fred62200

Membres

Afficher le profil Afficher son activité

Compteur de contenus
300
Inscription
le 16 janvier 2008
Dernière visite
le 30 mars 2018

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par fred62200

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares

Je pense que le dossier winvi dans program files n'était pas étranger à l'affaire... Merci encore !
- le 3 février 2008
- 68 réponses
(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares

CA MARCHE !!! Merci beaucoup... L'image sur mon bureau est partie, et la page d'accueil Internet est redevenue normale. Voici le rapport SDFix : SDFix: Version 1.136 Run by DENDECKER on 03/02/2008 at 12:25 Microsoft Windows XP [version 5.1.2600] Running From: C:\DOCUME~1\DENDEC~1\Bureau\SDFix Safe Mode: Checking Services: Restoring Windows Registry Values Restoring Windows Default Hosts File Restoring Default Desktop Wallpaper Rebooting... Normal Mode: Checking Files: Trojan Files Found: C:\WINDOWS\SYSTEM32\QTWMCI32.DLL - Deleted C:\Program Files\winvi\Uninst.exe - Deleted C:\Program Files\winvi\update.exe - Deleted C:\Program Files\winvi\version.ini - Deleted C:\Program Files\winvi\wupda.exe - Deleted C:\Program Files\winvi\dsktp\AC_RunActiveContent.js - Deleted C:\Program Files\winvi\dsktp\desktop.html - Deleted C:\Program Files\winvi\dsktp\internetDetection.swf - Deleted C:\Program Files\winvi\dsktp\settings.sol - Deleted C:\Program Files\winvi\temp\version.ini - Deleted Folder C:\Program Files\winvi - Removed Removing Temp Files... ADS Check: Final Check: catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-03 12:34:10 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\a347scsi\Config\jdgg40] scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}] "DisplayName"="Alcohol 120% (Trial Version)" scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] Remaining Files: --------------- File Backups: - C:\DOCUME~1\DENDEC~1\Bureau\SDFix\backups\backups.zip Files with Hidden Attributes: Wed 4 May 2005 215 A.SHR --- "C:\BOOT.BAK" Fri 12 Mar 2004 54,384 A..H. --- "C:\Program Files\AOL 9.0\aolphx.exe" Fri 12 Mar 2004 156,784 A..H. --- "C:\Program Files\AOL 9.0\aoltray.exe" Fri 12 Mar 2004 31,344 A..H. --- "C:\Program Files\AOL 9.0\RBM.exe" Thu 15 Mar 2007 8 ..SHR --- "C:\WINDOWS\system32\D7ED7B0402.sys" Thu 6 Dec 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Thu 1 Nov 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\ad213d081e2675ef87a62c73b8abf209\BITD.tmp" Thu 1 Nov 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d6e228e44f2018dd79eeb427a0b47d06\BITE.tmp" Tue 26 Jul 2005 77 A..H. --- "C:\Documents and Settings\DENDECKER\Local Settings\Application Data\PowerCinema\TVChannelList.tmp" Fri 12 Mar 2004 106,496 A..H. --- "C:\Program Files\Fichiers communs\aolshare\shell\fr\shellext.dll" Mon 12 Jun 2006 127 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\1940DBE8.TMP" Mon 25 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX10.tmp" Mon 25 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX11.tmp" Wed 27 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX12.tmp" Mon 25 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX13.tmp" Tue 26 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX15.tmp" Wed 27 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX16.tmp" Mon 25 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX18.tmp" Sun 1 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX19.tmp" Tue 26 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX1D.tmp" Wed 27 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX1E.tmp" Wed 27 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX1F.tmp" Fri 6 Jul 2007 48,924 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX2.tmp" Thu 28 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX20.tmp" Thu 28 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX21.tmp" Tue 26 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX22.tmp" Wed 27 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX23.tmp" Wed 27 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX24.tmp" Tue 26 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX25.tmp" Wed 27 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX26.tmp" Mon 2 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX27.tmp" Tue 26 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX28.tmp" Tue 26 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX29.tmp" Thu 28 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX2A.tmp" Tue 26 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX2B.tmp" Tue 26 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX2C.tmp" Fri 29 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX2D.tmp" Tue 26 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX2E.tmp" Tue 26 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX2F.tmp" Mon 23 Jul 2007 48,924 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX3.tmp" Wed 27 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX30.tmp" Thu 28 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX31.tmp" Wed 27 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX32.tmp" Sat 30 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX33.tmp" Fri 29 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX34.tmp" Wed 27 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX35.tmp" Thu 28 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX36.tmp" Wed 27 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX37.tmp" Sun 1 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX38.tmp" Sat 30 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX39.tmp" Fri 29 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX3A.tmp" Thu 5 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX3B.tmp" Wed 27 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX3C.tmp" Mon 2 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX3D.tmp" Wed 27 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX3F.tmp" Sun 24 Jun 2007 31,784 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX4.tmp" Sat 30 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX40.tmp" Sun 1 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX41.tmp" Thu 28 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX42.tmp" Mon 2 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX43.tmp" Thu 28 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX44.tmp" Thu 28 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX45.tmp" Fri 6 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX46.tmp" Thu 28 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX47.tmp" Thu 5 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX48.tmp" Fri 6 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX49.tmp" Thu 28 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX4A.tmp" Fri 6 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX4B.tmp" Thu 5 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX4C.tmp" Thu 28 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX4D.tmp" Sat 21 Jul 2007 48,924 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX4E.tmp" Fri 6 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX4F.tmp" Mon 25 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX5.tmp" Thu 5 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX50.tmp" Fri 6 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX51.tmp" Fri 6 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX52.tmp" Sat 7 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX53.tmp" Thu 5 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX54.tmp" Sun 8 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX55.tmp" Thu 5 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX56.tmp" Sat 7 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX57.tmp" Fri 6 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX58.tmp" Thu 5 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX59.tmp" Fri 6 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX5A.tmp" Fri 6 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX5B.tmp" Sat 7 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX5C.tmp" Thu 5 Jul 2007 31,784 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX5D.tmp" Fri 6 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX5E.tmp" Mon 9 Jul 2007 31,784 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX5F.tmp" Tue 26 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX6.tmp" Sat 7 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX60.tmp" Fri 6 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX61.tmp" Sun 8 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX62.tmp" Mon 9 Jul 2007 51,272 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX63.tmp" Tue 10 Jul 2007 31,784 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX64.tmp" Sun 8 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX65.tmp" Fri 6 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX66.tmp" Sat 7 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX67.tmp" Fri 6 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX68.tmp" Fri 6 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX69.tmp" Wed 11 Jul 2007 31,784 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX6A.tmp" Wed 11 Jul 2007 51,272 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX6B.tmp" Sat 7 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX6C.tmp" Mon 9 Jul 2007 31,784 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX6D.tmp" Sun 8 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX6E.tmp" Mon 9 Jul 2007 51,272 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX6F.tmp" Mon 25 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX7.tmp" Sun 8 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX70.tmp" Sun 8 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX71.tmp" Mon 16 Jul 2007 31,784 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX72.tmp" Thu 12 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX73.tmp" Tue 17 Jul 2007 31,784 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX74.tmp" Thu 12 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX75.tmp" Thu 12 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX76.tmp" Wed 18 Jul 2007 31,784 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX77.tmp" Thu 19 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX78.tmp" Sat 21 Jul 2007 48,924 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX79.tmp" Thu 19 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX7A.tmp" Thu 19 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX7B.tmp" Tue 17 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX7D.tmp" Mon 23 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX7E.tmp" Tue 17 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX7F.tmp" Mon 25 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX8.tmp" Mon 23 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX81.tmp" Thu 26 Jul 2007 31,784 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX82.tmp" Tue 17 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX84.tmp" Tue 17 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX85.tmp" Tue 17 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX87.tmp" Tue 17 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX88.tmp" Mon 23 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX89.tmp" Tue 17 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX8A.tmp" Tue 17 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX8B.tmp" Mon 23 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX8D.tmp" Wed 27 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX9.tmp" Mon 23 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX90.tmp" Mon 23 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX94.tmp" Mon 23 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX96.tmp" Mon 23 Jul 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAX97.tmp" Tue 26 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAXB.tmp" Mon 25 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAXC.tmp" Thu 28 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAXD.tmp" Mon 25 Jun 2007 61,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\AAXF.tmp" Sat 8 Dec 2007 136 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\adb24.tmp" Sun 16 Dec 2007 136 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\adb2FF.tmp" Sat 29 Dec 2007 43 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\binsttmp.tmp" Tue 4 Sep 2007 36,864 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\CmdLineExt02.dll" Wed 1 Sep 2004 103,533 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\CodecSettings.reg" Mon 17 Dec 2007 6,638,792 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\DivXInstaller.exe" Tue 1 Jul 2003 4,288,608 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\EBU2B.EXE" Tue 1 Jul 2003 11,546,624 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\EBU2C.DLL" Thu 23 Aug 2007 1,214,528 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\FlashPlayerUpdate.exe" Thu 21 Jan 1999 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\GLF19.tmp" Thu 23 Aug 2007 1,230,277 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\gtb47.tmp" Wed 27 Sep 2006 1 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\LEX2E.tmp" Wed 27 Sep 2006 1 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\LEX39.tmp" Wed 27 Sep 2006 1 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\LEX3F.tmp" Wed 27 Sep 2006 1 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\LEX45.tmp" Wed 27 Sep 2006 1 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\LEX4B.tmp" Mon 17 Dec 2007 34 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\mod1F.tmp" Mon 17 Dec 2007 34 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\mod5.tmp" Mon 17 Dec 2007 34 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\mod6.tmp" Thu 29 Mar 2007 16,834 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\MPC1.tmp" Thu 29 Mar 2007 18,014 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\MPC9.tmp" Tue 30 Oct 2007 10,334 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\MSTE0.tmp" Wed 27 Sep 2006 13,824 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\MSV2B.tmp" Wed 27 Sep 2006 1,409 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\MSV2C.tmp" Wed 27 Sep 2006 13,824 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\MSV36.tmp" Wed 27 Sep 2006 1,409 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\MSV37.tmp" Wed 27 Sep 2006 13,824 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\MSV3C.tmp" Wed 27 Sep 2006 1,409 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\MSV3D.tmp" Wed 27 Sep 2006 13,824 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\MSV42.tmp" Wed 27 Sep 2006 1,409 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\MSV43.tmp" Wed 27 Sep 2006 13,824 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\MSV48.tmp" Wed 27 Sep 2006 1,409 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\MSV49.tmp" Wed 27 Sep 2006 155,648 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\PJ2296.tmp" Wed 27 Sep 2006 155,648 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\PJ2969.tmp" Thu 12 Jul 2007 5,182 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\plf2.tmp" Sat 29 Dec 2007 231,354 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\s3sg..exe" Wed 11 Apr 2001 166,912 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\set17.tmp" Tue 14 Nov 2006 116,880 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\set25.tmp" Wed 11 Apr 2001 166,912 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\set7.tmp" Wed 26 Dec 2007 4,395,213 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\setup.exe" Tue 4 Sep 2007 12,067 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SIntf16.dll" Tue 4 Sep 2007 19,924 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SIntf32.dll" Tue 4 Sep 2007 24,516 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SIntfNT.dll" Sun 9 Dec 2007 221,756 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\song.exe" Thu 4 Oct 2007 1,174,664 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SymLCSVC.EXE" Fri 27 Jan 2006 58 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\temp_AiRules0.tmp" Sat 29 Dec 2007 275 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\tmp19.tmp" Sat 29 Dec 2007 277 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\tmp5E.tmp" Sat 29 Dec 2007 275 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\tmp85.tmp" Sun 30 Dec 2007 275 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\tmpDC9.tmp" Mon 15 Mar 2004 1,798,144 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\UNNeroVision.exe" Fri 20 Feb 2004 1,773,568 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\UNNMIX.exe" Wed 3 Mar 2004 1,769,472 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\UNNMP.exe" Tue 18 Jun 2002 299,008 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\war3_Install.exe" Sun 30 Dec 2007 5,716 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\wcxDBD.tmp" Sun 30 Dec 2007 2,181 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\wcxDBE.tmp" Sun 30 Dec 2007 1,900 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\wcxDC3.tmp" Sun 30 Dec 2007 308 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\wcxDC6.tmp" Sun 30 Dec 2007 2,737 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\wcxDC7.tmp" Thu 29 Nov 2007 49,152 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\WinBinstaller.exe" Fri 16 Sep 2005 58,880 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\WKS2F.tmp" Wed 27 Sep 2006 10,752 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\WKS3A.tmp" Thu 15 Dec 2005 8,192 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\WKS40.tmp" Wed 27 Sep 2006 8,192 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\WKS46.tmp" Wed 27 Sep 2006 8,192 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\WKS4C.tmp" Sat 29 Dec 2007 46,080 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~e5d141.tmp" Wed 27 Sep 2006 16,384 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~Qil0049.tmp" Wed 27 Sep 2006 16,384 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~Qil0309.tmp" Wed 27 Sep 2006 16,384 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~Qil1201.tmp" Wed 27 Sep 2006 16,384 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~Qil1936.tmp" Wed 27 Sep 2006 16,384 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~Qil2358.tmp" Wed 27 Sep 2006 16,384 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~Qil2774.tmp" Wed 27 Sep 2006 16,384 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~Qil2897.tmp" Wed 27 Sep 2006 16,384 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~Qil3559.tmp" Wed 27 Sep 2006 16,384 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~Qil3598.tmp" Wed 27 Sep 2006 16,384 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~Qil3876.tmp" Tue 22 Nov 2005 29,184 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRC0000.tmp" Wed 23 Nov 2005 29,184 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRC0001.tmp" Wed 23 Nov 2005 29,184 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRC0002.tmp" Wed 23 Nov 2005 29,184 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRC0003.tmp" Thu 24 Nov 2005 29,184 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRC0004.tmp" Thu 24 Nov 2005 29,184 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRC2384.tmp" Mon 5 Dec 2005 29,184 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRC2580.tmp" Thu 24 Nov 2005 29,184 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRC2799.tmp" Mon 14 Nov 2005 32,768 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRF0000.tmp" Tue 15 Nov 2005 32,768 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRF0001.tmp" Mon 21 Nov 2005 32,768 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRF0002.tmp" Mon 21 Nov 2005 32,768 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRF0003.tmp" Tue 22 Nov 2005 32,768 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRF0004.tmp" Tue 13 Dec 2005 32,768 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRF0898.tmp" Wed 11 Oct 2006 32,768 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRF0980.tmp" Wed 11 Oct 2006 32,768 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRF1041.tmp" Tue 22 Nov 2005 32,768 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRF1107.tmp" Wed 23 Nov 2005 32,768 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRF1124.tmp" Tue 22 Nov 2005 32,768 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRF1159.tmp" Thu 31 Aug 2006 32,768 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRF1369.tmp" Tue 14 Feb 2006 32,768 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRF1464.tmp" Thu 31 Aug 2006 32,768 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRF1572.tmp" Wed 14 Dec 2005 32,768 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRF3144.tmp" Thu 31 Aug 2006 32,768 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRF3344.tmp" Tue 22 Nov 2005 32,768 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRF3422.tmp" Thu 31 Aug 2006 32,768 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\~WRF3942.tmp" Sun 14 Mar 2004 850,938 A..HR --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\R‚pertoire temporaire 1 pour dvdshrink317setup.zip\dvdshrink317setup.exe" Sun 14 Mar 2004 855,576 A..HR --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\R‚pertoire temporaire 1 pour dvdshrink317_fr.zip\dvdshrink317setup_fr.exe" Tue 3 Dec 2002 166,131 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\R‚pertoire temporaire 1 pour Nero-CleanTool.zip\Nero-CleanTool.exe" Mon 16 Jun 2003 434,176 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\R‚pertoire temporaire 1 pour NeroDriveSpeed_200.zip\DriveSpeed.exe" Thu 18 Jan 2007 533,096 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\ccL60U.dll" Thu 18 Jan 2007 636,592 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\DefUtDCD.dll" Thu 18 Jan 2007 499,712 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\msvcp71.dll" Thu 18 Jan 2007 348,160 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\msvcr71.dll" Thu 18 Jan 2007 1,951,344 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAVSetup.exe" Thu 18 Jan 2007 617,056 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\SAUpdt.dll" Thu 18 Jan 2007 534,120 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Stub.exe" Thu 18 Jan 2007 1,320,544 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\SymHTML.dll" Thu 18 Jan 2007 366,176 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\SymTheme.dll" Mon 19 Feb 2007 533,096 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\ccL60U.dll" Mon 19 Feb 2007 636,592 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\DefUtDCD.dll" Mon 19 Feb 2007 499,712 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\msvcp71.dll" Mon 19 Feb 2007 348,160 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\msvcr71.dll" Mon 19 Feb 2007 617,056 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\SAUpdt.dll" Mon 19 Feb 2007 534,120 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Stub.EXE" Mon 19 Feb 2007 1,320,544 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\SymHTML.dll" Mon 19 Feb 2007 2,074,240 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\SymSetup.EXE" Mon 19 Feb 2007 366,176 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\SymTheme.dll" Thu 7 Sep 1995 8,192 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\WZS56.tmp\_ISDEL.EXE" Tue 10 Dec 1996 11,264 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\WZS56.tmp\_SETUP.DLL" Thu 7 Sep 1995 8,192 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\WZS58.tmp\_ISDEL.EXE" Tue 10 Dec 1996 11,264 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\WZS58.tmp\_SETUP.DLL" Thu 15 Dec 2005 34,315,843 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\{336C06E7-0219-44AF-8593-E2009E24FCCD}\QuickTimeInstaller.exe" Sun 9 Dec 2007 9,459,920 A..H. --- "C:\Documents and Settings\DENDECKER\Local Settings\Application Data\Adobe\Updater5\Install\assetservice3\assetservices_310.exe" Sun 9 Dec 2007 27,191,208 A..H. --- "C:\Documents and Settings\DENDECKER\Local Settings\Application Data\Adobe\Updater5\Install\bridge2\bridge2_1_1.exe" Sun 9 Dec 2007 1,990,656 A..H. --- "C:\Documents and Settings\DENDECKER\Local Settings\Application Data\Adobe\Updater5\Install\bridge2\BridgeStartMeeting101.exe" Sun 9 Dec 2007 5,009,408 A..H. --- "C:\Documents and Settings\DENDECKER\Local Settings\Application Data\Adobe\Updater5\Install\cameraraw4\CameraRaw42.exe" Sun 9 Dec 2007 29,360,128 A..H. --- "C:\Documents and Settings\DENDECKER\Local Settings\Application Data\Adobe\Updater5\Install\colorcommon1\ColorCommon190.exe" Sun 9 Dec 2007 31,356,872 A..H. --- "C:\Documents and Settings\DENDECKER\Local Settings\Application Data\Adobe\Updater5\Install\estoolkit2\ExtendScriptToolkit2.0.1.exe" Sun 9 Dec 2007 77,526,944 A..H. --- "C:\Documents and Settings\DENDECKER\Local Settings\Application Data\Adobe\Updater5\Install\photoshop10-en_US\photoshop_10_0_1.exe" Sun 9 Dec 2007 6,021,120 A..H. --- "C:\Documents and Settings\DENDECKER\Local Settings\Application Data\Adobe\Updater5\Install\versioncueclient3\VC_client_310_1.exe" Mon 2 Aug 2004 2,232,320 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\CoverDesigner\CoverDes.exe" Wed 3 Mar 2004 90,112 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\ImageDrive\idriveinst.dll" Wed 3 Mar 2004 118,784 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\ImageDrive\imagedrv.dll" Wed 3 Mar 2004 5,504 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\ImageDrive\imagedrv.sys" Tue 7 Sep 2004 831,567 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\ImageDrive\ImageDrive.exe" Wed 3 Mar 2004 125,184 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\ImageDrive\imagesrv.sys" Tue 7 Sep 2004 90,112 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\AudioPluginMgr.dll" Fri 17 Sep 2004 204,859 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\CDCopy.dll" Fri 17 Sep 2004 225,342 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\cdr100.dll" Fri 17 Sep 2004 233,531 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\cdr50s.dll" Fri 17 Sep 2004 249,914 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\CDROM.dll" Fri 17 Sep 2004 266,299 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\cdu920.dll" Fri 17 Sep 2004 225,341 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\cr2200cs.dll" Wed 1 Oct 2003 627,200 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\Drweb32.dll" Wed 1 Oct 2003 102,400 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\DVDREALLOC.dll" Fri 17 Sep 2004 221,244 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\Dws114x.dll" Fri 17 Sep 2004 106,563 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\Equalize.dll" Fri 17 Sep 2004 184,384 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\FATImporter.dll" Fri 17 Sep 2004 77,884 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\GENCUSH.dll" Fri 17 Sep 2004 77,891 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\Generatr.dll" Fri 17 Sep 2004 176,190 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\GenFAT.dll" Fri 17 Sep 2004 225,342 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\geniso.dll" Fri 17 Sep 2004 229,436 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\GenPCHy.dll" Fri 17 Sep 2004 307,262 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\GenUDF.dll" Fri 17 Sep 2004 131,130 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\image.dll" Fri 17 Sep 2004 102,461 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\ImageGen.dll" Fri 17 Sep 2004 233,528 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\ims.dll" Fri 17 Sep 2004 192,570 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\ISOFS.dll" Wed 1 Oct 2003 28,160 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\KARAOKE.dll" Fri 17 Sep 2004 753,720 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\MMC.dll" Wed 1 Oct 2003 139,264 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\MPGEnc.dll" Fri 17 Sep 2004 98,384 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\NeHDBlkAccess.dll" Fri 17 Sep 2004 471,101 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\NeMP3Dmo.dll" Fri 17 Sep 2004 81,986 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\NeMP3Hlp.dll" Fri 17 Sep 2004 14,078,010 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\nero.exe" Fri 17 Sep 2004 3,117,120 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\neroAPI.dll" Wed 1 Oct 1997 13,344 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\nerocdNT.sys" Wed 25 Aug 2004 151,552 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\NeroCmd.exe" Wed 25 Aug 2004 356,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\NeroCom.dll" Fri 17 Sep 2004 249,918 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\neroDB.dll" Fri 17 Sep 2004 282,684 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\neroErr.dll" Tue 13 Jul 2004 786,432 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\NeroMediaCon.dll" Tue 7 Sep 2004 323,584 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\NeroNet.dll" Fri 17 Sep 2004 159,805 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\neroscsi.dll" Fri 23 Jan 2004 274,432 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\neroshx.dll" Tue 14 Sep 2004 102,466 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\neRSDB.dll" Fri 17 Sep 2004 196,680 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\NetRecorder.dll" Fri 17 Sep 2004 147,526 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\NeVCDEngine.dll" Fri 17 Sep 2004 348,219 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\newtrf.dll" Mon 17 May 2004 257,820 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\NRESTORE.EXE" Wed 1 Oct 2003 5,120 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\READHD16.dll" Wed 1 Oct 2003 23,040 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\ReadHD32.dll" Fri 17 Sep 2004 225,340 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\ro1420c.dll" Fri 17 Sep 2004 487,496 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\UDFImporter.dll" Tue 14 Sep 2004 180,288 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\VCDMenu.dll" Tue 14 Sep 2004 155,714 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\VMPEGEnc.dll" Fri 1 Aug 2003 364,544 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\VMPEGEncNDX.dll" Thu 22 Jul 2004 160,016 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero\WNASPI32.DLL" Tue 7 Sep 2004 5,648,384 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero BackItUp\BackItUp.exe" Tue 7 Sep 2004 1,871,872 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero BackItUp\NBJ.exe" Tue 7 Sep 2004 1,093,632 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero BackItUp\NBR.exe" Mon 20 Sep 2004 1,765,454 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\nero soundtrax\SoundTrax.exe" Wed 11 Aug 2004 2,699,341 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero StartSmart\NeroStartSmart.exe" Fri 17 Sep 2004 1,241,088 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero Toolkit\CDSpeed.exe" Mon 28 Jun 2004 585,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero Toolkit\DriveSpeed.exe" Mon 10 Mar 2003 11,568 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero Toolkit\hwinfo.exe" Wed 4 Aug 2004 520,192 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero Toolkit\InfoTool.exe" Tue 7 Sep 2004 122,971 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero Wave Editor\DXEnum.exe" Fri 12 Oct 2001 266,240 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero Wave Editor\vfft.dll" Tue 7 Sep 2004 1,728,595 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero Wave Editor\waveedit.dll" Tue 7 Sep 2004 118,868 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Nero Wave Editor\WaveEdit.exe" Wed 18 Dec 2002 509,984 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Redist\50comupd.exe" Tue 4 May 2004 1,645,320 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Redist\gdiplus.DLL" Thu 23 Aug 2001 995,383 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Redist\mfc42.DLL" Mon 28 Aug 2000 401,462 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Redist\MSVCP60.DLL" Fri 4 May 2001 290,869 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Redist\msvcrt.dll" Tue 23 Jan 2001 117,288 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Redist\shfolder.exe" Fri 17 Sep 2004 618,557 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\setup\shortcut.dll" Fri 13 Aug 2004 104,448 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\R‚pertoire temporaire 3 pour Ahead.Nero.Burning.ROM.v6.3.1.25.Incl.Keygen-ORiON.zip\o-ra9101\Keygen.exe" Thu 3 Oct 2002 344,064 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\R‚pertoire temporaire 3 pour Ahead.Nero.Burning.ROM.v6.3.1.25.Incl.Keygen-ORiON.zip\o-ra9101\mp3pro.exe" Fri 13 Aug 2004 104,448 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\R‚pertoire temporaire 2 pour Ahead.Nero.Burning.ROM.v6.3.1.25.Incl.Keygen-ORiON.zip\o-ra9101\Keygen.exe" Thu 3 Oct 2002 344,064 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\R‚pertoire temporaire 2 pour Ahead.Nero.Burning.ROM.v6.3.1.25.Incl.Keygen-ORiON.zip\o-ra9101\mp3pro.exe" Fri 13 Aug 2004 104,448 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\R‚pertoire temporaire 1 pour Ahead.Nero.Burning.ROM.v6.3.1.25.Incl.Keygen-ORiON.zip\o-ra9101\Keygen.exe" Thu 3 Oct 2002 344,064 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\R‚pertoire temporaire 1 pour Ahead.Nero.Burning.ROM.v6.3.1.25.Incl.Keygen-ORiON.zip\o-ra9101\mp3pro.exe" Thu 5 Aug 2004 1,101,824 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\AudioPlugins\Aac.dll" Thu 26 Aug 2004 983,040 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\AudioPlugins\aacenc32.dll" Tue 7 Sep 2004 69,632 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\AudioPlugins\Aiff.dll" Tue 7 Sep 2004 49,152 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\AudioPlugins\DefConvertor.dll" Tue 17 Feb 2004 208,896 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\AudioPlugins\lame_enc.dll" Tue 7 Sep 2004 335,872 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\AudioPlugins\mp3PP.dll" Tue 7 Sep 2004 540,672 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\AudioPlugins\mp3PRO.dll" Tue 7 Sep 2004 61,440 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\AudioPlugins\mp3PRO_hlp.dll" Tue 7 Sep 2004 69,632 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\AudioPlugins\mp3PRO_dmo.dll" Tue 7 Sep 2004 214,016 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\AudioPlugins\msa.dll" Tue 7 Sep 2004 1,347,584 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\AudioPlugins\ogg.dll" Tue 7 Sep 2004 77,824 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\AudioPlugins\Vqf.dll" Tue 7 Sep 2004 667,648 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\AudioPlugins\VqfDecLib.dll" Tue 7 Sep 2004 221,184 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\AudioPlugins\VqfEncLib1.dll" Tue 7 Sep 2004 827,392 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\AudioPlugins\VqfEncLib.dll" Tue 7 Sep 2004 86,016 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\AudioPlugins\wav.dll" Mon 5 Apr 2004 290,816 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\DSFilters\aacplus.dll" Tue 16 Dec 2003 364,544 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\DSFilters\mp4file.dll" Mon 2 Aug 2004 372,736 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\DSFilters\NeAMR.dll" Fri 17 Sep 2004 942,146 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\Lib\AdvrCntr.dll" Wed 11 Aug 2004 98,372 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\Lib\apreg.dll" Mon 5 Apr 2004 139,264 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\Lib\DriveLocker.dll" Wed 25 Aug 2004 1,097,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\Lib\NeroCBUI.dll" Wed 25 Aug 2004 1,097,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\Lib\NeroIPP.dll" Thu 18 Jan 2007 510,088 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\SEVINST\Sevntx64.exe" Thu 18 Jan 2007 484,984 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\ALUNOTIF.EXE" Thu 18 Jan 2007 58,976 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\ALUNTRES.DLL" Thu 18 Jan 2007 13,920 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\ALUSDRES.DLL" Thu 18 Jan 2007 554,616 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\ALUSDSVC.EXE" Thu 18 Jan 2007 624,248 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\AUpdate.exe" Thu 18 Jan 2007 8,800 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\AUPDTRES.DLL" Thu 18 Jan 2007 466,944 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\capicom.dll" Thu 18 Jan 2007 583,288 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\Lsetup.exe" Thu 18 Jan 2007 1,353,336 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\LuAll.exe" Thu 18 Jan 2007 771,680 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\LuAllRes.dll" Thu 18 Jan 2007 484,984 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\LUCBPRXY.EXE" Thu 18 Jan 2007 910,968 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\LuCheck.exe" Thu 18 Jan 2007 75,384 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\LUCOMPS.DLL" Thu 18 Jan 2007 67,168 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\LUCOMRES.DLL" Thu 18 Jan 2007 2,918,008 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\LUCOMSVR.EXE" Thu 18 Jan 2007 829,024 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\LuConfig.exe" Thu 18 Jan 2007 448,120 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\LUInit.exe" Thu 18 Jan 2007 697,976 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\LUinsDll.dll" Thu 18 Jan 2007 24,160 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\LUinsRes.dll" Thu 18 Jan 2007 177,784 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\LUPreCon.dll" Thu 18 Jan 2007 226,936 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\NETDTCRL.DLL" Thu 18 Jan 2007 820,856 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\NotifyHA.exe" Thu 18 Jan 2007 358,008 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\PRCRGCOM.DLL" Thu 18 Jan 2007 353,912 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\S32Live1.dll" Thu 18 Jan 2007 149,112 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\S32Luis1.dll" Thu 18 Jan 2007 8,288 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\S32LURES.DLL" Thu 18 Jan 2007 149,112 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\S32LUWI1.dll" Thu 18 Jan 2007 10,848 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\setupRes.dll" Thu 18 Jan 2007 460,408 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\SYMRTINS.EXE" Thu 18 Jan 2007 11,360 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\SYMRTRES.DLL" Thu 18 Jan 2007 168,032 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\LUpdate\unrar.dll" Thu 18 Jan 2007 2,584,848 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\MSI\wiupdate.exe" Thu 18 Jan 2007 493,168 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\PreScan\AvPreScn.dll" Thu 18 Jan 2007 161,408 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\PreScan\InteScan.dll" Thu 18 Jan 2007 472,688 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\Reporter\Reporter.exe" Thu 18 Jan 2007 407,256 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SEVINST\Sevinst.exe" Thu 18 Jan 2007 263,800 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SymLnch\LnchStub.exe" Thu 18 Jan 2007 247,384 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SymLnch\SymLnch.exe" Mon 19 Feb 2007 177,760 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\FWAgent.dll" Mon 19 Feb 2007 82,016 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\FwALEIO.dll" Mon 19 Feb 2007 27,232 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\FWCfg.exe" Mon 19 Feb 2007 9,824 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\FWCFReg.dll" Mon 19 Feb 2007 108,128 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\FWCmpCtl.dll" Mon 19 Feb 2007 198,240 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\FWHelper.dll" Mon 19 Feb 2007 94,816 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\FwRuleIO.dll" Mon 19 Feb 2007 83,552 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\FWRulMtn.dll" Mon 19 Feb 2007 124,512 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\FWSetup.dll" Mon 19 Feb 2007 46,688 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\ICFMgr.dll" Mon 19 Feb 2007 10,872 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\ISCFReg.dll" Mon 19 Feb 2007 9,336 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\ISFWReg.dll" Mon 19 Feb 2007 105,088 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\isStatus.dll" Mon 19 Feb 2007 590,448 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\SUBCONN.dll" Mon 19 Feb 2007 323,184 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\subeng.dll" Mon 19 Feb 2007 874,096 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\SUBUPDT.exe" Mon 19 Feb 2007 510,088 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\SEVINST\Sevntx64.exe" Mon 19 Feb 2007 775,848 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\FRE\FREMSI.exe" Mon 19 Feb 2007 484,984 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\ALUNOTIF.EXE" Mon 19 Feb 2007 58,976 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\ALUNTRES.DLL" Mon 19 Feb 2007 13,920 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\ALUSDRES.DLL" Mon 19 Feb 2007 554,616 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\ALUSDSVC.EXE" Mon 19 Feb 2007 624,248 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\AUpdate.exe" Mon 19 Feb 2007 8,800 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\AUPDTRES.DLL" Mon 19 Feb 2007 466,944 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\capicom.dll" Mon 19 Feb 2007 583,288 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\Lsetup.exe" Mon 19 Feb 2007 1,353,336 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\LuAll.exe" Mon 19 Feb 2007 771,680 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\LuAllRes.dll" Mon 19 Feb 2007 484,984 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\LUCBPRXY.EXE" Mon 19 Feb 2007 910,968 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\LuCheck.exe" Mon 19 Feb 2007 75,384 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\LUCOMPS.DLL" Mon 19 Feb 2007 67,168 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\LUCOMRES.DLL" Mon 19 Feb 2007 2,918,008 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\LUCOMSVR.EXE" Mon 19 Feb 2007 829,024 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\LuConfig.exe" Mon 19 Feb 2007 448,120 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\LUInit.exe" Mon 19 Feb 2007 697,976 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\LUinsDll.dll" Mon 19 Feb 2007 24,160 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\LUinsRes.dll" Mon 19 Feb 2007 177,784 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\LUPreCon.dll" Mon 19 Feb 2007 226,936 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\NETDTCRL.DLL" Mon 19 Feb 2007 820,856 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\NotifyHA.exe" Mon 19 Feb 2007 358,008 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\PRCRGCOM.DLL" Mon 19 Feb 2007 353,912 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\S32Live1.dll" Mon 19 Feb 2007 149,112 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\S32Luis1.dll" Mon 19 Feb 2007 8,288 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\S32LURES.DLL" Mon 19 Feb 2007 149,112 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\S32LUWI1.dll" Mon 19 Feb 2007 10,848 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\setupRes.dll" Mon 19 Feb 2007 460,408 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\SYMRTINS.EXE" Mon 19 Feb 2007 11,360 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\SYMRTRES.DLL" Mon 19 Feb 2007 168,032 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\LUpdate\unrar.dll" Mon 19 Feb 2007 2,584,848 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\MSI\wiupdate.exe" Mon 19 Feb 2007 413,824 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\NISTools\ISRlRstr.exe" Mon 19 Feb 2007 493,168 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\PreScan\AvPreScn.dll" Mon 19 Feb 2007 161,408 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\PreScan\InteScan.dll" Mon 19 Feb 2007 472,688 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\Reporter\Reporter.exe" Mon 19 Feb 2007 407,256 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SEVINST\sevinst.exe" Mon 19 Feb 2007 263,800 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SymLnch\LnchStub.exe" Mon 19 Feb 2007 247,384 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SymLnch\SymLnch.exe" Fri 28 Jun 2002 151,552 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\RarSFX0\Common Files\AudioPlugins\msa7\msa.dll" Thu 18 Jan 2007 50,792 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\OEHeur.dll" Thu 18 Jan 2007 108,144 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\OfficeAV.dll" Thu 18 Jan 2007 9,328 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\rcOffcAV.dll" Thu 18 Jan 2007 243,320 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\APP\fwAlert.dll" Thu 18 Jan 2007 22,648 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\APP\fwAlRes.dll" Thu 18 Jan 2007 247,416 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\APP\fwEvent.dll" Thu 18 Jan 2007 464,504 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\APP\fwMCPlug.dll" Thu 18 Jan 2007 194,168 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\APP\fwPlugin.dll" Thu 18 Jan 2007 218,744 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\APP\IDSUI.dll" Thu 18 Jan 2007 165,488 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\APP\IWPLog.dll" Thu 18 Jan 2007 36,472 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\APP\MCPlgRes.dll" Thu 18 Jan 2007 226,936 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\APP\PgmCtl.dll" Thu 18 Jan 2007 337,528 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\APP\RuleUI.dll" Thu 18 Jan 2007 177,760 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\CommonFi\FWAgent.dll" Thu 18 Jan 2007 82,016 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\CommonFi\FwALEIO.dll" Thu 18 Jan 2007 27,232 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\CommonFi\FWCfg.exe" Thu 18 Jan 2007 9,824 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\CommonFi\FWCFReg.dll" Thu 18 Jan 2007 108,128 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\CommonFi\FWCmpCtl.dll" Thu 18 Jan 2007 198,240 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\CommonFi\FWHelper.dll" Thu 18 Jan 2007 94,816 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\CommonFi\FwRuleIO.dll" Thu 18 Jan 2007 83,552 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\CommonFi\FWRulMtn.dll" Thu 18 Jan 2007 124,512 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\CommonFi\FWSetup.dll" Thu 18 Jan 2007 46,688 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\CommonFi\ICFMgr.dll" Thu 18 Jan 2007 9,336 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\CommonFi\ISFWReg.dll" Thu 18 Jan 2007 44,656 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\IWP\IWP.dll" Thu 18 Jan 2007 10,872 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\CommonFi\ISCFReg.dll" Thu 18 Jan 2007 590,448 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\CommonFi\SUBCONN.dll" Thu 18 Jan 2007 323,184 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\CommonFi\subeng.dll" Thu 18 Jan 2007 874,096 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\CommonFi\SUBUPDT.exe" Thu 18 Jan 2007 644,720 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\NORTON\CLTVault.dll" Thu 18 Jan 2007 105,088 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\NORTON\isStatus.dll" Thu 18 Jan 2007 303,720 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\ccCommon\ccCmn64\ccInst64.dll" Thu 18 Jan 2007 909,928 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\ccCommon\ccCmn64\ccSet.dll" Thu 18 Jan 2007 1,139,816 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\ccCommon\ccCmn64\ccSvc.dll" Thu 18 Jan 2007 488,040 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\ccCommon\ccCmn64\ccVrTrst.dll" Thu 18 Jan 2007 218,768 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\SymNet\SND_x64\SNDSvc.dll" Thu 18 Jan 2007 87,696 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\SymNet\SND_x64\SNDunin.dll" Thu 18 Jan 2007 16,696 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\SymNet\SND_x64\symdns.sys" Thu 18 Jan 2007 152,888 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\SymNet\SND_x64\symfw.sys" Thu 18 Jan 2007 48,440 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\SymNet\SND_x64\symids.sys" Thu 18 Jan 2007 41,784 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\SymNet\SND_x64\symndis.sys" Thu 18 Jan 2007 43,832 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\SymNet\SND_x64\symndisv.sys" Thu 18 Jan 2007 624,784 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\SymNet\SND_x64\SymNeti.dll" Thu 18 Jan 2007 242,320 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\SymNet\SND_x64\SymRedir.dll" Thu 18 Jan 2007 37,176 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\SymNet\SND_x64\symredrv.sys" Thu 18 Jan 2007 278,840 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\SymNet\SND_x64\symtdi.sys" Thu 18 Jan 2007 190,560 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AppCore\AppCore\AppMgr32.dll" Thu 18 Jan 2007 59,488 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AppCore\AppCore\AppPlg32.dll" Thu 18 Jan 2007 50,272 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AppCore\AppCore\AppReg32.dll" Thu 18 Jan 2007 48,736 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AppCore\AppCore\AppSch32.dll" Thu 18 Jan 2007 46,176 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AppCore\AppCore\AppSet32.dll" Thu 18 Jan 2007 47,712 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AppCore\AppCore\AppSvc32.exe" Thu 18 Jan 2007 22,624 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AppCore\AppCore\AppTrc32.dll" Thu 18 Jan 2007 8,800 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\avCFReg.dll" Thu 18 Jan 2007 57,440 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\avCmpCtl.dll" Thu 18 Jan 2007 80,480 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\AVDefMgr.dll" Thu 18 Jan 2007 162,912 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\AVExclu.dll" Thu 18 Jan 2007 290,912 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\AVifc.dll" Thu 18 Jan 2007 70,240 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\AVMail.dll" Thu 18 Jan 2007 281,184 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\AVModule.dll" Thu 18 Jan 2007 469,088 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\AVScan.dll" Thu 18 Jan 2007 91,232 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\patch25.dll" Thu 18 Jan 2007 123,488 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\QBackup.dll" Thu 18 Jan 2007 1,291,872 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\SyKnAppS.dll" Thu 18 Jan 2007 177,768 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\ccALEng.dll" Thu 18 Jan 2007 267,880 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\ccAlert.dll" Thu 18 Jan 2007 115,816 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\ccApp.exe" Thu 18 Jan 2007 345,704 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\ccEmlPxy.dll" Thu 18 Jan 2007 124,520 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\ccErrDsp.dll" Thu 18 Jan 2007 218,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\ccEvtCli.dll" Thu 18 Jan 2007 27,752 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\ccEvtMgr.exe" Thu 18 Jan 2007 287,336 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\ccEvtPlg.dll" Thu 18 Jan 2007 75,368 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\ccInst.dll" Thu 18 Jan 2007 423,016 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\ccL60.dll" Thu 18 Jan 2007 533,096 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\ccL60U.dll" Thu 18 Jan 2007 661,096 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\ccLgView.exe" Thu 18 Jan 2007 50,792 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\ccProd.dll" Thu 18 Jan 2007 63,080 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\ccProSub.dll" Thu 18 Jan 2007 356,456 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\ccScanW.dll" Thu 18 Jan 2007 145,000 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\ccSet.dll" Thu 18 Jan 2007 71,272 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\ccSetEvt.dll" Thu 18 Jan 2007 18,024 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\ccSetMgr.exe" Thu 18 Jan 2007 214,632 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\ccSetPlg.dll" Thu 18 Jan 2007 308,840 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\ccSvc.dll" Thu 18 Jan 2007 108,648 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\ccSvcHst.exe" Thu 18 Jan 2007 128,616 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\ccVrTrst.dll" Thu 18 Jan 2007 259,688 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\ccWebWnd.dll" Thu 18 Jan 2007 935,528 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\dec_abi.dll" Thu 18 Jan 2007 636,592 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\DefUtDCD.dll" Thu 18 Jan 2007 43,176 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\ecmldr32.DLL" Thu 18 Jan 2007 329,344 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\msl.dll" Thu 18 Jan 2007 67,176 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\rcAlert.dll" Thu 18 Jan 2007 9,320 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\rcApp.dll" Thu 18 Jan 2007 14,952 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\rcEmlPxy.dll" Thu 18 Jan 2007 24,168 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\rcErrDsp.dll" Thu 18 Jan 2007 18,024 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\rcLgView.dll" Thu 18 Jan 2007 9,832 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\ccCommon\ccCommon\rcSvcHst.dll" Thu 18 Jan 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\Help\External\disable.dll" Thu 18 Jan 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\Help\External\faq.dll" Thu 18 Jan 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\Help\External\feat_sum.dll" Thu 18 Jan 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\Help\External\LU_001.dll" Thu 18 Jan 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\Help\External\LU_002.dll" Thu 18 Jan 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\Help\External\LU_003.dll" Thu 18 Jan 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\Help\External\LU_004.dll" Thu 18 Jan 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\Help\External\LU_006.dll" Thu 18 Jan 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\Help\External\LU_PC.dll" Thu 18 Jan 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\Help\External\LU_Sub.dll" Thu 18 Jan 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\Help\External\NAV_001.dll" Thu 18 Jan 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\Help\External\NPCacct.dll" Thu 18 Jan 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\Help\External\options.dll" Thu 18 Jan 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\Help\External\Supt_CPD.dll" Thu 18 Jan 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\Help\External\symhelp.dll" Thu 18 Jan 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\Help\External\SYMstart.dll" Thu 18 Jan 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\Help\External\SYM_cust.dll" Thu 18 Jan 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\Help\External\SYM_FD.dll" Thu 18 Jan 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\Help\External\SYM_IA.dll" Thu 18 Jan 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\Help\External\SYM_mon.dll" Thu 18 Jan 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\Help\External\SYM_resp.dll" Thu 18 Jan 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\Help\External\unin.dll" Thu 18 Jan 2007 15,504 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SymNet\SymNet\SNDSrvc.exe" Thu 18 Jan 2007 218,768 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SymNet\SymNet\SNDSvc.dll" Thu 18 Jan 2007 87,696 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SymNet\SymNet\SNDunin.dll" Thu 18 Jan 2007 624,784 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SymNet\SymNet\SymNeti.dll" Thu 18 Jan 2007 242,320 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SymNet\SymNet\SymRedir.dll" Mon 19 Feb 2007 50,792 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\OEHeur.dll" Mon 19 Feb 2007 108,144 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\OfficeAV.dll" Mon 19 Feb 2007 9,328 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\rcOffcAV.dll" Mon 19 Feb 2007 922,200 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\Parent\APP\isRes.dll" Mon 19 Feb 2007 76,424 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\AlertRes.dll" Mon 19 Feb 2007 898,696 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\CfgWzRes.dll" Mon 19 Feb 2007 640,640 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\CLTVault.dll" Mon 19 Feb 2007 243,320 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\fwAlert.dll" Mon 19 Feb 2007 22,648 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\fwAlRes.dll" Mon 19 Feb 2007 247,416 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\fwEvent.dll" Mon 19 Feb 2007 464,504 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\fwMCPlug.dll" Mon 19 Feb 2007 194,168 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\fwPlugin.dll" Mon 19 Feb 2007 218,744 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\IDSUI.dll" Mon 19 Feb 2007 50,296 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\IMCfg.dll" Mon 19 Feb 2007 158,840 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\isAbout.dll" Mon 19 Feb 2007 87,672 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\ISBTPlg.dll" Mon 19 Feb 2007 181,880 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\ISBTPlgS.dll" Mon 19 Feb 2007 378,488 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\ISDataCl.dll" Mon 19 Feb 2007 226,936 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\ISDataSv.dll" Mon 19 Feb 2007 71,288 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\isError.dll" Mon 19 Feb 2007 285,832 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\ISLAlert.dll" Mon 19 Feb 2007 95,864 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\ISPrdCtl.dll" Mon 19 Feb 2007 129,144 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\isPwd.dll" Mon 19 Feb 2007 80,504 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\isPwdSvc.exe" Tue 6 Mar 2007 958,056 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\isRes.dll" Mon 19 Feb 2007 62,080 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\ISSvc.dll" Mon 19 Feb 2007 419,448 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\isUAC.exe" Mon 19 Feb 2007 36,472 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\MCPlgRes.dll" Mon 19 Feb 2007 173,184 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\NisCfgWz.dll" Mon 19 Feb 2007 253,568 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\NISLUCBK.DLL" Mon 19 Feb 2007 82,568 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\NisLVPlg.dll" Mon 19 Feb 2007 850,568 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\NISOpRes.dll" Mon 19 Feb 2007 562,816 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\nisoptui.dll" Mon 19 Feb 2007 464,512 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\nisoptui.exe" Mon 19 Feb 2007 99,968 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\NISProd.dll" Mon 19 Feb 2007 725,640 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\nisres.dll" Mon 19 Feb 2007 99,968 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\NisTray.dll" Mon 19 Feb 2007 9,864 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\NISTrRes.dll" Mon 19 Feb 2007 771,704 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\osCheck.exe" Mon 19 Feb 2007 226,936 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\PgmCtl.dll" Mon 19 Feb 2007 32,384 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\PtchInst.dll" Mon 19 Feb 2007 337,528 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\RuleUI.dll" Mon 19 Feb 2007 78,968 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\SetEvtHp.dll" Mon 19 Feb 2007 172,672 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\SNLog.dll" Mon 19 Feb 2007 184,456 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\SNRes.dll" Mon 19 Feb 2007 141,952 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\VAUI.dll" Mon 19 Feb 2007 69,760 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\VAUIOpt.dll" Mon 19 Feb 2007 1,050,248 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\VAUIRes.dll" Mon 19 Feb 2007 33,888 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\CF\cfEPack.dll" Mon 19 Feb 2007 337,504 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\CF\cfLUCbk.dll" Mon 19 Feb 2007 41,056 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\CF\cfV2Pack.dll" Mon 19 Feb 2007 427,616 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\CF\PEP2.dll" Mon 19 Feb 2007 608,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\CF\PEP2S.dll" Mon 19 Feb 2007 10,336 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\CFMan\cfReg.dll" Mon 19 Feb 2007 75,384 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\SYMSHARE\ISArbit.dll" Mon 19 Feb 2007 8,840 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\CF\cltCFReg.dll" Mon 19 Feb 2007 202,376 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\ActComp.dll" Mon 19 Feb 2007 534,152 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\CfgWiz.exe" Mon 19 Feb 2007 87,688 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\clt06PIN.dll" Mon 19 Feb 2007 169,096 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\cltBTPgS.dll" Mon 19 Feb 2007 157,320 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\cltBTPlg.dll" Mon 19 Feb 2007 116,360 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\cltEndPt.dll" Mon 19 Feb 2007 99,976 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\CLTNetCN.dll" Mon 19 Feb 2007 218,760 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\cltPIPlg.dll" Mon 19 Feb 2007 419,464 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\cltUAC.exe" Mon 19 Feb 2007 431,752 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\cltUIStb.exe" Mon 19 Feb 2007 648,840 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\CUWUtils.dll" Mon 19 Feb 2007 304,776 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\EULAComp.dll" Mon 19 Feb 2007 325,256 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\ewoc.dll" Mon 19 Feb 2007 329,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\LicPlug.dll" Mon 19 Feb 2007 124,552 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\SOSComp.dll" Mon 19 Feb 2007 489,096 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\SSAutoRN.exe" Mon 19 Feb 2007 128,648 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\SubComp.dll" Mon 19 Feb 2007 300,680 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\SubStats.dll" Mon 19 Feb 2007 222,856 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\SymCAbt.dll" Mon 19 Feb 2007 820,872 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\SYMCUW.exe" Mon 19 Feb 2007 210,568 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\SymHost.dll" Mon 19 Feb 2007 595,592 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\SymLCUI.dll" Mon 19 Feb 2007 140,936 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\SymLTCOM.dll" Mon 19 Feb 2007 419,424 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\SymSubWz.dll" Mon 19 Feb 2007 599,648 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\OPC\SymUIHlp.dll" Mon 19 Feb 2007 54,976 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\SYMSHARE\SMNLnch.exe" Mon 19 Feb 2007 136,840 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\SYMSHARE\SymSHAx.dll" Mon 19 Feb 2007 303,720 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\ccCommon\ccCmn64\ccInst64.dll" Mon 19 Feb 2007 909,928 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\ccCommon\ccCmn64\ccSet.dll" Mon 19 Feb 2007 1,139,816 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\ccCommon\ccCmn64\ccSvc.dll" Mon 19 Feb 2007 488,040 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\ccCommon\ccCmn64\ccVrTrst.dll" Mon 19 Feb 2007 218,768 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\SymNet\SND_x64\SNDSvc.dll" Mon 19 Feb 2007 87,696 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\SymNet\SND_x64\SNDunin.dll" Mon 19 Feb 2007 16,696 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\SymNet\SND_x64\symdns.sys" Mon 19 Feb 2007 152,888 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\SymNet\SND_x64\symfw.sys" Mon 19 Feb 2007 48,440 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\SymNet\SND_x64\symids.sys" Mon 19 Feb 2007 41,784 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\SymNet\SND_x64\symndis.sys" Mon 19 Feb 2007 43,832 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\SymNet\SND_x64\symndisv.sys" Mon 19 Feb 2007 624,784 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\SymNet\SND_x64\SymNeti.dll" Mon 19 Feb 2007 242,320 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\SymNet\SND_x64\SymRedir.dll" Mon 19 Feb 2007 37,176 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\SymNet\SND_x64\symredrv.sys" Mon 19 Feb 2007 278,840 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\SymNet\SND_x64\symtdi.sys" Mon 19 Feb 2007 190,560 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AppCore\AppCore\AppMgr32.dll" Mon 19 Feb 2007 59,488 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AppCore\AppCore\AppPlg32.dll" Mon 19 Feb 2007 50,272 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AppCore\AppCore\AppReg32.dll" Mon 19 Feb 2007 48,736 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AppCore\AppCore\AppSch32.dll" Mon 19 Feb 2007 46,176 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AppCore\AppCore\AppSet32.dll" Mon 19 Feb 2007 47,712 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AppCore\AppCore\AppSvc32.exe" Mon 19 Feb 2007 22,624 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AppCore\AppCore\AppTrc32.dll" Mon 19 Feb 2007 8,800 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\avCFReg.dll" Mon 19 Feb 2007 57,440 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\avCmpCtl.dll" Mon 19 Feb 2007 80,480 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\AVDefMgr.dll" Mon 19 Feb 2007 162,912 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\AVExclu.dll" Mon 19 Feb 2007 290,912 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\AVifc.dll" Mon 19 Feb 2007 70,240 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\AVMail.dll" Mon 19 Feb 2007 281,184 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\AVModule.dll" Mon 19 Feb 2007 469,088 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\AVScan.dll" Mon 19 Feb 2007 91,232 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\patch25.dll" Mon 19 Feb 2007 123,488 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\QBackup.dll" Mon 19 Feb 2007 1,291,872 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\SyKnAppS.dll" Mon 19 Feb 2007 177,768 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\ccALEng.dll" Mon 19 Feb 2007 267,880 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\ccAlert.dll" Mon 19 Feb 2007 115,816 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\ccApp.exe" Mon 19 Feb 2007 345,704 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\ccEmlPxy.dll" Mon 19 Feb 2007 124,520 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\ccErrDsp.dll" Mon 19 Feb 2007 218,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\ccEvtCli.dll" Mon 19 Feb 2007 27,752 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\ccEvtMgr.exe" Mon 19 Feb 2007 287,336 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\ccEvtPlg.dll" Mon 19 Feb 2007 75,368 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\ccInst.dll" Mon 19 Feb 2007 423,016 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\ccL60.dll" Mon 19 Feb 2007 533,096 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\ccL60U.dll" Mon 19 Feb 2007 661,096 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\ccLgView.exe" Mon 19 Feb 2007 50,792 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\ccProd.dll" Mon 19 Feb 2007 63,080 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\ccProSub.dll" Mon 19 Feb 2007 356,456 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\ccScanW.dll" Mon 19 Feb 2007 145,000 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\ccSet.dll" Mon 19 Feb 2007 71,272 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\ccSetEvt.dll" Mon 19 Feb 2007 18,024 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\ccSetMgr.exe" Mon 19 Feb 2007 214,632 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\ccSetPlg.dll" Mon 19 Feb 2007 308,840 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\ccSvc.dll" Mon 19 Feb 2007 108,648 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\ccSvcHst.exe" Mon 19 Feb 2007 128,616 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\ccVrTrst.dll" Mon 19 Feb 2007 259,688 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\ccWebWnd.dll" Mon 19 Feb 2007 935,528 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\dec_abi.dll" Mon 19 Feb 2007 636,592 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\DefUtDCD.dll" Mon 19 Feb 2007 43,176 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\ecmldr32.DLL" Mon 19 Feb 2007 329,344 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\msl.dll" Mon 19 Feb 2007 67,176 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\rcAlert.dll" Mon 19 Feb 2007 9,320 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\rcApp.dll" Mon 19 Feb 2007 14,952 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\rcEmlPxy.dll" Mon 19 Feb 2007 24,168 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\rcErrDsp.dll" Mon 19 Feb 2007 18,024 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\rcLgView.dll" Mon 19 Feb 2007 9,832 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\ccCommon\ccCommon\rcSvcHst.dll" Mon 19 Feb 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\HelpMSI\External\disable.dll" Mon 19 Feb 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\HelpMSI\External\faq.dll" Mon 19 Feb 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\HelpMSI\External\feat_sum.dll" Mon 19 Feb 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\HelpMSI\External\LU_001.dll" Mon 19 Feb 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\HelpMSI\External\LU_002.dll" Mon 19 Feb 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\HelpMSI\External\LU_003.dll" Mon 19 Feb 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\HelpMSI\External\LU_004.dll" Mon 19 Feb 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\HelpMSI\External\LU_006.dll" Mon 19 Feb 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\HelpMSI\External\LU_PC.dll" Mon 19 Feb 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\HelpMSI\External\LU_Sub.dll" Mon 19 Feb 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\HelpMSI\External\NAV_001.dll" Mon 19 Feb 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\HelpMSI\External\NPCacct.dll" Mon 19 Feb 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\HelpMSI\External\options.dll" Mon 19 Feb 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\HelpMSI\External\Supt_CPD.dll" Mon 19 Feb 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\HelpMSI\External\symhelp.dll" Mon 19 Feb 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\HelpMSI\External\SYMstart.dll" Mon 19 Feb 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\HelpMSI\External\SYM_cust.dll" Mon 19 Feb 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\HelpMSI\External\SYM_FD.dll" Mon 19 Feb 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\HelpMSI\External\SYM_IA.dll" Mon 19 Feb 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\HelpMSI\External\SYM_mon.dll" Mon 19 Feb 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\HelpMSI\External\SYM_resp.dll" Mon 19 Feb 2007 9,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\HelpMSI\External\unin.dll" Mon 19 Feb 2007 147,728 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\Redist\MSRedist\asycfilt.dll" Mon 19 Feb 2007 58,938 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\Redist\MSRedist\atl.dll" Mon 19 Feb 2007 89,088 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\Redist\MSRedist\atl71.dll" Mon 19 Feb 2007 22,288 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\Redist\MSRedist\comcat.dll" Mon 19 Feb 2007 995,383 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\Redist\MSRedist\mfc42.dll" Mon 19 Feb 2007 1,060,864 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\Redist\MSRedist\mfc71.dll" Mon 19 Feb 2007 1,047,552 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\Redist\MSRedist\mfc71u.dll" Mon 19 Feb 2007 77,878 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\Redist\MSRedist\msvcirt.dll" Mon 19 Feb 2007 401,462 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\Redist\MSRedist\msvcp60.dll" Mon 19 Feb 2007 499,712 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\Redist\MSRedist\msvcp71.dll" Mon 19 Feb 2007 348,160 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\Redist\MSRedist\msvcr71.dll" Mon 19 Feb 2007 278,581 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\Redist\MSRedist\msvcrt.dll" Mon 19 Feb 2007 1,118,720 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\Redist\MSRedist\msxml3.dll" Mon 19 Feb 2007 24,576 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\Redist\MSRedist\msxml3a.dll" Mon 19 Feb 2007 44,032 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\Redist\MSRedist\msxml3r.dll" Mon 19 Feb 2007 598,288 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\Redist\MSRedist\oleaut32.dll" Mon 19 Feb 2007 164,112 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\Redist\MSRedist\olepro32.dll" Mon 19 Feb 2007 15,504 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SymNet\SymNet\SNDSrvc.exe" Mon 19 Feb 2007 218,768 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SymNet\SymNet\SNDSvc.dll" Mon 19 Feb 2007 87,696 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SymNet\SymNet\SNDunin.dll" Mon 19 Feb 2007 624,784 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SymNet\SymNet\SymNeti.dll" Mon 19 Feb 2007 242,320 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SymNet\SymNet\SymRedir.dll" Thu 18 Jan 2007 54,976 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\CommonFi\SYMSHARE\SMNLnch.exe" Thu 18 Jan 2007 161,384 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\CommonFi\SYMSHARE\SymAData.dll" Thu 18 Jan 2007 1,069,056 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\CommonFi\SYMSHARE\tgctlsi.dll" Thu 18 Jan 2007 413,696 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\CommonFi\SYMSHARE\tgctlsr.dll" Thu 18 Jan 2007 226,928 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\APP\AVPAPP32.dll" Thu 18 Jan 2007 288,368 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\APP\AVPSVC32.dll" Thu 18 Jan 2007 403,056 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\APP\avScanUI.dll" Thu 18 Jan 2007 206,448 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\APP\avScnTsk.dll" Thu 18 Jan 2007 267,888 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\APP\AVSubmit.dll" Thu 18 Jan 2007 538,224 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\APP\CfgWzRes.dll" Thu 18 Jan 2007 435,824 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\APP\DefAlert.dll" Thu 18 Jan 2007 231,024 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\APP\NAVCfgWz.dll" Thu 18 Jan 2007 83,568 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\APP\NAVError.dll" Thu 18 Jan 2007 190,064 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\APP\NAVEvent.dll" Thu 18 Jan 2007 607,856 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\APP\NAVLogV.dll" Thu 18 Jan 2007 358,000 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\APP\NAVLUCBK.dll" Thu 18 Jan 2007 841,328 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\APP\NAVOpts.dll" Thu 18 Jan 2007 116,336 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\APP\navprod.dll" Thu 18 Jan 2007 104,048 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\APP\NavShcom.exe" Thu 18 Jan 2007 14,448 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\APP\NavShcPS.dll" Thu 18 Jan 2007 173,680 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\APP\NavShExt.dll" Thu 18 Jan 2007 452,208 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\APP\NAVStub.exe" Thu 18 Jan 2007 226,928 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\APP\NAVTskWz.dll" Thu 18 Jan 2007 87,664 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\APP\NAVUIHTM.dll" Thu 18 Jan 2007 226,928 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\APP\Navw32.exe" Thu 18 Jan 2007 41,072 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\APP\Navwnt.exe" Thu 18 Jan 2007 26,208 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\APP\patch25d.dll" Thu 18 Jan 2007 58,992 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\NORTON\APP\PtchInst.dll" Thu 18 Jan 2007 157,384 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\APP\IDSDefs\IDS9xx86.dll" Thu 18 Jan 2007 278,840 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\APP\IDSDefs\IDSviA64.sys" Thu 18 Jan 2007 212,280 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\APP\IDSDefs\IDSvix86.sys" Thu 18 Jan 2007 513,656 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\APP\IDSDefs\IDSxpx86.dll" Thu 18 Jan 2007 185,976 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\APP\IDSDefs\SymIDSco.sys" Thu 18 Jan 2007 104,056 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\APP\IDSDefs\SymIDSI.dll" Thu 18 Jan 2007 75,384 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\CommonFi\SYMSHARE\ISArbit.dll" Thu 18 Jan 2007 33,888 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\CommonFi\CF\cfEPack.dll" Thu 18 Jan 2007 337,504 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\CommonFi\CF\cfLUCbk.dll" Thu 18 Jan 2007 41,056 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\CommonFi\CF\cfV2Pack.dll" Thu 18 Jan 2007 427,616 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\CommonFi\CF\PEP2.dll" Thu 18 Jan 2007 608,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\CommonFi\CF\PEP2S.dll" Thu 18 Jan 2007 10,336 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\CommonFi\CFMan\cfReg.dll" Thu 18 Jan 2007 50,296 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\NORTON\App\IMCfg.dll" Thu 18 Jan 2007 158,840 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\NORTON\App\isAbout.dll" Thu 18 Jan 2007 87,672 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\NORTON\App\isBTPlg.dll" Thu 18 Jan 2007 181,880 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\NORTON\App\ISBTPlgS.dll" Thu 18 Jan 2007 378,488 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\NORTON\App\ISDataCl.dll" Thu 18 Jan 2007 226,936 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\NORTON\App\ISDataSv.dll" Thu 18 Jan 2007 71,288 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\NORTON\App\isError.dll" Thu 18 Jan 2007 95,864 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\NORTON\App\ISPrdCtl.dll" Thu 18 Jan 2007 129,144 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\NORTON\App\isPwd.dll" Thu 18 Jan 2007 80,504 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\NORTON\App\isPwdSvc.exe" Sat 3 Mar 2007 906,856 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\NORTON\App\isRes.dll" Thu 18 Jan 2007 419,448 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\NORTON\App\isUAC.exe" Thu 18 Jan 2007 50,840 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\NORTON\App\NISPlug.dll" Thu 18 Jan 2007 771,704 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\NORTON\App\osCheck.exe" Thu 18 Jan 2007 78,968 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\NORTON\App\SetEvtHp.dll" Thu 18 Jan 2007 8,840 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\CF\cltCFReg.dll" Thu 18 Jan 2007 202,376 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\ActComp.dll" Thu 18 Jan 2007 534,152 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\CfgWiz.exe" Thu 18 Jan 2007 87,688 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\clt06PIN.dll" Thu 18 Jan 2007 169,096 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\cltBTPgS.dll" Thu 18 Jan 2007 157,320 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\cltBTPlg.dll" Thu 18 Jan 2007 116,360 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\cltEndPt.dll" Thu 18 Jan 2007 99,976 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\CLTNetCN.dll" Thu 18 Jan 2007 218,760 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\cltPIPlg.dll" Thu 18 Jan 2007 419,464 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\cltUAC.exe" Thu 18 Jan 2007 431,752 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\cltUIStb.exe" Thu 18 Jan 2007 648,840 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\CUWUtils.dll" Thu 18 Jan 2007 304,776 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\EULAComp.dll" Thu 18 Jan 2007 325,256 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\ewoc.dll" Thu 18 Jan 2007 329,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\LicPlug.dll" Thu 18 Jan 2007 124,552 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\SOSComp.dll" Thu 18 Jan 2007 489,096 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\SSAutoRN.exe" Thu 18 Jan 2007 128,648 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\SubComp.dll" Thu 18 Jan 2007 300,680 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\SubStats.dll" Thu 18 Jan 2007 222,856 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\SymCAbt.dll" Thu 18 Jan 2007 820,872 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\SYMCUW.exe" Thu 18 Jan 2007 210,568 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\SymHost.dll" Thu 18 Jan 2007 595,592 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\SymLCUI.dll" Thu 18 Jan 2007 140,936 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\SymLTCOM.dll" Thu 18 Jan 2007 419,424 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\SymSubWz.dll" Thu 18 Jan 2007 599,648 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\OPC\SymUIHlp.dll" Thu 18 Jan 2007 136,840 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\SYMSHARE\SymSHAx.dll" Thu 18 Jan 2007 1,988,192 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\COH\AHS.dll" Thu 18 Jan 2007 210,528 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\COH\sesHlp.dll" Thu 18 Jan 2007 2,406,200 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\VirusD64\CCERASER.DLL" Thu 18 Jan 2007 272,040 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\VirusD64\ECMSVR32.DLL" Thu 18 Jan 2007 557,368 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\VirusD64\EECTRL64.SYS" Thu 18 Jan 2007 124,216 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\VirusD64\ENG64.SYS" Thu 18 Jan 2007 162,104 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\VirusD64\ERASER64.SYS" Thu 18 Jan 2007 1,329,976 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\VirusD64\EX64.SYS" Thu 18 Jan 2007 124,584 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\VirusD64\NAVENG32.DLL" Thu 18 Jan 2007 882,344 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\VirusD64\NAVEX32A.DLL" Tue 13 Feb 2007 2,524,984 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\VirusDef\CCERASER.DLL" Tue 13 Feb 2007 272,040 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\VirusDef\ECMSVR32.DLL" Tue 13 Feb 2007 383,800 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\VirusDef\EECTRL.SYS" Tue 13 Feb 2007 102,712 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\VirusDef\ERASER.SYS" Tue 13 Feb 2007 80,472 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\VirusDef\NAVENG.SYS" Tue 13 Feb 2007 124,536 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\VirusDef\NAVENG32.DLL" Tue 13 Feb 2007 852,600 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\VirusDef\NAVEX15.SYS" Tue 13 Feb 2007 902,776 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\AV\AV\VirusDef\NAVEX32A.DLL" Thu 18 Jan 2007 89,088 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\MSRedist\MSRedist\System32\atl71.dll" Thu 18 Jan 2007 1,060,864 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\MSRedist\MSRedist\System32\mfc71.dll" Thu 18 Jan 2007 1,047,552 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\MSRedist\MSRedist\System32\mfc71u.dll" Thu 18 Jan 2007 401,462 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\MSRedist\MSRedist\System32\msvcp60.dll" Thu 18 Jan 2007 499,712 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\MSRedist\MSRedist\System32\msvcp71.dll" Thu 18 Jan 2007 348,160 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\MSRedist\MSRedist\System32\msvcr71.dll" Thu 18 Jan 2007 278,581 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\MSRedist\MSRedist\System32\msvcrt.dll" Thu 18 Jan 2007 1,118,720 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\MSRedist\MSRedist\System32\msxml3.dll" Thu 18 Jan 2007 24,576 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\MSRedist\MSRedist\System32\msxml3a.dll" Thu 18 Jan 2007 44,032 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\MSRedist\MSRedist\System32\msxml3r.dll" Thu 18 Jan 2007 12,984 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SymNet\SymNet\Drivers\symdns.sys" Thu 18 Jan 2007 145,976 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SymNet\SymNet\Drivers\symfw.sys" Thu 18 Jan 2007 40,120 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SymNet\SymNet\Drivers\symids.sys" Thu 18 Jan 2007 35,256 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SymNet\SymNet\Drivers\symndis.sys" Thu 18 Jan 2007 38,200 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SymNet\SymNet\Drivers\symndisv.sys" Thu 18 Jan 2007 27,576 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SymNet\SymNet\Drivers\symredrv.sys" Thu 18 Jan 2007 191,544 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SymNet\SymNet\Drivers\symtdi.sys" Thu 18 Jan 2007 9,344 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\uiNPC\uiNPC\Manifest\uiCFReg.dll" Thu 18 Jan 2007 57,984 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\uiNPC\uiNPC\NPC\DataPvdr.dll" Thu 18 Jan 2007 500,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\uiNPC\uiNPC\NPC\LoadOpts.exe" Thu 18 Jan 2007 137,344 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\uiNPC\uiNPC\NPC\npcTRAY.dll" Thu 18 Jan 2007 90,752 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\uiNPC\uiNPC\NPC\npcWmiCl.dll" Thu 18 Jan 2007 83,072 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\uiNPC\uiNPC\NPC\npcWmiDt.dll" Thu 18 Jan 2007 131,712 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\uiNPC\uiNPC\NPC\npcWmiMn.dll" Thu 18 Jan 2007 564,864 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\uiNPC\uiNPC\NPC\NSCEXT.DLL" Thu 18 Jan 2007 57,984 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\uiNPC\uiNPC\NPC\NSCHlpr2.dll" Thu 18 Jan 2007 136,320 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\uiNPC\uiNPC\NPC\NSCPLUG2.dll" Thu 18 Jan 2007 494,208 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\uiNPC\uiNPC\NPC\NSCWSCR2.DLL" Thu 18 Jan 2007 174,208 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\uiNPC\uiNPC\NPC\Options.dll" Thu 18 Jan 2007 663,680 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\uiNPC\uiNPC\NPC\pcStatus.dll" Thu 18 Jan 2007 64,640 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\uiNPC\uiNPC\NPC\PEPEvnt.dll" Thu 18 Jan 2007 73,344 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\uiNPC\uiNPC\NPC\uiBtPlg.dll" Thu 18 Jan 2007 310,400 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\uiNPC\uiNPC\NPC\UICntnr.dll" Thu 18 Jan 2007 128,128 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\uiNPC\uiNPC\NPC\uiLicPlg.dll" Thu 18 Jan 2007 446,080 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\uiNPC\uiNPC\NPC\uiStub.exe" Thu 18 Jan 2007 40,032 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\uiNPC\uiNPC\SYMHTML\shtmbase.dll" Thu 18 Jan 2007 1,320,544 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\uiNPC\uiNPC\SYMHTML\SymHTML.dll" Thu 18 Jan 2007 39,008 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\uiNPC\uiNPC\SymTheme\sthmbase.dll" Thu 18 Jan 2007 366,176 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\uiNPC\uiNPC\SYMTHM\SymTheme.dll" Mon 19 Feb 2007 54,976 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\CommonFi\SYMSHARE\SMNLnch.exe" Mon 19 Feb 2007 161,384 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\CommonFi\SYMSHARE\SymAData.dll" Mon 19 Feb 2007 1,069,056 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\CommonFi\SYMSHARE\tgctlsi.dll" Mon 19 Feb 2007 413,696 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\CommonFi\SYMSHARE\tgctlsr.dll" Mon 19 Feb 2007 226,928 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\APP\AVPAPP32.dll" Mon 19 Feb 2007 288,368 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\APP\AVPSVC32.dll" Mon 19 Feb 2007 403,056 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\APP\avScanUI.dll" Mon 19 Feb 2007 206,448 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\APP\avScnTsk.dll" Mon 19 Feb 2007 267,888 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\APP\AVSubmit.dll" Mon 19 Feb 2007 538,224 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\APP\CfgWzRes.dll" Mon 19 Feb 2007 435,824 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\APP\DefAlert.dll" Mon 19 Feb 2007 231,024 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\APP\NAVCfgWz.dll" Mon 19 Feb 2007 83,568 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\APP\NAVError.dll" Mon 19 Feb 2007 190,064 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\APP\NAVEvent.dll" Mon 19 Feb 2007 607,856 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\APP\NAVLogV.dll" Mon 19 Feb 2007 358,000 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\APP\NAVLUCBK.dll" Mon 19 Feb 2007 841,328 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\APP\NAVOpts.dll" Mon 19 Feb 2007 116,336 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\APP\navprod.dll" Mon 19 Feb 2007 104,048 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\APP\NavShcom.exe" Mon 19 Feb 2007 14,448 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\APP\NavShcPS.dll" Mon 19 Feb 2007 173,680 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\APP\NavShExt.dll" Mon 19 Feb 2007 452,208 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\APP\NAVStub.exe" Mon 19 Feb 2007 226,928 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\APP\NAVTskWz.dll" Mon 19 Feb 2007 87,664 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\APP\NAVUIHTM.dll" Mon 19 Feb 2007 226,928 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\APP\Navw32.exe" Mon 19 Feb 2007 41,072 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\APP\Navwnt.exe" Mon 19 Feb 2007 26,208 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\APP\patch25d.dll" Mon 19 Feb 2007 58,992 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\NORTON\APP\PtchInst.dll" Mon 19 Feb 2007 157,384 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\IDSDefs\IDS9xx86.dll" Mon 19 Feb 2007 278,840 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\IDSDefs\IDSviA64.sys" Mon 19 Feb 2007 212,280 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\IDSDefs\IDSvix86.sys" Mon 19 Feb 2007 513,656 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\IDSDefs\IDSxpx86.dll" Mon 19 Feb 2007 185,976 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\IDSDefs\SymIDSCo.sys" Mon 19 Feb 2007 104,056 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\APP\IDSDefs\SymIDSI.dll" Mon 19 Feb 2007 164,984 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\SYMSHARE\Options\CLTWrap2.dll" Mon 19 Feb 2007 35,960 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\SYMSHARE\Options\VTCache.dll" Mon 19 Feb 2007 104,056 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\SYMSHARE\SecHist\MCMGR32.dll" Mon 19 Feb 2007 706,168 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\SYMSHARE\SecHist\MCUI32.exe" Mon 19 Feb 2007 107,640 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\SYMSHARE\SPBBC\SPLVPlug.dll" Mon 19 Feb 2007 10,872 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\SYMSHARE\SPBBC\SPLVPRes.dll" Mon 19 Feb 2007 49,248 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\SYMSHARE\VAScan\comHost.exe" Mon 19 Feb 2007 18,528 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\SYMSHARE\VAScan\SAM.dll" Mon 19 Feb 2007 42,592 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\SYMSHARE\VAScan\VACmpCtl.dll" Mon 19 Feb 2007 144,992 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\SYMSHARE\VAScan\VACtrl.dll" Mon 19 Feb 2007 15,448 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\SYMSHARE\VAScan\VACtrlRs.dll" Mon 19 Feb 2007 290,912 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\SYMSHARE\VAScan\VAEngn.dll" Mon 19 Feb 2007 20,576 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\SYMSHARE\VAScan\VAEngnPS.dll" Mon 19 Feb 2007 42,592 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\SYMSHARE\VAScan\VAMngr.dll" Mon 19 Feb 2007 13,408 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\SYMSHARE\VAScan\VAMngrPS.dll" Mon 19 Feb 2007 13,408 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\SYMSHARE\VAScan\VAScanPS.dll" Mon 19 Feb 2007 245,408 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\SYMSHARE\CCPD-LC\unicows.dll" Mon 19 Feb 2007 382,560 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\SymLT\SYMSHARE\OPC\SymUSCSS.dll" Mon 19 Feb 2007 1,988,192 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\COH\AHS.dll" Mon 19 Feb 2007 210,528 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\COH\sesHlp.dll" Mon 19 Feb 2007 2,406,200 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\VirusD64\CCERASER.DLL" Mon 19 Feb 2007 272,040 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\VirusD64\ECMSVR32.DLL" Mon 19 Feb 2007 557,368 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\VirusD64\EECTRL64.SYS" Mon 19 Feb 2007 124,216 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\VirusD64\ENG64.SYS" Mon 19 Feb 2007 162,104 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\VirusD64\ERASER64.SYS" Mon 19 Feb 2007 1,329,976 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\VirusD64\EX64.SYS" Mon 19 Feb 2007 124,584 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\VirusD64\NAVENG32.DLL" Mon 19 Feb 2007 882,344 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\VirusD64\NAVEX32A.DLL" Tue 13 Feb 2007 2,524,984 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\VirusDef\CCERASER.DLL" Tue 13 Feb 2007 272,040 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\VirusDef\ECMSVR32.DLL" Tue 13 Feb 2007 383,800 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\VirusDef\EECTRL.SYS" Tue 13 Feb 2007 102,712 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\VirusDef\ERASER.SYS" Tue 13 Feb 2007 80,472 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\VirusDef\NAVENG.SYS" Tue 13 Feb 2007 124,536 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\VirusDef\NAVENG32.DLL" Tue 13 Feb 2007 852,600 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\VirusDef\NAVEX15.SYS" Tue 13 Feb 2007 902,776 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\AV\AV\VirusDef\NAVEX32A.DLL" Mon 19 Feb 2007 73,344 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\NCO\Browser\APP\BrCore.dll" Mon 19 Feb 2007 159,336 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\NCO\Browser\APP\BrRules.dll" Mon 19 Feb 2007 41,608 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\NCO\Browser\APP\coArbtr.dll" Mon 19 Feb 2007 58,480 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\NCO\Browser\APP\coFSPCtl.dll" Mon 19 Feb 2007 10,400 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\NCO\Browser\APP\coFSPReg.dll" Mon 19 Feb 2007 95,864 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\NCO\Browser\APP\coVisPrx.exe" Mon 19 Feb 2007 96,936 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\NCO\Browser\APP\NppBHO.dll" Mon 19 Feb 2007 283,264 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\NCO\Browser\APP\PackMgr.dll" Mon 19 Feb 2007 26,208 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\NCO\Browser\APP\Patch25d.dll" Mon 19 Feb 2007 607,888 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\NCO\Browser\APP\UIBHO.dll" Mon 19 Feb 2007 592,024 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\NCO\Browser\APP\WALuCbk.dll" Mon 19 Feb 2007 455,296 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\NCO\Browser\SYMSHARE\NCOItf.dll" Mon 19 Feb 2007 455,808 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\NCO\WebProt\APP\nppw.dll" Mon 19 Feb 2007 218,804 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\NCO\WebProt\APP\nppw.zip" Mon 19 Feb 2007 145,024 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\NCO\WebProt\APP\nppwBHO.dll" Mon 19 Feb 2007 165,016 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\NCO\WebProt\APP\nppwUI.dll" Mon 19 Feb 2007 218,804 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\NCO\WebProt\APP\nppw_pd.zip" Mon 19 Feb 2007 218,790 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\NCO\WebProt\APP\nppw_qa.zip" Mon 19 Feb 2007 73,785 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\Redist\MSRedist\Ansi\atl.dll" Mon 19 Feb 2007 106,496 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\Redist\MSRedist\Ansi\atl71.dll" Mon 19 Feb 2007 88,184 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SymMCEAI\SymMCEAI\SYMSHARE\MceEULA.dll" Mon 19 Feb 2007 75,896 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SymMCEAI\SymMCEAI\SYMSHARE\MceRes.dll" Mon 19 Feb 2007 146,040 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SymMCEAI\SymMCEAI\SYMSHARE\SymAddIn.dll" Mon 19 Feb 2007 63,096 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SymMCEAI\SymMCEAI\SYMSHARE\SymAdLog.dll" Mon 19 Feb 2007 108,152 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SymMCEAI\SymMCEAI\SYMSHARE\SymMcCmd.dll" Mon 19 Feb 2007 12,984 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SymNet\SymNet\Drivers\symdns.sys" Mon 19 Feb 2007 145,976 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SymNet\SymNet\Drivers\symfw.sys" Mon 19 Feb 2007 40,120 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SymNet\SymNet\Drivers\symids.sys" Mon 19 Feb 2007 35,256 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SymNet\SymNet\Drivers\symndis.sys" Mon 19 Feb 2007 38,200 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SymNet\SymNet\Drivers\symndisv.sys" Mon 19 Feb 2007 27,576 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SymNet\SymNet\Drivers\symredrv.sys" Mon 19 Feb 2007 191,544 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SymNet\SymNet\Drivers\symtdi.sys" Mon 19 Feb 2007 9,344 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\uiNPC\uiNPC\Manifest\uiCFReg.dll" Mon 19 Feb 2007 57,984 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\uiNPC\uiNPC\NPC\DataPvdr.dll" Mon 19 Feb 2007 500,352 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\uiNPC\uiNPC\NPC\LoadOpts.exe" Mon 19 Feb 2007 137,344 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\uiNPC\uiNPC\NPC\npcTRAY.dll" Mon 19 Feb 2007 90,752 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\uiNPC\uiNPC\NPC\npcWmiCl.dll" Mon 19 Feb 2007 83,072 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\uiNPC\uiNPC\NPC\npcWmiDt.dll" Mon 19 Feb 2007 131,712 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\uiNPC\uiNPC\NPC\npcWmiMn.dll" Mon 19 Feb 2007 564,864 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\uiNPC\uiNPC\NPC\NSCEXT.DLL" Mon 19 Feb 2007 57,984 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\uiNPC\uiNPC\NPC\NSCHlpr2.dll" Mon 19 Feb 2007 136,320 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\uiNPC\uiNPC\NPC\NSCPLUG2.dll" Mon 19 Feb 2007 494,208 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\uiNPC\uiNPC\NPC\NSCWSCR2.DLL" Mon 19 Feb 2007 174,208 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\uiNPC\uiNPC\NPC\Options.dll" Mon 19 Feb 2007 663,680 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\uiNPC\uiNPC\NPC\pcStatus.dll" Mon 19 Feb 2007 64,640 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\uiNPC\uiNPC\NPC\PEPEvnt.dll" Mon 19 Feb 2007 73,344 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\uiNPC\uiNPC\NPC\uiBtPlg.dll" Mon 19 Feb 2007 310,400 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\uiNPC\uiNPC\NPC\UICntnr.dll" Mon 19 Feb 2007 128,128 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\uiNPC\uiNPC\NPC\uiLicPlg.dll" Mon 19 Feb 2007 446,080 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\uiNPC\uiNPC\NPC\uiStub.exe" Mon 19 Feb 2007 40,032 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\uiNPC\uiNPC\SYMHTML\shtmbase.dll" Mon 19 Feb 2007 1,320,544 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\uiNPC\uiNPC\SYMHTML\SymHTML.dll" Mon 19 Feb 2007 39,008 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\uiNPC\uiNPC\SymTheme\sthmbase.dll" Mon 19 Feb 2007 366,176 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\uiNPC\uiNPC\SYMTHM\SymTheme.dll" Thu 18 Jan 2007 107,640 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\CommonFi\SYMSHARE\SPBBC\SPLVPlug.dll" Thu 18 Jan 2007 10,872 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\External\CommonFi\SYMSHARE\SPBBC\SPLVPRes.dll" Thu 18 Jan 2007 107,640 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\CommonFi\SYMSHARE\SPBBC\SPLVPlug.dll" Thu 18 Jan 2007 10,872 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\IWP\CommonFi\SYMSHARE\SPBBC\SPLVPRes.dll" Thu 18 Jan 2007 164,984 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\CommonFi\SYMSHARE\Options\CLTWrap2.dll" Thu 18 Jan 2007 35,960 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\CommonFi\SYMSHARE\Options\VTCache.dll" Thu 18 Jan 2007 104,056 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\CommonFi\SYMSHARE\SecHist\MCMGR32.dll" Thu 18 Jan 2007 706,168 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\Parent\CommonFi\SYMSHARE\SecHist\MCUI32.exe" Thu 18 Jan 2007 245,408 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\SYMSHARE\CCPD-LC\unicows.dll" Thu 18 Jan 2007 382,560 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\NAV\SymLT\CommonFi\SYMSHARE\OPC\SymUSCSS.dll" Thu 18 Jan 2007 268,904 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\SPBBC\SPBBC64\SYMSHARE\SPBBC\ccTrstPc.dll" Thu 18 Jan 2007 54,376 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\SPBBC\SPBBC64\SYMSHARE\SPBBC\TProcPlg.dll" Thu 18 Jan 2007 194,168 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\SRTSP\SRTSPx64\SYMSHARE\SRTSP\SavRT32.dll" Thu 18 Jan 2007 747,128 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\SRTSP\SRTSPx64\SYMSHARE\SRTSP\Srtsp32.dll" Thu 18 Jan 2007 87,672 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\SRTSP\SRTSPx64\SYMSHARE\SRTSP\srtUnin.dll" Thu 18 Jan 2007 394,552 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\SRTSP\SRTSPx64\System32\Drivers\srtsp64.sys" Thu 18 Jan 2007 428,856 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\SRTSP\SRTSPx64\System32\Drivers\srtspl64.sys" Thu 18 Jan 2007 32,568 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\SRTSP\SRTSPx64\System32\Drivers\srtspx64.sys" Thu 18 Jan 2007 1,484,408 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Suport64\SymNet\SND_x64\SYMSHARE\IDS\IdsInst.exe" Thu 18 Jan 2007 106,496 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\MSRedist\MSRedist\System32\Ansi\atl71.dll" Thu 18 Jan 2007 457,528 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\bbRGen.dll" Thu 18 Jan 2007 268,904 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\ccTrstPc.dll" Thu 18 Jan 2007 109,368 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\SPBBCCli.dll" Thu 18 Jan 2007 417,592 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\SPBBCDrv.sys" Thu 18 Jan 2007 1,555,256 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\SPBBCEvt.dll" Thu 18 Jan 2007 54,376 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\TProcPlg.dll" Thu 18 Jan 2007 772,920 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\UpdMgr.exe" Thu 18 Jan 2007 194,168 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SRTSP\SRTSP\SYMSHARE\SRTSP\SavRT32.dll" Thu 18 Jan 2007 747,128 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SRTSP\SRTSP\SYMSHARE\SRTSP\Srtsp32.dll" Thu 18 Jan 2007 87,672 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SRTSP\SRTSP\SYMSHARE\SRTSP\srtUnin.dll" Thu 18 Jan 2007 247,608 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SRTSP\SRTSP\System32\Drivers\srtsp.sys" Thu 18 Jan 2007 276,792 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SRTSP\SRTSP\System32\Drivers\srtspl.sys" Thu 18 Jan 2007 25,400 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SRTSP\SRTSP\System32\Drivers\srtspx.sys" Thu 18 Jan 2007 1,484,408 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNAV14.2\Support\SymNet\SymNet\SYMSHARE\IDS\IdsInst.exe" Mon 19 Feb 2007 107,640 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\CommonFi\SYMSHARE\SPBBC\SPLVPlug.dll" Mon 19 Feb 2007 10,872 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\NAV\External\CommonFi\SYMSHARE\SPBBC\SPLVPRes.dll" Mon 19 Feb 2007 9,336 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\SYMSHARE\CF\CFMan\ISCOReg.dll" Mon 19 Feb 2007 9,336 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\SYMSHARE\CF\CFMan\ISVAReg.dll" Mon 19 Feb 2007 9,824 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Setup\Setup\SYMSHARE\CF\CFMan\VACFReg.dll" Mon 19 Feb 2007 268,904 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\SPBBC\SPBBC64\SYMSHARE\SPBBC\ccTrstPc.dll" Mon 19 Feb 2007 54,376 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\SPBBC\SPBBC64\SYMSHARE\SPBBC\TProcPlg.dll" Mon 19 Feb 2007 194,168 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\SRTSP\SRTSPx64\SYMSHARE\SRTSP\SavRT32.dll" Mon 19 Feb 2007 747,128 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\SRTSP\SRTSPx64\SYMSHARE\SRTSP\Srtsp32.dll" Mon 19 Feb 2007 87,672 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\SRTSP\SRTSPx64\SYMSHARE\SRTSP\srtUnin.dll" Mon 19 Feb 2007 394,552 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\SRTSP\SRTSPx64\System32\Drivers\srtsp64.sys" Mon 19 Feb 2007 428,856 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\SRTSP\SRTSPx64\System32\Drivers\srtspl64.sys" Mon 19 Feb 2007 32,568 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\SRTSP\SRTSPx64\System32\Drivers\srtspx64.sys" Mon 19 Feb 2007 1,484,408 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Suport64\SymNet\SND_x64\SYMSHARE\IDS\IdsInst.exe" Mon 19 Feb 2007 457,528 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\bbRGen.dll" Mon 19 Feb 2007 268,904 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\ccTrstPc.dll" Mon 19 Feb 2007 109,368 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\SPBBCCli.dll" Mon 19 Feb 2007 417,592 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\SPBBCDrv.sys" Mon 19 Feb 2007 1,555,256 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\SPBBCEvt.dll" Mon 19 Feb 2007 54,376 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\TProcPlg.dll" Mon 19 Feb 2007 772,920 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\UpdMgr.exe" Mon 19 Feb 2007 194,168 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SRTSP\SRTSP\SYMSHARE\SRTSP\SavRT32.dll" Mon 19 Feb 2007 747,128 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SRTSP\SRTSP\SYMSHARE\SRTSP\Srtsp32.dll" Mon 19 Feb 2007 87,672 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SRTSP\SRTSP\SYMSHARE\SRTSP\srtUnin.dll" Mon 19 Feb 2007 247,608 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SRTSP\SRTSP\System32\Drivers\srtsp.sys" Mon 19 Feb 2007 276,792 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SRTSP\SRTSP\System32\Drivers\srtspl.sys" Mon 19 Feb 2007 25,400 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SRTSP\SRTSP\System32\Drivers\srtspx.sys" Mon 19 Feb 2007 1,484,408 A..H. --- "C:\Deckard\System Scanner\backup\DOCUME~1\DENDEC~1\LOCALS~1\Temp\SOSNIS10.2\Support\SymNet\SymNet\SYMSHARE\IDS\IdsInst.exe" Finished!
- le 3 février 2008
- 68 réponses
(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares

Salut ! J'ai essayé de fixchecker les lignes en mode normal et en désactivant Norton Internet Security : rien à faire, les lignes reviennent systématiquement... copie d'écran :
- le 3 février 2008
- 68 réponses
(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares

<img src="http://img1.imagilive.com/0208/copie-?an 2 f?bmp267.jpg">
- le 2 février 2008
- 68 réponses
(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares

Les problèmes sont revenus, comme ci je n'avais rien fait.
- le 2 février 2008
- 68 réponses
(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares

Infos supplémentaires : Une page Internet s'affiche de façon intempestive ("funnies.com" est le texte qui s'affiche dans la page avec des images de vidéos sex), mais l'adresse de la page est bien http://www.w-w-w-dot-com.com/start.php. En mode sans échec, il n'y a pas d'onglet Web dans la fenêtre d'affichage du bureau. De plus, toutes les images d'arrière-plan du bureau sont grisées et inaccessibles. Il y a un fichier dendecker.exe (dendecker est le nom de l'ordinateur) avec l'icône de HiJackThis dans le dossier de HiJackThis. Est-ce normal ?
- le 2 février 2008
- 68 réponses
(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares

Les lignes sont revenues ! (même après avoir utilisé le mode sans échec). Faut-il que je désactive mon anti-virus Norton Internet Security ? Auto-Protect et pare-feu ? Voila le rapport HiJackThis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:19:07, on 02/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\SOUNDMAN.EXE C:\Apps\Powercinema\PCMService.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Hijackthis\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.w-w-w-dot-com.com/start.php R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://127.0.0.1:8100/PagesPro? R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\winvi\update.exe" /background O4 - HKCU\..\Run: [WebSUpdater] "C:\Program Files\winvi\wupda.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\microsoft office\office11\ONENOTEM.EXE O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer/stage6/...erInstaller.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - http://espaceabonnes.club-internet.fr/serv...ec/SymDlBrg.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- End of file - 13633 bytes
- le 2 février 2008
- 68 réponses
(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares

Voila le rapport VirusTotal pour le 2ème fichier : Fichier memsysdrv.sys reçu le 2008.02.02 11:57:09 (CET) Situation actuelle: terminé Résultat: 0/32 (0.00%)Formaté Impression des résultats AntivirusVersionDernière mise à jourRésultatAhnLab-V32008.2.2.102008.02.01-AntiVir7.6.0.612008.02.01-Authentium4.93.82008.02.01-Avast4.7.1098.02008.02.01-AVG7.5.0.5162008.02.01-BitDefender7.22008.02.02-CAT-QuickHeal9.002008.02.01-ClamAV0.922008.02.02-DrWeb4.44.0.091702008.02.02-eSafe7.0.15.02008.01.28-eTrust-Vet31.3.55042008.02.01-Ewido4.02008.02.02-FileAdvisor12008.02.02-Fortinet3.14.0.02008.02.02-F-Prot4.4.2.542008.02.01-F-Secure6.70.13260.02008.02.01-IkarusT3.1.1.202008.02.02-Kaspersky7.0.0.1252008.02.02-McAfee52212008.02.01-Microsoft1.32042008.02.02-NOD32v228452008.02.02-Norman5.80.022008.02.01-Panda9.0.0.42008.02.01-Prevx1V22008.02.02-Rising20.29.22.002008.01.30-Sophos4.26.02008.02.02-Sunbelt2.2.907.02008.02.02-Symantec102008.02.02-TheHacker6.2.9.2052008.02.01-VBA323.12.6.02008.02.02-VirusBuster4.3.26:92008.02.01-Webwasher-Gateway6.6.22008.02.02-Information additionnelleFile size: 44238 bytesMD5: 4bcec787a11251714655f9f4e0239d16SHA1: d30014a8c4c0c8d45ab5253ed9b0986edfdf67bbPEiD: -
- le 2 février 2008
- 68 réponses
(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares

Voila mon rapport Virus Total : Fichier D7ED7B0402.sys reçu le 2008.02.01 23:03:51 (CET) Situation actuelle: terminé Résultat: 0/32 (0.00%)Formaté Impression des résultats AntivirusVersionDernière mise à jourRésultatAhnLab-V32008.2.2.102008.02.01-AntiVir7.6.0.612008.02.01-Authentium4.93.82008.02.01-Avast4.7.1098.02008.02.01-AVG7.5.0.5162008.02.01-BitDefender7.22008.02.01-CAT-QuickHeal9.002008.02.01-ClamAV0.922008.02.01-DrWeb4.44.0.091702008.02.01-eSafe7.0.15.02008.01.28-eTrust-Vet31.3.55022008.02.01-Ewido4.02008.02.01-FileAdvisor12008.02.01-Fortinet3.14.0.02008.02.01-F-Prot4.4.2.542008.02.01-F-Secure6.70.13260.02008.02.01-IkarusT3.1.1.202008.02.01-Kaspersky7.0.0.1252008.02.01-McAfee52212008.02.01-Microsoft1.32042008.02.01-NOD32v228442008.02.01-Norman5.80.022008.02.01-Panda9.0.0.42008.02.01-Prevx1V22008.02.01-Rising20.29.22.002008.01.30-Sophos4.26.02008.02.01-Sunbelt2.2.907.02008.02.01-Symantec102008.02.01-TheHacker6.2.9.2052008.02.01-VBA323.12.2.62008.01.31-VirusBuster4.3.26:92008.02.01-Webwasher-Gateway6.6.22008.02.01-Information additionnelleFile size: 8 bytesMD5: ba898b29f0dbf9307f494475a8393f03SHA1: 697fd89eba4c1d12a53190666508b9aa503bf7e9PEiD: -
- le 2 février 2008
- 68 réponses
(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares

Fixdesktop n'a rien changé.
- le 1 février 2008
- 68 réponses
(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares
- le 1 février 2008
- 68 réponses
(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares

Comment on fait pour insérer l'image de la copie d'écran ?
- le 1 février 2008
- 68 réponses
(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares

Voila la copie d'écran de mon bureau.
- le 1 février 2008
- 68 réponses
(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares

La page de pub est revenue et a encore remplacé la page de démarrage Internet. Voila mon rapport HiJackThis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:03:52, on 01/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\SOUNDMAN.EXE C:\Apps\Powercinema\PCMService.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Hijackthis\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.w-w-w-dot-com.com/start.php R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://127.0.0.1:8100/PagesPro? R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\RunOnce: [HDReg] c:\Apps\HDReg\HDRegApp.exe -r O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\winvi\update.exe" /background O4 - HKCU\..\Run: [WebSUpdater] "C:\Program Files\winvi\wupda.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\microsoft office\office11\ONENOTEM.EXE O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer/stage6/...erInstaller.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - http://espaceabonnes.club-internet.fr/serv...ec/SymDlBrg.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- End of file - 13636 bytes
- le 1 février 2008
- 68 réponses
(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares

Effectivement, ma page de démarrage Internet est redevenue normale. Mais l'arrière-plan du bureau est toujours une liste de liens vers des vidéos.
- le 31 janvier 2008
- 68 réponses
(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares

Voila le rapport Combofix : ComboFix 08-01-29.3 - DENDECKER 2008-01-31 23:54:40.2 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.151 [GMT 1:00] Endroit: C:\Documents and Settings\DENDECKER\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\DENDECKER\Bureau\CFScript.txt * Création d'un nouveau point de restauration . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . C:\WINDOWS\system32\nsn31.dll C:\WINDOWS\system32\substpntx8.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\poof ((((((((((((((((((((((((((((( Fichiers créés 2007-12-28 to 2008-01-31 )))))))))))))))))))))))))))))))))))) . 2008-01-31 21:46 . 2008-01-31 21:46 <REP> d-------- C:\Deckard 2008-01-29 11:54 . 2008-01-29 11:54 8,927,828 --a------ C:\upload_moi_ALBERT.tar.gz 2008-01-27 20:55 . 2008-01-28 21:06 <REP> d-------- C:\Program Files\winvi 2008-01-25 17:25 . 2008-01-25 17:25 63,488 --a------ C:\WINDOWS\xobglu16.dll 2008-01-25 17:25 . 2008-01-25 17:25 23,552 --a------ C:\WINDOWS\xobglu32.dll 2008-01-23 20:51 . 2008-01-23 20:51 <REP> d-------- C:\Program Files\Illustrate 2008-01-23 20:51 . 2007-02-02 01:52 4,131,192 --a------ C:\WINDOWS\system32\SpoonUninstall.exe 2008-01-23 20:51 . 2008-01-23 20:50 33,846 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.bmp 2008-01-23 20:51 . 2008-01-23 20:51 13,083 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat 2008-01-23 14:40 . 1997-02-26 22:57 1,334,032 --------- C:\WINDOWS\Msvbvm50.dll 2008-01-23 14:40 . 1999-05-23 15:28 967,168 --------- C:\WINDOWS\dirapi.dll 2008-01-23 14:40 . 1999-05-05 22:22 598,288 --------- C:\WINDOWS\Oleaut32.dll 2008-01-23 14:40 . 1999-05-23 15:26 394,752 --------- C:\WINDOWS\Iml32.dll 2008-01-23 14:40 . 1997-02-26 22:57 192,272 --------- C:\WINDOWS\Mci32.ocx 2008-01-15 16:33 . 2008-01-15 16:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2008-01-15 16:31 . 2008-01-15 16:31 <REP> d-------- C:\Program Files\Yahoo! 2008-01-15 16:31 . 2008-01-15 16:32 <REP> d-------- C:\Program Files\CCleaner 2008-01-10 21:05 . 2008-01-10 21:05 <REP> d-------- C:\Program Files\eMule 0.47c 2008-01-02 15:00 . 2008-01-02 15:00 1,409 --a------ C:\WINDOWS\system32\tmp57367.FOT 2008-01-02 15:00 . 2008-01-02 15:00 1,409 --a------ C:\WINDOWS\system32\tmp55367.FOT 2008-01-02 15:00 . 2008-01-02 15:00 1,409 --a------ C:\WINDOWS\system32\tmp48367.FOT 2008-01-02 15:00 . 2008-01-02 15:00 1,409 --a------ C:\WINDOWS\system32\tmp3A367.FOT 2007-12-30 17:54 . 2007-12-30 19:04 <REP> d-------- C:\Extra M.A.M.E 2007-12-30 14:59 . 2007-12-30 14:59 <REP> d-------- C:\Program Files\vso 2007-12-30 14:59 . 2007-12-30 14:59 39,488 --a------ C:\WINDOWS\system32\drivers\Pcouffin.sys 2007-12-26 22:50 . 2007-12-26 22:50 <REP> d-------- C:\Documents and Settings\DENDECKER\Application Data\Shareaza 2007-12-24 15:38 . 2007-12-24 15:38 <REP> d-------- C:\divx 2007-12-24 15:24 . 2007-12-24 15:38 <REP> d-------- C:\Documents and Settings\DENDECKER\Application Data\DivX 2007-12-24 15:13 . 2007-12-24 15:13 2,308 --a------ C:\WINDOWS\mozver.dat 2007-12-23 19:02 . 2007-12-23 19:02 <REP> d-------- C:\Program Files\Nouveau dossier 2007-12-23 19:00 . 2007-01-30 06:03 116,472 --------- C:\WINDOWS\system32\pxcpyi64.exe 2007-12-22 20:53 . 2007-12-22 20:54 <REP> d-------- C:\Program Files\Macromedia 2007-12-22 20:53 . 2007-12-22 20:55 <REP> d-------- C:\Program Files\Fichiers communs\Macromedia 2007-12-22 20:51 . 2007-12-22 20:51 <REP> d-------- C:\WINDOWS\Downloaded Installations 2007-12-22 18:01 . 2007-12-26 13:58 44,238 --a------ C:\WINDOWS\system32\drivers\memsysdrv.sys 2007-12-21 21:21 . 2007-12-26 22:50 <REP> d-------- C:\Program Files\Shareaza 2007-12-18 19:35 . 2007-12-18 19:35 <REP> d-------- C:\WINDOWS\system32\LogFiles 2007-12-17 23:51 . 2007-12-17 23:51 <REP> d-------- C:\Program Files\PSCS2Updater 2007-12-17 23:17 . 2007-12-17 23:17 <REP> d-------- C:\Program Files\Fichiers communs\Adobe Systems Shared 2007-12-17 23:17 . 2007-12-17 23:17 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems 2007-12-16 17:36 . 2007-12-16 17:36 <REP> d-------- C:\Documents and Settings\DENDECKER\Application Data\AdobeAUM 2007-12-13 20:58 . 2007-12-13 20:58 <REP> d-------- C:\WINDOWS\system32\Adobe 2007-12-13 20:58 . 2001-11-14 20:19 16,384 --a------ C:\WINDOWS\system32\FileOps.exe 2007-12-13 20:54 . 2007-12-13 20:54 <REP> d-------- C:\WINDOWS\Adobe Illustrator CS 2007-12-09 20:25 . 2007-12-09 20:25 <REP> d-------- C:\Documents and Settings\DENDECKER\Application Data\Apple Computer 2007-12-09 19:55 . 2007-12-09 20:21 <REP> d-------- C:\Program Files\QuickTime 2007-12-09 19:54 . 2007-12-09 19:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer 2007-12-09 12:58 . 2007-12-09 12:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet 2007-12-05 10:37 . 2008-01-12 18:32 23,904 --a------ C:\WINDOWS\system32\drivers\COH_Mon.sys 2007-12-05 10:37 . 2008-01-15 09:54 10,537 --a------ C:\WINDOWS\system32\drivers\COH_Mon.cat 2007-12-05 10:37 . 2008-01-15 05:28 706 --a------ C:\WINDOWS\system32\drivers\COH_Mon.inf . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-31 22:54 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared 2008-01-31 22:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec 2008-01-29 21:51 --------- d-----w C:\Program Files\Java 2008-01-26 15:35 --------- d-----w C:\Program Files\PokerStars 2008-01-23 13:41 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-01-23 13:39 --------- d-----w C:\Program Files\Disney Interactive 2008-01-20 18:03 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll 2008-01-20 17:46 --------- d-----w C:\Program Files\Warcraft III 2007-12-29 17:08 --------- d-----w C:\Program Files\Microsoft Games 2007-12-24 14:13 --------- d-----w C:\Program Files\Google 2007-12-24 14:10 --------- d-----w C:\Program Files\DivX 2007-12-18 18:07 --------- d-----w C:\Documents and Settings\DENDECKER\Application Data\AdobeUM 2007-12-17 22:21 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2007-12-05 10:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink 2007-12-05 09:36 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF 2007-12-05 09:36 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL 2007-12-05 09:36 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS 2007-12-05 09:36 10,740 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT 2007-12-05 09:36 --------- d-----w C:\Program Files\Symantec 2007-12-05 09:35 --------- d-----w C:\Program Files\Norton Internet Security 2007-12-04 19:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink 2007-11-30 22:57 43,696 ----a-w C:\WINDOWS\system32\drivers\srtspx.sys 2007-11-30 22:57 317,616 ----a-w C:\WINDOWS\system32\drivers\srtspl.sys 2007-11-30 22:57 279,088 ----a-w C:\WINDOWS\system32\drivers\srtsp.sys 2007-11-30 22:57 10,549 ----a-w C:\WINDOWS\system32\drivers\srtspx.cat 2007-11-30 22:57 10,549 ----a-w C:\WINDOWS\system32\drivers\srtspl.cat 2007-11-30 22:57 10,545 ----a-w C:\WINDOWS\system32\drivers\srtsp.cat 2007-11-30 22:57 1,430 ----a-w C:\WINDOWS\system32\drivers\srtspl.inf 2007-11-30 22:57 1,421 ----a-w C:\WINDOWS\system32\drivers\srtspx.inf 2007-11-30 22:57 1,415 ----a-w C:\WINDOWS\system32\drivers\srtsp.inf 2007-11-29 23:30 --------- d-----w C:\Program Files\Windows Live 2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll 2007-11-07 09:28 728,576 ------w C:\WINDOWS\system32\dllcache\lsasrv.dll 2007-10-30 23:23 3,590,656 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll 2007-10-30 17:20 360,064 ------w C:\WINDOWS\system32\dllcache\tcpip.sys 2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll 2007-10-29 22:43 1,293,824 ------w C:\WINDOWS\system32\dllcache\quartz.dll 2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll 2007-10-25 09:01 2,109,440 ------w C:\WINDOWS\system32\dllcache\wmvcore.dll 2007-10-25 09:00 230,912 ----a-w C:\WINDOWS\system32\wmasf.dll 2007-10-25 09:00 230,912 ------w C:\WINDOWS\system32\dllcache\wmasf.dll 2007-10-23 16:49 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR 2007-10-17 17:23 10,752 ----a-w C:\WINDOWS\system32\WhoisCL.exe 2007-10-10 23:49 824,832 ----a-w C:\WINDOWS\system32\wininet.dll 2007-10-10 23:49 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll 2007-10-10 23:49 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll 2007-10-10 23:49 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll 2007-10-10 23:49 6,065,664 ------w C:\WINDOWS\system32\dllcache\ieframe.dll 2007-10-10 23:49 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2007-10-10 23:49 478,208 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll 2007-10-10 23:49 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll 2007-10-10 23:49 44,544 ------w C:\WINDOWS\system32\dllcache\iernonce.dll 2007-10-10 23:49 384,512 ------w C:\WINDOWS\system32\dllcache\iedkcs32.dll 2007-10-10 23:49 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll 2007-10-10 23:49 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll 2007-10-10 23:49 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll 2007-10-10 23:49 232,960 ------w C:\WINDOWS\system32\dllcache\webcheck.dll 2007-10-10 23:49 230,400 ------w C:\WINDOWS\system32\dllcache\ieaksie.dll 2007-10-10 23:49 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll 2007-10-10 23:49 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll 2007-10-10 23:49 153,088 ------w C:\WINDOWS\system32\dllcache\ieakeng.dll 2007-10-10 23:49 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll 2007-10-10 23:49 124,928 ------w C:\WINDOWS\system32\dllcache\advpack.dll 2007-10-10 23:49 105,984 ------w C:\WINDOWS\system32\dllcache\url.dll 2007-10-10 23:49 102,400 ------w C:\WINDOWS\system32\dllcache\occache.dll 2007-10-10 23:49 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll 2007-10-10 11:00 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe 2007-10-10 11:00 625,152 ------w C:\WINDOWS\system32\dllcache\iexplore.exe 2007-10-10 10:59 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe 2007-10-10 05:46 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll 2007-10-04 20:03 49,245,328 ----a-w C:\Program Files\Install_NortonInternetSecurity_FR.exe 2007-09-19 19:16 42,641,512 ----a-w C:\Program Files\Install_NortonAntiVirus2007_FR.exe 2004-09-20 20:23 2,974 ----a-w C:\Program Files\orion.nfo 2004-07-16 18:52 0 ----a-w C:\Program Files\infra-red.da.ru 2004-07-13 15:47 9,692 ----a-w C:\Program Files\infra-red.nfo 2007-03-15 20:21 8 --sh--r C:\WINDOWS\system32\D7ED7B0402.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360] "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472] "WinUpdater"="C:\Program Files\winvi\update.exe" [2008-01-21 17:37 174232] "WebSUpdater"="C:\Program Files\winvi\wupda.exe" [2008-01-21 17:37 198185] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 13:00 208952] "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168] "VTTimer"="VTTimer.exe" [2004-03-26 13:07 49152 C:\WINDOWS\system32\VTTimer.exe] "SoundMan"="SOUNDMAN.EXE" [2004-05-14 14:47 67072 C:\WINDOWS\SOUNDMAN.EXE] "PCMService"="c:\Apps\Powercinema\PCMService.exe" [2005-01-28 10:10 110740] "EPSON Stylus DX3800 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.exe" [2005-02-08 05:00 98304] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-05-04 12:17 180269] "StandardInstall"="" [] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-11-21 18:38 35328] "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-02-19 18:25 115816] "osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2007-02-19 18:24 771704] "Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 09:22 517768] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-12-09 19:55 155648] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "HDReg"="c:\Apps\HDReg\HDRegApp.exe" [2004-08-09 17:45 24576] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-12-13 20:57:46 110592] Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696] Lancement rapide de Microsoft Office OneNote 2003.lnk - C:\Program Files\microsoft office\office11\ONENOTEM.EXE [2003-08-06 21:23:32 51776] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoStartMenuPinnedList"= 0 (0x0) "NoStartMenuMFUprogramsList"= 0 (0x0) "NoUserNameInStartMenu"= 0 (0x0) "NoStartMenuSubFolders"= 0 (0x0) "NoCommonGroups"= 0 (0x0) "NoPrinterTabs"= 0 (0x0) "NoDeletePrinter"= 0 (0x0) "NoAddPrinter"= 0 (0x0) "NoPrinters"= 0 (0x0) "NoFavoritesMenu"= 0 (0x0) "NoSetFolders"= 0 (0x0) "NoToolbarCustomize"= 0 (0x0) "NoRecentDocsNetHood"= 0 (0x0) "NoChangeAnimation"= 0 (0x0) "NoChangeKeyboardNavigationIndicators"= 0 (0x0) R2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [2007-09-26 10:56] S3 memsysdrv;Memory System;C:\WINDOWS\system32\drivers\memsysdrv.sys [2007-12-26 13:58] *Newly Created Service* - COMHOST . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-01-31 23:00:00 C:\WINDOWS\Tasks\HDReg.job" - c:\Apps\HDReg\HDRegRem.exe "2008-01-28 19:00:05 C:\WINDOWS\Tasks\Norton Internet Security Online - Analyse système complète - DENDECKER.job" - C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exeh/TASK: "2007-03-06 18:05:42 C:\WINDOWS\Tasks\Rappel d'enregistrement 1.job" - C:\WINDOWS\system32\OOBE\oobebaln.exe "2007-03-06 18:05:43 C:\WINDOWS\Tasks\Rappel d'enregistrement 2.job" - C:\WINDOWS\system32\OOBE\oobebaln.exe "2008-01-31 22:29:02 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job" - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-31 23:59:51 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-02-01 0:02:30 ComboFix-quarantined-files.txt 2008-01-31 23:02:26 . 2008-01-09 23:38:13 --- E O F ---
- le 31 janvier 2008
- 68 réponses
(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares

Voila le rapport Deckard : Deckard's System Scanner v20071014.68 Run by DENDECKER on 2008-01-31 21:47:31 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 12: 2008-01-31 20:47:38 UTC - RP12 - Deckard's System Scanner Restore Point 11: 2008-01-31 18:09:52 UTC - RP11 - Point de vérification système 10: 2008-01-29 21:51:11 UTC - RP10 - Supprimé Java 6 Update 2 9: 2008-01-29 21:48:48 UTC - RP9 - Supprimé Java 2 Runtime Environment, SE v1.4.2_05 8: 2008-01-29 16:59:20 UTC - RP8 - ComboFix created restore point -- First Restore Point -- 1: 2008-01-22 16:34:43 UTC - RP1 - Point de vérification système Backed up registry hives. Performed disk cleanup. Total Physical Memory: 448 MiB (512 MiB recommended). System Drive C: has 9.37 GiB (less than 15%) free. -- HijackThis (run as DENDECKER.exe) ------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:50, on 2008-01-31 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\SOUNDMAN.EXE C:\Apps\Powercinema\PCMService.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Documents and Settings\DENDECKER\Bureau\dss.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\HIJACK~1\HIJACK~1\DENDECKER.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.w-w-w-dot-com.com/start.php R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://127.0.0.1:8100/PagesPro? R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\RunOnce: [HDReg] c:\Apps\HDReg\HDRegApp.exe -r O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\winvi\update.exe" /background O4 - HKCU\..\Run: [WebSUpdater] "C:\Program Files\winvi\wupda.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\microsoft office\office11\ONENOTEM.EXE O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer/stage6/...erInstaller.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - http://espaceabonnes.club-internet.fr/serv...ec/SymDlBrg.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- End of file - 13363 bytes -- HijackThis Fixed Entries (C:\PROGRA~1\HIJACK~1\HIJACK~1\backups\) ----------- backup-20080129-231919-169 O4 - HKLM\..\Run: [dbar_starter] C:\Documents and Settings\DENDECKER\Application Data\Deskbar_{941792BD-1B18-4c50-AEB2-4288265AC614}\starter.exe backup-20080129-231919-355 O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u backup-20080129-231919-482 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.w-w-w-dot-com.com/start.php backup-20080129-231919-931 O2 - BHO: PBFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - C:\WINDOWS\system32\pbfrv2.dll backup-20080129-231919-960 O3 - Toolbar: PBFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - C:\WINDOWS\system32\pbfrv2.dll backup-20080129-231919-992 O4 - HKCU\..\Run: [WinButler] C:\Documents and Settings\DENDECKER\Application Data\WinButler\WinButler.exe -- File Associations ----------------------------------------------------------- .js - JSFile - DefaultIcon - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe",2 -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R3 Pcouffin (Low level access layer for CD devices) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine> S3 memsysdrv (Memory System) - c:\windows\system32\drivers\memsysdrv.sys S3 MRENDIS5 (MRENDIS5 NDIS Protocol Driver) - c:\program files\common files\motive\mrendis5.sys <Not Verified; Motive, Inc.; Motive Rawether for Windows> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 CLCapSvc (CyberLink Background Capture Service (CBCS)) - "c:\apps\powercinema\kernel\tv\clcapsvc.exe" <Not Verified; ; CLCapSvc Module> R2 CLSched (CyberLink Task Scheduler (CTS)) - "c:\apps\powercinema\kernel\tv\clsched.exe" <Not Verified; ; CLSched Module> R2 CyberLink Media Library Service - "c:\program files\cyberlink\shared files\clml_ntservice\clmlserver.exe" <Not Verified; Cyberlink; Cyberlink Media Library Server> R2 GenericHidService (Generic Service for HID Keyboard Input Collections) - c:\apps\hidservice\hidservice.exe S3 MysqlInventime - c:\mysql\bin\mysqld-nt mysqlinventime -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Scheduled Tasks ------------------------------------------------------------- 2008-01-31 21:29:01 256 --a------ C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job 2008-01-31 21:00:00 240 --a------ C:\WINDOWS\Tasks\HDReg.job 2008-01-28 20:00:05 680 --a------ C:\WINDOWS\Tasks\Norton Internet Security Online - Analyse système complète - DENDECKER.job 2007-03-06 19:05:43 258 --a------ C:\WINDOWS\Tasks\Rappel d'enregistrement 2.job 2007-03-06 19:05:42 258 --a------ C:\WINDOWS\Tasks\Rappel d'enregistrement 1.job -- Files created between 2007-12-31 and 2008-01-31 ----------------------------- 2008-01-29 13:50:14 0 d-------- C:\WINDOWS\pss 2008-01-27 20:55:02 0 d-------- C:\Program Files\winvi 2008-01-25 17:25:03 23552 --a------ C:\WINDOWS\xobglu32.dll 2008-01-25 17:25:03 63488 --a------ C:\WINDOWS\xobglu16.dll 2008-01-23 20:51:15 13083 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat 2008-01-23 20:51:11 0 d-------- C:\Program Files\Illustrate 2008-01-23 14:40:26 598288 -----n--- C:\WINDOWS\Oleaut32.dll <Not Verified; Microsoft Corporation; Microsoft OLE 2.40 for Windows NT and Windows 95 Operating Systems> 2008-01-23 14:40:25 394752 -----n--- C:\WINDOWS\Iml32.dll <Not Verified; Macromedia, Inc.; Macromedia Director> 2008-01-23 14:40:24 967168 -----n--- C:\WINDOWS\dirapi.dll <Not Verified; Macromedia, Inc.; Macromedia Director> 2008-01-15 17:02:50 0 dr-h----- C:\Documents and Settings\DENDECKER\Recent 2008-01-15 16:33:58 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2008-01-15 16:31:39 0 d-------- C:\Program Files\Yahoo! 2008-01-15 16:31:26 0 d-------- C:\Program Files\CCleaner 2008-01-10 21:05:08 0 d-------- C:\Program Files\eMule 0.47c -- Find3M Report --------------------------------------------------------------- 2008-01-31 21:48:50 0 d-------- C:\Program Files\Fichiers communs\Symantec Shared 2008-01-29 22:51:51 0 d-------- C:\Program Files\Java 2008-01-26 16:35:22 0 d-------- C:\Program Files\PokerStars 2008-01-23 14:41:09 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-01-23 14:39:34 0 d-------- C:\Program Files\Disney Interactive 2008-01-22 18:11:53 0 d-------- C:\Documents and Settings\DENDECKER\Application Data\Adobe 2008-01-20 19:03:35 43520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll 2008-01-20 18:46:48 0 d-------- C:\Program Files\Warcraft III 2007-12-30 14:59:06 0 d-------- C:\Program Files\vso 2007-12-29 18:08:30 0 d-------- C:\Program Files\Microsoft Games 2007-12-26 22:50:42 0 d-------- C:\Program Files\Shareaza 2007-12-26 22:50:37 0 d-------- C:\Documents and Settings\DENDECKER\Application Data\Shareaza 2007-12-24 15:38:24 0 d-------- C:\Documents and Settings\DENDECKER\Application Data\DivX 2007-12-24 15:13:24 0 d-------- C:\Documents and Settings\DENDECKER\Application Data\Mozilla 2007-12-24 15:13:15 0 d-------- C:\Program Files\Google 2007-12-24 15:13:07 2308 --a------ C:\WINDOWS\mozver.dat 2007-12-24 15:10:09 0 d-------- C:\Program Files\DivX 2007-12-23 19:02:46 0 d-------- C:\Program Files\Nouveau dossier 2007-12-23 10:28:16 0 d-------- C:\Documents and Settings\DENDECKER\Application Data\Macromedia 2007-12-22 20:55:49 0 d-------- C:\Program Files\Fichiers communs\Macromedia 2007-12-22 20:54:14 0 d-------- C:\Program Files\Macromedia 2007-12-22 20:53:16 0 d-------- C:\Program Files\Fichiers communs 2007-12-18 19:07:27 0 d-------- C:\Documents and Settings\DENDECKER\Application Data\AdobeUM 2007-12-18 00:09:22 0 d-------- C:\Documents and Settings\DENDECKER\Application Data\Opera 2007-12-17 23:51:17 0 d-------- C:\Program Files\PSCS2Updater 2007-12-17 23:21:48 0 d-------- C:\Program Files\Fichiers communs\Adobe 2007-12-17 23:17:45 0 d-------- C:\Program Files\Fichiers communs\Adobe Systems Shared 2007-12-16 17:36:08 0 d-------- C:\Documents and Settings\DENDECKER\Application Data\AdobeAUM 2007-12-09 20:25:16 0 d-------- C:\Documents and Settings\DENDECKER\Application Data\Apple Computer 2007-12-09 20:21:09 0 d-------- C:\Program Files\QuickTime 2007-12-05 10:36:20 0 d-------- C:\Program Files\Symantec 2007-12-05 10:35:49 0 d-------- C:\Program Files\Norton Internet Security 2007-12-02 00:05:46 447772 --a------ C:\WINDOWS\system32\perfh00C.dat 2007-12-02 00:05:46 64492 --a------ C:\WINDOWS\system32\perfc00C.dat 2007-11-30 00:30:52 0 d-------- C:\Program Files\Windows Live -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 13:00] "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00] "VTTimer"="VTTimer.exe" [2004-03-26 13:07 C:\WINDOWS\system32\VTTimer.exe] "SoundMan"="SOUNDMAN.EXE" [2004-05-14 14:47 C:\WINDOWS\SOUNDMAN.EXE] "PCMService"="c:\Apps\Powercinema\PCMService.exe" [2005-01-28 10:10] "EPSON Stylus DX3800 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.exe" [2005-02-08 05:00] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-05-04 12:17] "StandardInstall"="" [] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-11-21 18:38] "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-02-19 18:25] "osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2007-02-19 18:24] "Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 09:22] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-12-09 19:55] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00] "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45] "WinUpdater"="C:\Program Files\winvi\update.exe" [2008-01-21 17:37] "WebSUpdater"="C:\Program Files\winvi\wupda.exe" [2008-01-21 17:37] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce] "HDReg"=c:\Apps\HDReg\HDRegApp.exe -r C:\Documents and Settings\DENDECKER\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-12-13 20:57:46] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-12-13 20:57:46] Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26] Lancement rapide de Microsoft Office OneNote 2003.lnk - C:\Program Files\microsoft office\office11\ONENOTEM.EXE [2003-08-06 21:23:32] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoManageMyComputerVerb"=0 (0x0) "NoLowDiskSpaceChecks"=0 (0x0) "NoStartMenuPinnedList"=0 (0x0) "NoStartMenuMFUprogramsList"=0 (0x0) "NoUserNameInStartMenu"=0 (0x0) "NoStartMenuSubFolders"=0 (0x0) "NoCommonGroups"=0 (0x0) "NoRecentDocsMenu"=0 (0x0) "ClearRecentDocsOnExit"=0 (0x0) "NoPrinterTabs"=0 (0x0) "NoDeletePrinter"=0 (0x0) "NoAddPrinter"=0 (0x0) "NoPrinters"=0 (0x0) "NoNetworkConnections"=0 (0x0) "NoFavoritesMenu"=0 (0x0) "NoSetFolders"=0 (0x0) "NoSMHelp"=0 (0x0) "NoChangeStartMenu"=0 (0x0) "NoFileMenu"=0 (0x0) "NoShellSearchButton"=0 (0x0) "NoToolbarCustomize"=0 (0x0) "NoRecentDocsNetHood"=0 (0x0) "NoChangeAnimation"=0 (0x0) "NoChangeKeyboardNavigationIndicators"=0 (0x0) "ForceActiveDesktopOn"=1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC] @="Service" *Newly Created Service* - COMHOST -- End of Deckard's System Scanner: finished at 2008-01-31 21:51:13 ------------
- le 31 janvier 2008
- 68 réponses
(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares

La page de pub est revenu (www.w-w-w-dot-com.com/start.php).
- le 31 janvier 2008
- 68 réponses
(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares

J'ai remis ma page d'accueil Internet habituelle : ça marche : la page de pub ne revient pas. Par contre un carré blanc sur fond bleu avec une liste de liens s'est installé comme image d'arrière-plan de mon bureau. En plus, dans le panneau de configuration, je n'ai plus accès aux différentes images d'arrière-plan (la fenêtre est grisée et inactive, pourtant les images sont bien la mais je ne peux pas les remettre).
- le 31 janvier 2008
- 68 réponses
(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares

Voila le rapport ComboFix : ComboFix 08-01-29.3 - DENDECKER 2008-01-29 17:59:44.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.141 [GMT 1:00] Endroit: C:\Documents and Settings\DENDECKER\Bureau\ComboFix.exe * Création d'un nouveau point de restauration . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\nsn31.dll C:\WINDOWS\system32\substpntx8.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\poof ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-12-28 to 2008-01-29 )))))))))))))))))))))))))))))))))))) . 2008-01-29 11:54 . 2008-01-29 11:54 8,927,828 --a------ C:\upload_moi_ALBERT.tar.gz 2008-01-28 18:58 . 2008-01-28 18:58 <REP> d-------- C:\Program Files\dbar 2008-01-28 18:58 . 2008-01-28 18:58 <REP> d-------- C:\Documents and Settings\DENDECKER\Application Data\Deskbar_{941792BD-1B18-4c50-AEB2-4288265AC614} 2008-01-27 20:55 . 2008-01-28 21:06 <REP> d-------- C:\Program Files\winvi 2008-01-25 17:25 . 2008-01-25 17:25 63,488 --a------ C:\WINDOWS\xobglu16.dll 2008-01-25 17:25 . 2008-01-25 17:25 23,552 --a------ C:\WINDOWS\xobglu32.dll 2008-01-23 20:51 . 2008-01-23 20:51 <REP> d-------- C:\Program Files\Illustrate 2008-01-23 20:51 . 2007-02-02 01:52 4,131,192 --a------ C:\WINDOWS\system32\SpoonUninstall.exe 2008-01-23 20:51 . 2008-01-23 20:50 33,846 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.bmp 2008-01-23 20:51 . 2008-01-23 20:51 13,083 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat 2008-01-23 14:40 . 1997-02-26 22:57 1,334,032 --------- C:\WINDOWS\Msvbvm50.dll 2008-01-23 14:40 . 1999-05-23 15:28 967,168 --------- C:\WINDOWS\dirapi.dll 2008-01-23 14:40 . 1999-05-05 22:22 598,288 --------- C:\WINDOWS\Oleaut32.dll 2008-01-23 14:40 . 1999-05-23 15:26 394,752 --------- C:\WINDOWS\Iml32.dll 2008-01-23 14:40 . 1997-02-26 22:57 192,272 --------- C:\WINDOWS\Mci32.ocx 2008-01-15 16:33 . 2008-01-15 16:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2008-01-15 16:31 . 2008-01-15 16:31 <REP> d-------- C:\Program Files\Yahoo! 2008-01-15 16:31 . 2008-01-15 16:32 <REP> d-------- C:\Program Files\CCleaner 2008-01-10 21:05 . 2008-01-10 21:05 <REP> d-------- C:\Program Files\eMule 0.47c 2008-01-02 15:00 . 2008-01-02 15:00 1,409 --a------ C:\WINDOWS\system32\tmp57367.FOT 2008-01-02 15:00 . 2008-01-02 15:00 1,409 --a------ C:\WINDOWS\system32\tmp55367.FOT 2008-01-02 15:00 . 2008-01-02 15:00 1,409 --a------ C:\WINDOWS\system32\tmp48367.FOT 2008-01-02 15:00 . 2008-01-02 15:00 1,409 --a------ C:\WINDOWS\system32\tmp3A367.FOT 2007-12-30 17:54 . 2007-12-30 19:04 <REP> d-------- C:\Extra M.A.M.E 2007-12-30 15:37 . 2007-12-30 18:38 80,097 --a------ C:\WINDOWS\system32\dcads-remove.exe 2007-12-30 14:59 . 2007-12-30 14:59 <REP> d-------- C:\Program Files\vso 2007-12-30 14:59 . 2007-12-30 14:59 39,488 --a------ C:\WINDOWS\system32\drivers\Pcouffin.sys 2007-12-29 16:00 . 2008-01-29 10:39 <REP> d-------- C:\Documents and Settings\DENDECKER\Application Data\WinButler . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-29 17:07 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared 2008-01-29 16:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec 2008-01-26 15:35 --------- d-----w C:\Program Files\PokerStars 2008-01-23 13:41 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-01-23 13:39 --------- d-----w C:\Program Files\Disney Interactive 2008-01-20 17:46 --------- d-----w C:\Program Files\Warcraft III 2007-12-29 17:08 --------- d-----w C:\Program Files\Microsoft Games 2007-12-26 21:50 --------- d-----w C:\Program Files\Shareaza 2007-12-26 21:50 --------- d-----w C:\Documents and Settings\DENDECKER\Application Data\Shareaza 2007-12-26 12:58 44,238 ----a-w C:\WINDOWS\system32\drivers\memsysdrv.sys 2007-12-24 14:38 --------- d-----w C:\Documents and Settings\DENDECKER\Application Data\DivX 2007-12-24 14:13 --------- d-----w C:\Program Files\Google 2007-12-24 14:10 --------- d-----w C:\Program Files\DivX 2007-12-23 18:02 --------- d-----w C:\Program Files\Nouveau dossier 2007-12-22 19:55 --------- d-----w C:\Program Files\Fichiers communs\Macromedia 2007-12-22 19:54 --------- d-----w C:\Program Files\Macromedia 2007-12-18 18:07 --------- d-----w C:\Documents and Settings\DENDECKER\Application Data\AdobeUM 2007-12-17 22:51 --------- d-----w C:\Program Files\PSCS2Updater 2007-12-17 22:21 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2007-12-17 22:17 --------- d-----w C:\Program Files\Fichiers communs\Adobe Systems Shared 2007-12-17 22:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems 2007-12-16 16:36 --------- d-----w C:\Documents and Settings\DENDECKER\Application Data\AdobeAUM 2007-12-09 19:25 --------- d-----w C:\Documents and Settings\DENDECKER\Application Data\Apple Computer 2007-12-09 19:21 --------- d-----w C:\Program Files\QuickTime 2007-12-09 18:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2007-12-09 11:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet 2007-12-05 10:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink 2007-12-05 09:36 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF 2007-12-05 09:36 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS 2007-12-05 09:36 10,740 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT 2007-12-05 09:36 --------- d-----w C:\Program Files\Symantec 2007-12-05 09:35 --------- d-----w C:\Program Files\Norton Internet Security 2007-12-04 19:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink 2007-11-30 22:57 43,696 ----a-w C:\WINDOWS\system32\drivers\srtspx.sys 2007-11-30 22:57 317,616 ----a-w C:\WINDOWS\system32\drivers\srtspl.sys 2007-11-30 22:57 279,088 ----a-w C:\WINDOWS\system32\drivers\srtsp.sys 2007-11-30 22:57 10,549 ----a-w C:\WINDOWS\system32\drivers\srtspx.cat 2007-11-30 22:57 10,549 ----a-w C:\WINDOWS\system32\drivers\srtspl.cat 2007-11-30 22:57 10,545 ----a-w C:\WINDOWS\system32\drivers\srtsp.cat 2007-11-30 22:57 1,430 ----a-w C:\WINDOWS\system32\drivers\srtspl.inf 2007-11-30 22:57 1,421 ----a-w C:\WINDOWS\system32\drivers\srtspx.inf 2007-11-30 22:57 1,415 ----a-w C:\WINDOWS\system32\drivers\srtsp.inf 2007-11-29 23:30 --------- d-----w C:\Program Files\Windows Live 2007-10-04 20:03 49,245,328 ----a-w C:\Program Files\Install_NortonInternetSecurity_FR.exe 2007-09-19 19:16 42,641,512 ----a-w C:\Program Files\Install_NortonAntiVirus2007_FR.exe 2004-09-20 20:23 2,974 ----a-w C:\Program Files\orion.nfo 2004-07-16 18:52 0 ----a-w C:\Program Files\infra-red.da.ru 2004-07-13 15:47 9,692 ----a-w C:\Program Files\infra-red.nfo 2007-03-15 20:21 8 --sh--r C:\WINDOWS\system32\D7ED7B0402.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}] 2004-03-17 11:22 820736 --a------ C:\WINDOWS\system32\pbfrv2.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CC11617C-259E-429c-9063-7D70B8355EBD}] 2007-11-14 14:36 1486848 --a------ C:\Program Files\dbar\Deskbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} {EE5D279F-081B-4404-994D-C6B60AAEBA6D} {2318C2B1-4965-11D4-9B18-009027A5CD4F} {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} {EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d}] [HKEY_CLASSES_ROOT\pbfrv2.PBFRV2] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}"= C:\WINDOWS\system32\pbfrv2.dll [2004-03-17 11:22 820736] [HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d}] [HKEY_CLASSES_ROOT\pbfrv2.PBFRV2] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360] "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472] "WinButler"="C:\Documents and Settings\DENDECKER\Application Data\WinButler\WinButler.exe" [2007-11-29 21:00 180736] "WinUpdater"="C:\Program Files\winvi\update.exe" [2008-01-21 17:37 174232] "WebSUpdater"="C:\Program Files\winvi\wupda.exe" [2008-01-21 17:37 198185] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 13:00 208952] "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168] "VTTimer"="VTTimer.exe" [2004-03-26 13:07 49152 C:\WINDOWS\system32\VTTimer.exe] "SoundMan"="SOUNDMAN.EXE" [2004-05-14 14:47 67072 C:\WINDOWS\SOUNDMAN.EXE] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496] "PCMService"="c:\Apps\Powercinema\PCMService.exe" [2005-01-28 10:10 110740] "EPSON Stylus DX3800 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.exe" [2005-02-08 05:00 98304] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-05-04 12:17 180269] "UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [ ] "StandardInstall"="" [] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-11-21 18:38 35328] "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-02-19 18:25 115816] "osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2007-02-19 18:24 771704] "Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 09:22 517768] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-12-09 19:55 155648] "dbar_starter"="C:\Documents and Settings\DENDECKER\Application Data\Deskbar_{941792BD-1B18-4c50-AEB2-4288265AC614}\starter.exe" [ ] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoStartMenuPinnedList"= 0 (0x0) "NoStartMenuMFUprogramsList"= 0 (0x0) "NoUserNameInStartMenu"= 0 (0x0) "NoStartMenuSubFolders"= 0 (0x0) "NoCommonGroups"= 0 (0x0) "NoPrinterTabs"= 0 (0x0) "NoDeletePrinter"= 0 (0x0) "NoAddPrinter"= 0 (0x0) "NoPrinters"= 0 (0x0) "NoFavoritesMenu"= 0 (0x0) "NoSetFolders"= 0 (0x0) "NoToolbarCustomize"= 0 (0x0) "NoRecentDocsNetHood"= 0 (0x0) "NoChangeAnimation"= 0 (0x0) "NoChangeKeyboardNavigationIndicators"= 0 (0x0) "ForceActiveDesktopOn"= 1 S3 memsysdrv;Memory System;C:\WINDOWS\system32\drivers\memsysdrv.sys [2007-12-26 13:58] *Newly Created Service* - COMHOST . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2008-01-29 17:00:01 C:\WINDOWS\Tasks\HDReg.job" - c:\Apps\HDReg\HDRegRem.exe "2008-01-28 19:00:05 C:\WINDOWS\Tasks\Norton Internet Security Online - Analyse système complète - DENDECKER.job"
- le 31 janvier 2008
- 68 réponses
(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares

Pour le message Attention erreur systeme : nom en double sur le réseau : Il n'y a pas plus de précisons (meme quand je clique sur le message).
- le 31 janvier 2008
- 68 réponses
(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares

Voila mon rapport ewido : __________________________________________________ ewido anti-spyware online scanner http://www.ewido.net __________________________________________________ Name: TrackingCookie.247realmedia Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@247realmedia[2].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@2o7[1].txt Risk: Medium Name: TrackingCookie.Yieldmanager Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@ad.yieldmanager[1].txt Risk: Medium Name: TrackingCookie.Clickhype Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@ad1.clickhype[1].txt Risk: Medium Name: TrackingCookie.Adbrite Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@adbrite[2].txt Risk: Medium Name: TrackingCookie.Euroclick Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@adopt.euroclick[2].txt Risk: Medium Name: TrackingCookie.Adrevolver Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@adrevolver[1].txt Risk: Medium Name: TrackingCookie.Adbrite Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@ads.adbrite[2].txt Risk: Medium Name: TrackingCookie.Adtech Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@adtech[1].txt Risk: Medium Name: TrackingCookie.Advertising Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@advertising[1].txt Risk: Medium Name: TrackingCookie.Adviva Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@adviva[1].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@aoleusearch.122.2o7[1].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@aolfr.122.2o7[2].txt Risk: Medium Name: TrackingCookie.Atdmt Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@atdmt[2].txt Risk: Medium Name: TrackingCookie.Bluestreak Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@bluestreak[2].txt Risk: Medium Name: TrackingCookie.Serving-sys Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@bs.serving-sys[1].txt Risk: Medium Name: TrackingCookie.Casinotropez Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@casinotropez[2].txt Risk: Medium Name: TrackingCookie.Doubleclick Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@doubleclick[1].txt Risk: Medium Name: TrackingCookie.Estat Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@estat[1].txt Risk: Medium Name: TrackingCookie.Fastclick Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@fastclick[2].txt Risk: Medium Name: TrackingCookie.Findwhat Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@findwhat[1].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@fnac.112.2o7[1].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@karavel.112.2o7[2].txt Risk: Medium Name: TrackingCookie.Webtrends Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@m.webtrends[2].txt Risk: Medium Name: TrackingCookie.Adrevolver Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@media.adrevolver[2].txt Risk: Medium Name: TrackingCookie.Mediaplex Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@mediaplex[1].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@msnportal.112.2o7[1].txt Risk: Medium Name: TrackingCookie.Overture Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@overture[1].txt Risk: Medium Name: TrackingCookie.Questionmarket Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@questionmarket[1].txt Risk: Medium Name: TrackingCookie.Serving-sys Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@serving-sys[2].txt Risk: Medium Name: TrackingCookie.Smartadserver Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@smartadserver[2].txt Risk: Medium Name: TrackingCookie.Statcounter Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@statcounter[1].txt Risk: Medium Name: TrackingCookie.Tradedoubler Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@tradedoubler[2].txt Risk: Medium Name: TrackingCookie.Weborama Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@weborama[2].txt Risk: Medium Name: TrackingCookie.Casinotropez Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@www.casinotropez[1].txt Risk: Medium Name: Adware.Gator Path: HKLM\SOFTWARE\Gator.com Risk: Medium Name: Adware.Gator Path: HKLM\SOFTWARE\Gator.com\Trickler Risk: Medium Name: Adware.2020Search Path: HKU\S-1-5-21-2856856626-3284181221-2173939434-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} Risk: Medium Name: Adware.2020Search Path: HKU\S-1-5-21-2856856626-3284181221-2173939434-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} Risk: Medium Name: TrackingCookie.Yieldmanager Path: C:\Documents and Settings\Amandine\Cookies\amandine@ad.yieldmanager[2].txt Risk: Medium Name: TrackingCookie.Adbrite Path: C:\Documents and Settings\Amandine\Cookies\amandine@adbrite[1].txt Risk: Medium Name: TrackingCookie.Adrevolver Path: C:\Documents and Settings\Amandine\Cookies\amandine@adrevolver[1].txt Risk: Medium Name: TrackingCookie.Adbrite Path: C:\Documents and Settings\Amandine\Cookies\amandine@ads.adbrite[2].txt Risk: Medium Name: TrackingCookie.Advertising Path: C:\Documents and Settings\Amandine\Cookies\amandine@advertising[1].txt Risk: Medium Name: TrackingCookie.Atdmt Path: C:\Documents and Settings\Amandine\Cookies\amandine@atdmt[2].txt Risk: Medium Name: TrackingCookie.Doubleclick Path: C:\Documents and Settings\Amandine\Cookies\amandine@doubleclick[2].txt Risk: Medium Name: TrackingCookie.Ru4 Path: C:\Documents and Settings\Amandine\Cookies\amandine@edge.ru4[1].txt Risk: Medium Name: TrackingCookie.Hitbox Path: C:\Documents and Settings\Amandine\Cookies\amandine@ehg-avanquest.hitbox[1].txt Risk: Medium Name: TrackingCookie.Fastclick Path: C:\Documents and Settings\Amandine\Cookies\amandine@fastclick[1].txt Risk: Medium Name: TrackingCookie.Hitbox Path: C:\Documents and Settings\Amandine\Cookies\amandine@hitbox[2].txt Risk: Medium Name: TrackingCookie.Adrevolver Path: C:\Documents and Settings\Amandine\Cookies\amandine@media.adrevolver[2].txt Risk: Medium Name: TrackingCookie.Mediaplex Path: C:\Documents and Settings\Amandine\Cookies\amandine@mediaplex[1].txt Risk: Medium Name: TrackingCookie.Adjuggler Path: C:\Documents and Settings\Amandine\Cookies\amandine@rotator.its.adjuggler[2].txt Risk: Medium Name: TrackingCookie.Webtrendslive Path: C:\Documents and Settings\Amandine\Cookies\amandine@statse.webtrendslive[2].txt Risk: Medium Name: TrackingCookie.Tradedoubler Path: C:\Documents and Settings\Amandine\Cookies\amandine@tradedoubler[1].txt Risk: Medium Name: TrackingCookie.Zedo Path: C:\Documents and Settings\Amandine\Cookies\amandine@zedo[1].txt Risk: Medium Name: Not-A-Virus.Adware.Agent Path: C:\Documents and Settings\Amandine\Local Settings\Temp\aupd.exe Risk: Low Name: TrackingCookie.2o7 Path: :mozilla.6:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.7:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.8:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Smartadserver Path: :mozilla.9:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Smartadserver Path: :mozilla.10:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Smartadserver Path: :mozilla.11:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Smartadserver Path: :mozilla.21:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Estat Path: :mozilla.22:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Tribalfusion Path: :mozilla.33:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Tradedoubler Path: :mozilla.45:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Tradedoubler Path: :mozilla.46:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Tradedoubler Path: :mozilla.47:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Tradedoubler Path: :mozilla.48:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Burstnet Path: :mozilla.61:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Googleadservices Path: :mozilla.62:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Googleadservices Path: :mozilla.63:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.80:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Weborama Path: :mozilla.81:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Weborama Path: :mozilla.82:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Sitestat Path: :mozilla.84:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Sitestat Path: :mozilla.85:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Adobe Path: :mozilla.90:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.94:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.95:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.128:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.142:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Netflame Path: :mozilla.148:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Imrworldwide Path: :mozilla.152:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Imrworldwide Path: :mozilla.153:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Webtrendslive Path: :mozilla.165:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Fastclick Path: :mozilla.168:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Fastclick Path: :mozilla.169:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.170:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Mediaplex Path: :mozilla.174:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Comclick Path: :mozilla.182:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Comclick Path: :mozilla.183:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Comclick Path: :mozilla.184:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Burstbeacon Path: :mozilla.185:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.189:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.190:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.191:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.192:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.193:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.194:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Clickhype Path: :mozilla.199:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.204:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Doubleclick Path: :mozilla.209:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Bluestreak Path: :mozilla.210:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Adtech Path: :mozilla.211:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.213:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Yieldmanager Path: :mozilla.214:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Yieldmanager Path: :mozilla.215:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Adbrite Path: :mozilla.216:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Adbrite Path: :mozilla.217:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Yieldmanager Path: :mozilla.218:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Yieldmanager Path: :mozilla.219:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Yieldmanager Path: :mozilla.220:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.247realmedia Path: :mozilla.224:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Advertising Path: :mozilla.236:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Advertising Path: :mozilla.237:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Advertising Path: :mozilla.238:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: TrackingCookie.Advertising Path: :mozilla.239:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt Risk: Medium Name: Not-A-Virus.Adware.Agent Path: C:\Documents and Settings\DENDECKER\Local Settings\Temp\aupd.exe Risk: Low Name: Not-A-Virus.Adware.Agent Path: C:\Documents and Settings\DENDECKER\Local Settings\Temp\tmp60.tmp.exe Risk: Low Name: Downloader.Agent.gzp Path: C:\Documents and Settings\DENDECKER\Local Settings\Temp\WinBuninstaller.exe Risk: High Name: Downloader.Agent.fwr Path: C:\Documents and Settings\DENDECKER\Local Settings\Temp\WinButler.exe Risk: High Name: Dropper.Agent.dkn Path: C:\Documents and Settings\DENDECKER\Mes documents\Flight Simulator 9\Setup.exe Risk: High Name: Adware.PowerSearch Path: C:\Program Files\Hijackthis\hijackthis\backups\backup-20080129-231919-931.dll Risk: Medium Name: Not-A-Virus.Adware.Agent Path: C:\QooBox\Quarantine\C\WINDOWS\system32\nsn31.dll.vir Risk: Low Name: Adware.PowerSearch Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP10\A0001263.dll Risk: Medium Name: Downloader.Agent.gzp Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP10\A0001266.exe Risk: High Name: Downloader.Agent.fwr Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP10\A0001267.exe Risk: High Name: Not-A-Virus.Adware.Agent Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP7\A0000197.dll Risk: Low Name: Not-A-Virus.Adware.Agent Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP7\A0000207.dll Risk: Low Name: Not-A-Virus.Adware.Agent Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP7\A0000217.dll Risk: Low Name: Not-A-Virus.Adware.Agent Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP8\A0000225.dll Risk: Low
- le 31 janvier 2008
- 68 réponses
(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares

Je n'ai pas cliqué sur Remove Infections dans ewindo antispyware, puisque tu m'as dit qu'il fallait vérifier s'il n'y avait pas de fichiers légitimes.
- le 30 janvier 2008
- 68 réponses
(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares

Mon anti-virus m'a dit : attention erreur systeme : il existe un nom en double sur le réseau.
- le 30 janvier 2008
- 68 réponses
(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200 a répondu à un(e) sujet de fred62200 dans Analyses et éradication malwares

Voila mon rapport HiJackThis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:39, on 2008-01-30 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\SOUNDMAN.EXE C:\Apps\Powercinema\PCMService.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Documents and Settings\DENDECKER\Bureau\ewido_micro.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Hijackthis\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.club-internet.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://127.0.0.1:8100/PagesPro? R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\RunOnce: [HDReg] c:\Apps\HDReg\HDRegApp.exe -r O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\winvi\update.exe" /background O4 - HKCU\..\Run: [WebSUpdater] "C:\Program Files\winvi\wupda.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\microsoft office\office11\ONENOTEM.EXE O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer/stage6/...erInstaller.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - http://espaceabonnes.club-internet.fr/serv...ec/SymDlBrg.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- End of file - 13473 bytes
- le 30 janvier 2008
- 68 réponses

Connexion

fred62200

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par fred62200

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

Zebulon

Outils en ligne

Naviguer