size = 106244 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] VIRSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN1.DAT -> [Ver = \| Size = 975798 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] VIRSCAN2.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN2.DAT -> [Ver = \| Size = 570042 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] VIRSCAN3.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN3.DAT -> [Ver = \| Size = 147512 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] VIRSCAN4.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN4.DAT -> [Ver = \| Size = 320186 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] VIRSCAN5.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN5.DAT -> [Ver = \| Size = 3179218 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] VIRSCAN6.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN6.DAT -> [Ver = \| Size = 390197 bytes \| Created Date = 13/01/2007 5:25:38 \| Attr = ] VIRSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN7.DAT -> [Ver = \| Size = 5890358 bytes \| Created Date = 13/01/2007 5:25:38 \| Attr = ] VIRSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN8.DAT -> [Ver = \| Size = 1662499 bytes \| Created Date = 13/01/2007 5:25:40 \| Attr = ] VIRSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN9.DAT -> [Ver = \| Size = 4008519 bytes \| Created Date = 13/01/2007 5:25:40 \| Attr = ] VIRSCANT.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCANT.DAT -> [Ver = \| Size = 32 bytes \| Created Date = 13/01/2007 5:25:40 \| Attr = ] vscanmsx.dat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\vscanmsx.dat -> [Ver = \| Size = 2072 bytes \| Created Date = 17/01/2007 20:26:39 \| Attr = ] ZDONE.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\ZDONE.DAT -> [Ver = \| Size = 224 bytes \| Created Date = 13/01/2007 5:25:40 \| Attr = ] CATALOG.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\CATALOG.DAT -> [Ver = \| Size = 2504 bytes \| Created Date = 18/01/2007 1:30:45 \| Attr = ] ECBOOTIL.VXD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\ECBOOTIL.VXD -> [Ver = \| Size = 6899 bytes \| Created Date = 18/01/2007 1:30:45 \| Attr = ] ECMSVR32.DLL -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\ECMSVR32.DLL -> Symantec Corporation [Ver = 71.1.0.11 \| Size = 272040 bytes \| Created Date = 18/01/2007 1:30:46 \| Attr = ] naveng.exp -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\naveng.exp -> [Ver = \| Size = 13040 bytes \| Created Date = 18/01/2007 1:30:46 \| Attr = ] naveng.sys -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\naveng.sys -> Symantec Corporation [Ver = 20071.1.0.15 \| Size = 80472 bytes \| Created Date = 18/01/2007 1:30:46 \| Attr = ] naveng.vxd -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\naveng.vxd -> [Ver = \| Size = 90186 bytes \| Created Date = 18/01/2007 1:30:46 \| Attr = ] naveng32.dll -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\naveng32.dll -> Symantec Corporation [Ver = 20071.1.0.15 \| Size = 124536 bytes \| Created Date = 18/01/2007 1:30:46 \| Attr = ] navex15.exp -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\navex15.exp -> [Ver = \| Size = 13232 bytes \| Created Date = 18/01/2007 1:30:46 \| Attr = ] navex15.sys -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\navex15.sys -> Symantec Corporation [Ver = 20071.1.0.15 \| Size = 852280 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] navex15.vxd -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\navex15.vxd -> [Ver = \| Size = 1014347 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] navex32a.dll -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\navex32a.dll -> Symantec Corporation [Ver = 20071.1.0.15 \| Size = 902776 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] Raccourci vers scrauth.lnk -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\Raccourci vers scrauth.lnk -> [Ver = \| Size = 956 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] SCRAUTH.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\SCRAUTH.DAT -> [Ver = \| Size = 97712 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] symaveng.cat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\symaveng.cat -> [Ver = \| Size = 9237 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] symaveng.inf -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\symaveng.inf -> [Ver = \| Size = 1061 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] TCDEFS.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCDEFS.DAT -> [Ver = \| Size = 188007 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] TCSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCSCAN7.DAT -> [Ver = \| Size = 1204823 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] TCSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCSCAN8.DAT -> [Ver = \| Size = 327507 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] TCSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCSCAN9.DAT -> [Ver = \| Size = 739486 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] TINF.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TINF.DAT -> [Ver = \| Size = 453 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] TINFIDX.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TINFIDX.DAT -> [Ver = \| Size = 148 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] TINFL.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TINFL.DAT -> [Ver = \| Size = 1957 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] TSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TSCAN1.DAT -> [Ver = \| Size = 64232 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] TSCAN1HD.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TSCAN1HD.DAT -> [Ver = \| Size = 3072 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] V.GRD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\V.GRD -> [Ver = \| Size = 4778 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] V.SIG -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\V.SIG -> [Ver = \| Size = 2261 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] virscan.inf -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\virscan.inf -> [Ver = \| Size = 106244 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] VIRSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN1.DAT -> [Ver = \| Size = 976014 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] VIRSCAN2.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN2.DAT -> [Ver = \| Size = 570042 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] VIRSCAN3.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN3.DAT -> [Ver = \| Size = 147584 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] VIRSCAN4.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN4.DAT -> [Ver = \| Size = 320186 bytes \| Created Date = 18/01/2007 1:30:48 \| Attr = ] VIRSCAN5.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN5.DAT -> [Ver = \| Size = 3200757 bytes \| Created Date = 18/01/2007 1:30:48 \| Attr = ] VIRSCAN6.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN6.DAT -> [Ver = \| Size = 390197 bytes \| Created Date = 18/01/2007 1:30:48 \| Attr = ] VIRSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN7.DAT -> [Ver = \| Size = 6003538 bytes \| Created Date = 18/01/2007 1:30:48 \| Attr = ] VIRSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN8.DAT -> [Ver = \| Size = 1664913 bytes \| Created Date = 18/01/2007 1:30:48 \| Attr = ] VIRSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN9.DAT -> [Ver = \| Size = 4033733 bytes \| Created Date = 18/01/2007 1:30:48 \| Attr = ] VIRSCANT.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCANT.DAT -> [Ver = \| Size = 32 bytes \| Created Date = 18/01/2007 1:30:49 \| Attr = ] vscanmsx.dat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\vscanmsx.dat -> [Ver = \| Size = 2072 bytes \| Created Date = 19/01/2007 0:12:54 \| Attr = ] ZDONE.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\ZDONE.DAT -> [Ver = \| Size = 224 bytes \| Created Date = 18/01/2007 1:30:49 \| Attr = ] CATALOG.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\CATALOG.DAT -> [Ver = \| Size = 2504 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] ECBOOTIL.VXD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\ECBOOTIL.VXD -> [Ver = \| Size = 6899 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] ECMSVR32.DLL -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\ECMSVR32.DLL -> Symantec Corporation [Ver = 61.3.0.18 \| Size = 272040 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] naveng.exp -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\naveng.exp -> [Ver = \| Size = 13040 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] naveng.sys -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\naveng.sys -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 80408 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] naveng.vxd -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\naveng.vxd -> [Ver = \| Size = 89674 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] naveng32.dll -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\naveng32.dll -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 124584 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] navex15.exp -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\navex15.exp -> [Ver = \| Size = 13232 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] navex15.sys -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\navex15.sys -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 833048 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] navex15.vxd -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\navex15.vxd -> [Ver = \| Size = 994379 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] navex32a.dll -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\navex32a.dll -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 882344 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] SCRAUTH.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\SCRAUTH.DAT -> [Ver = \| Size = 97712 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] symaveng.cat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\symaveng.cat -> [Ver = \| Size = 9237 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] symaveng.inf -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\symaveng.inf -> [Ver = \| Size = 1061 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] TCDEFS.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TCDEFS.DAT -> [Ver = \| Size = 187887 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] TCSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TCSCAN7.DAT -> [Ver = \| Size = 1190578 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] TCSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TCSCAN8.DAT -> [Ver = \| Size = 324094 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] TCSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TCSCAN9.DAT -> [Ver = \| Size = 735255 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] TINF.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TINF.DAT -> [Ver = \| Size = 453 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] TINFIDX.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TINFIDX.DAT -> [Ver = \| Size = 148 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] TINFL.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TINFL.DAT -> [Ver = \| Size = 1957 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] TSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TSCAN1.DAT -> [Ver = \| Size = 64232 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] TSCAN1HD.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TSCAN1HD.DAT -> [Ver = \| Size = 3072 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] V.GRD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\V.GRD -> [Ver = \| Size = 4778 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] V.SIG -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\V.SIG -> [Ver = \| Size = 2269 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] virscan.inf -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\virscan.inf -> [Ver = \| Size = 106244 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN1.DAT -> [Ver = \| Size = 975620 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN2.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN2.DAT -> [Ver = \| Size = 570042 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN3.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN3.DAT -> [Ver = \| Size = 147512 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN4.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN4.DAT -> [Ver = \| Size = 320186 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN5.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN5.DAT -> [Ver = \| Size = 3167664 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN6.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN6.DAT -> [Ver = \| Size = 390049 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN7.DAT -> [Ver = \| Size = 5790278 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN8.DAT -> [Ver = \| Size = 1660106 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN9.DAT -> [Ver = \| Size = 4000061 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCANT.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCANT.DAT -> [Ver = \| Size = 32 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] ZDONE.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\ZDONE.DAT -> [Ver = \| Size = 224 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] pack.epk -> %SystemRoot%\pack.epk -> [Ver = \| Size = 944917 bytes \| Created Date = 17/01/2007 15:27:19 \| Attr = ] asuninst.exe -> %System32%\asuninst.exe -> Panda Software [Ver = 1, 0, 0, 2 \| Size = 73728 bytes \| Created Date = 19/01/2007 15:36:17 \| Attr = ] crypts.dll -> %System32%\crypts.dll -> [Ver = \| Size = 23040 bytes \| Created Date = 19/01/2007 0:06:27 \| Attr = ] mmc.exe.config -> %System32%\mmc.exe.config -> [Ver = \| Size = 126 bytes \| Created Date = 9/01/2007 14:13:32 \| Attr = ] nvs2.inf -> %System32%\nvs2.inf -> [Ver = \| Size = 22 bytes \| Created Date = 17/01/2007 15:27:32 \| Attr = ] prodsrvs.exe -> %System32%\prodsrvs.exe -> [Ver = 1, 0, 0, 1 \| Size = 144896 bytes \| Created Date = 21/01/2007 21:06:15 \| Attr = ] RunOnce.tm_ -> %System32%\RunOnce.tm_ -> [Ver = \| Size = 14 bytes \| Created Date = 19/01/2007 0:06:15 \| Attr = ] RunOnce.t__ -> %System32%\RunOnce.t__ -> [Ver = \| Size = 8 bytes \| Created Date = 19/01/2007 0:06:15 \| Attr = ] update00822631.exe -> %System32%\update00822631.exe -> [Ver = \| Size = 39936 bytes \| Created Date = 19/01/2007 0:06:21 \| Attr = ] update77526596.exe -> %System32%\update77526596.exe -> [Ver = \| Size = 4129 bytes \| Created Date = 19/01/2007 0:06:30 \| Attr = ] ZPORT4AS.dll -> %System32%\ZPORT4AS.dll -> [Ver = \| Size = 11776 bytes \| Created Date = 19/01/2007 15:36:17 \| Attr = ] [Files - Modified Within 30 days] ccReg.dat -> %CommonProgramFiles%\Symantec Shared\ccReg.dat -> [Ver = \| Size = 1206 bytes \| Modified Date = 22/01/2007 1:59:36 \| Attr = RH ] ccReg_old.dat -> %CommonProgramFiles%\Symantec Shared\ccReg_old.dat -> [Ver = \| Size = 1206 bytes \| Modified Date = 22/01/2007 1:50:36 \| Attr = RH ] CommonClient.dat -> %CommonProgramFiles%\Symantec Shared\CommonClient.dat -> [Ver = \| Size = 13990 bytes \| Modified Date = 22/01/2007 1:59:36 \| Attr = RH ] CommonClient_old.dat -> %CommonProgramFiles%\Symantec Shared\CommonClient_old.dat -> [Ver = \| Size = 13990 bytes \| Modified Date = 22/01/2007 1:50:36 \| Attr = RH ] Catalog.LiveSubscribe -> %CommonProgramFiles%\Symantec Shared\LiveReg\Catalog.LiveSubscribe -> [Ver = \| Size = 988 bytes \| Modified Date = 21/01/2007 21:39:16 \| Attr = ] definfo.dat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\definfo.dat -> [Ver = \| Size = 57 bytes \| Modified Date = 18/01/2007 1:30:52 \| Attr = ] MyAuth.dat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\MyAuth.dat -> [Ver = \| Size = 384 bytes \| Modified Date = 19/01/2007 0:06:08 \| Attr = ] usage.dat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\usage.dat -> [Ver = \| Size = 115 bytes \| Modified Date = 19/01/2007 15:09:26 \| Attr = ] CATALOG.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\CATALOG.DAT -> [Ver = \| Size = 2504 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] ECBOOTIL.VXD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\ECBOOTIL.VXD -> [Ver = \| Size = 6899 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] ECMSVR32.DLL -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\ECMSVR32.DLL -> Symantec Corporation [Ver = 61.3.0.18 \| Size = 272040 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] naveng.exp -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\naveng.exp -> [Ver = \| Size = 13040 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] naveng.sys -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\naveng.sys -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 80408 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] naveng.vxd -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\naveng.vxd -> [Ver = \| Size = 89674 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] naveng32.dll -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\naveng32.dll -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 124584 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] navex15.exp -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\navex15.exp -> [Ver = \| Size = 13232 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] navex15.sys -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\navex15.sys -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 833048 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] navex15.vxd -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\navex15.vxd -> [Ver = \| Size = 994379 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] navex32a.dll -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\navex32a.dll -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 882344 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] SCRAUTH.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\SCRAUTH.DAT -> [Ver = \| Size = 97712 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] symaveng.cat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\symaveng.cat -> [Ver = \| Size = 9237 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] symaveng.inf -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\symaveng.inf -> [Ver = \| Size = 1061 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] TCDEFS.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TCDEFS.DAT -> [Ver = \| Size = 187905 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] TCSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TCSCAN7.DAT -> [Ver = \| Size = 1196629 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] TCSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TCSCAN8.DAT -> [Ver = \| Size = 325348 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] TCSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TCSCAN9.DAT -> [Ver = \| Size = 736279 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] TINF.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TINF.DAT -> [Ver = \| Size = 453 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] TINFIDX.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TINFIDX.DAT -> [Ver = \| Size = 148 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] TINFL.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TINFL.DAT -> [Ver = \| Size = 1957 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] TSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TSCAN1.DAT -> [Ver = \| Size = 64232 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] TSCAN1HD.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TSCAN1HD.DAT -> [Ver = \| Size = 3072 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] V.GRD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\V.GRD -> [Ver = \| Size = 4778 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] V.SIG -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\V.SIG -> [Ver = \| Size = 2269 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] virscan.inf -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\virscan.inf -> [Ver = \| Size = 106244 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] VIRSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN1.DAT -> [Ver = \| Size = 975798 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] VIRSCAN2.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN2.DAT -> [Ver = \| Size = 570042 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] VIRSCAN3.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN3.DAT -> [Ver = \| Size = 147512 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] VIRSCAN4.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN4.DAT -> [Ver = \| Size = 320186 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] VIRSCAN5.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN5.DAT -> [Ver = \| Size = 3179218 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] VIRSCAN6.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN6.DAT -> [Ver = \| Size = 390197 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] VIRSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN7.DAT -> [Ver = \| Size = 5890358 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] VIRSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN8.DAT -> [Ver = \| Size = 1662499 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] VIRSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN9.DAT -> [Ver = \| Size = 4008519 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] VIRSCANT.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCANT.DAT -> [Ver = \| Size = 32 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] vscanmsx.dat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\vscanmsx.dat -> [Ver = \| Size = 2072 bytes \| Modified Date = 17/01/2007 20:26:40 \| Attr = ] ZDONE.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\ZDONE.DAT -> [Ver = \| Size = 224 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] CATALOG.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\CATALOG.DAT -> [Ver = \| Size = 2504 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] ECBOOTIL.VXD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\ECBOOTIL.VXD -> [Ver = \| Size = 6899 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] ECMSVR32.DLL -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\ECMSVR32.DLL -> Symantec Corporation [Ver = 71.1.0.11 \| Size = 272040 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] naveng.exp -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\naveng.exp -> [Ver = \| Size = 13040 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] naveng.sys -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\naveng.sys -> Symantec Corporation [Ver = 20071.1.0.15 \| Size = 80472 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] naveng.vxd -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\naveng.vxd -> [Ver = \| Size = 90186 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] naveng32.dll -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\naveng32.dll -> Symantec Corporation [Ver = 20071.1.0.15 \| Size = 124536 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] navex15.exp -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\navex15.exp -> [Ver = \| Size = 13232 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] navex15.sys -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\navex15.sys -> Symantec Corporation [Ver = 20071.1.0.15 \| Size = 852280 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] navex15.vxd -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\navex15.vxd -> [Ver = \| Size = 1014347 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] navex32a.dll -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\navex32a.dll -> Symantec Corporation [Ver = 20071.1.0.15 \| Size = 902776 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] SCRAUTH.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\SCRAUTH.DAT -> [Ver = \| Size = 97712 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] symaveng.cat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\symaveng.cat -> [Ver = \| Size = 9237 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] symaveng.inf -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\symaveng.inf -> [Ver = \| Size = 1061 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] TCDEFS.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCDEFS.DAT -> [Ver = \| Size = 188007 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] TCSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCSCAN7.DAT -> [Ver = \| Size = 1204823 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] TCSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCSCAN8.DAT -> [Ver = \| Size = 327507 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] TCSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCSCAN9.DAT -> [Ver = \| Size = 739486 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] TINF.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TINF.DAT -> [Ver = \| Size = 453 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] TINFIDX.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TINFIDX.DAT -> [Ver = \| Size = 148 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] TINFL.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TINFL.DAT -> [Ver = \| Size = 1957 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] TSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TSCAN1.DAT -> [Ver = \| Size = 64232 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] TSCAN1HD.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TSCAN1HD.DAT -> [Ver = \| Size = 3072 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] V.GRD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\V.GRD -> [Ver = \| Size = 4778 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] V.SIG -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\V.SIG -> [Ver = \| Size = 2261 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] virscan.inf -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\virscan.inf -> [Ver = \| Size = 106244 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] VIRSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN1.DAT -> [Ver = \| Size = 976014 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] VIRSCAN2.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN2.DAT -> [Ver = \| Size = 570042 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] VIRSCAN3.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN3.DAT -> [Ver = \| Size = 147584 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] VIRSCAN4.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN4.DAT -> [Ver = \| Size = 320186 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] VIRSCAN5.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN5.DAT -> [Ver = \| Size = 3200757 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] VIRSCAN6.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN6.DAT -> [Ver = \| Size = 390197 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] VIRSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN7.DAT -> [Ver = \| Size = 6003538 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] VIRSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN8.DAT -> [Ver = \| Size = 1664913 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] VIRSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN9.DAT -> [Ver = \| Size = 4033733 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] VIRSCANT.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCANT.DAT -> [Ver = \| Size = 32 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] vscanmsx.dat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\vscanmsx.dat -> [Ver = \| Size = 2072 bytes \| Modified Date = 19/01/2007 0:12:56 \| Attr = ] ZDONE.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\ZDONE.DAT -> [Ver = \| Size = 224 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] CATALOG.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\CATALOG.DAT -> [Ver = \| Size = 2504 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] ECBOOTIL.VXD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\ECBOOTIL.VXD -> [Ver = \| Size = 6899 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] ECMSVR32.DLL -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\ECMSVR32.DLL -> Symantec Corporation [Ver = 61.3.0.18 \| Size = 272040 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] naveng.exp -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\naveng.exp -> [Ver = \| Size = 13040 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] naveng.sys -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\naveng.sys -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 80408 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] naveng.vxd -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\naveng.vxd -> [Ver = \| Size = 89674 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] naveng32.dll -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\naveng32.dll -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 124584 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] navex15.exp -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\navex15.exp -> [Ver = \| Size = 13232 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] navex15.sys -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\navex15.sys -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 833048 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] navex15.vxd -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\navex15.vxd -> [Ver = \| Size = 994379 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] navex32a.dll -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\navex32a.dll -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 882344 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] SCRAUTH.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\SCRAUTH.DAT -> [Ver = \| Size = 97712 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] symaveng.cat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\symaveng.cat -> [Ver = \| Size = 9237 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] symaveng.inf -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\symaveng.inf -> [Ver = \| Size = 1061 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] TCDEFS.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TCDEFS.DAT -> [Ver = \| Size = 187887 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] TCSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TCSCAN7.DAT -> [Ver = \| Size = 1190578 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] TCSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TCSCAN8.DAT -> [Ver = \| Size = 324094 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] TCSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TCSCAN9.DAT -> [Ver = \| Size = 735255 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] TINF.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TINF.DAT -> [Ver = \| Size = 453 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] TINFIDX.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TINFIDX.DAT -> [Ver = \| Size = 148 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] TINFL.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TINFL.DAT -> [Ver = \| Size = 1957 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] TSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TSCAN1.DAT -> [Ver = \| Size = 64232 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] TSCAN1HD.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TSCAN1HD.DAT -> [Ver = \| Size = 3072 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] V.GRD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\V.GRD -> [Ver = \| Size = 4778 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] V.SIG -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\V.SIG -> [Ver = \| Size = 2269 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] virscan.inf -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\virscan.inf -> [Ver = \| Size = 106244 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN1.DAT -> [Ver = \| Size = 975620 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN2.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN2.DAT -> [Ver = \| Size = 570042 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN3.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN3.DAT -> [Ver = \| Size = 147512 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN4.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN4.DAT -> [Ver = \| Size = 320186 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN5.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN5.DAT -> [Ver = \| Size = 3167664 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN6.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN6.DAT -> [Ver = \| Size = 390049 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN7.DAT -> [Ver = \| Size = 5790278 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN8.DAT -> [Ver = \| Size = 1660106 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN9.DAT -> [Ver = \| Size = 4000061 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCANT.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCANT.DAT -> [Ver = \| Size = 32 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] ZDONE.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\ZDONE.DAT -> [Ver = \| Size = 224 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] AUTOLNCH.REG -> %SystemRoot%\AUTOLNCH.REG -> [Ver = \| Size = 1080 bytes \| Modified Date = 21/01/2007 18:32:14 \| Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = \| Size = 2048 bytes \| Modified Date = 22/01/2007 1:58:54 \| Attr = S] MEMORY.DMP -> %SystemRoot%\MEMORY.DMP -> [Ver = \| Size = 0 bytes \| Modified Date = 22/01/2007 1:58:50 \| Attr = ] NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = \| Size = 116 bytes \| Modified Date = 21/01/2007 20:52:50 \| Attr = ] pack.epk -> %SystemRoot%\pack.epk -> [Ver = \| Size = 944917 bytes \| Modified Date = 17/01/2007 15:27:20 \| Attr = ] Ulead32.ini -> %SystemRoot%\Ulead32.ini -> [Ver = \| Size = 907 bytes \| Modified Date = 17/01/2007 1:05:30 \| Attr = ] WORDPAD.INI -> %SystemRoot%\WORDPAD.INI -> [Ver = \| Size = 754 bytes \| Modified Date = 1/01/2007 12:01:54 \| Attr = ] crypts.dll -> %System32%\crypts.dll -> [Ver = \| Size = 23040 bytes \| Modified Date = 19/01/2007 0:06:28 \| Attr = ] Help.ico -> %System32%\Help.ico -> [Ver = \| Size = 1406 bytes \| Modified Date = 19/01/2007 16:02:52 \| Attr = ] mmc.exe.config -> %System32%\mmc.exe.config -> [Ver = \| Size = 126 bytes \| Modified Date = 9/01/2007 14:13:34 \| Attr = ] nvapps.xml -> %System32%\nvapps.xml -> [Ver = \| Size = 75993 bytes \| Modified Date = 22/01/2007 1:59:24 \| Attr = ] nvs2.inf -> %System32%\nvs2.inf -> [Ver = \| Size = 22 bytes \| Modified Date = 17/01/2007 15:27:34 \| Attr = ] pavas.ico -> %System32%\pavas.ico -> [Ver = \| Size = 30590 bytes \| Modified Date = 19/01/2007 16:02:52 \| Attr = ] prodsrvs.exe -> %System32%\prodsrvs.exe -> [Ver = 1, 0, 0, 1 \| Size = 144896 bytes \| Modified Date = 10/01/2007 10:35:26 \| Attr = ] RunOnce.tm_ -> %System32%\RunOnce.tm_ -> [Ver = \| Size = 14 bytes \| Modified Date = 19/01/2007 0:06:16 \| Attr = ] RunOnce.t__ -> %System32%\RunOnce.t__ -> [Ver = \| Size = 8 bytes \| Modified Date = 19/01/2007 0:06:32 \| Attr = ] Uninstall.ico -> %System32%\Uninstall.ico -> [Ver = \| Size = 2550 bytes \| Modified Date = 19/01/2007 16:02:52 \| Attr = ] update00822631.exe -> %System32%\update00822631.exe -> [Ver = \| Size = 39936 bytes \| Modified Date = 19/01/2007 0:06:26 \| Attr = ] update77526596.exe -> %System32%\update77526596.exe -> [Ver = \| Size = 4129 bytes \| Modified Date = 19/01/2007 0:06:32 \| Attr = ] wpa.dbl -> %System32%\wpa.dbl -> [Ver = \| Size = 2184 bytes \| Modified Date = 21/01/2007 20:25:04 \| Attr = ] CO_Mon.sys -> %System32%\drivers\CO_Mon.sys -> [Ver = \| Size = 28672 bytes \| Modified Date = 19/01/2007 19:22:34 \| Attr = ] [File String Scan - Non-Microsoft Only] UPX! , UPX0 , -> %CommonProgramFiles%\Ahead\AudioPlugins\MusePack\MPPDEC.EXE -> [Ver = \| Size = 64512 bytes \| Modified Date = 23/02/2003 19:29:44 \| Attr = H ] UPX! , UPX0 , -> %CommonProgramFiles%\Ahead\AudioPlugins\MusePack\MPPENC.EXE -> [Ver = \| Size = 79360 bytes \| Modified Date = 26/10/2002 0:53:22 \| Attr = H ] UPX! , UPX0 , -> %CommonProgramFiles%\Ahead\AudioPlugins\Speex\SPEEXDEC.EXE -> [Ver = \| Size = 120832 bytes \| Modified Date = 23/03/2003 15:45:40 \| Attr = H ] UPX! , UPX0 , -> %CommonProgramFiles%\Ahead\AudioPlugins\Speex\SPEEXENC.EXE -> [Ver = \| Size = 122880 bytes \| Modified Date = 23/03/2003 15:42:46 \| Attr = H ] Thawte Consulting , -> %CommonProgramFiles%\Java\Update\Base Images\j2re1.4.2-b28\core3.zip -> [Ver = \| Size = 4648893 bytes \| Modified Date = 19/08/2003 17:56:42 \| Attr = ] Thawte Consulting , -> %CommonProgramFiles%\Logitech\LGS500Inst\setup.exe -> Macrovision Corporation [Ver = 11.00.28844 \| Size = 121064 bytes \| Modified Date = 6/04/2005 18:39:06 \| Attr = ] SAHAgent , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20031112.019\WHATSNEW.TXT -> [Ver = \| Size = 27089 bytes \| Modified Date = 12/11/2003 10:00:00 \| Attr = ] SAHAgent , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20031113.023\WHATSNEW.TXT -> [Ver = \| Size = 27089 bytes \| Modified Date = 13/11/2003 10:00:00 \| Attr = ] aspack , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20051116.024\navex15.sys -> Symantec Corporation [Ver = 20051.3.0.16 \| Size = 750424 bytes \| Modified Date = 16/11/2005 10:00:00 \| Attr = ] aspack , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20051116.024\navex15.vxd -> [Ver = \| Size = 907339 bytes \| Modified Date = 16/11/2005 10:00:00 \| Attr = ] aspack , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20051116.024\navex32a.dll -> Symantec Corporation [Ver = 20051.3.0.16 \| Size = 788088 bytes \| Modified Date = 16/11/2005 10:00:00 \| Attr = ] SAHAgent , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20051116.024\TCDEFS.DAT -> [Ver = \| Size = 39566 bytes \| Modified Date = 16/11/2005 10:00:00 \| Attr = ] FSG! , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20051116.024\VIRSCAN8.DAT -> [Ver = \| Size = 1437408 bytes \| Modified Date = 16/11/2005 10:00:00 \| Attr = ] UPX! , FSG! , WSUD , UPX0 , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20051116.024\VIRSCAN9.DAT -> [Ver = \| Size = 2859322 bytes \| Modified Date = 16/11/2005 10:00:00 \| Attr = ] SAHAgent , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TCDEFS.DAT -> [Ver = \| Size = 187905 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] FSG! , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN8.DAT -> [Ver = \| Size = 1662499 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] FSG! , WSUD , UPX0 , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN9.DAT -> [Ver = \| Size = 4008519 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] SAHAgent , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCDEFS.DAT -> [Ver = \| Size = 188007 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] FSG! , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN8.DAT -> [Ver = \| Size = 1664913 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] FSG! , WSUD , UPX0 , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN9.DAT -> [Ver = \| Size = 4033733 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] SAHAgent , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TCDEFS.DAT -> [Ver = \| Size = 187887 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] FSG! , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN8.DAT -> [Ver = \| Size = 1660106 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] FSG! , WSUD , UPX0 , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN9.DAT -> [Ver = \| Size = 4000061 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] PECompact2 , qoologic , SAHAgent , -> %SystemRoot%\LPT$VPN.989 -> [Ver = \| Size = 12848976 bytes \| Modified Date = 26/02/2005 2:15:22 \| Attr = ] UPX! , UPX0 , -> %SystemRoot%\tsc.exe -> Trend Micro Inc. [Ver = 3.9.0.1020 \| Size = 170053 bytes \| Modified Date = 26/02/2005 2:15:22 \| Attr = ] PECompact2 , qoologic , SAHAgent , -> %SystemRoot%\VPTNFILE.989 -> [Ver = \| Size = 12848976 bytes \| Modified Date = 26/02/2005 2:15:22 \| Attr = ] UPX! , aspack , -> %SystemRoot%\vsapi32.dll -> Trend Micro Inc. [Ver = 7.100-1003 \| Size = 1036800 bytes \| Modified Date = 26/02/2005 2:15:22 \| Attr = ] UPX! , UPX0 , -> %System32%\crypts.dll -> [Ver = \| Size = 23040 bytes \| Modified Date = 19/01/2007 0:06:28 \| Attr = ] PEC2 , -> %System32%\dfrg.msc -> [Ver = \| Size = 41131 bytes \| Modified Date = 30/09/2001 11:47:58 \| Attr = ] PEC2 , PECompact2 , -> %System32%\DivX.dll -> DivX, Inc. [Ver = 6.1.1.2 \| Size = 573952 bytes \| Modified Date = 7/12/2005 18:05:52 \| Attr = ] UPX! , UPX0 , -> %System32%\EGDHTML_1024.dll -> E-Group [Ver = 1, 0, 2, 4 \| Size = 64000 bytes \| Modified Date = 13/11/2003 11:54:08 \| Attr = ] Umonitor , -> %System32%\ipebase12.dll -> Hewlett-Packard Company [Ver = 1, 2, 0, 5 \| Size = 331776 bytes \| Modified Date = 15/01/2001 21:03:54 \| Attr = ] PEC2 , PECompact2 , -> %System32%\prodsrvs.exe -> [Ver = 1, 0, 0, 1 \| Size = 144896 bytes \| Modified Date = 10/01/2007 10:35:26 \| Attr = ] UPX! , UPX0 , -> %System32%\update00822631.exe -> [Ver = \| Size = 39936 bytes \| Modified Date = 19/01/2007 0:06:26 \| Attr = ] UPX! , UPX0 , -> %System32%\update77526596.exe -> [Ver = \| Size = 4129 bytes \| Modified Date = 19/01/2007 0:06:32 \| Attr = ] winsync , -> %System32%\wbdbase.deu -> [Ver = \| Size = 1309184 bytes \| Modified Date = 30/09/2001 11:49:10 \| Attr = ] WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = \| Size = 13463552 bytes \| Modified Date = 30/09/2001 11:47:28 \| Attr = ] UPX0 , -> %System32%\dllcache\NT5IIS.CAT -> [Ver = \| Size = 809394 bytes \| Modified Date = 30/09/2001 11:48:40 \| Attr = ] < End of report >

Thanos Voir le profil	lundi 22 janvier 2007 à 03h58 Message #10
Devil Member ! Groupe : Equipe Sécurité+ Messages : 14513 Inscrit : 24/02/2005 Membre n^o 152504	ok merci pour le rapport! Stp suit exactement les manipulations ci dessous!!Va jusqu'au bout et si tu as rencontré des problèmes durant la procédure , fais le moi savoir. Tu as deux possiblités pour consulter les instructions qui suivent: -Soit tu copie/colles le contenu de la procédure dans un fichier texte(que tu met sur le bureau) pour pouvoir le consulter en mode sans échec(tu n'auras pas accès à internet!). -Tu peux également enregistrer la page web complète, sur laquelle se trouve la procédure, en le faisant à partir de ton navigateur : -Aller en haut de page et cliquer sur le menu"Fichier" : une liste apparait=> -Choisis "Enregistrer sous" et choisis "Bureau". -Ensuite cliquer sur le bouton "Enregistrer" à droite du champs "nom du fichier". Pour lire la procédure en mode sans échec, tu n'auras qu'à double cliquer sur le fichier aide pour virus backdoor trojan et w32 spybot worm (avec l'icone de ton navigateur) situé sur le bureau.(tu noteras qu'un nouveau dossier va se créer sur le bureau en plus du fichier : c'est normal!) De cette manière, tu conserveras toutes les mises en formes et les couleurs de la procédure, et cela permettra de t'y retrouver. -------------------------------------------------------------------------------------------------------------------------- La procédure: - Télécharge puis installe AVG Anti-Spyware (AVG AS) Une fois AVG AS lancé, clique sur "Mise à jour" Ferme le programme.Ne lance pas le scan maintenant!! - Télécharge ATF Cleaner by Atribune sur ton bureau. - Télécharge Brute Force Uninstaller (de Merijn). Créé un nouveau dossier directement sur le C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU) http://metallica.geekstogo.com/EGDACCESS.bfu FAIS UN CLIC-DROIT ICI et choisis "Enregistrer la cible sous..." afin de télécharger EGDACCESS.bfu (de Metallica). Voici ce à quoi doit ressembler l'icone du fichier .Bfu que tu viens de télécharger: Sauvegarde dans le dossier créé (C:\BFU). Note : si tu utlises Internet Explorer; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important). - Démarre WinPFind3U en double cliquant sur WinPFind3U.exe et copie/colle le texte ci dessous (ne copie pas le mot code) dans le Panneau Paste fix here , puis clique sur le bouton Run Fix. CODE [Kill Explorer] [Processes - Non-Microsoft Only] YY -> 549b.tmp -> %SystemRoot%\Temp\549B.tmp [Registry - Non-Microsoft Only] < Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run YY -> SDR6V_Check -> %UserDocuments%\SDRmon.exe < Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run YY -> Instant Access -> %System32%\prodsrvs.exe YY -> System Soap Pro -> %SystemDrive%\PROGRA~1\SYSTEM~1\soap.exe < Disabled MSConfig Registry Items [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ YY -> seekmo -> %ProgramFiles%\seekmo\seekmo.exe < Internet Explorer Settings > -> YY -> HKCU: URLSearchHooks\\{4acca1a7-ecc8-4c89-be52-b11919042bbf} [HKLM] -> %ProgramFiles%\nuls\tbnuls.dll [nuls Toolbar] YN -> HKCU: URLSearchHooks\\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}_ [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] < Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar YY -> {4acca1a7-ecc8-4c89-be52-b11919042bbf} [HKLM] -> %ProgramFiles%\nuls\tbnuls.dll [nuls Toolbar] < Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ YN -> ShellBrowser\\{319A68DB-06D0-46DA-9F93-A810D5A70836} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] YY -> WebBrowser\\{4ACCA1A7-ECC8-4C89-BE52-B11919042BBF} [HKLM] -> %ProgramFiles%\nuls\tbnuls.dll [nuls Toolbar] < Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping YN -> {77BF5300-1474-4EC7-9980-D32B190E9B07} -> 8196 - Reg Data - Key not found YN -> {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -> 8194 - Reg Data - Value does not exist < Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ YN -> {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} [HKLM] -> Reg Data - Key not found [MenuText: Reg Data - Value does not exist] < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ YN -> {084DAC27-6FA3-4F55-9005-033F2F102F5C} -> ITPPDiagIE Class - CodeBase = http://data.jeuxclassiques.com/npwwg.cab YN -> {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} -> - CodeBase = http://cdn.drivecleaner.com/installdrivecleanerstart_fr.cab YN -> {92ABACFE-EF6E-42C7-A824-D50A914B5B70} -> MastaCash Loader Class - CodeBase = http://dx.mastacash.com/loader.cab YN -> {AA59202C-5E41-48FC-AF7D-324F5FD6A9F1} -> - CodeBase = http://scripts.dlv4.com/binaries/egaccess4..._1070_em_XP.cab YN -> {C771B05E-E725-4516-97A5-4CE5EB163CFB} -> - CodeBase = http://www.asian-x.org/acces/237/asian-x_an.exe YN -> {D1B80EBF-1A26-4FEC-B0B9-DCB934C6507E} -> - CodeBase = http://dialup.carpediem.fr/CABS/cd/1,0,3,8...AccesMembre.cab [Files - Created Within 30 days] NY -> pack.epk -> %SystemRoot%\pack.epk NY -> nvs2.inf -> %System32%\nvs2.inf NY -> prodsrvs.exe -> %System32%\prodsrvs.exe NY -> RunOnce.tm_ -> %System32%\RunOnce.tm_ NY -> RunOnce.t__ -> %System32%\RunOnce.t__ NY -> update00822631.exe -> %System32%\update00822631.exe NY -> update77526596.exe -> %System32%\update77526596.exe [Files - Modified Within 30 days] NY -> pack.epk -> %SystemRoot%\pack.epk NY -> nvs2.inf -> %System32%\nvs2.inf NY -> prodsrvs.exe -> %System32%\prodsrvs.exe NY -> RunOnce.tm_ -> %System32%\RunOnce.tm_ NY -> RunOnce.t__ -> %System32%\RunOnce.t__ NY -> update00822631.exe -> %System32%\update00822631.exe NY -> update77526596.exe -> %System32%\update77526596.exe [File String Scan - Non-Microsoft Only] NY -> UPX! , UPX0 , -> %System32%\EGDHTML_1024.dll NY -> PEC2 , PECompact2 , -> %System32%\prodsrvs.exe NY -> UPX! , UPX0 , -> %System32%\update00822631.exe NY -> UPX! , UPX0 , -> %System32%\update77526596.exe [ Extra Files ] C:\WINDOWS\Downloaded Program Files\UDC6V_0001_D19M0709NetInstaller.exe C:\WINDOWS\Downloaded Program Files\UDC6V_0001_D19M0709NetInstaller.inf [Reboot] Le Fix va se faire rapidement,puis il te sera demandé de redémarrer ton pc : accepte en cliquant sur Yes Étape 1:** Redémarre le PC, impérativement en mode sans échec,(au démarrage, tapoter immédiatement la touche F8,puis apparaitra un écran avec choix de démarrages : choisir "Mode sans échec" avec les flèches du clavier, puis valider avec "Entrée". Choisir le compte usuel (et non Administrateur). en cas de problème pour sélectionner le mode sans échec, appliquer la procédure de Symantec "Comment démarrer l'ordinateur en mode sans échec"* (n'ayant pas accès à Internet, tu as préalablement copié ces instructions dans un fichier texte) Étape 2: * Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU) Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur : EGDACCESS.bfu Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\EGDACCESS.bfu Clique sur Execute et laisse-le faire son travail. Attendre que Complete script execution apparaîsse et clique sur OK. Clique Exit pour fermer le programme BFU. Étape 3: Créer un fichier Bloc Notes avec le texte qui se trouve dans l'espace "code" ci-dessous (copie/colle, sans le mot "Code" ) CODE RegDeleteKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\erixmcyhdt RegDelValue HKLM\Software\Microsoft\Windows\CurrentVersion\Run\|erixmcyhdt FileDelete %SYSDIR%\erixmcyhdt_navps.dat FileDelete %SYSDIR%\erixmcyhdt_nav.dat FileDelete %SYSDIR%\erixmcyhdt.dat FileDelete %SYSDIR%\erixmcyhdt.exe -Va en haut de la page et clique sur le menu"Fichier" , une liste apparait=> -Choisis "Enregistrer sous" et choisis "C:\BFU" -Dans le champs "Nom du fichier" en bas de page donne le nom suivant: aftermath.bfu -Dans le champs"Type" en bas de page ,choisis: "tous les fichiers" -ensuite clique sur le bouton "Enregistrer" à droite du champs "nom du fichier" -quitte le Bloc Notes. Étape 4: Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU) Clique sur le petit dossier jaune (à droite de la boîte "Scriptline to execute"); Double-clique sur aftermath.bfu Tu devrais maintenant voir ceci dans la boîte "Scriptline to execute" : C:\BFU\aftermath.bfu Clique sur Execute et laisse-le faire son travail. Attendre que Complete script execution apparaîsse et clique sur OK (l'exécution est rapide..). Clique Exit pour fermer le programme BFU. Étape 5: Double-clique sur ATF-Cleaner.exe afin de lancer le programme. Pour internet explorer Sous l'onglet Main, choisis : Select All Clique sur le bouton Empty Selected Pour Firefox(si tu l'utilises) Sous l'onglet Firefox, choisis : Select All Clique le bouton Empty Selected NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invite. Clique Exit, du menu prinicipal, afin de fermer le programme. * Si l'onglet "Firefox" est grisé dans ATF,nettoie le cache et les cookies dans Firefox comme ceci : Ouvre Firefox et clique sur Outils=> Options Clique sur l'onglet Vie Privée clique sur le bouton Vider le cache dans l'onglet "Historique" clique sur le bouton Supprimer les cookies dans l'onglet "Cookies" clique sur le bouton Vider le cache dans l'onglet "Cache" clique sur le bouton Ok pour fermer la fenêtre des options et valider tes choix. Étape 6: Relance AVG AS puis choisis l'onglet "Analyse" Puis l'onglet "Paramètres" Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine" http://img509.imageshack.us/img509/4851/scanavgjk2.jpg Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système" /!\ Si un fichier infecté est détécté en fin d'analyse /!\ Clique sur "Appliquer toutes les actions " Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous" Enregistre ce fichier texte sur ton bureau. Étape 7: Redémarre normalement et poste: -Le rapport d'Avg As -Un nouveau rapport avec Blacklight -Relance WinPFind3U et poste le nouveau rapport. Poste aussi le rapport qui se trouve dans le dossier WinPFind3u( c'est un rapport qui a pour nom la date du jour\mois\année\heure). Allez courage! c'est pas compliqué si tu suis bien les étapes Edit: comme je t'ai indiqué dans mon MP, j'ai modifié la procédure Ce message a été modifié par charles ingals - lundi 22 janvier 2007 à 13h41. -------------------- Fournir de l'aide en désinfection (par ipl_001) - Procédure de demande d'aide et désinfection (par Falkra) - Guide sécurisation Windows face aux menaces infectieuses USB (par Gof) Je ne réponds à aucune demande d'aide via mp, merci.

tdanny6 Voir le profil	lundi 22 janvier 2007 à 09h33 Message #11
Member Groupe : Membres Messages : 69 Inscrit : 21/01/2007 Membre n^o 180991 Mes langues: français	bonjour, un probléme survient lors du run fix, j'ai suivi la procédure décrite ( Démarre WinPFind3U en double cliquant sur WinPFind3U.exe et copie/colle le texte ci dessous (ne copie pas le mot code) dans le Panneau Paste fix here , puis clique sur le bouton Run Fix.Le Fix va se faire rapidement,puis il te sera demandé de redémarrer ton pc : accepte en cliquant sur Yes ) mais la procédure ce blocs, dans le panneau il s'inscri plusieur fois reboot et puis il devient tout blanc et la plus rien ne ce passe. Faut t'il redémarrer manuellement en mode sans échec ? merci

Thanos Voir le profil	lundi 22 janvier 2007 à 12h35 Message #12
Devil Member ! Groupe : Equipe Sécurité+ Messages : 14513 Inscrit : 24/02/2005 Membre n^o 152504	salut Oui,retente le fix, puis redémarre manuellement en sans échec et continue la procédure J'ai modifié la procédure tdanny6 , j'espère que tu as vu;) Ce message a été modifié par charles ingals - lundi 22 janvier 2007 à 13h41. -------------------- Fournir de l'aide en désinfection (par ipl_001) - Procédure de demande d'aide et désinfection (par Falkra) - Guide sécurisation Windows face aux menaces infectieuses USB (par Gof) Je ne réponds à aucune demande d'aide via mp, merci.

tdanny6 Voir le profil	lundi 22 janvier 2007 à 19h12 Message #13
Member Groupe : Membres Messages : 69 Inscrit : 21/01/2007 Membre n^o 180991 Mes langues: français	Bonsoir, désolé pour le retard, ( travail oblige ) je n'avais pas vu les modifications, j'avais fait la premiére solution.J'ai maintenant fait la deuxiéme solution, la seul chose impossible de trouver le rapport winpfind3u date/jour/mois/année/heure , rien dans le dossier winpfind3u. Et un grand merci pour la patience,sa fait vraiment plaisir de voir qu'il y a encore des personnes qui prennent de leur temps pour aider les autres. rapport avg ; AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 18:21:31 22/01/2007 + Résultat de l'analyse: C:\System Volume Information\_restore{90C0402E-837A-407E-B97E-591158995D03}\RP1070\A0416659.exe -> Backdoor.Theef.111 : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{90C0402E-837A-407E-B97E-591158995D03}\RP1070\A0416660.exe -> Backdoor.Theef.111 : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{90C0402E-837A-407E-B97E-591158995D03}\RP1070\A0416658.dll -> Downloader.Agent.ber : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{90C0402E-837A-407E-B97E-591158995D03}\RP1070\A0416661.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Nettoyé et sauvegardé (mise en quarantaine). C:\SDFix\backups\backups.zip/backups/9129837.exe -> Trojan.Small.bs : Nettoyé et sauvegardé (mise en quarantaine). Fin du rapport rapport blacklight ; 01/22/07 18:28:52 [Info]: BlackLight Engine 1.0.55 initialized 01/22/07 18:28:52 [Info]: OS: 5.1 build 2600 () 01/22/07 18:28:52 [Note]: 7019 4 01/22/07 18:28:52 [Note]: 7005 0 01/22/07 18:29:03 [Note]: 7006 0 01/22/07 18:29:03 [Note]: 7011 1868 01/22/07 18:29:04 [Note]: 7026 0 01/22/07 18:29:04 [Note]: 7026 0 01/22/07 18:29:15 [Note]: FSRAW library version 1.7.1021 01/22/07 18:39:44 [Note]: 7007 0 rapport winpfind3u ; WinPFind3 logfile created on: 22/01/2007 18:49:28 WinPFind3U by OldTimer - Version 1.0.11 Folder = C:\Documents and Settings\ok\Bureau\WinPFind3u\ Microsoft Windows XP (Version = 5.1.2600) Internet Explorer (Version = 6.0.2800.1106) 523808 Kb Total Physical Memory \| 232828 Kb Available Physical Memory \| 44,45% Memory free 1280560 Kb Paging File \| 1010388 Kb Available in Paging File \| 78,90% Paging File free Paging file location(s): C:\pagefile.sys 768 1536; %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 80027764 Kb Total Space \| 66061360 Kb Free Space \| 82,55% Space Free D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded [Processes - Non-Microsoft Only] avgas.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 50 \| Size = 6266880 bytes \| Modified Date = 7/10/2006 13:20:00 \| Attr = ] ccapp.exe -> %CommonProgramFiles%\Symantec Shared\CCAPP.EXE -> Symantec Corporation [Ver = 1.08.01 \| Size = 54512 bytes \| Modified Date = 15/07/2003 13:36:36 \| Attr = ] ccevtmgr.exe -> %CommonProgramFiles%\Symantec Shared\CCEVTMGR.EXE -> Symantec Corporation [Ver = 1.03.4 \| Size = 317128 bytes \| Modified Date = 13/11/2002 15:44:02 \| Attr = ] cdac11ba.exe -> %System32%\drivers\CDAC11BA.EXE -> Macrovision [Ver = 4.20.0 \| Size = 54784 bytes \| Modified Date = 15/10/2005 2:22:50 \| Attr = ] ezntsvc.exe -> %System32%\ezntsvc.exe -> EasyBits Software Corp. [Ver = 2.0.0.101 \| Size = 32768 bytes \| Modified Date = 6/07/2005 20:55:32 \| Attr = ] guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 \| Size = 204800 bytes \| Modified Date = 28/09/2006 15:13:20 \| Attr = ] hpgs2wnd.exe -> %ProgramFiles%\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe -> Hewlett-Packard [Ver = 2,3,0,0\ 162 \| Size = 69632 bytes \| Modified Date = 17/04/2002 9:42:56 \| Attr = ] hpgs2wnf.exe -> %ProgramFiles%\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe -> [Ver = 2, 6, 0, 162 \| Size = 77824 bytes \| Modified Date = 17/04/2002 9:49:16 \| Attr = ] hpqcmon.exe -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe -> [Ver = 2.0.0.133 \| Size = 90112 bytes \| Modified Date = 6/10/2002 23:23:20 \| Attr = ] hpwuschd2.exe -> %ProgramFiles%\HP\HP Software Update\HPWuSchd2.exe -> Hewlett-Packard Co. [Ver = 50.0.146.000 \| Size = 49152 bytes \| Modified Date = 16/02/2005 23:11:42 \| Attr = ] hpztsb04.exe -> %System32%\spool\drivers\w32x86\3\hpztsb04.exe -> HP [Ver = 2,80,0,0 \| Size = 196608 bytes \| Modified Date = 19/11/2001 15:37:36 \| Attr = ] htpatch.exe -> %SystemRoot%\htpatch.exe -> [Ver = \| Size = 28672 bytes \| Modified Date = 30/10/2002 10:40:34 \| Attr = R ] navapsvc.exe -> %ProgramFiles%\Norton AntiVirus\NAVAPSVC.EXE -> Symantec Corporation [Ver = 9.05.1015 \| Size = 116320 bytes \| Modified Date = 19/11/2002 13:09:48 \| Attr = ] nvsvc32.exe -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9597 \| Size = 168003 bytes \| Modified Date = 20/09/2006 16:25:00 \| Attr = ] smagent.exe -> %ProgramFiles%\Analog Devices\SoundMAX\SMAgent.exe -> Analog Devices, Inc. [Ver = 3, 2, 6, 0 \| Size = 45056 bytes \| Modified Date = 20/09/2002 14:50:10 \| Attr = ] winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.11.0 \| Size = 306176 bytes \| Modified Date = 18/01/2007 18:01:14 \| Attr = ] [Win32 Services - Non-Microsoft Only] (AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own \| Auto \| Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 \| Size = 204800 bytes \| Modified Date = 28/09/2006 15:13:20 \| Attr = ] (C-DillaCdaC11BA) C-DillaCdaC11BA [Win32_Own \| Auto \| Running] -> %System32%\drivers\CDAC11BA.EXE -> Macrovision [Ver = 4.20.0 \| Size = 54784 bytes \| Modified Date = 15/10/2005 2:22:50 \| Attr = ] (ccEvtMgr) Symantec Event Manager [Win32_Own \| Auto \| Running] -> %CommonProgramFiles%\Symantec Shared\CCEVTMGR.EXE -> Symantec Corporation [Ver = 1.03.4 \| Size = 317128 bytes \| Modified Date = 13/11/2002 15:44:02 \| Attr = ] (ccPwdSvc) Symantec Password Validation Service [Win32_Own \| On_Demand \| Stopped] -> %CommonProgramFiles%\Symantec Shared\CCPWDSVC.EXE -> Symantec Corporation [Ver = 1.08.01 \| Size = 99568 bytes \| Modified Date = 15/07/2003 13:37:18 \| Attr = ] (dmadmin) Service d'administration du Gestionnaire de disque logique [Win32_Shared \| On_Demand \| Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.0.503.0 \| Size = 205312 bytes \| Modified Date = 30/09/2001 11:47:58 \| Attr = ] (ezntsvc) EasyBits Magic Desktop Services for Windows NT [Win32_Own \| Auto \| Running] -> %System32%\ezntsvc.exe -> EasyBits Software Corp. [Ver = 2.0.0.101 \| Size = 32768 bytes \| Modified Date = 6/07/2005 20:55:32 \| Attr = ] (IDriverT) InstallDriver Table Manager [Win32_Own \| On_Demand \| Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 \| Size = 69632 bytes \| Modified Date = 4/04/2005 0:41:10 \| Attr = ] (iPod Service) iPod Service [Win32_Own \| On_Demand \| Stopped] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 \| Size = 492608 bytes \| Modified Date = 30/10/2006 9:36:32 \| Attr = ] (navapsvc) Service Norton AntiVirus Auto-Protect [Win32_Own \| Auto \| Running] -> %ProgramFiles%\Norton AntiVirus\NAVAPSVC.EXE -> Symantec Corporation [Ver = 9.05.1015 \| Size = 116320 bytes \| Modified Date = 19/11/2002 13:09:48 \| Attr = ] (NeroNET) NeroNET [Win32_Own \| Auto \| Stopped] -> %ProgramFiles%\Ahead\NeroNET\NeroNET.exe -> File not found (NVSvc) NVIDIA Display Driver Service [Win32_Own \| Auto \| Running] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9597 \| Size = 168003 bytes \| Modified Date = 20/09/2006 16:25:00 \| Attr = ] (SBService) ScriptBlocking Service [Win32_Own \| Auto \| Stopped] -> %CommonProgramFiles%\Symantec Shared\Script Blocking\SBServ.exe -> Symantec Corporation [Ver = 1, 1, 0, 126 \| Size = 54408 bytes \| Modified Date = 13/08/2001 22:18:36 \| Attr = ] (SNDSrvc) Symantec Network Drivers Service [Win32_Own \| On_Demand \| Stopped] -> %CommonProgramFiles%\Symantec Shared\SNDSrvc.exe -> Symantec Corporation [Ver = 5.5.1.6 \| Size = 206552 bytes \| Modified Date = 5/04/2005 10:17:22 \| Attr = ] (SoundMAX Agent Service (default)) SoundMAX Agent Service [Win32_Own \| Auto \| Running] -> %ProgramFiles%\Analog Devices\SoundMAX\SMAgent.exe -> Analog Devices, Inc. [Ver = 3, 2, 6, 0 \| Size = 45056 bytes \| Modified Date = 20/09/2002 14:50:10 \| Attr = ] (SymWSC) SymWMI Service [Win32_Own \| Auto \| Stopped] -> %CommonProgramFiles%\Symantec Shared\Security Center\SymWSC.exe -> Symantec Corporation [Ver = 2005.1.2.20 \| Size = 316544 bytes \| Modified Date = 2/11/2004 16:59:50 \| Attr = ] [Registry - Non-Microsoft Only] < Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run !AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 50 \| Size = 6266880 bytes \| Modified Date = 7/10/2006 13:20:00 \| Attr = ] CamMonitor -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe -> [Ver = 2.0.0.133 \| Size = 90112 bytes \| Modified Date = 6/10/2002 23:23:20 \| Attr = ] ccApp -> %CommonProgramFiles%\Symantec Shared\CCAPP.EXE -> Symantec Corporation [Ver = 1.08.01 \| Size = 54512 bytes \| Modified Date = 15/07/2003 13:36:36 \| Attr = ] ccRegVfy -> %CommonProgramFiles%\Symantec Shared\CCREGVFY.EXE -> Symantec Corporation [Ver = 1.08.01 \| Size = 60344 bytes \| Modified Date = 15/07/2003 13:42:36 \| Attr = ] HP Software Update -> %ProgramFiles%\HP\HP Software Update\HPWuSchd2.exe -> Hewlett-Packard Co. [Ver = 50.0.146.000 \| Size = 49152 bytes \| Modified Date = 16/02/2005 23:11:42 \| Attr = ] HPDJ Taskbar Utility -> %System32%\spool\drivers\w32x86\3\hpztsb04.exe -> HP [Ver = 2,80,0,0 \| Size = 196608 bytes \| Modified Date = 19/11/2001 15:37:36 \| Attr = ] HTpatch -> %SystemRoot%\htpatch.exe -> [Ver = \| Size = 28672 bytes \| Modified Date = 30/10/2002 10:40:34 \| Attr = R ] NeroFilterCheck -> %System32%\NeroCheck.exe -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 \| Size = 155648 bytes \| Modified Date = 9/07/2001 11:50:42 \| Attr = ] NvCplDaemon -> %System32%\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.10.9597 \| Size = 7680000 bytes \| Modified Date = 20/09/2006 16:25:00 \| Attr = ] NvMediaCenter -> %System32%\nvmctray.dll [RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 6.14.10.9597 \| Size = 86016 bytes \| Modified Date = 20/09/2006 16:25:00 \| Attr = ] nwiz -> %System32%\nwiz.exe -> [Ver = \| Size = 1617920 bytes \| Modified Date = 20/09/2006 16:25:00 \| Attr = ] Share-to-Web Namespace Daemon -> %ProgramFiles%\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe -> Hewlett-Packard [Ver = 2,3,0,0\ 162 \| Size = 69632 bytes \| Modified Date = 17/04/2002 9:42:56 \| Attr = ] SpeedTouch USB Diagnostics -> %ProgramFiles%\Alcatel\SpeedTouch USB\dragdiag.exe -> THOMSON [Ver = 300.7.0.2 \| Size = 878080 bytes \| Modified Date = 5/09/2003 6:59:20 \| Attr = ] SSC_UserPrompt -> %CommonProgramFiles%\Symantec Shared\Security Center\UsrPrmpt.exe -> Symantec Corporation [Ver = 2005.1.2.20 \| Size = 218240 bytes \| Modified Date = 10/11/2004 11:57:02 \| Attr = ] Symantec NetDriver Monitor -> %ProgramFiles%\SymNetDrv\SNDMon.exe -> Symantec Corporation [Ver = 5.5.1.6 \| Size = 100056 bytes \| Modified Date = 7/06/2005 22:47:10 \| Attr = ] < Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run IncrediMail -> %ProgramFiles%\IncrediMail\bin\IncMail.exe -> IncrediMail, Ltd. [Ver = 4, 0, 0, 1930 \| Size = 188459 bytes \| Modified Date = 25/05/2005 12:07:56 \| Attr = ] NBJ -> %ProgramFiles%\Ahead\Nero BackItUp\NBJ.exe -> Ahead Software AG [Ver = 1, 2, 0, 25 \| Size = 1871872 bytes \| Modified Date = 7/09/2004 12:55:20 \| Attr = ] swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe -> File not found < Common Startup > -> C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage %AllUsersStartup%\Lancement rapide d'Adobe Reader.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 \| Size = 29696 bytes \| Modified Date = 23/09/2005 22:05:26 \| Attr = ] < Disabled MSConfig Registry Items [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ AnyDVD -> %SystemDrive%\DOCUME~1\ok\LOCALS~1\Temp\Rar$EX02.031\Crack\AnyDVD.exe -> File not found CHotkey -> %SystemRoot%\mHotkey.exe -> Chicony [Ver = 2, 0, 3, 0 \| Size = 493056 bytes \| Modified Date = 9/10/2002 10:56:56 \| Attr = ] eBayToolbar -> %ProgramFiles%\eBay\eBay Toolbar2\eBayTBDaemon.exe -> eBay [Ver = 2, 4000, 0, 0 \| Size = 497144 bytes \| Modified Date = 10/01/2007 21:06:54 \| Attr = ] lycosInside -> %ProgramFiles%\lycos\Lyc_SysTray.exe -> File not found < ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks {57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 \| Size = 73728 bytes \| Modified Date = 28/09/2006 15:13:28 \| Attr = ] < SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders < Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon VMApplet -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> Control_RunDLL -> -> File not found < Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon < Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ < Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> < Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoLogoff -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableLockWorkstation -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableChangePassword -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 -> -> HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer not found. -> < Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\ 0 -> [Key] -> 0 -> FriendlyName = Ma page d'accueil -> 0 -> Source = About:Home -> 0 -> SubscribedURL = About:Home -> < HOSTS File > -> C:\WINDOWS\System32\drivers\etc\Hosts < Internet Explorer Settings > -> HKLM: Default_Page_URL -> http://www.skynet.be -> HKLM: Main\\Default_Search_URL -> http://www.google.com/ie -> HKLM: Local Page -> %SystemRoot%\system32\blank.htm -> HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch -> HKLM: Start Page -> http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home -> HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKLM: Search\\Default_Search_URL -> http://www.google.com/ie -> HKLM: SearchAssistant -> http://www.google.com/ie -> HKCU: Local Page -> C:\WINDOWS\System32\blank.htm -> HKCU: Search Bar -> http://www.google.com/ie -> HKCU: Search Page -> http://www.google.com -> HKCU: Start Page -> http://be.msn.com/ -> HKCU: SearchAssistant -> http://www.google.com/ie -> HKCU: ProxyEnable -> 0 -> < BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.9.2006121800 \| Size = 59032 bytes \| Modified Date = 18/12/2006 4:16:42 \| Attr = ] {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} [HKLM] -> %ProgramFiles%\eBay\eBay Toolbar2\eBayTb.dll [eBay Toolbar Helper] -> [Ver = 2, 4000, 0, 0 \| Size = 497144 bytes \| Modified Date = 10/01/2007 21:06:46 \| Attr = ] {53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [] -> Safer Networking Limited [Ver = 1, 4, 0, 0 \| Size = 853672 bytes \| Modified Date = 31/05/2005 1:04:00 \| Attr = ] {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\googletoolbar4.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1020, 3054 \| Size = 2153536 bytes \| Modified Date = 17/10/2006 14:04:36 \| Attr = R ] {BDF3E430-B101-42AD-A544-FADC6B084872} [HKLM] -> %ProgramFiles%\Norton AntiVirus\NAVSHEXT.DLL [CNavExtBho Class] -> Symantec Corporation [Ver = 9.05.15 \| Size = 112224 bytes \| Modified Date = 20/11/2002 13:11:54 \| Attr = ] < Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar {2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar4.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 3054 \| Size = 2153536 bytes \| Modified Date = 17/10/2006 14:04:36 \| Attr = R ] {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> %ProgramFiles%\Norton AntiVirus\NAVSHEXT.DLL [Norton AntiVirus] -> Symantec Corporation [Ver = 9.05.15 \| Size = 112224 bytes \| Modified Date = 20/11/2002 13:11:54 \| Attr = ] {92085AD4-F48A-450D-BD93-B28CC7DF67CE} [HKLM] -> %ProgramFiles%\eBay\eBay Toolbar2\eBayTb.dll [eBay Toolbar] -> [Ver = 2, 4000, 0, 0 \| Size = 497144 bytes \| Modified Date = 10/01/2007 21:06:46 \| Attr = ] {EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> File not found < Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ShellBrowser\\{319A68DB-06D0-46DA-9F93-A810D5A70836} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> %ProgramFiles%\Norton AntiVirus\NAVSHEXT.DLL [Norton AntiVirus] -> Symantec Corporation [Ver = 9.05.15 \| Size = 112224 bytes \| Modified Date = 20/11/2002 13:11:54 \| Attr = ] WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar4.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 3054 \| Size = 2153536 bytes \| Modified Date = 17/10/2006 14:04:36 \| Attr = R ] WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> %ProgramFiles%\Norton AntiVirus\NAVSHEXT.DLL [Norton AntiVirus] -> Symantec Corporation [Ver = 9.05.15 \| Size = 112224 bytes \| Modified Date = 20/11/2002 13:11:54 \| Attr = ] WebBrowser\\{4ACCA1A7-ECC8-4C89-BE52-B11919042BBF} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> File not found < Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping {FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8193 - Windows Messenger -> NextId -> 8197 -> < Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ &Add animation to IncrediMail Style Box -> %ProgramFiles%\IncrediMail\bin\resources\WebMenuImg.htm -> [Ver = \| Size = 591 bytes \| Modified Date = 5/01/2005 15:28:04 \| Attr = ] &eBay Search -> %ProgramFiles%\eBay\eBay Toolbar2\eBayTb.dll\RCSearch.htm -> File not found < Internet Explorer Plugins [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension\ .spop -> %ProgramFiles%\Internet Explorer\PLUGINS\NPDocBox.dll [Reg Data - Value does not exist] -> InterTrust Technologies Corporation, Inc. [Ver = 1.0.30.95 \| Size = 225280 bytes \| Modified Date = 30/01/2001 12:56:24 \| Attr = ] < Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved [HKLM] -> Reg Data - Key not found [] -> File not found {0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [Barre des tâches et menu Démarrer] -> File not found {1CDB2949-8F65-4355-8456-263E7C208A5D} [HKLM] -> %System32%\nvshell.dll [Desktop Explorer] -> [Ver = \| Size = 466944 bytes \| Modified Date = 20/09/2006 16:25:00 \| Attr = ] {1E9B04FB-F9E5-4718-997B-B8DA88302A47} [HKLM] -> %System32%\nvshell.dll [Desktop Explorer Menu] -> [Ver = \| Size = 466944 bytes \| Modified Date = 20/09/2006 16:25:00 \| Attr = ] {1E9B04FB-F9E5-4718-997B-B8DA88302A48} [HKLM] -> %System32%\nvshell.dll [nView Desktop Context Menu] -> [Ver = \| Size = 466944 bytes \| Modified Date = 20/09/2006 16:25:00 \| Attr = ] {42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> deskpan.dll [Extension Affichage Panorama du Panneau de configuration] -> File not found {764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Extensions de l'environnement de compression de fichiers] -> File not found {7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [Comptes d'utilisateurs] -> File not found {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Menu contextuel de cryptage] -> File not found {88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> %System32%\hticons.dll [Extension icône HyperTerminal] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 \| Size = 44544 bytes \| Modified Date = 30/09/2001 11:48:18 \| Attr = ] {92085AD4-F48A-450D-BD93-B28CC7DF67CE} [HKLM] -> %ProgramFiles%\eBay\eBay Toolbar2\eBayTb.dll [eBay Toolbar] -> [Ver = 2, 4000, 0, 0 \| Size = 497144 bytes \| Modified Date = 10/01/2007 21:06:46 \| Attr = ] {A155339D-CCCD-4714-85EB-3754B804C9DF} [HKLM] -> %ProgramFiles%\a-squared Free\a2freecontmenu.dll [a-squared Free Context Menu Shell Extension] -> Emsi Software GmbH [Ver = 2.0.0.48 \| Size = 508928 bytes \| Modified Date = 18/07/2006 12:32:50 \| Attr = ] {A4DF5659-0801-4A60-9607-1C48695EFDA9} [HKLM] -> %ProgramFiles%\Hewlett-Packard\HP Share-to-Web\hpgs2wns.dll [Dossier de téléchargement Share-to-Web ] -> Hewlett-Packard [Ver = 2, 6, 0, 162 \| Size = 147456 bytes \| Modified Date = 17/04/2002 9:40:36 \| Attr = ] {A70C977A-BF00-412C-90B7-034C51DA2439} [HKLM] -> %System32%\nvcpl.dll [NvCpl DesktopContext Class] -> NVIDIA Corporation [Ver = 6.14.10.9597 \| Size = 7680000 bytes \| Modified Date = 20/09/2006 16:25:00 \| Attr = ] {AB77609F-2178-4E6F-9C4B-44AC179D937A} [HKLM] -> Reg Data - Key not found [a² Context Menu Shell Extension] -> File not found {B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR shell extension] -> [Ver = \| Size = 118784 bytes \| Modified Date = 17/01/2003 23:00:00 \| Attr = ] {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} [HKLM] -> %ProgramFiles%\iTunes\iTunesMiniPlayer.dll [iTunes] -> Apple Computer, Inc. [Ver = 7.0.2.16 \| Size = 132672 bytes \| Modified Date = 30/10/2006 9:36:36 \| Attr = ] {FFB699E0-306A-11d3-8BD1-00104B6F7516} [HKLM] -> %System32%\nvcpl.dll [Play on my TV helper] -> NVIDIA Corporation [Ver = 6.14.10.9597 \| Size = 7680000 bytes \| Modified Date = 20/09/2006 16:25:00 \| Attr = ] < ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\ {8934FCEF-F5B8-468f-951F-78A921CD3920} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\context.dll [AVG Anti-Spyware] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 49 \| Size = 98304 bytes \| Modified Date = 6/10/2006 12:40:48 \| Attr = ] {F8984111-38B6-11D5-8725-0050DA2761C4} [HKLM] -> %ProgramFiles%\IncrediMail\bin\IMShExt.dll [IMMenuShellExt] -> IncrediMail, Ltd. [Ver = 2, 0, 0, 0 \| Size = 61440 bytes \| Modified Date = 25/05/2005 12:08:52 \| Attr = ] {5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} [HKLM] -> %ProgramFiles%\Norton AntiVirus\NAVSHEXT.DLL [Symantec.Norton.Antivirus.IEContextMenu] -> Symantec Corporation [Ver = 9.05.15 \| Size = 112224 bytes \| Modified Date = 20/11/2002 13:11:54 \| Attr = ] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = \| Size = 118784 bytes \| Modified Date = 17/01/2003 23:00:00 \| Attr = ] < ContextMenuHandlers - AllFilesystemObjects [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ {A155339D-CCCD-4714-85EB-3754B804C9DF} [HKLM] -> %ProgramFiles%\a-squared Free\a2freecontmenu.dll [a2FreeContMenu] -> Emsi Software GmbH [Ver = 2.0.0.48 \| Size = 508928 bytes \| Modified Date = 18/07/2006 12:32:50 \| Attr = ] < ContextMenuHandlers - Directory [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\ {8934FCEF-F5B8-468f-951F-78A921CD3920} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\context.dll [AVG Anti-Spyware] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 49 \| Size = 98304 bytes \| Modified Date = 6/10/2006 12:40:48 \| Attr = ] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = \| Size = 118784 bytes \| Modified Date = 17/01/2003 23:00:00 \| Attr = ] < ContextMenuHandlers - Directory\Background [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\ {1E9B04FB-F9E5-4718-997B-B8DA88302A48} [HKLM] -> %System32%\nvshell.dll [00nView] -> [Ver = \| Size = 466944 bytes \| Modified Date = 20/09/2006 16:25:00 \| Attr = ] {950FF917-7A57-46BC-8017-59D9BF474000} [HKLM] -> Reg Data - Key not found [InCDMenu] -> File not found {A70C977A-BF00-412C-90B7-034C51DA2439} [HKLM] -> %System32%\nvcpl.dll [NvCplDesktopContext] -> NVIDIA Corporation [Ver = 6.14.10.9597 \| Size = 7680000 bytes \| Modified Date = 20/09/2006 16:25:00 \| Attr = ] < ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\ {A155339D-CCCD-4714-85EB-3754B804C9DF} [HKLM] -> %ProgramFiles%\a-squared Free\a2freecontmenu.dll [a2FreeContMenu] -> Emsi Software GmbH [Ver = 2.0.0.48 \| Size = 508928 bytes \| Modified Date = 18/07/2006 12:32:50 \| Attr = ] {5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} [HKLM] -> %ProgramFiles%\Norton AntiVirus\NAVSHEXT.DLL [Symantec.Norton.Antivirus.IEContextMenu] -> Symantec Corporation [Ver = 9.05.15 \| Size = 112224 bytes \| Modified Date = 20/11/2002 13:11:54 \| Attr = ] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = \| Size = 118784 bytes \| Modified Date = 17/01/2003 23:00:00 \| Attr = ] < ColumnHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\ {F9DB5320-233E-11D1-9F84-707F02C10627} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll [PDF Shell Extension] -> Adobe Systems, Inc. [Ver = 7.0.0.0 \| Size = 110592 bytes \| Modified Date = 14/12/2004 2:20:02 \| Attr = ] < User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform SKY13 -> IEAK -> < DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ {E07A05DF-641D-418A-9A2D-15D22E2B554F} -> (SiS 900-Based PCI Fast Ethernet Adapter) -> < Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ipp -> Reg Data - Key not found -> File not found msdaipp -> Reg Data - Key not found -> File not found skype4com -> %CommonProgramFiles%\Skype\Skype4COM.dll -> Skype Technologies [Ver = 1, 0, 26, 0 \| Size = 1783384 bytes \| Modified Date = 1/11/2006 15:21:20 \| Attr = R ] < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ {00B71CFB-6864-4346-A978-C0A14556272C} -> Checkers Class - CodeBase = http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab -> {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} -> TDServer Control - CodeBase = http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab -> {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} -> DjVuCtl Class - CodeBase = http://downloadcenter.samsung.com/content/...trolLite_EN.cab -> {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -> CKAVWebScan Object - CodeBase = http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab -> {166B1BCA-3F9C-11CF-8075-444553540000} -> Shockwave ActiveX Control - CodeBase = http://fpdownload.macromedia.com/get/shock...director/sw.cab -> {17492023-C23A-453E-A040-C7C580BBF700} -> Windows Genuine Advantage Validation Tool - CodeBase = http://go.microsoft.com/fwlink/?linkid=39204 -> {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} -> VerifyGMN Class - CodeBase = http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab -> {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} -> Symantec AntiVirus scanner - CodeBase = http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab -> {32564D57-9980-0010-8000-00AA00389B71} -> - CodeBase = http://codecs.microsoft.com/codecs/i386/wmv8dmo.cab -> {33564D57-0000-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/F/6...922/wmv9VCM.CAB -> {33564D57-9980-0010-8000-00AA00389B71} -> - CodeBase = http://codecs.microsoft.com/codecs/i386/wmv9dmo.cab -> {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} -> KooPlayer Control - CodeBase = http://www.euchannels.net/update/KooPlayer.ocx -> {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} -> Office Update Installation Engine - CodeBase = http://office.microsoft.com/officeupdate/content/opuc3.cab -> {4B48D5DF-9021-45F7-A240-60304302A215} -> Malicious Software Removal Tool - CodeBase = http://download.microsoft.com/download/5/c.../WebCleaner.cab -> {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} -> - CodeBase = http://sib1.od2.com/common/Member/ClientIn...2/OCI/setup.exe -> {6414512B-B978-451D-A0D8-FCFDF33E833C} -> WUWebControl Class - CodeBase = http://update.microsoft.com/windowsupdate/...b?1137956595296 -> {644E432F-49D3-41A1-8DD5-E099162EEEC5} -> Symantec RuFSI Utility Class - CodeBase = http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab -> {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> MUWebControl Class - CodeBase = http://update.microsoft.com/microsoftupdat...b?1127471785543 -> {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} -> InstallShield International Setup Player - CodeBase = http://ftp.hp.com/pub/automatic/player/isetupML.cab -> {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -> HouseCall Control - CodeBase = http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab -> {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} -> HardwareDetection Control - CodeBase = http://drivers1.free.fr/telecharger.php?id=2&version= -> {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} -> MessengerStatsClient Class - CodeBase = http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab -> {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -> ActiveScan Installer Class - CodeBase = http://acs.pandasoftware.com/activescan/as5free/asinst.cab -> {9F1C11AA-197B-4942-BA54-47A8489BB47F} -> Update Class - CodeBase = http://v4.windowsupdate.microsoft.com/CAB/...8739.4624537037 -> {A3009861-330C-4E10-822B-39D16EC8829D} -> CRAVOnline Object - CodeBase = http://www.ravantivirus.com/scan/ravonline.cab -> {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} -> SassCln Object - CodeBase = http://www.microsoft.com/security/controls/SassCln.CAB -> {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} -> Get_ActiveX Control - CodeBase = https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx -> {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} -> MsnMessengerSetupDownloadControl Class - CodeBase = http://messenger.msn.com/download/msnmesse...pdownloader.cab -> {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} -> Virtools WebPlayer Class - CodeBase = http://a532.g.akamai.net/7/532/6712/2.0.0....0/Installer.exe -> {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} -> Measurement Service Client v.3.4 - CodeBase = http://ccon.futuremark.com/global/msc34.cab -> {D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://download.macromedia.com/pub/shockwa...ash/swflash.cab -> {E15111B0-95AE-4C05-B91F-F4564057990C} -> MovieSystem WAY - CodeBase = http://services.moviesystem.com/cabs/msway.cab -> {E2F9D054-D2B5-4CE8-9BDF-8BF3A81DB7E9} -> ProductIDGatherer.WindowsGatherer - CodeBase = http://download.microsoft.com/download/a/3...tIDGatherer.CAB -> {EB387D2F-E27B-4D36-979E-847D1036C65D} -> QDiagHUpdateObj Class - CodeBase = http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?326 -> {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} -> McFreeScan Class - CodeBase = http://download.mcafee.com/molbin/iss-loc/...942/mcfscan.cab -> {F00F4763-7355-4725-82F7-0DA94A256D46} -> IncrediMail - CodeBase = http://www2.incredimail.com/contents/setup...er/imloader.cab -> {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} -> Hotmail Attachments Control - CodeBase = http://by16fd.bay16.hotmail.msn.com/activex/HMAtchmt.ocx -> Microsoft XML Parser for Java -> - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab -> [Files - Created Within 30 days] diff.exe -> %SystemDrive%\diff.exe -> [Ver = \| Size = 68096 bytes \| Created Date = 21/01/2007 23:47:51 \| Attr = ] grep.exe -> %SystemDrive%\grep.exe -> [Ver = \| Size = 103424 bytes \| Created Date = 21/01/2007 23:47:51 \| Attr = ] reboot.cmd -> %SystemDrive%\reboot.cmd -> [Ver = \| Size = 853 bytes \| Created Date = 21/01/2007 23:47:51 \| Attr = ] ccReg.dat -> %CommonProgramFiles%\Symantec Shared\ccReg.dat -> [Ver = \| Size = 1206 bytes \| Created Date = 21/01/2007 23:41:04 \| Attr = RH ] CommonClient.dat -> %CommonProgramFiles%\Symantec Shared\CommonClient.dat -> [Ver = \| Size = 13990 bytes \| Created Date = 19/01/2007 11:05:47 \| Attr = RH ] MyAuth.dat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\MyAuth.dat -> [Ver = \| Size = 384 bytes \| Created Date = 19/01/2007 0:06:06 \| Attr = ] CATALOG.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\CATALOG.DAT -> [Ver = \| Size = 2504 bytes \| Created Date = 13/01/2007 5:25:34 \| Attr = ] ECBOOTIL.VXD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\ECBOOTIL.VXD -> [Ver = \| Size = 6899 bytes \| Created Date = 13/01/2007 5:25:35 \| Attr = ] ECMSVR32.DLL -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\ECMSVR32.DLL -> Symantec Corporation [Ver = 61.3.0.18 \| Size = 272040 bytes \| Created Date = 13/01/2007 5:25:35 \| Attr = ] naveng.exp -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\naveng.exp -> [Ver = \| Size = 13040 bytes \| Created Date = 13/01/2007 5:25:36 \| Attr = ] naveng.sys -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\naveng.sys -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 80408 bytes \| Created Date = 13/01/2007 5:25:36 \| Attr = ] naveng.vxd -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\naveng.vxd -> [Ver = \| Size = 89674 bytes \| Created Date = 13/01/2007 5:25:36 \| Attr = ] naveng32.dll -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\naveng32.dll -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 124584 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] navex15.exp -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\navex15.exp -> [Ver = \| Size = 13232 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] navex15.sys -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\navex15.sys -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 833048 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] navex15.vxd -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\navex15.vxd -> [Ver = \| Size = 994379 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] navex32a.dll -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\navex32a.dll -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 882344 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] Raccourci vers scrauth.lnk -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\Raccourci vers scrauth.lnk -> [Ver = \| Size = 956 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] SCRAUTH.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\SCRAUTH.DAT -> [Ver = \| Size = 97712 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] symaveng.cat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\symaveng.cat -> [Ver = \| Size = 9237 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] symaveng.inf -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\symaveng.inf -> [Ver = \| Size = 1061 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] TCDEFS.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TCDEFS.DAT -> [Ver = \| Size = 187905 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] TCSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TCSCAN7.DAT -> [Ver = \| Size = 1196629 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] TCSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TCSCAN8.DAT -> [Ver = \| Size = 325348 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] TCSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TCSCAN9.DAT -> [Ver = \| Size = 736279 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] TINF.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TINF.DAT -> [Ver = \| Size = 453 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] TINFIDX.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TINFIDX.DAT -> [Ver = \| Size = 148 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] TINFL.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TINFL.DAT -> [Ver = \| Size = 1957 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] TSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TSCAN1.DAT -> [Ver = \| Size = 64232 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] TSCAN1HD.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TSCAN1HD.DAT -> [Ver = \| Size = 3072 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] V.GRD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\V.GRD -> [Ver = \| Size = 4778 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] V.SIG -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\V.SIG -> [Ver = \| Size = 2269 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] virscan.inf -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\virscan.inf -> [Ver = \| Size = 106244 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] VIRSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN1.DAT -> [Ver = \| Size = 975798 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] VIRSCAN2.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN2.DAT -> [Ver = \| Size = 570042 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] VIRSCAN3.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN3.DAT -> [Ver = \| Size = 147512 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] VIRSCAN4.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN4.DAT -> [Ver = \| Size = 320186 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] VIRSCAN5.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN5.DAT -> [Ver = \| Size = 3179218 bytes \| Created Date = 13/01/2007 5:25:37 \| Attr = ] VIRSCAN6.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN6.DAT -> [Ver = \| Size = 390197 bytes \| Created Date = 13/01/2007 5:25:38 \| Attr = ] VIRSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN7.DAT -> [Ver = \| Size = 5890358 bytes \| Created Date = 13/01/2007 5:25:38 \| Attr = ] VIRSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN8.DAT -> [Ver = \| Size = 1662499 bytes \| Created Date = 13/01/2007 5:25:40 \| Attr = ] VIRSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN9.DAT -> [Ver = \| Size = 4008519 bytes \| Created Date = 13/01/2007 5:25:40 \| Attr = ] VIRSCANT.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCANT.DAT -> [Ver = \| Size = 32 bytes \| Created Date = 13/01/2007 5:25:40 \| Attr = ] vscanmsx.dat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\vscanmsx.dat -> [Ver = \| Size = 2072 bytes \| Created Date = 17/01/2007 20:26:39 \| Attr = ] ZDONE.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\ZDONE.DAT -> [Ver = \| Size = 224 bytes \| Created Date = 13/01/2007 5:25:40 \| Attr = ] CATALOG.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\CATALOG.DAT -> [Ver = \| Size = 2504 bytes \| Created Date = 18/01/2007 1:30:45 \| Attr = ] ECBOOTIL.VXD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\ECBOOTIL.VXD -> [Ver = \| Size = 6899 bytes \| Created Date = 18/01/2007 1:30:45 \| Attr = ] ECMSVR32.DLL -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\ECMSVR32.DLL -> Symantec Corporation [Ver = 71.1.0.11 \| Size = 272040 bytes \| Created Date = 18/01/2007 1:30:46 \| Attr = ] naveng.exp -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\naveng.exp -> [Ver = \| Size = 13040 bytes \| Created Date = 18/01/2007 1:30:46 \| Attr = ] naveng.sys -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\naveng.sys -> Symantec Corporation [Ver = 20071.1.0.15 \| Size = 80472 bytes \| Created Date = 18/01/2007 1:30:46 \| Attr = ] naveng.vxd -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\naveng.vxd -> [Ver = \| Size = 90186 bytes \| Created Date = 18/01/2007 1:30:46 \| Attr = ] naveng32.dll -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\naveng32.dll -> Symantec Corporation [Ver = 20071.1.0.15 \| Size = 124536 bytes \| Created Date = 18/01/2007 1:30:46 \| Attr = ] navex15.exp -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\navex15.exp -> [Ver = \| Size = 13232 bytes \| Created Date = 18/01/2007 1:30:46 \| Attr = ] navex15.sys -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\navex15.sys -> Symantec Corporation [Ver = 20071.1.0.15 \| Size = 852280 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] navex15.vxd -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\navex15.vxd -> [Ver = \| Size = 1014347 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] navex32a.dll -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\navex32a.dll -> Symantec Corporation [Ver = 20071.1.0.15 \| Size = 902776 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] Raccourci vers scrauth.lnk -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\Raccourci vers scrauth.lnk -> [Ver = \| Size = 956 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] SCRAUTH.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\SCRAUTH.DAT -> [Ver = \| Size = 97712 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] symaveng.cat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\symaveng.cat -> [Ver = \| Size = 9237 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] symaveng.inf -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\symaveng.inf -> [Ver = \| Size = 1061 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] TCDEFS.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCDEFS.DAT -> [Ver = \| Size = 188007 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] TCSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCSCAN7.DAT -> [Ver = \| Size = 1204823 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] TCSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCSCAN8.DAT -> [Ver = \| Size = 327507 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] TCSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCSCAN9.DAT -> [Ver = \| Size = 739486 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] TINF.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TINF.DAT -> [Ver = \| Size = 453 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] TINFIDX.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TINFIDX.DAT -> [Ver = \| Size = 148 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] TINFL.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TINFL.DAT -> [Ver = \| Size = 1957 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] TSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TSCAN1.DAT -> [Ver = \| Size = 64232 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] TSCAN1HD.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TSCAN1HD.DAT -> [Ver = \| Size = 3072 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] V.GRD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\V.GRD -> [Ver = \| Size = 4778 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] V.SIG -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\V.SIG -> [Ver = \| Size = 2261 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] virscan.inf -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\virscan.inf -> [Ver = \| Size = 106244 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] VIRSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN1.DAT -> [Ver = \| Size = 976014 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] VIRSCAN2.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN2.DAT -> [Ver = \| Size = 570042 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] VIRSCAN3.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN3.DAT -> [Ver = \| Size = 147584 bytes \| Created Date = 18/01/2007 1:30:47 \| Attr = ] VIRSCAN4.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN4.DAT -> [Ver = \| Size = 320186 bytes \| Created Date = 18/01/2007 1:30:48 \| Attr = ] VIRSCAN5.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN5.DAT -> [Ver = \| Size = 3200757 bytes \| Created Date = 18/01/2007 1:30:48 \| Attr = ] VIRSCAN6.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN6.DAT -> [Ver = \| Size = 390197 bytes \| Created Date = 18/01/2007 1:30:48 \| Attr = ] VIRSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN7.DAT -> [Ver = \| Size = 6003538 bytes \| Created Date = 18/01/2007 1:30:48 \| Attr = ] VIRSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN8.DAT -> [Ver = \| Size = 1664913 bytes \| Created Date = 18/01/2007 1:30:48 \| Attr = ] VIRSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN9.DAT -> [Ver = \| Size = 4033733 bytes \| Created Date = 18/01/2007 1:30:48 \| Attr = ] VIRSCANT.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCANT.DAT -> [Ver = \| Size = 32 bytes \| Created Date = 18/01/2007 1:30:49 \| Attr = ] vscanmsx.dat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\vscanmsx.dat -> [Ver = \| Size = 2072 bytes \| Created Date = 19/01/2007 0:12:54 \| Attr = ] ZDONE.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\ZDONE.DAT -> [Ver = \| Size = 224 bytes \| Created Date = 18/01/2007 1:30:49 \| Attr = ] CATALOG.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\CATALOG.DAT -> [Ver = \| Size = 2504 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] ECBOOTIL.VXD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\ECBOOTIL.VXD -> [Ver = \| Size = 6899 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] ECMSVR32.DLL -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\ECMSVR32.DLL -> Symantec Corporation [Ver = 61.3.0.18 \| Size = 272040 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] naveng.exp -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\naveng.exp -> [Ver = \| Size = 13040 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] naveng.sys -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\naveng.sys -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 80408 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] naveng.vxd -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\naveng.vxd -> [Ver = \| Size = 89674 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] naveng32.dll -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\naveng32.dll -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 124584 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] navex15.exp -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\navex15.exp -> [Ver = \| Size = 13232 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] navex15.sys -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\navex15.sys -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 833048 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] navex15.vxd -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\navex15.vxd -> [Ver = \| Size = 994379 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] navex32a.dll -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\navex32a.dll -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 882344 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] SCRAUTH.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\SCRAUTH.DAT -> [Ver = \| Size = 97712 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] symaveng.cat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\symaveng.cat -> [Ver = \| Size = 9237 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] symaveng.inf -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\symaveng.inf -> [Ver = \| Size = 1061 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] TCDEFS.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TCDEFS.DAT -> [Ver = \| Size = 187887 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] TCSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TCSCAN7.DAT -> [Ver = \| Size = 1190578 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] TCSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TCSCAN8.DAT -> [Ver = \| Size = 324094 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] TCSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TCSCAN9.DAT -> [Ver = \| Size = 735255 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] TINF.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TINF.DAT -> [Ver = \| Size = 453 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] TINFIDX.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TINFIDX.DAT -> [Ver = \| Size = 148 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] TINFL.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TINFL.DAT -> [Ver = \| Size = 1957 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] TSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TSCAN1.DAT -> [Ver = \| Size = 64232 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] TSCAN1HD.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TSCAN1HD.DAT -> [Ver = \| Size = 3072 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] V.GRD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\V.GRD -> [Ver = \| Size = 4778 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] V.SIG -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\V.SIG -> [Ver = \| Size = 2269 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] virscan.inf -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\virscan.inf -> [Ver = \| Size = 106244 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN1.DAT -> [Ver = \| Size = 975620 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN2.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN2.DAT -> [Ver = \| Size = 570042 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN3.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN3.DAT -> [Ver = \| Size = 147512 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN4.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN4.DAT -> [Ver = \| Size = 320186 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN5.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN5.DAT -> [Ver = \| Size = 3167664 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN6.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN6.DAT -> [Ver = \| Size = 390049 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN7.DAT -> [Ver = \| Size = 5790278 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN8.DAT -> [Ver = \| Size = 1660106 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN9.DAT -> [Ver = \| Size = 4000061 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCANT.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCANT.DAT -> [Ver = \| Size = 32 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] ZDONE.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\ZDONE.DAT -> [Ver = \| Size = 224 bytes \| Created Date = 10/01/2007 10:00:00 \| Attr = ] asuninst.exe -> %System32%\asuninst.exe -> Panda Software [Ver = 1, 0, 0, 2 \| Size = 73728 bytes \| Created Date = 19/01/2007 15:36:17 \| Attr = ] mmc.exe.config -> %System32%\mmc.exe.config -> [Ver = \| Size = 126 bytes \| Created Date = 9/01/2007 14:13:32 \| Attr = ] ZPORT4AS.dll -> %System32%\ZPORT4AS.dll -> [Ver = \| Size = 11776 bytes \| Created Date = 19/01/2007 15:36:17 \| Attr = ] AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 \| Size = 3968 bytes \| Created Date = 22/01/2007 9:00:44 \| Attr = ] [Files - Modified Within 30 days] ccReg.dat -> %CommonProgramFiles%\Symantec Shared\ccReg.dat -> [Ver = \| Size = 1206 bytes \| Modified Date = 22/01/2007 18:25:24 \| Attr = RH ] ccReg_old.dat -> %CommonProgramFiles%\Symantec Shared\ccReg_old.dat -> [Ver = \| Size = 1206 bytes \| Modified Date = 22/01/2007 16:05:44 \| Attr = RH ] CommonClient.dat -> %CommonProgramFiles%\Symantec Shared\CommonClient.dat -> [Ver = \| Size = 13990 bytes \| Modified Date = 22/01/2007 18:25:24 \| Attr = RH ] CommonClient_old.dat -> %CommonProgramFiles%\Symantec Shared\CommonClient_old.dat -> [Ver = \| Size = 13990 bytes \| Modified Date = 22/01/2007 16:05:46 \| Attr = RH ] Catalog.LiveSubscribe -> %CommonProgramFiles%\Symantec Shared\LiveReg\Catalog.LiveSubscribe -> [Ver = \| Size = 988 bytes \| Modified Date = 22/01/2007 9:40:14 \| Attr = ] definfo.dat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\definfo.dat -> [Ver = \| Size = 57 bytes \| Modified Date = 18/01/2007 1:30:52 \| Attr = ] MyAuth.dat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\MyAuth.dat -> [Ver = \| Size = 384 bytes \| Modified Date = 19/01/2007 0:06:08 \| Attr = ] usage.dat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\usage.dat -> [Ver = \| Size = 115 bytes \| Modified Date = 19/01/2007 15:09:26 \| Attr = ] CATALOG.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\CATALOG.DAT -> [Ver = \| Size = 2504 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] ECBOOTIL.VXD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\ECBOOTIL.VXD -> [Ver = \| Size = 6899 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] ECMSVR32.DLL -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\ECMSVR32.DLL -> Symantec Corporation [Ver = 61.3.0.18 \| Size = 272040 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] naveng.exp -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\naveng.exp -> [Ver = \| Size = 13040 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] naveng.sys -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\naveng.sys -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 80408 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] naveng.vxd -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\naveng.vxd -> [Ver = \| Size = 89674 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] naveng32.dll -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\naveng32.dll -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 124584 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] navex15.exp -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\navex15.exp -> [Ver = \| Size = 13232 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] navex15.sys -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\navex15.sys -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 833048 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] navex15.vxd -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\navex15.vxd -> [Ver = \| Size = 994379 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] navex32a.dll -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\navex32a.dll -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 882344 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] SCRAUTH.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\SCRAUTH.DAT -> [Ver = \| Size = 97712 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] symaveng.cat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\symaveng.cat -> [Ver = \| Size = 9237 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] symaveng.inf -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\symaveng.inf -> [Ver = \| Size = 1061 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] TCDEFS.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TCDEFS.DAT -> [Ver = \| Size = 187905 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] TCSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TCSCAN7.DAT -> [Ver = \| Size = 1196629 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] TCSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TCSCAN8.DAT -> [Ver = \| Size = 325348 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] TCSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TCSCAN9.DAT -> [Ver = \| Size = 736279 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] TINF.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TINF.DAT -> [Ver = \| Size = 453 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] TINFIDX.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TINFIDX.DAT -> [Ver = \| Size = 148 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] TINFL.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TINFL.DAT -> [Ver = \| Size = 1957 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] TSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TSCAN1.DAT -> [Ver = \| Size = 64232 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] TSCAN1HD.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TSCAN1HD.DAT -> [Ver = \| Size = 3072 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] V.GRD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\V.GRD -> [Ver = \| Size = 4778 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] V.SIG -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\V.SIG -> [Ver = \| Size = 2269 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] virscan.inf -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\virscan.inf -> [Ver = \| Size = 106244 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] VIRSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN1.DAT -> [Ver = \| Size = 975798 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] VIRSCAN2.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN2.DAT -> [Ver = \| Size = 570042 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] VIRSCAN3.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN3.DAT -> [Ver = \| Size = 147512 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] VIRSCAN4.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN4.DAT -> [Ver = \| Size = 320186 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] VIRSCAN5.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN5.DAT -> [Ver = \| Size = 3179218 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] VIRSCAN6.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN6.DAT -> [Ver = \| Size = 390197 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] VIRSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN7.DAT -> [Ver = \| Size = 5890358 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] VIRSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN8.DAT -> [Ver = \| Size = 1662499 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] VIRSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN9.DAT -> [Ver = \| Size = 4008519 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] VIRSCANT.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCANT.DAT -> [Ver = \| Size = 32 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] vscanmsx.dat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\vscanmsx.dat -> [Ver = \| Size = 2072 bytes \| Modified Date = 17/01/2007 20:26:40 \| Attr = ] ZDONE.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\ZDONE.DAT -> [Ver = \| Size = 224 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] CATALOG.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\CATALOG.DAT -> [Ver = \| Size = 2504 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] ECBOOTIL.VXD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\ECBOOTIL.VXD -> [Ver = \| Size = 6899 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] ECMSVR32.DLL -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\ECMSVR32.DLL -> Symantec Corporation [Ver = 71.1.0.11 \| Size = 272040 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] naveng.exp -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\naveng.exp -> [Ver = \| Size = 13040 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] naveng.sys -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\naveng.sys -> Symantec Corporation [Ver = 20071.1.0.15 \| Size = 80472 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] naveng.vxd -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\naveng.vxd -> [Ver = \| Size = 90186 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] naveng32.dll -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\naveng32.dll -> Symantec Corporation [Ver = 20071.1.0.15 \| Size = 124536 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] navex15.exp -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\navex15.exp -> [Ver = \| Size = 13232 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] navex15.sys -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\navex15.sys -> Symantec Corporation [Ver = 20071.1.0.15 \| Size = 852280 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] navex15.vxd -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\navex15.vxd -> [Ver = \| Size = 1014347 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] navex32a.dll -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\navex32a.dll -> Symantec Corporation [Ver = 20071.1.0.15 \| Size = 902776 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] SCRAUTH.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\SCRAUTH.DAT -> [Ver = \| Size = 97712 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] symaveng.cat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\symaveng.cat -> [Ver = \| Size = 9237 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] symaveng.inf -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\symaveng.inf -> [Ver = \| Size = 1061 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] TCDEFS.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCDEFS.DAT -> [Ver = \| Size = 188007 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] TCSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCSCAN7.DAT -> [Ver = \| Size = 1204823 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] TCSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCSCAN8.DAT -> [Ver = \| Size = 327507 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] TCSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCSCAN9.DAT -> [Ver = \| Size = 739486 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] TINF.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TINF.DAT -> [Ver = \| Size = 453 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] TINFIDX.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TINFIDX.DAT -> [Ver = \| Size = 148 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] TINFL.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TINFL.DAT -> [Ver = \| Size = 1957 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] TSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TSCAN1.DAT -> [Ver = \| Size = 64232 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] TSCAN1HD.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TSCAN1HD.DAT -> [Ver = \| Size = 3072 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] V.GRD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\V.GRD -> [Ver = \| Size = 4778 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] V.SIG -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\V.SIG -> [Ver = \| Size = 2261 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] virscan.inf -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\virscan.inf -> [Ver = \| Size = 106244 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] VIRSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN1.DAT -> [Ver = \| Size = 976014 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] VIRSCAN2.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN2.DAT -> [Ver = \| Size = 570042 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] VIRSCAN3.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN3.DAT -> [Ver = \| Size = 147584 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] VIRSCAN4.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN4.DAT -> [Ver = \| Size = 320186 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] VIRSCAN5.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN5.DAT -> [Ver = \| Size = 3200757 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] VIRSCAN6.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN6.DAT -> [Ver = \| Size = 390197 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] VIRSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN7.DAT -> [Ver = \| Size = 6003538 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] VIRSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN8.DAT -> [Ver = \| Size = 1664913 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] VIRSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN9.DAT -> [Ver = \| Size = 4033733 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] VIRSCANT.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCANT.DAT -> [Ver = \| Size = 32 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] vscanmsx.dat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\vscanmsx.dat -> [Ver = \| Size = 2072 bytes \| Modified Date = 19/01/2007 0:12:56 \| Attr = ] ZDONE.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\ZDONE.DAT -> [Ver = \| Size = 224 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] CATALOG.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\CATALOG.DAT -> [Ver = \| Size = 2504 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] ECBOOTIL.VXD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\ECBOOTIL.VXD -> [Ver = \| Size = 6899 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] ECMSVR32.DLL -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\ECMSVR32.DLL -> Symantec Corporation [Ver = 61.3.0.18 \| Size = 272040 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] naveng.exp -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\naveng.exp -> [Ver = \| Size = 13040 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] naveng.sys -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\naveng.sys -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 80408 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] naveng.vxd -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\naveng.vxd -> [Ver = \| Size = 89674 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] naveng32.dll -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\naveng32.dll -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 124584 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] navex15.exp -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\navex15.exp -> [Ver = \| Size = 13232 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] navex15.sys -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\navex15.sys -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 833048 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] navex15.vxd -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\navex15.vxd -> [Ver = \| Size = 994379 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] navex32a.dll -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\navex32a.dll -> Symantec Corporation [Ver = 20061.3.0.12 \| Size = 882344 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] SCRAUTH.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\SCRAUTH.DAT -> [Ver = \| Size = 97712 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] symaveng.cat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\symaveng.cat -> [Ver = \| Size = 9237 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] symaveng.inf -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\symaveng.inf -> [Ver = \| Size = 1061 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] TCDEFS.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TCDEFS.DAT -> [Ver = \| Size = 187887 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] TCSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TCSCAN7.DAT -> [Ver = \| Size = 1190578 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] TCSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TCSCAN8.DAT -> [Ver = \| Size = 324094 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] TCSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TCSCAN9.DAT -> [Ver = \| Size = 735255 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] TINF.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TINF.DAT -> [Ver = \| Size = 453 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] TINFIDX.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TINFIDX.DAT -> [Ver = \| Size = 148 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] TINFL.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TINFL.DAT -> [Ver = \| Size = 1957 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] TSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TSCAN1.DAT -> [Ver = \| Size = 64232 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] TSCAN1HD.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TSCAN1HD.DAT -> [Ver = \| Size = 3072 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] V.GRD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\V.GRD -> [Ver = \| Size = 4778 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] V.SIG -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\V.SIG -> [Ver = \| Size = 2269 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] virscan.inf -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\virscan.inf -> [Ver = \| Size = 106244 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN1.DAT -> [Ver = \| Size = 975620 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN2.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN2.DAT -> [Ver = \| Size = 570042 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN3.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN3.DAT -> [Ver = \| Size = 147512 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN4.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN4.DAT -> [Ver = \| Size = 320186 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN5.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN5.DAT -> [Ver = \| Size = 3167664 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN6.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN6.DAT -> [Ver = \| Size = 390049 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN7.DAT -> [Ver = \| Size = 5790278 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN8.DAT -> [Ver = \| Size = 1660106 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN9.DAT -> [Ver = \| Size = 4000061 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] VIRSCANT.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCANT.DAT -> [Ver = \| Size = 32 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] ZDONE.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\ZDONE.DAT -> [Ver = \| Size = 224 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] AUTOLNCH.REG -> %SystemRoot%\AUTOLNCH.REG -> [Ver = \| Size = 1080 bytes \| Modified Date = 21/01/2007 18:32:14 \| Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = \| Size = 2048 bytes \| Modified Date = 22/01/2007 18:23:52 \| Attr = S] MEMORY.DMP -> %SystemRoot%\MEMORY.DMP -> [Ver = \| Size = 0 bytes \| Modified Date = 22/01/2007 1:58:50 \| Attr = ] NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = \| Size = 116 bytes \| Modified Date = 21/01/2007 20:52:50 \| Attr = ] Ulead32.ini -> %SystemRoot%\Ulead32.ini -> [Ver = \| Size = 907 bytes \| Modified Date = 17/01/2007 1:05:30 \| Attr = ] WORDPAD.INI -> %SystemRoot%\WORDPAD.INI -> [Ver = \| Size = 754 bytes \| Modified Date = 1/01/2007 12:01:54 \| Attr = ] Help.ico -> %System32%\Help.ico -> [Ver = \| Size = 1406 bytes \| Modified Date = 19/01/2007 16:02:52 \| Attr = ] mmc.exe.config -> %System32%\mmc.exe.config -> [Ver = \| Size = 126 bytes \| Modified Date = 9/01/2007 14:13:34 \| Attr = ] nvapps.xml -> %System32%\nvapps.xml -> [Ver = \| Size = 75993 bytes \| Modified Date = 22/01/2007 18:25:12 \| Attr = ] pavas.ico -> %System32%\pavas.ico -> [Ver = \| Size = 30590 bytes \| Modified Date = 19/01/2007 16:02:52 \| Attr = ] Uninstall.ico -> %System32%\Uninstall.ico -> [Ver = \| Size = 2550 bytes \| Modified Date = 19/01/2007 16:02:52 \| Attr = ] wpa.dbl -> %System32%\wpa.dbl -> [Ver = \| Size = 2184 bytes \| Modified Date = 21/01/2007 20:25:04 \| Attr = ] CO_Mon.sys -> %System32%\drivers\CO_Mon.sys -> [Ver = \| Size = 28672 bytes \| Modified Date = 19/01/2007 19:22:34 \| Attr = ] [File String Scan - Non-Microsoft Only] UPX! , UPX0 , -> %CommonProgramFiles%\Ahead\AudioPlugins\MusePack\MPPDEC.EXE -> [Ver = \| Size = 64512 bytes \| Modified Date = 23/02/2003 19:29:44 \| Attr = H ] UPX! , UPX0 , -> %CommonProgramFiles%\Ahead\AudioPlugins\MusePack\MPPENC.EXE -> [Ver = \| Size = 79360 bytes \| Modified Date = 26/10/2002 0:53:22 \| Attr = H ] UPX! , UPX0 , -> %CommonProgramFiles%\Ahead\AudioPlugins\Speex\SPEEXDEC.EXE -> [Ver = \| Size = 120832 bytes \| Modified Date = 23/03/2003 15:45:40 \| Attr = H ] UPX! , UPX0 , -> %CommonProgramFiles%\Ahead\AudioPlugins\Speex\SPEEXENC.EXE -> [Ver = \| Size = 122880 bytes \| Modified Date = 23/03/2003 15:42:46 \| Attr = H ] Thawte Consulting , -> %CommonProgramFiles%\Java\Update\Base Images\j2re1.4.2-b28\core3.zip -> [Ver = \| Size = 4648893 bytes \| Modified Date = 19/08/2003 17:56:42 \| Attr = ] Thawte Consulting , -> %CommonProgramFiles%\Logitech\LGS500Inst\setup.exe -> Macrovision Corporation [Ver = 11.00.28844 \| Size = 121064 bytes \| Modified Date = 6/04/2005 18:39:06 \| Attr = ] SAHAgent , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20031112.019\WHATSNEW.TXT -> [Ver = \| Size = 27089 bytes \| Modified Date = 12/11/2003 10:00:00 \| Attr = ] SAHAgent , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20031113.023\WHATSNEW.TXT -> [Ver = \| Size = 27089 bytes \| Modified Date = 13/11/2003 10:00:00 \| Attr = ] aspack , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20051116.024\navex15.sys -> Symantec Corporation [Ver = 20051.3.0.16 \| Size = 750424 bytes \| Modified Date = 16/11/2005 10:00:00 \| Attr = ] aspack , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20051116.024\navex15.vxd -> [Ver = \| Size = 907339 bytes \| Modified Date = 16/11/2005 10:00:00 \| Attr = ] aspack , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20051116.024\navex32a.dll -> Symantec Corporation [Ver = 20051.3.0.16 \| Size = 788088 bytes \| Modified Date = 16/11/2005 10:00:00 \| Attr = ] SAHAgent , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20051116.024\TCDEFS.DAT -> [Ver = \| Size = 39566 bytes \| Modified Date = 16/11/2005 10:00:00 \| Attr = ] FSG! , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20051116.024\VIRSCAN8.DAT -> [Ver = \| Size = 1437408 bytes \| Modified Date = 16/11/2005 10:00:00 \| Attr = ] UPX! , FSG! , WSUD , UPX0 , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20051116.024\VIRSCAN9.DAT -> [Ver = \| Size = 2859322 bytes \| Modified Date = 16/11/2005 10:00:00 \| Attr = ] SAHAgent , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\TCDEFS.DAT -> [Ver = \| Size = 187905 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] FSG! , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN8.DAT -> [Ver = \| Size = 1662499 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] FSG! , WSUD , UPX0 , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070112.052\VIRSCAN9.DAT -> [Ver = \| Size = 4008519 bytes \| Modified Date = 12/01/2007 10:00:00 \| Attr = ] SAHAgent , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCDEFS.DAT -> [Ver = \| Size = 188007 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] FSG! , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN8.DAT -> [Ver = \| Size = 1664913 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] FSG! , WSUD , UPX0 , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN9.DAT -> [Ver = \| Size = 4033733 bytes \| Modified Date = 17/01/2007 10:00:00 \| Attr = ] SAHAgent , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\TCDEFS.DAT -> [Ver = \| Size = 187887 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] FSG! , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN8.DAT -> [Ver = \| Size = 1660106 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] FSG! , WSUD , UPX0 , -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\VIRSCAN9.DAT -> [Ver = \| Size = 4000061 bytes \| Modified Date = 10/01/2007 10:00:00 \| Attr = ] PECompact2 , qoologic , SAHAgent , -> %SystemRoot%\LPT$VPN.989 -> [Ver = \| Size = 12848976 bytes \| Modified Date = 26/02/2005 2:15:22 \| Attr = ] UPX! , UPX0 , -> %SystemRoot%\tsc.exe -> Trend Micro Inc. [Ver = 3.9.0.1020 \| Size = 170053 bytes \| Modified Date = 26/02/2005 2:15:22 \| Attr = ] PECompact2 , qoologic , SAHAgent , -> %SystemRoot%\VPTNFILE.989 -> [Ver = \| Size = 12848976 bytes \| Modified Date = 26/02/2005 2:15:22 \| Attr = ] UPX! , aspack , -> %SystemRoot%\vsapi32.dll -> Trend Micro Inc. [Ver = 7.100-1003 \| Size = 1036800 bytes \| Modified Date = 26/02/2005 2:15:22 \| Attr = ] PEC2 , -> %System32%\dfrg.msc -> [Ver = \| Size = 41131 bytes \| Modified Date = 30/09/2001 11:47:58 \| Attr = ] PEC2 , PECompact2 , -> %System32%\DivX.dll -> DivX, Inc. [Ver = 6.1.1.2 \| Size = 573952 bytes \| Modified Date = 7/12/2005 18:05:52 \| Attr = ] Umonitor , -> %System32%\ipebase12.dll -> Hewlett-Packard Company [Ver = 1, 2, 0, 5 \| Size = 331776 bytes \| Modified Date = 15/01/2001 21:03:54 \| Attr = ] winsync , -> %System32%\wbdbase.deu -> [Ver = \| Size = 1309184 bytes \| Modified Date = 30/09/2001 11:49:10 \| Attr = ] WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = \| Size = 13463552 bytes \| Modified Date = 30/09/2001 11:47:28 \| Attr = ] UPX0 , -> %System32%\dllcache\NT5IIS.CAT -> [Ver = \| Size = 809394 bytes \| Modified Date = 30/09/2001 11:48:40 \| Attr = ] < End of report > Voila.

Thanos Voir le profil	lundi 22 janvier 2007 à 20h00 Message #14
Devil Member ! Groupe : Equipe Sécurité+ Messages : 14513 Inscrit : 24/02/2005 Membre n^o 152504	salut Je regarde tes rapports et te laisse une réponse : à première vue tu as bien bossé car le rapport Blacklight est niquel Ca c'était pour l'infection MAgic Control Agent (tu ne devrais plus avoir de pubs intempestives).Je regarde le reste. -------------------- Fournir de l'aide en désinfection (par ipl_001) - Procédure de demande d'aide et désinfection (par Falkra) - Guide sécurisation Windows face aux menaces infectieuses USB (par Gof) Je ne réponds à aucune demande d'aide via mp, merci.

Thanos Voir le profil	lundi 22 janvier 2007 à 20h05 Message #15
Devil Member ! Groupe : Equipe Sécurité+ Messages : 14513 Inscrit : 24/02/2005 Membre n^o 152504	tdanny6, poste moi stp un nouveau rapport DiagHelp pour voir si tout a bien été éliminé (certains dossiers liés à l'infection). @toute à l'heure(après diner ) -------------------- Fournir de l'aide en désinfection (par ipl_001) - Procédure de demande d'aide et désinfection (par Falkra) - Guide sécurisation Windows face aux menaces infectieuses USB (par Gof) Je ne réponds à aucune demande d'aide via mp, merci.

« Sujets plus anciens · Analyse rapports HijackThis, Eradication malwares · Sujets plus récents »

2 Pages

1 2 >

1 utilisateur(s) sur ce sujet (1 invité(s) et 0 utilisateur(s) anonyme(s))

0 membre(s) :

Sujets similaires

Titre	Réponses	Auteur	Lectures	Dernière action
Optimisation, Trucs & Astuces redémarrage pc , tros long RESOLU 12	17	dragon-druide	399	Hier à 18h04 Dernier message par : dragon-druide
Software Résolu-QtCore4.dll absente	1	Pianiste	67	Hier à 16h52 Dernier message par : leminou
Windows Vista Résolu : Récuperer un logiciel supprimé par erreur	5	Armel	160	Hier à 12h20 Dernier message par : Armel
Hardware [Résolu] Son de micro faible 12	19	Magus	5789	Hier à 11h27 Dernier message par : - Invité -
Hardware [Résolu] Scanner ESPON GT 9600 [SCSI]	6	josh99	120	lundi 15 mars 2010 à 17h42 Dernier message par : Berfizan
Analyse rapports HijackThis, Eradication malwares Infection détectée par Antivir, nettoyage incomplet [résolu]	3	Ed0kun	169	dimanche 14 mars 2010 à 14h08 Dernier message par : Ed0kun
Software [Résolu] Blocquages d'explorer	7	leminou	139	dimanche 14 mars 2010 à 12h42 Dernier message par : leminou
Programmation [Résolu] Newsletter	4	alain488	150	samedi 13 mars 2010 à 23h21 Dernier message par : alain488
Hardware (RESOLU) Ecran noir mais tout qui a l'air de demarrer. 12	20	WonderHp	574	samedi 13 mars 2010 à 16h03 Dernier message par : WonderHp
Software ou est passé mon clavier? [résolu]	9	chanoly3	202	samedi 13 mars 2010 à 03h12 Dernier message par : ticlou

Modes d'affichage: Standard · Passer au mode : Linéaire+ · Passer au mode : Arborescent

Suivre ce sujet · Envoyer ce sujet · Imprimer ce sujet · S'abonner à ce forum

Vous êtes étudiant ? Téléchargez gratuitement et légalement des logiciels Microsoft !

Forums Zebulon.fr > Forums de Zebulon.fr > Sécurité > Analyse rapports HijackThis, Eradication malwares

Version bas débit

Nous sommes le : mercredi 17 mars 2010 à 04h35

[Services] [Contact] [Plan du site] [Notice légale] [Twitter]	Copyright © 1999-2010 Zebulon.fr - Optimisation windows & Informatique - Tous Droits Réservés. Hébergé par OVH
Partenaires : Prix ordinateur, Libellules.ch, Magazine informatique